Joshua D. Drake wrote:
> Tom Lane wrote:
> > Stefan Kaltenbrunner <[EMAIL PROTECTED]> writes:
> >> I would like to see pgcrypto (or at least some of it's
> >> functionality) in core.
> >
> > I believe the reason we keep it separate is so that people can
> > easily make crypto-free versions of PG for use in countries where
> > encryption capability is considered subject to arms regulations. 
> > Not sure how important that case really is today, but it was a big
> > consideration last time this was discussed.
> That is a good question but in reality people who need to do so, can
> get the source from a mirror that is outside the country that has the
> rules.

The point is that vendors (consultants, distributors, nice people) can 
produce safe versions to distribute in or to places with crypto 
regulations.  But since PostgreSQL contains code that links with SSL 
and Kerberos functionality, you need to patch the code anyway in order 
to do that legally.  But it's nice to keep these things constrained to 
well-known places in the source anyway.

(This opinion was sponsored by real lawyers.)

Peter Eisentraut

---------------------------(end of broadcast)---------------------------
TIP 7: You can help support the PostgreSQL project by donating at


Reply via email to