Martijn van Oosterhout <kleptog@svana.org> writes:
> On Sun, Apr 16, 2006 at 05:29:04PM -0400, Tom Lane wrote:
>> No, failing to provide that is the bad idea, because then you're buying
>> into the notion that libpq will provide a universal API that will
>> incorporate anything anyone could possibly want to do with the
>> underlying SSL library. ...
> [ snip ]
> Besides, what's wrong with read-only access?
Well, psqlODBC seems a sufficient counterexample. But the problem
with this is that you're asking a bunch of non-SSL-experts to design,
evaluate, and then maintain an API for an SSL library. The real
answer to the above is "I don't know, and I doubt you do either."
This is the sort of problem that we should be avoiding, rather than
going out of our way to get involved in. PQgetssl made it possible
for us to stay out of the way for SSL-using applications, and I think
we should continue to follow that philosophy for other SSL libraries.
regards, tom lane
