Thread

Commits

  1. Doc: Fix misleading wording of CRL parameters

  1. Is ssl_crl_file "SSL server cert revocation list"?

    Kyotaro Horiguchi <horikyota.ntt@gmail.com> — 2021-12-02T04:54:41Z

    As discussed in the thread [1], I find the wording "SSL server
    certificate revocation list" as misleading or plain wrong.
    
    I used to read it as "SSL server certificate (of PostgreSQL client)
    revocation list" but I find it misleading-ish from fresh eyes. So I'd
    like to propose a change of the doc as attached.
    
    What do you think about this?
    
    [1] https://www.postgresql.org/message-id/20211202.134619.1052008069537649171.horikyota.ntt%40gmail.com
    
    regards.
    
    -- 
    Kyotaro Horiguchi
    NTT Open Source Software Center
    
  2. Re: Is ssl_crl_file "SSL server cert revocation list"?

    Kyotaro Horiguchi <horikyota.ntt@gmail.com> — 2021-12-02T05:07:22Z

    At Thu, 02 Dec 2021 13:54:41 +0900 (JST), Kyotaro Horiguchi <horikyota.ntt@gmail.com> wrote in 
    > As discussed in the thread [1], I find the wording "SSL server
    > certificate revocation list" as misleading or plain wrong.
    
    FWIW, I'm convinced that that's plain wrong after finding some
    occurances of "(SSL) client certificate" in the doc.
    
    regards.
    
    -- 
    Kyotaro Horiguchi
    NTT Open Source Software Center
    
    
    
    
  3. Re: Is ssl_crl_file "SSL server cert revocation list"?

    Daniel Gustafsson <daniel@yesql.se> — 2021-12-02T09:42:02Z

    > On 2 Dec 2021, at 06:07, Kyotaro Horiguchi <horikyota.ntt@gmail.com> wrote:
    > 
    > At Thu, 02 Dec 2021 13:54:41 +0900 (JST), Kyotaro Horiguchi <horikyota.ntt@gmail.com> wrote in 
    >> As discussed in the thread [1], I find the wording "SSL server
    >> certificate revocation list" as misleading or plain wrong.
    > 
    > FWIW, I'm convinced that that's plain wrong after finding some
    > occurances of "(SSL) client certificate" in the doc.
    
    I agree with this, the concepts have been a bit muddled.
    
    While in there I noticed that we omitted mentioning sslcrldir in a few cases.
    The attached v2 adds these and removes the whitespace changes from your patch
    for easier review.
    
    --
    Daniel Gustafsson		https://vmware.com/
    
    
  4. Re: Is ssl_crl_file "SSL server cert revocation list"?

    Peter Eisentraut <peter.eisentraut@enterprisedb.com> — 2021-12-02T15:04:33Z

    On 02.12.21 10:42, Daniel Gustafsson wrote:
    >> On 2 Dec 2021, at 06:07, Kyotaro Horiguchi <horikyota.ntt@gmail.com> wrote:
    >>
    >> At Thu, 02 Dec 2021 13:54:41 +0900 (JST), Kyotaro Horiguchi <horikyota.ntt@gmail.com> wrote in
    >>> As discussed in the thread [1], I find the wording "SSL server
    >>> certificate revocation list" as misleading or plain wrong.
    >>
    >> FWIW, I'm convinced that that's plain wrong after finding some
    >> occurances of "(SSL) client certificate" in the doc.
    > 
    > I agree with this, the concepts have been a bit muddled.
    > 
    > While in there I noticed that we omitted mentioning sslcrldir in a few cases.
    > The attached v2 adds these and removes the whitespace changes from your patch
    > for easier review.
    
    This change looks correct to me.
    
    
    
    
  5. Re: Is ssl_crl_file "SSL server cert revocation list"?

    Daniel Gustafsson <daniel@yesql.se> — 2021-12-03T13:32:54Z

    > On 2 Dec 2021, at 16:04, Peter Eisentraut <peter.eisentraut@enterprisedb.com> wrote:
    
    > This change looks correct to me.
    
    Thanks for review, I've pushed this backpatched (in part) down to 10.
    
    --
    Daniel Gustafsson		https://vmware.com/
    
    
    
    
    
  6. Re: Is ssl_crl_file "SSL server cert revocation list"?

    Kyotaro Horiguchi <horikyota.ntt@gmail.com> — 2021-12-06T00:56:20Z

    At Fri, 3 Dec 2021 14:32:54 +0100, Daniel Gustafsson <daniel@yesql.se> wrote in 
    > > On 2 Dec 2021, at 16:04, Peter Eisentraut <peter.eisentraut@enterprisedb.com> wrote:
    > 
    > > This change looks correct to me.
    > 
    > Thanks for review, I've pushed this backpatched (in part) down to 10.
    
    Thanks for revising and comitting this.
    
    regards.
    
    -- 
    Kyotaro Horiguchi
    NTT Open Source Software Center