> > > > >I will say that if the community feels external-only should be the only > > >option, I will stop working on this feature because I feel the result > > >would be too fragile to be reliable, > > > > I'm do not see why it would be the case. I'm just arguing to have key > > management in a separate, possibly suid something-else, process, which > given > > the security concerns which dictates the feature looks like a must have, > or > > at least must be possible. From a line count point of view, it should be > a > > small addition to the current code. > > All of this hand-waving really isn't helping. > > If it's a small addition to the current code then it'd be fantastic if > you'd propose a specific patch which adds what you're suggesting. I > don't think either Bruce or I would have any issue with others helping > out on this effort, but let's be clear- we need something that *is* part > of core PG, even if we have an ability to have other parts exist outside > of PG. >
+1 JD