diff options
Diffstat (limited to 'doc/src/sgml/client-auth.sgml')
| -rw-r--r-- | doc/src/sgml/client-auth.sgml | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml index 68e73b9..02fa1ec 100644 --- a/doc/src/sgml/client-auth.sgml +++ b/doc/src/sgml/client-auth.sgml @@ -627,7 +627,7 @@ hostnogssenc <replaceable>database</replaceable> <replaceable>user</replaceabl entire <literal>Distinguished Name (DN)</literal> of the certificate. This option is probably best used in conjunction with a username map. The comparison is done with the <literal>DN</literal> in - <ulink url="https://tools.ietf.org/html/rfc2253">RFC 2253</ulink> + <ulink url="https://datatracker.ietf.org/doc/html/rfc2253">RFC 2253</ulink> format. To see the <literal>DN</literal> of a client certificate in this format, do <programlisting> @@ -977,7 +977,7 @@ omicron bryanh guest1 <para> <link linkend="auth-ident">Ident authentication</link>, which relies on an <quote>Identification Protocol</quote> - (<ulink url="https://tools.ietf.org/html/rfc1413">RFC 1413</ulink>) + (<ulink url="https://datatracker.ietf.org/doc/html/rfc1413">RFC 1413</ulink>) service on the client's machine. (On local Unix-socket connections, this is treated as peer authentication.) </para> @@ -1116,7 +1116,7 @@ omicron bryanh guest1 <para> The method <literal>scram-sha-256</literal> performs SCRAM-SHA-256 authentication, as described in - <ulink url="https://tools.ietf.org/html/rfc7677">RFC 7677</ulink>. It + <ulink url="https://datatracker.ietf.org/doc/html/rfc7677">RFC 7677</ulink>. It is a challenge-response scheme that prevents password sniffing on untrusted connections and supports storing passwords on the server in a cryptographically hashed form that is thought to be secure. @@ -1228,7 +1228,7 @@ omicron bryanh guest1 <para> <productname>GSSAPI</productname> is an industry-standard protocol for secure authentication defined in - <ulink url="https://tools.ietf.org/html/rfc2743">RFC 2743</ulink>. + <ulink url="https://datatracker.ietf.org/doc/html/rfc2743">RFC 2743</ulink>. <productname>PostgreSQL</productname> supports <productname>GSSAPI</productname> for authentication, communications encryption, or both. @@ -1543,7 +1543,7 @@ omicron bryanh guest1 <para> The <quote>Identification Protocol</quote> is described in - <ulink url="https://tools.ietf.org/html/rfc1413">RFC 1413</ulink>. + <ulink url="https://datatracker.ietf.org/doc/html/rfc1413">RFC 1413</ulink>. Virtually every Unix-like operating system ships with an ident server that listens on TCP port 113 by default. The basic functionality of an ident server @@ -1712,7 +1712,7 @@ omicron bryanh guest1 <para> Set to 1 to make the connection between PostgreSQL and the LDAP server use TLS encryption. This uses the <literal>StartTLS</literal> - operation per <ulink url="https://tools.ietf.org/html/rfc4513">RFC 4513</ulink>. + operation per <ulink url="https://datatracker.ietf.org/doc/html/rfc4513">RFC 4513</ulink>. See also the <literal>ldapscheme</literal> option for an alternative. </para> </listitem> @@ -1807,7 +1807,7 @@ omicron bryanh guest1 <term><literal>ldapurl</literal></term> <listitem> <para> - An <ulink url="https://tools.ietf.org/html/rfc4516">RFC 4516</ulink> + An <ulink url="https://datatracker.ietf.org/doc/html/rfc4516">RFC 4516</ulink> LDAP URL. This is an alternative way to write some of the other LDAP options in a more compact and standard form. The format is <synopsis> @@ -1870,7 +1870,7 @@ ldap[s]://<replaceable>host</replaceable>[:<replaceable>port</replaceable>]/<rep <productname>OpenLDAP</productname> as the LDAP client library, the <literal>ldapserver</literal> setting may be omitted. In that case, a list of host names and ports is looked up via - <ulink url="https://tools.ietf.org/html/rfc2782">RFC 2782</ulink> DNS SRV records. + <ulink url="https://datatracker.ietf.org/doc/html/rfc2782">RFC 2782</ulink> DNS SRV records. The name <literal>_ldap._tcp.DOMAIN</literal> is looked up, where <literal>DOMAIN</literal> is extracted from <literal>ldapbasedn</literal>. </para> |