Peter Eisentraut wrote: > On Friday 08 May 2009 22:03:56 Tom Lane wrote: >> I hesitate though to suggest that we think about porting >> ourselves to NSS --- I'm not sure that there would be benefits to us >> within the context of Postgres alone. > > That could be attractive if we ripped out the OpenSSL code at the same time, > as the NSS API is purportedly more abstract and presumably would reduce the > amount and the complexity of the code.
Is NSS available on all the platforms that we are (and that has OpenSSL today)? Another thought: if we were to make ourselves support multiple SSL libraries (that has been suggested before - at that point, people wanted GnuTLS), we could also add support for Windows SChannel, which I'm sure some win32 people would certainly prefer - much easier to do SSL deployments within an existing MS infrastructure... But no, that certainly wouldn't *reduce* the amount of code... //Magnus -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers