Short answer:
Existing Kerberos libs with GSSAPI may have the same issues; I don't know. What I was speaking in favor of was having several encryption mechanisms available so that at least one of them would be available on the user's system at installation time. For that matter, I think we should support Gnu-TLS if someone offers us a patch.


IIRC we had a gnutls patch offered, but rejected.

That is correct. THere is a very long thread on it here:

http://archives.postgresql.org/pgsql-hackers/2006-12/msg01213.php
http://archives.postgresql.org/pgsql-patches/2006-05/msg00040.php



Also, last I checked OpenSSL didn't ship with Windows and Kerberos encryption did.

How long ago did you check? I've been using OpenSSL on windows for many
years. Actually, it was supported just fine on Windows back when it was
added to PostgreSQL *at least*.

//Magnus

---------------------------(end of broadcast)---------------------------
TIP 7: You can help support the PostgreSQL project by donating at

                http://www.postgresql.org/about/donate



--

      === The PostgreSQL Company: Command Prompt, Inc. ===
Sales/Support: +1.503.667.4564 || 24x7/Emergency: +1.800.492.2240
Providing the most comprehensive  PostgreSQL solutions since 1997
             http://www.commandprompt.com/

Donate to the PostgreSQL Project: http://www.postgresql.org/about/donate
PostgreSQL Replication: http://www.commandprompt.com/products/


---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
      choose an index scan if your joining column's datatypes do not
      match

Reply via email to