From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, Daniel Gustafsson <daniel(at)yesql(dot)se>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: should libpq also require TLSv1.2 by default? |
Date: | 2020-06-25 19:57:00 |
Message-ID: | 2290553.1593115020@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> I wonder how much of a problem this really is.
Yeah. I find Robert's points about that pretty persuasive: by now
needing to connect to a server without TLSv1.2 support, *and* needing to
do so with SSL on, ought to be a tiny niche use case (much smaller than
the number of people who would like a more secure default). If we can
make the error message about this be reasonably clear then I don't have
an objection to changing libpq's default.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Andres Freund | 2020-06-25 20:36:29 | Re: Default setting for enable_hashagg_disk |
Previous Message | Bruce Momjian | 2020-06-25 19:56:07 | Re: Default setting for enable_hashagg_disk |