On 26/05/10 10:16, Tom Lane wrote: > Craig Ringer <cr...@postnewspapers.com.au> writes: >> You are confusing these two unrelated phases of SSL negotiation. > > No, I don't think so.
http://www.cgisecurity.com/owasp/html/ch07s04.html See in the second part, the new entry #5 "client request" ("CertificateRequest") ? That's the big Pg gets wrong at the moment. It's not the same as #2 in that diagram, which is what #5245 talks about. I'm going to send you a canned configuration to demonstrate this, along with network traces from wireshark and a session log from the test app. Give me an hour or so to put it together. -- Craig Ringer Tech-related writing: http://soapyfrogs.blogspot.com/ -- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs
