| From: | Andres Freund <andres(at)anarazel(dot)de> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) |
| Date: | 2015-06-27 16:13:36 |
| Message-ID: | 20150627161336.GH30708@awork2.anarazel.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 2015-06-27 12:10:49 -0400, Tom Lane wrote:
> Andres Freund <andres(at)anarazel(dot)de> writes:
> > On 2015-06-27 15:07:05 +0900, Michael Paquier wrote:
> >> +1 for removing on master and just disabling on back-branches.
>
> > The problem with that approach is that it leaves people hanging in the
> > dry if they've uncommented the default value, or changed it. That
> > doesn't seem nice to me.
>
> I think at least 99% of the people who are using a nondefault value of
> ssl_renegotiation_limit are using zero and so would have no problem with
> this at all. Possibly 100% of them; there's not really much use-case for
> changing from 512MB to some other nonzero value, is there?
While still at 2ndq I've seen some increase it to nonzero values to cope
with the connection breaks.
Andres
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2015-06-27 16:32:49 | pg_file_settings view vs. Windows |
| Previous Message | Tom Lane | 2015-06-27 16:10:49 | Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) |