| From: | Peter Eisentraut <peter(at)eisentraut(dot)org> |
|---|---|
| To: | Christoph Berg <myon(at)debian(dot)org>, George MacKerron <george(at)mackerron(dot)co(dot)uk>, Daniel Gustafsson <daniel(at)yesql(dot)se>, Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: sslmode=secure by default (Re: Making sslrootcert=system work on Windows psql) |
| Date: | 2025-04-24 12:00:25 |
| Message-ID: | 4954beab-9478-4193-98d1-7764929e2871@eisentraut.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 24.04.25 12:53, Christoph Berg wrote:
> Now you can say `psql -h db.example.com -p 5433 dbfoo`, but for
> specifying the sslmode, you have to rewrite at least the last argument
> to use connection string syntax, `psql "dbname=dbfoo sslmode=verify-full`.
> This needs be be less cumbersome. (And the names of the options make
> me want to stay away from them, require/verify-ca/verify-full/verify-confusing.
> Your sslmode=secure idea is really good.)
I'm generally in favor of making sslmode=verify-full the effective
default somehow.
Another detail to think about is how this affects psql -h localhost. In
principle, this should require full SSL, but you're probably not going
to have certificates that allow "localhost". And connections to
localhost are the default on Windows. We could also switch the Windows
default to Unix-domain sockets. But there are probably still other
reasons why connections to TCP/IP localhost are made. Some things to
think about.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Sergey Shinderuk | 2025-04-24 12:06:19 | Postmaster fails to shut down right after crash restart |
| Previous Message | Peter Eisentraut | 2025-04-24 11:43:57 | Re: What's our minimum supported Python version? |