Home > mailing lists

Re: SSL over Unix-domain sockets - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: SSL over Unix-domain sockets
Date	January 5, 2008 16:39:16
Msg-id	6866.1199554748@sss.pgh.pa.us Whole thread Raw
In response to	Re: SSL over Unix-domain sockets (Peter Eisentraut <peter_e@gmx.net>)
Responses	Re: SSL over Unix-domain sockets (Mark Mielke <mark@mark.mielke.cc>)
List	pgsql-hackers

Tree view

Peter Eisentraut <peter_e@gmx.net> writes:
> Here is a patch that implements "localssl" as well.  It is quite simple.  

The other area that would need some thought before we could consider
this "done" is the behavior of libpq's sslmode parameter.  With the
patch as given, an SSL-capable libpq will *default* to using SSL over
sockets, which might be thought overkill; it is almost certainly
going to result in a performance penalty.  Is this a reasonable default
behavior?  Should sslmode be extended to allow specification of
different behaviors for sockets vs. TCP?
        regards, tom lane

pgsql-hackers by date:

From: Robert Treat
Date: 05 January 2008, 16:00:19
Subject: Re: Dynamic Partitioning using Segment Visibility Maps

From: Markus Schiltknecht
Date: 05 January 2008, 18:02:48
Subject: Re: Dynamic Partitioning using Segment Visibility Maps

Re: SSL over Unix-domain sockets - Mailing list pgsql-hackers

Previous

Next