summaryrefslogtreecommitdiffstats
path: root/doc/src/sgml/client-auth.sgml
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--doc/src/sgml/client-auth.sgml16
1 files changed, 8 insertions, 8 deletions
diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml
index 68e73b9..02fa1ec 100644
--- a/doc/src/sgml/client-auth.sgml
+++ b/doc/src/sgml/client-auth.sgml
@@ -627,7 +627,7 @@ hostnogssenc <replaceable>database</replaceable> <replaceable>user</replaceabl
entire <literal>Distinguished Name (DN)</literal> of the certificate.
This option is probably best used in conjunction with a username map.
The comparison is done with the <literal>DN</literal> in
- <ulink url="https://tools.ietf.org/html/rfc2253">RFC 2253</ulink>
+ <ulink url="https://datatracker.ietf.org/doc/html/rfc2253">RFC 2253</ulink>
format. To see the <literal>DN</literal> of a client certificate
in this format, do
<programlisting>
@@ -977,7 +977,7 @@ omicron bryanh guest1
<para>
<link linkend="auth-ident">Ident authentication</link>, which
relies on an <quote>Identification Protocol</quote>
- (<ulink url="https://tools.ietf.org/html/rfc1413">RFC 1413</ulink>)
+ (<ulink url="https://datatracker.ietf.org/doc/html/rfc1413">RFC 1413</ulink>)
service on the client's machine. (On local Unix-socket connections,
this is treated as peer authentication.)
</para>
@@ -1116,7 +1116,7 @@ omicron bryanh guest1
<para>
The method <literal>scram-sha-256</literal> performs SCRAM-SHA-256
authentication, as described in
- <ulink url="https://tools.ietf.org/html/rfc7677">RFC 7677</ulink>. It
+ <ulink url="https://datatracker.ietf.org/doc/html/rfc7677">RFC 7677</ulink>. It
is a challenge-response scheme that prevents password sniffing on
untrusted connections and supports storing passwords on the server in a
cryptographically hashed form that is thought to be secure.
@@ -1228,7 +1228,7 @@ omicron bryanh guest1
<para>
<productname>GSSAPI</productname> is an industry-standard protocol
for secure authentication defined in
- <ulink url="https://tools.ietf.org/html/rfc2743">RFC 2743</ulink>.
+ <ulink url="https://datatracker.ietf.org/doc/html/rfc2743">RFC 2743</ulink>.
<productname>PostgreSQL</productname>
supports <productname>GSSAPI</productname> for authentication,
communications encryption, or both.
@@ -1543,7 +1543,7 @@ omicron bryanh guest1
<para>
The <quote>Identification Protocol</quote> is described in
- <ulink url="https://tools.ietf.org/html/rfc1413">RFC 1413</ulink>.
+ <ulink url="https://datatracker.ietf.org/doc/html/rfc1413">RFC 1413</ulink>.
Virtually every Unix-like
operating system ships with an ident server that listens on TCP
port 113 by default. The basic functionality of an ident server
@@ -1712,7 +1712,7 @@ omicron bryanh guest1
<para>
Set to 1 to make the connection between PostgreSQL and the LDAP server
use TLS encryption. This uses the <literal>StartTLS</literal>
- operation per <ulink url="https://tools.ietf.org/html/rfc4513">RFC 4513</ulink>.
+ operation per <ulink url="https://datatracker.ietf.org/doc/html/rfc4513">RFC 4513</ulink>.
See also the <literal>ldapscheme</literal> option for an alternative.
</para>
</listitem>
@@ -1807,7 +1807,7 @@ omicron bryanh guest1
<term><literal>ldapurl</literal></term>
<listitem>
<para>
- An <ulink url="https://tools.ietf.org/html/rfc4516">RFC 4516</ulink>
+ An <ulink url="https://datatracker.ietf.org/doc/html/rfc4516">RFC 4516</ulink>
LDAP URL. This is an alternative way to write some of the
other LDAP options in a more compact and standard form. The format is
<synopsis>
@@ -1870,7 +1870,7 @@ ldap[s]://<replaceable>host</replaceable>[:<replaceable>port</replaceable>]/<rep
<productname>OpenLDAP</productname> as the LDAP client library, the
<literal>ldapserver</literal> setting may be omitted. In that case, a
list of host names and ports is looked up via
- <ulink url="https://tools.ietf.org/html/rfc2782">RFC 2782</ulink> DNS SRV records.
+ <ulink url="https://datatracker.ietf.org/doc/html/rfc2782">RFC 2782</ulink> DNS SRV records.
The name <literal>_ldap._tcp.DOMAIN</literal> is looked up, where
<literal>DOMAIN</literal> is extracted from <literal>ldapbasedn</literal>.
</para>