public inbox for [email protected]  
help / color / mirror / Atom feed
From: Wolfgang Walther <[email protected]>
To: Jacob Champion <[email protected]>
Cc: Bruce Momjian <[email protected]>
Cc: Daniel Gustafsson <[email protected]>
Cc: Christoph Berg <[email protected]>
Cc: Andres Freund <[email protected]>
Cc: Peter Eisentraut <[email protected]>
Cc: Tom Lane <[email protected]>
Cc: PostgreSQL Hackers <[email protected]>
Cc: Thomas Munro <[email protected]>
Cc: Nazir Bilal Yavuz <[email protected]>
Cc: Antonin Houska <[email protected]>
Subject: Re: [PoC] Federated Authn/z with OAUTHBEARER
Date: Tue, 8 Apr 2025 18:57:18 +0200
Message-ID: <[email protected]> (raw)
In-Reply-To: <CAOYmi+mn_xhkQEyS5KG3zoSOrvskVx8mhD8x_Z+0LL9PaZo1gQ@mail.gmail.com>
References: <CAOYmi+moTsgohh5Tf1gn7dBynARV9EFfWaBVPcJD9O=h6RkSCw@mail.gmail.com>
	<[email protected]>
	<t66lxwxgaxinug7zr4pgf72anhzkqwgrudmqnczgjdu4rv3ll5@jkcxvyvkgcqc>
	<CAOYmi+kc=YXZvZ8YtSPRt57N1Tp9_gRwyXfMO5TJYtCLnEXo1A@mail.gmail.com>
	<[email protected]>
	<CAOYmi+=YjmfJ+U6RTHfiXEFt9xJzaHnnbNSgSKahWr774_xGdA@mail.gmail.com>
	<[email protected]>
	<CAOYmi+kt5UvPOXXXT9w_nHBNgcqiTQWS2j=D9qJaewvmO4iaAg@mail.gmail.com>
	<CAOYmi+m2-2TH5AP7-8Knm_gcSiEaZVPGeUkfZeCLmYH395MYgA@mail.gmail.com>
	<[email protected]>
	<[email protected]>
	<CAOYmi+mrYnuwMEnpYWA4FWFtDCe4rMKavDrKQPpV43u=zmR8Xg@mail.gmail.com>
	<[email protected]>
	<CAOYmi+m-q8VOPsFxB3D-CWf-T057h4XLqVPvCTudXyAj7-9vpA@mail.gmail.com>
	<[email protected]>
	<CAOYmi+mn_xhkQEyS5KG3zoSOrvskVx8mhD8x_Z+0LL9PaZo1gQ@mail.gmail.com>

Jacob Champion:
> On Tue, Apr 8, 2025 at 9:32 AM Wolfgang Walther <[email protected]> wrote:
>> And that should also not be a problem for distributions - they could offer a libpq and a libpq_oauth package, where only one of them can be installed at the same time, I guess? *
> My outsider understanding is that maintaining this sort of thing
> becomes a major headache, because of combinatorics. You don't really
> want to ship a libpq and libpq-with-gss and libpq-with-oauth and
> libpq-with-oauth-and-gss and ...

That would only be the case, if you were to consider those other 
dependencies as "dangerous" as cURL. But we already depend on them. So 
if it's really the case that cURL is that much worse, that we consider 
loading it as a module... then the combinatorics should not be a problem 
either.

However, if the other deps are considered problematic as well, then the 
ship has already sailed, and there is not point for a special case here 
anymore.

Best,

Wolfgang







view thread (27+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
  Subject: Re: [PoC] Federated Authn/z with OAUTHBEARER
  In-Reply-To: <[email protected]>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox