Search Postgresql Archives

Re: "Web of trust" connections

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/6/15 8:01 AM, Mark Morgan Lloyd wrote:
Purely out of curiosity, is there any way of using some sort of "web of
trust" (comparable with GPG or whatever) when verifying server and
client certificates, rather than going back to a centralised CA?

My apologies if this is a silly question, or if there are fundamental
reasons why such a thing would be inappropriate. My scenario is that I'm
looking at multiple PostgreSQL servers (with supporting custom software)
arranged (approximately) as a tree, with nodes sending notifications to
their peers as they see changes. I want to make it as easy as possible
to set up a new server and get it cooperating with the rest, and some
sort of WoT might be plausible rather than having to wait for the root
administrator to send keys over a secure channel.

Postgres does support PAM, so you might be able to craft such a solution using that along with something that support WoT (like GPG).
--
Jim Nasby, Data Architect, Blue Treble Consulting, Austin TX
Experts in Analytics, Data Architecture and PostgreSQL
Data in Trouble? Get it in Treble! http://BlueTreble.com


--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux