Quick Links

should libpq also require TLSv1.2 by default?

From:	Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>
To:	pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject:	should libpq also require TLSv1.2 by default?
Date:	2020-06-24 06:39:26
Message-ID:	a9408304-4381-a5af-d259-e55d349ae4ce@2ndquadrant.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

In PG13, we raised the server-side default of ssl_min_protocol_version
to TLSv1.2. We also added a connection setting named
ssl_min_protocol_version to libpq. But AFAICT, the default value of the
libpq setting is empty, so any protocol version will be accepted. Is
this what we wanted? Should we raise the default in libpq as well?

--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

Responses

Re: should libpq also require TLSv1.2 by default? at 2020-06-24 08:33:22 from Daniel Gustafsson

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Maciek Sakrejda	2020-06-24 07:11:45	Re: EXPLAIN: Non-parallel ancestor plan nodes exclude parallel worker instrumentation
Previous Message	Peter Eisentraut	2020-06-24 06:35:58	Allow CURRENT_ROLE in GRANTED BY