Re: Fwd: [PATCHES] Preliminary GSSAPI Patches
Henry B. Hotz <hotz@jpl.nasa.gov>
From: "Henry B. Hotz" <hotz@jpl.nasa.gov>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Stefan Kaltenbrunner <stefan@kaltenbrunner.cc>, josh@agliodbs.com, pgsql-hackers@postgresql.org, Magnus Hagander <magnus@hagander.net>
Date: 2007-05-01T21:34:07Z
Lists: pgsql-hackers
On May 1, 2007, at 1:32 PM, Tom Lane wrote: > Stefan Kaltenbrunner <stefan@kaltenbrunner.cc> writes: >> Josh Berkus wrote: >>> For now, yes. In the long run, we want to provide users with >>> other methods >>> of encrypted connections than the rather flaky and >>> not-available-on-every-platform OpenSSL. > >> I'm curious - on what platform is OpenSSL NOT available ? > > And even more curious to see you defend that offhanded bashing of > OpenSSL, > a tool a whole lot of people (including me) depend on all day every > day. > If Postgres had the market penetration of OpenSSL, our lives would > be a > lot different. Have you got even a shred of evidence that GSSAPI is > more stable than OpenSSL? > > regards, tom lane Windows? I don't do Windows, so I'm guessing. If you accept that Microsoft's SSPI is a flavor of GSSAPI, then GSSAPI is more widely supported and probably more stable on Windows machines than OpenSSL is. ------------------------------------------------------------------------ The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu