Home > mailing lists

Re: what can go in root.crt ? - Mailing list pgsql-hackers

From	Chapman Flack
Subject	Re: what can go in root.crt ?
Date	June 4, 2020 18:21:08
Msg-id	5ED91164.3070402@anastigmatix.net Whole thread Raw
In response to	Re: what can go in root.crt ? (Laurenz Albe <laurenz.albe@cybertec.at>)
List	pgsql-hackers

Tree view

On 06/04/20 11:04, Laurenz Albe wrote:
> I was referring to the wish to *not* use a self-signed CA certificate,
> but an intermediate certificate as the ultimate authority, based on
> a distrust of the certification authority that your organization says
> you should trust.

Are you aware of any principled reason it should be impossible to
include an end-entity certificate in the trust store used by a client?

Are you aware of any principled reason it should be impossible to
include a certificate that has the CA:TRUE and Certificate Sign bits
in the trust store used by a client, whether it is its own signer
or has been signed by another CA?

Regards,
-Chap

pgsql-hackers by date:

From: Juan Fuentes
Date: 04 June 2020, 18:20:43
Subject: Re: Possible bug on Postgres 12 (CASE THEN evaluated prematurely) -Change of behaviour compared to 11, 10, 9

From: Avinash Kumar
Date: 04 June 2020, 18:23:03
Subject: Re: Just for fun: Postgres 20?

Re: what can go in root.crt ? - Mailing list pgsql-hackers

Previous

Next