On 22 jun 2009, at 17.46, Tom Lane <t...@sss.pgh.pa.us> wrote:
Lars Kanis <ka...@comcard.de> writes:
Am Montag, 22. Juni 2009 16:38:32 schrieben Sie:
Tom Lane wrote:
IIUC this is a pre-existing bug/limitation in an extremely seldom-
used
feature that we don't have any very good way to test. So I'm not
really
excited about trying to fix it in RC at all. The chances of
breaking
something seem much higher than the usefulness of the fix would
warrant.
I think we'll see this feature used a lot more now, since we support
client certificate authentication. I bet that's the reason why
Lars is
using it now, but wasn't using it before. Correct, Lars?
That's right. Because clientside crypto engines and proper
certificate
authentication is supported now, I would like to use a strong
smartcard-based
login in our high security environment.
OK, but I'm still worried about making a change of this sort (ie,
modifying our interface to code that we don't control) so late in the
release cycle. It seems like there is large potential for failure in
contexts other than the one or two you are going to be able to test
right now. Is there anything that can be done to reduce the risk?
I share your concerns in general. But I think we nee to take into
account that this simply does not work without the patch. So nobody
should rely on the previous behaviour - how would their application
work there... (I guess there is always a risk I get to eat those words
later if someone did, but I don't see the scenario...) in fact, this
is a but in an advertised feature in previous versions, so should
maybe even consider backpatching it base on that....
/Magnus
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs
