Quick Links

Re: settings to control SSL/TLS protocol version

From:	Michael Paquier <michael(at)paquier(dot)xyz>
To:	Robert Haas <robertmhaas(at)gmail(dot)com>
Cc:	Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: settings to control SSL/TLS protocol version
Date:	2018-11-06 03:08:34
Message-ID:	20181106030834.GE1814@paquier.xyz
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Mon, Nov 05, 2018 at 03:01:58PM -0500, Robert Haas wrote:
> +1. Maybe it would make sense to spell 'any' as the empty string.
> Intuitively, it makes more sense to me to think about there being no
> maximum than to think about the maximum being anything.

I have looked at the code a bit yesterday and the implementation as well
as how things are handled with OpenSSL looked sane to me. The
suggestion of using an empty string as the default instead of 'any' also
makes sense per your argument
--
Michael

In response to

Re: settings to control SSL/TLS protocol version at 2018-11-05 20:01:58 from Robert Haas

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	David Rowley	2018-11-06 03:40:55	Re: Tid scan improvements
Previous Message	Michael Paquier	2018-11-06 03:03:02	Re: ON COMMIT actions and inheritance