Excerpts from Robert Haas's message of Thu Nov 24 13:57:17 +0200 2011:
>
> I think it would be really weird not to support user:pw@host:port. You can presumably also support the JDBC style
forbackward compatibility, but I don't think we should adopt that syntax as project standard.
By the way, if we're already considering this, what about special syntax for SSL, instead of the JDBC's "&ssl=true"
thingy?
Given that the default sslmode is "prefer" I assume libpq tries SSL first, then falls back to plain text if that's not
available.
To me, it looks much more natural if the fact that SSL is/should be used is stated early in the URI syntax, like:
"https://","svn+ssh://", etc., rather than in the query parameters (if the parameters were to be passed to remote
serviceto process, like it's done with HTTP[S], this would not make any sense at all.)
But given that sslmode can currently be either of: "disable", "allow", "prefer", "require", "verify-ca" or
"verify-full"(and who knows if any new allowed mode could show up later,) allowing "&sslmode=whatever" makes sense.
Note,that this is not the same as "&ssl=whatever".
So how about this:
postgresql:ssl://user:pw@host:port/dbname?sslmode=...
The "postgresql:ssl://" designator would assume "sslmode=require", if not overriden in extra parameters and
"postgresql://"would imply "sslmode=prefer". And to disable SSL you would pick either designator and append
"sslmode=disable".
The JDBC's "ssl=true" will translate to "sslmode=require".
If we can decide on this, we should also put reasonable effort into making JDBC support the same syntax.
Thoughts?
--
Alex
