Quick Links

Re: RFC 9266: Channel Bindings for TLS 1.3 support

From:	Michael Paquier <michael(at)paquier(dot)xyz>
To:	Jacob Champion <jchampion(at)timescale(dot)com>
Cc:	* Neustradamus * <neustradamus(at)hotmail(dot)com>, "pgsql-bugs(at)lists(dot)postgresql(dot)org" <pgsql-bugs(at)lists(dot)postgresql(dot)org>
Subject:	Re: RFC 9266: Channel Bindings for TLS 1.3 support
Date:	2022-07-30 02:38:57
Message-ID:	YuSZwX/7CPzBzIEt@paquier.xyz
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-bugs

On Fri, Jul 29, 2022 at 10:28:19AM -0700, Jacob Champion wrote:
> I think we can provide tls-exporter for older TLS versions as well, as
> long as SSL_get_extms_support() returns 1 for the connection, per
> Section 4.2 [1]. That would let people use a unique binding even if
> they can't use TLS 1.3 for whatever reason.

Ah, good point. Thanks.
--
Michael

In response to

Re: RFC 9266: Channel Bindings for TLS 1.3 support at 2022-07-29 17:28:19 from Jacob Champion

Browse pgsql-bugs by date

	From	Date	Subject
Next Message	Peter Smith	2022-08-01 01:50:33	Re: Excessive number of replication slots for 12->14 logical replication
Previous Message	PG Bug reporting form	2022-07-29 22:18:54	BUG #17562: Strange behavior of to_tsquery() with a - character