| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
| Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, Magnus Hagander <magnus(at)hagander(dot)net>, Daniel Gustafsson <daniel(at)yesql(dot)se>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Update minimum SSL version |
| Date: | 2019-12-02 15:13:26 |
| Message-ID: | 29853.1575299606@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> writes:
> On 2019-11-30 04:06, Tom Lane wrote:
>> I think the real question we have to answer is this: are we intent on
>> making people upgrade ancient openssl installations?
> The trade-off is that this makes the defaults better for the vast
> majority of users and gives users of really old systems a nudge that
> they are no longer in compliance with industry best practices. You need
> manual steps to set up SSL anyway, so this doesn't introduce an entirely
> new kind of requirement for the latter group of users.
True. I'm okay with this as long as we adapt the ssl test suite as
per your other reply.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Fetter | 2019-12-02 15:20:51 | Adding a Partition in Painful |
| Previous Message | Robert Haas | 2019-12-02 15:08:51 | Re: Undo logs |