Thread
Commits
-
Doc: Fix misleading wording of CRL parameters
- fadac33bb8de 15.0 landed
- e2ebc90eb809 13.6 landed
- b6360aa46ce9 14.2 landed
- 7d0229e89f4f 10.20 landed
- 7b0643c77b46 11.15 landed
- 386d97781d17 12.10 landed
-
Is ssl_crl_file "SSL server cert revocation list"?
Kyotaro Horiguchi <horikyota.ntt@gmail.com> — 2021-12-02T04:54:41Z
As discussed in the thread [1], I find the wording "SSL server certificate revocation list" as misleading or plain wrong. I used to read it as "SSL server certificate (of PostgreSQL client) revocation list" but I find it misleading-ish from fresh eyes. So I'd like to propose a change of the doc as attached. What do you think about this? [1] https://www.postgresql.org/message-id/20211202.134619.1052008069537649171.horikyota.ntt%40gmail.com regards. -- Kyotaro Horiguchi NTT Open Source Software Center
-
Re: Is ssl_crl_file "SSL server cert revocation list"?
Kyotaro Horiguchi <horikyota.ntt@gmail.com> — 2021-12-02T05:07:22Z
At Thu, 02 Dec 2021 13:54:41 +0900 (JST), Kyotaro Horiguchi <horikyota.ntt@gmail.com> wrote in > As discussed in the thread [1], I find the wording "SSL server > certificate revocation list" as misleading or plain wrong. FWIW, I'm convinced that that's plain wrong after finding some occurances of "(SSL) client certificate" in the doc. regards. -- Kyotaro Horiguchi NTT Open Source Software Center
-
Re: Is ssl_crl_file "SSL server cert revocation list"?
Daniel Gustafsson <daniel@yesql.se> — 2021-12-02T09:42:02Z
> On 2 Dec 2021, at 06:07, Kyotaro Horiguchi <horikyota.ntt@gmail.com> wrote: > > At Thu, 02 Dec 2021 13:54:41 +0900 (JST), Kyotaro Horiguchi <horikyota.ntt@gmail.com> wrote in >> As discussed in the thread [1], I find the wording "SSL server >> certificate revocation list" as misleading or plain wrong. > > FWIW, I'm convinced that that's plain wrong after finding some > occurances of "(SSL) client certificate" in the doc. I agree with this, the concepts have been a bit muddled. While in there I noticed that we omitted mentioning sslcrldir in a few cases. The attached v2 adds these and removes the whitespace changes from your patch for easier review. -- Daniel Gustafsson https://vmware.com/
-
Re: Is ssl_crl_file "SSL server cert revocation list"?
Peter Eisentraut <peter.eisentraut@enterprisedb.com> — 2021-12-02T15:04:33Z
On 02.12.21 10:42, Daniel Gustafsson wrote: >> On 2 Dec 2021, at 06:07, Kyotaro Horiguchi <horikyota.ntt@gmail.com> wrote: >> >> At Thu, 02 Dec 2021 13:54:41 +0900 (JST), Kyotaro Horiguchi <horikyota.ntt@gmail.com> wrote in >>> As discussed in the thread [1], I find the wording "SSL server >>> certificate revocation list" as misleading or plain wrong. >> >> FWIW, I'm convinced that that's plain wrong after finding some >> occurances of "(SSL) client certificate" in the doc. > > I agree with this, the concepts have been a bit muddled. > > While in there I noticed that we omitted mentioning sslcrldir in a few cases. > The attached v2 adds these and removes the whitespace changes from your patch > for easier review. This change looks correct to me.
-
Re: Is ssl_crl_file "SSL server cert revocation list"?
Daniel Gustafsson <daniel@yesql.se> — 2021-12-03T13:32:54Z
> On 2 Dec 2021, at 16:04, Peter Eisentraut <peter.eisentraut@enterprisedb.com> wrote: > This change looks correct to me. Thanks for review, I've pushed this backpatched (in part) down to 10. -- Daniel Gustafsson https://vmware.com/
-
Re: Is ssl_crl_file "SSL server cert revocation list"?
Kyotaro Horiguchi <horikyota.ntt@gmail.com> — 2021-12-06T00:56:20Z
At Fri, 3 Dec 2021 14:32:54 +0100, Daniel Gustafsson <daniel@yesql.se> wrote in > > On 2 Dec 2021, at 16:04, Peter Eisentraut <peter.eisentraut@enterprisedb.com> wrote: > > > This change looks correct to me. > > Thanks for review, I've pushed this backpatched (in part) down to 10. Thanks for revising and comitting this. regards. -- Kyotaro Horiguchi NTT Open Source Software Center