Re: BUG #4340: SECURITY: Is SSL Doing Anything? - Mailing list pgsql-bugs

From Tom Lane
Subject Re: BUG #4340: SECURITY: Is SSL Doing Anything?
Date
Msg-id 8267.1219172275@sss.pgh.pa.us
Whole thread Raw
In response to Re: BUG #4340: SECURITY: Is SSL Doing Anything?  (Magnus Hagander <magnus@hagander.net>)
Responses Re: BUG #4340: SECURITY: Is SSL Doing Anything?
Re: BUG #4340: SECURITY: Is SSL Doing Anything?
Re: BUG #4340: SECURITY: Is SSL Doing Anything?
List pgsql-bugs
Magnus Hagander <magnus@hagander.net> writes:
> (I don't believe OpenSSL does this verification either, because AFAICS
> OpenSSL only ever sees the IP address of the server, and not the FQDN)

In common usages libpq doesn't have the FQDN of the server either.
To impose such a requirement, we'd have to forbid naming the server
by IP address or via a domain-search-path abbreviation.

            regards, tom lane

pgsql-bugs by date:

Previous
From: "Alexander Kirpa"
Date:
Subject: BUG #4364: type of "new.id" does not match that when preparing the plan
Next
From: Magnus Hagander
Date:
Subject: Re: BUG #4340: SECURITY: Is SSL Doing Anything?