Tom, all,
* Tom Lane (tgl@sss.pgh.pa.us) wrote:
> ... which the user can't tell apart from having fat-fingered the password,
> I suppose? Doesn't sound terribly friendly. A report of a certificate
> mismatch is far more likely to lead people to realize there's a MITM.
We might be able to improve on that.
> So this seems more like a hack than like a feature we need so desperately
> as to push it into v10 post-freeze.
Channel binding certainly isn't a 'hack' and is something we should
support, but I agree that it doesn't need to go into v10.
Thanks!
Stephen