| From: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> |
|---|---|
| To: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
| Cc: | Erica Zhang <ericazhangy2021(at)qq(dot)com>, Andres Freund <andres(at)anarazel(dot)de>, Jelte Fennema-Nio <postgres(at)jeltef(dot)nl>, Peter Eisentraut <peter(at)eisentraut(dot)org>, pgsql-hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Add support to TLS 1.3 cipher suites and curves lists |
| Date: | 2024-07-22 17:54:43 |
| Message-ID: | CAOYmi+=H9Nfn+SRVR-1hZvo1m9YL-hNCufSvSESLXXmP7TfOwQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Jul 3, 2024 at 9:20 AM Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
> It's essentially just polish and adding comments with the functional
> changes that a) it parses the entire list of curves so all errors can be
> reported instead of giving up at the first error; b) leaving the cipher suite
> GUC blank will set the suites to the OpenSSL default vale.
Is there an advantage to setting it to a compile-time default, as
opposed to just leaving it alone and not setting it at all? With the
current patch, if you dropped in a more advanced OpenSSL 3.x that
changed up the defaults, you wouldn't see any benefit.
Thanks,
--Jacob
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2024-07-22 17:55:47 | Re: [18] Policy on IMMUTABLE functions and Unicode updates |
| Previous Message | Isaac Morland | 2024-07-22 17:54:21 | Re: [18] Policy on IMMUTABLE functions and Unicode updates |