Re: Support for NSS as a libpq TLS backend

Magnus Hagander <magnus@hagander.net>

From: Magnus Hagander <magnus@hagander.net>
To: Daniel Gustafsson <daniel@yesql.se>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Bruce Momjian <bruce@momjian.us>, Jeff Davis <pgsql@j-davis.com>, Andrew Dunstan <andrew@dunslane.net>, Andres Freund <andres@anarazel.de>, Postgres hackers <pgsql-hackers@lists.postgresql.org>, Michael Paquier <michael@paquier.xyz>, Andrew Dunstan <andrew.dunstan@2ndquadrant.com>, Stephen Frost <sfrost@snowman.net>, Thomas Munro <thomas.munro@gmail.com>
Date: 2021-06-04T17:44:12Z
Lists: pgsql-hackers
On Thu, Jun 3, 2021 at 11:14 PM Daniel Gustafsson <daniel@yesql.se> wrote:
>
> > On 3 Jun 2021, at 23:11, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> >
> > Bruce Momjian <bruce@momjian.us> writes:
> >> I wonder if we should use SSL/TLS in more places in our documentation.
> >
> > No objection to doing that in the docs; I'm just questioning
> > switching the code-visible names.

+1.

I also don't think it's worth changing the actual names, I think
that'll cause more problems than it solves. But we can, and probably
should, change the messaging around it, particularly the docs (but
probably also comments in the config file).


> As long as it's still searchable by "SSL", "TLS" and "SSL/TLS" and not just the
> latter.

Agreed, making it searchable and easily cross-linkable.. And maybe
both terms should be in the glossary.

-- 
 Magnus Hagander
 Me: https://www.hagander.net/
 Work: https://www.redpill-linpro.com/



Commits

  1. Add tab-completion for CREATE FOREIGN TABLE.

  2. Add tap tests for the schema publications.

  3. Move Perl test modules to a better namespace

  4. Adjust configure to insist on Perl version >= 5.8.3.

  5. Simplify code related to compilation of SSL and OpenSSL

  6. Introduce --with-ssl={openssl} as a configure option

  7. Implement support for bulk inserts in postgres_fdw

  8. Fix redundant error messages in client tools

  9. doc: Apply more consistently <productname> markup for OpenSSL

  10. Check ssl_in_use flag when reporting statistics