| From: | Jelte Fennema-Nio <postgres(at)jeltef(dot)nl> |
|---|---|
| To: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> |
| Cc: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, Dave Cramer <davecramer(at)gmail(dot)com>, Fujii Masao <masao(dot)fujii(at)oss(dot)nttdata(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Correct documentation for protocol version |
| Date: | 2026-06-30 20:27:51 |
| Message-ID: | CAGECzQTrU8XfCoEu615Y+oddBj0ah9_s7JJ-w0zmNJHrmifpmw@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, 30 Jun 2026 at 18:49, Jacob Champion
<jacob(dot)champion(at)enterprisedb(dot)com> wrote:
> ("9.3.21 and later" is misleading,
> though; see a60a10338 and its thread.)
That's fair. we can add all the minor versions in that list
> (To
> put it another way: clients and servers don't have to support that in
> order to claim protocol 3.0 compliance.)
Based on my reading of the protocol docs[1] that's not the case. They
(currently) fairly clearly state that this is part of the protocol,
not some optional feature a server might implement (emphasis mine):
> A second alternate way to initiate SSL encryption is available. *The server will recognize* connections which immediately begin SSL negotiation without any previous SSLRequest packets...
I think it would be a shame if there will never be a point when we can
make clients default to sslmode=direct. But if you think it should be
an optional feature, then the current docs should definitely be
clarified in that respect.
> or link to the "protocol-flow-ssl" id in the docs.
I think that's a good idea regardless.
[1]: https://www.postgresql.org/docs/current/protocol-flow.html#PROTOCOL-FLOW-SSL
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2026-06-30 20:32:15 | Improving display of octal GUCs |
| Previous Message | Alexander Korotkov | 2026-06-30 20:24:47 | Re: BUG with accessing to temporary tables of other sessions still exists |