On ons, 2010-11-17 at 16:35 +0100, Magnus Hagander wrote: > Currently, we overload "indent" meaning both "unix socket > authentication" and "ident over tcp", depending on what type of > connection it is. This is quite unfortunate - one of them being one of > the most secure options we have, the other one being one of the most > *insecure* ones (really? ident over tcp? does *anybody* use that > intentionally today?) > > Should we not consider naming those two different things?
The original patch called the Unix domain socket version "peer" (whereas the name "ident" comes from the official name of the TCP/IP protocol used). You can look it up in the archives, but I believe the argument for using the name "ident" for both was because "ident" was established and the new feature would provide the same functionality. That said, I completely agree with you. Every time I look through a pg_hba.conf I think, that's a terrible name, we should rename this. We could perhaps introduce an alternative name and slowly deprecate the original one. -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers