Robert Haas <robertmhaas@gmail.com> writes:
> Should we think about adding a GUC to disable renegotiation until this
> blows over?
Bad idea: once set, it'll never get unset, thus leaving installations
with a weakened security posture even after they've installed fixed
versions of openssl.
regards, tom lane
