Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
Header And Logo
|
Site Navigation
more verbose SSL session info for psql
- From: Bear Giles <bgiles(at)coyotesong(dot)com>
- To: pgsql-patches(at)postgresql(dot)org
- Subject: more verbose SSL session info for psql
- Date: Wed, 15 May 2002 22:28:01 -0600 (MDT)
- Message-id: <200205160428.WAA26571@eris.coyotesong.com> <text/plain>
This is a small patch - many people (including myself) believe that all encrypted channels should always clearly communicate to the user the identity and session parameters of the connection. This allows the user to decide whether to abort a connection if they find something unexpected and unacceptable. This patch only affects psql, and merely replaces SSL connection (cipher: DES-CBC3-SHA, bits 168) with the moderately more useful encrypted connection to eris.example.com Chaos and Despair, Unlimited. Turmoil Division (cipher: DES-CBC3-SHA, bits 168) (Specifically, the "common name", "organization name" and "organizational unit name" fields of the server's cert.) Before anyone else points it out, anyone can put anything they want into their own self-signed cert. So the value of this is limited until there's either a trusted local root cert store (like what web browsers use) or a trusted PKIX infrastructure. But it's better than nothing if you routinely connect to multiple servers, and it will get people used to seeing the information. Bear
Attachment:
diff
Description: /tmp/diff
- Follow-Ups:
- Re: more verbose SSL session info for psql
- From: John Gray
- Re: more verbose SSL session info for psql
- Prev by Date: Re: SRF patch (was Re: [HACKERS] troubleshooting pointers)
- Next by Date: Re: SRF patch (was Re: [HACKERS] troubleshooting pointers)
- Previous by thread: Cygwin InstallXLogFileSegment() rename() patch
- Next by thread: Re: more verbose SSL session info for psql
- Indexes: