Hi Marko, Actually I have it,
However I was thinking the problem in a wrong way. In my particular case, the fact of the private key in memory is a good reason for discard the electronic signature, I mean, in order to have a real protection against the data modification I need a TSA (time stamping service) or something like that and my problem grow. Thanks a lot for your advice (and your time). They were really helpful. Best Regards, On Jan 23, 2008 1:59 PM, Marko Kreen <[EMAIL PROTECTED]> wrote: > On 1/23/08, Luis Alberto Pérez Paz <[EMAIL PROTECTED]> wrote: > > Very interesting point of view. > > Yes, you're right about the manage key problem. > > > > The grant database access looks like a real solution. > > Eh, for some reason I imagined you have have some good reason > why simple solutions are not enough... > > > Btw, if you try to simply rrestrict access to your data, one good > way for that is to make all data access and modification go via > SECURITY DEFINER functions, so that user have no access to > underlying data tables. > > This gives both more flexible access handling than simple GRANTs > can give you and also give ability to do smooth schema upgrades > without applications noticing. > > -- > marko > -- paz, amor y comprensión (1967-1994)