Thread: SSL documentation
We still need some documentation of the new SSL features you added. -- Peter Eisentraut peter_e@gmx.net
Peter Eisentraut wrote: > We still need some documentation of the new SSL features you added. I am attaching Bear's SSL doc email and a comment on it that has been sitting in my mailbox since Bear first submitted the code. I don't know much about SSL do I didn't feel comfortable adding it to the SGML docs. Also, keep in mind there are some of Bear's features we didn't add, and there were some scripts in /interfaces/ssl (still in CVS but deleted) the is referenced in his docs. Basically, SSL thing is very unclear to me and looks like a big mess. I don't know if that is because I don't understand it, or if it is really a mess that some of his stuff is in, some isn't. To me it seems his scripts tied into use the new SSL features, but no one has been able to comment on that. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
Bruce Momjian writes: > Basically, SSL thing is very unclear to me and looks like a big mess. I > don't know if that is because I don't understand it, or if it is really > a mess that some of his stuff is in, some isn't. To me it seems his > scripts tied into use the new SSL features, but no one has been able to > comment on that. Not only that, but currently what used to work is broken. Now you need certificates on the client side, which isn't documented anywhere. If we don't get documentation we should revert the patches. -- Peter Eisentraut peter_e@gmx.net
Peter Eisentraut wrote: > Bruce Momjian writes: > > > Basically, SSL thing is very unclear to me and looks like a big mess. I > > don't know if that is because I don't understand it, or if it is really > > a mess that some of his stuff is in, some isn't. To me it seems his > > scripts tied into use the new SSL features, but no one has been able to > > comment on that. > > Not only that, but currently what used to work is broken. Now you need > certificates on the client side, which isn't documented anywhere. If we > don't get documentation we should revert the patches. Yep, I am ready to rip, but I need someone who understands SSL to do it for me because I don't understand which parts need to be ripped and which parts are good. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
Bruce Momjian writes: > Yep, I am ready to rip, but I need someone who understands SSL to do it > for me because I don't understand which parts need to be ripped and > which parts are good. If we decide to go that route we should revert all the SSL related patches. We're past the point of figuring out which parts are worthwhile. It should be relatively possible to figure out which files and revisions where affected from the CVS logs and the patches list. -- Peter Eisentraut peter_e@gmx.net