Joshua D. Drake wrote: > Tom Lane wrote: > > Stefan Kaltenbrunner <[EMAIL PROTECTED]> writes: > >> I would like to see pgcrypto (or at least some of it's > >> functionality) in core. > > > > I believe the reason we keep it separate is so that people can > > easily make crypto-free versions of PG for use in countries where > > encryption capability is considered subject to arms regulations. > > Not sure how important that case really is today, but it was a big > > consideration last time this was discussed. > > That is a good question but in reality people who need to do so, can > get the source from a mirror that is outside the country that has the > rules.
The point is that vendors (consultants, distributors, nice people) can produce safe versions to distribute in or to places with crypto regulations. But since PostgreSQL contains code that links with SSL and Kerberos functionality, you need to patch the code anyway in order to do that legally. But it's nice to keep these things constrained to well-known places in the source anyway. (This opinion was sponsored by real lawyers.) -- Peter Eisentraut http://developer.postgresql.org/~petere/ ---------------------------(end of broadcast)--------------------------- TIP 7: You can help support the PostgreSQL project by donating at http://www.postgresql.org/about/donate
