Re: [HACKERS] Query cancel and OOB data
Tom Ivar Helbekkmo <tih+mail@hamartun.priv.no>
From: Tom Ivar Helbekkmo <tih+mail@Hamartun.Priv.NO>
To: Bruce Momjian <maillist@candle.pha.pa.us>
Cc: tgl@sss.pgh.pa.us, byronn@insightdist.com, hackers@postgreSQL.org
Date: 1998-05-25T05:30:35Z
Lists: pgsql-hackers
Bruce Momjian <maillist@candle.pha.pa.us> writes: > OK, lets review this, with thought about our various authentication > options: > > trust, password, ident, crypt, krb4, krb5 > > As far as I know, they all transmit queries and results as clear text > across the network. They encrypt the passwords and tickets, but not the > data. [Even kerberos does not encrypt the data stream, does it?] True. Encrypted communication should be an option, though. With Kerberos, the ability to do this securely is already there in the library, so it would be natural to use it. Adding encryption to the communication between client and postmaster is probably a good thing even if we don't (yet) encrypt that between client and backend, and would also be a good, simple way to start implementing it. -tih -- Popularity is the hallmark of mediocrity. --Niles Crane, "Frasier"