From: | Vladimir Sitnikov <sitnikov(dot)vladimir(at)gmail(dot)com> |
---|---|
To: | Greg Stark <stark(at)mit(dot)edu> |
Cc: | Andrey Borodin <amborodin86(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Experiments with Postgres and SSL |
Date: | 2023-01-19 20:49:30 |
Message-ID: | CAB=Je-EPYPC2fN7J11PPQM0Q_-nDfnxvCr1An6TdX+sPJSnJsQ@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
It would be great if PostgreSQL supported 'start with TLS', however, how
could clients activate the feature?
I would like to refrain users from configuring the handshake mode, and I
would like to refrain from degrading performance when a new client talks to
an old database.
What if the server that supports 'fast TLS' added an extra notification in
case client connects with a classic TLS?
Then a capable client could remember host:port and try with newer TLS
appoach the next time it connects.
It would be transparent to the clients, and the users won't need to
configure 'prefer classic or fast TLS'
The old clients could discard the notification.
Vladimir
--
Vladimir
From | Date | Subject | |
---|---|---|---|
Next Message | Bruce Momjian | 2023-01-19 20:56:54 | Re: document the need to analyze partitioned tables |
Previous Message | Jacob Champion | 2023-01-19 20:48:03 | Re: Transparent column encryption |