"Dan Kaminsky" <[EMAIL PROTECTED]> writes:
> Clearly, this is handling self-signed certs. Great. But what I really want
> to know is, is verify_peer accepting a self-signed identity assertion?
> Because that'd be remote EoP.
I'm just guessing what you're driving at (unexplained acronyms aren't
a good way to communicate), but I think it's not a big problem. PG
doesn't rely on SSL for authentication, only for communications
security, so whether the remote cert is self-signed doesn't seem
like much of an issue. Anyway, you can adjust your list of trusted
CAs to determine whether you'll accept it or not.
regards, tom lane
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs
