Re: some PostgreSQL 12 release notes comments

2019-10-02 Thread Stephen Frost
Greetings, * Peter Eisentraut (peter.eisentr...@2ndquadrant.com) wrote: > On 2019-09-17 22:22, Tom Lane wrote: > > Peter Eisentraut writes: > >> * Add GSSAPI encryption support (Robbie Harwood, Stephen Frost) > >> This allows TCP/IP connections to be encrypted when using GSSAPI > >> authentic

Re: some PostgreSQL 12 release notes comments

2019-09-21 Thread Tom Lane
I've pushed some release note adjustments responding to your points about the GSSAPI and name-collation entries. I see the LDAP text is fixed already. regards, tom lane

Re: some PostgreSQL 12 release notes comments

2019-09-18 Thread Magnus Hagander
On Tue, Sep 17, 2019 at 7:09 PM Peter Eisentraut < peter.eisentr...@2ndquadrant.com> wrote: > > > * Discovery of LDAP servers if PostgreSQL is built with OpenLDAP > > I would remove the "if" part from the major features list, since it's a > qualification of minor importance. Instead I'd write som

Re: some PostgreSQL 12 release notes comments

2019-09-18 Thread Peter Eisentraut
On 2019-09-17 22:22, Tom Lane wrote: > Peter Eisentraut writes: >> * Add GSSAPI encryption support (Robbie Harwood, Stephen Frost) >> This allows TCP/IP connections to be encrypted when using GSSAPI >> authentication without having to set up a separate encryption facility >> like SSL. > Hmm,

Re: some PostgreSQL 12 release notes comments

2019-09-17 Thread Jonathan S. Katz
On 9/17/19 4:10 PM, Peter Eisentraut wrote: > On 2019-09-17 21:55, Jonathan S. Katz wrote: >>> * Encrypted TCP/IP connections using GSSAPI encryption >> >> +1, though I would s/GSSAPI encryption/ with s/GSSAPI authentcation/ > > But you're not encrypting the communication using GSSAPI authenticati

Re: some PostgreSQL 12 release notes comments

2019-09-17 Thread Tom Lane
Peter Eisentraut writes: > * Add GSSAPI encryption support (Robbie Harwood, Stephen Frost) > This allows TCP/IP connections to be encrypted when using GSSAPI > authentication without having to set up a separate encryption facility > like SSL. Hmm, does that imply that you don't have to hav

Re: some PostgreSQL 12 release notes comments

2019-09-17 Thread Peter Eisentraut
On 2019-09-17 21:55, Jonathan S. Katz wrote: >> * Encrypted TCP/IP connections using GSSAPI encryption > > +1, though I would s/GSSAPI encryption/ with s/GSSAPI authentcation/ But you're not encrypting the communication using GSSAPI authentication, you're encrypting it using GSSAPI encryption. >

Re: some PostgreSQL 12 release notes comments

2019-09-17 Thread Jonathan S. Katz
On 9/17/19 1:09 PM, Peter Eisentraut wrote: >> * Client- and server-side encryption for authentication using GSSAPI > > This is on the wire encryption, so I don't know why it says client-side > and server-side. Proposal: > > * Encrypted TCP/IP connections using GSSAPI encryption +1, though I wo

some PostgreSQL 12 release notes comments

2019-09-17 Thread Peter Eisentraut
> * Client- and server-side encryption for authentication using GSSAPI This is on the wire encryption, so I don't know why it says client-side and server-side. Proposal: * Encrypted TCP/IP connections using GSSAPI encryption in the major features section, and later * Add GSSAPI encryption supp