> -----Original Message-----
> From: Andreas Pflug [mailto:pgadmin@pse-consulting.de]
> Sent: 17 November 2003 17:19
> To: Dave Page
> Cc: Michiel Lange; [pgADMIN]
> Subject: Re: [pgadmin-support] bug in pgadmin III
>
> IMHO this isn't worth the effort. We have SSL connections to
> secure wire tapping. This is necessary for securing session
> logon anyway.
How did you figure that? The server replies to the connection message
with an md5 password message, which the client (libpq) sends.
You don't need ssl to prevent sending plaintext passwords.
Regards, Dave.
