Re: openssl heartbleed

From: Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at>
To: "John R Pierce *EXTERN*" <pierce(at)hogranch(dot)com>, "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org>
Subject: Re: openssl heartbleed
Date: 2014-04-10 18:54:30
Message-ID: A737B7A37273E048B164557ADEF4A58B17CEF6D3@ntex2010i.host.magwien.gv.at
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

John R Pierce wrote:
> On 4/10/2014 1:01 AM, Albe Laurenz wrote:
>> If you are in a totally trusted environment, why would you use SSL?

> Belt, and suspenders.

I guess what I wanted to say was:
If you are concerned enough to use SSL, you should be concerned enough
to change your certificates.

To continue the suspenders parable, if you are worried enough to wear
suspenders you should replace them if they have been cut in two.
Or take them off - wearing broken suspenders is sillier than wearing none
(SSL costs resources).

Yours,
Laurenz Albe

In response to

Browse pgsql-general by date

  From Date Subject
Next Message zach cruise 2014-04-10 19:48:58 design question: how to geocode multiple dynamic "city, country"?
Previous Message Guy Helmer 2014-04-10 13:50:31 Re: encrypting data stored in PostgreSQL