Re: Re: [pgsql-pkg-debian] Updated libpq5 packages cause connection errors on postgresql 9.2

From: Christoph Berg <cb(at)df7cb(dot)de>
To: Bruce Momjian <bruce(at)momjian(dot)us>
Cc: Magnus Hagander <magnus(at)hagander(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Chris Butler <cbutler(at)zedcore(dot)com>, "pgsql-pkg-debian(at)postgresql(dot)org" <pgsql-pkg-debian(at)postgresql(dot)org>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Re: [pgsql-pkg-debian] Updated libpq5 packages cause connection errors on postgresql 9.2
Date: 2015-04-01 20:11:52
Message-ID: 20150401201152.GB21476@msg.df7cb.de
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers pgsql-pkg-debian

Re: Bruce Momjian 2015-04-01 <20150401160907(dot)GJ4466(at)momjian(dot)us>
> On Sat, Dec 20, 2014 at 12:27:05PM +0100, Magnus Hagander wrote:
> > I haven't seen a specific number, it might depend on exactly which cipher is
> > negotiated. See for example http://openssl.6102.n7.nabble.com/
> > What-is-the-reason-for-error-quot-SSL-negotiation-failed-error-04075070-rsa-routines-RSA-sign-digest-td43953.html
> >
> > All references I have foud say at least 2014 is safe and 512 is broken, but
> > there are points in betwee nthat apparently works in some cases only.
> >
> > I think if we say "use 1024 bits or more" we err on the safe side. 
>
> Did we ever decide on this?

The question seems to be if we want to recommend "1024 or more" or
something more sophisticated like "use something between 512 and 1024
but ymmv .... 1024 should work in any case". Given that more bits
should be more secure, and 1024 shouldn't pose a performance problem
for anyone, going for the short version shouldn't do any harm.

Christoph
--
cb(at)df7cb(dot)de | http://www.df7cb.de/

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2015-04-01 21:19:05 Re: Selectivity estimation for inet operators
Previous Message Bruce Momjian 2015-04-01 20:06:29 Re: printing table in asciidoc with psql

Browse pgsql-pkg-debian by date

  From Date Subject
Next Message Elena 2015-04-14 12:20:21 hi
Previous Message Bruce Momjian 2015-04-01 16:09:07 Re: Re: [pgsql-pkg-debian] Updated libpq5 packages cause connection errors on postgresql 9.2