Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> Oh, good. I couldn't remember if it was the postmaster or child that
> validates that key. I now remember only the postmaster needs the secret
> because it sends the signal.
However, the child process needs the secret for long enough to send it
off to the client at the completion of the authentication handshake.
So there is a problem to resolve here.
regards, tom lane