| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, Daniel Gustafsson <daniel(at)yesql(dot)se>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: should libpq also require TLSv1.2 by default? |
| Date: | 2020-06-25 19:57:00 |
| Message-ID: | 2290553.1593115020@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> I wonder how much of a problem this really is.
Yeah. I find Robert's points about that pretty persuasive: by now
needing to connect to a server without TLSv1.2 support, *and* needing to
do so with SSL on, ought to be a tiny niche use case (much smaller than
the number of people who would like a more secure default). If we can
make the error message about this be reasonably clear then I don't have
an objection to changing libpq's default.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2020-06-25 20:36:29 | Re: Default setting for enable_hashagg_disk |
| Previous Message | Bruce Momjian | 2020-06-25 19:56:07 | Re: Default setting for enable_hashagg_disk |