Stephen Frost <sfrost@snowman.net> writes:
> * Tom Lane (tgl@sss.pgh.pa.us) wrote:
>> ... which the user can't tell apart from having fat-fingered the password,
>> I suppose? Doesn't sound terribly friendly. A report of a certificate
>> mismatch is far more likely to lead people to realize there's a MITM.
> We might be able to improve on that.
I'd sure be happier about this being a useful feature if we can. But
unless someone has a design for that ready-to-go, that's another good
reason to put it off.
regards, tom lane