Home > mailing lists

Re: Recent vendor SSL renegotiation patches break PostgreSQL - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Recent vendor SSL renegotiation patches break PostgreSQL
Date	February 3, 2010 15:09:42
Msg-id	11293.1265213369@sss.pgh.pa.us Whole thread Raw
In response to	Re: Recent vendor SSL renegotiation patches break PostgreSQL (Michael Ledford <mledford@gmail.com>)
Responses	Re: Recent vendor SSL renegotiation patches break PostgreSQL Re: Recent vendor SSL renegotiation patches break PostgreSQL
List	pgsql-hackers

Tree view

Michael Ledford <mledford@gmail.com> writes:
> One might argue that the current method is already weakened as it is
> measured by the amount of data sent instead of of a length of time. A
> session could live a long time under the 512MB threshold depending on
> the queries that are being performed.

Renegotiation after X amount of data is the recommended method AFAIK,
because it limits the volume of data available to cryptanalysis.
What makes you think that elapsed time is relevant at all?
        regards, tom lane

pgsql-hackers by date:

From: Robert Haas
Date: 03 February 2010, 15:08:32
Subject: Re: Review of Writeable CTE Patch

From: Robert Haas
Date: 03 February 2010, 15:11:30
Subject: Re: [CFReview] Red-Black Tree

Re: Recent vendor SSL renegotiation patches break PostgreSQL - Mailing list pgsql-hackers

Previous

Next