Hello,
I'm the author of the pgsodium cryptography library. I have a question about a best practice I'm thinking of enforcing. Several functions in pgsodium generate secrets, I want to check the Proc info to enforce that those functions can only be called using a local domain socket or an ssl connection. If the connection isn't secure by that definition, secret generating functions will fail.
If someone really wants to point the gun at their foot, they can connect with an unsecured proxy. My goal would be to make bypassing the check annoying.
Any thoughts? Is this an insufferably rude attitude? Are there scenarios where one can foresee needing to generate secrets not over ssl or a domain socket?
-Michel
