Dave Page <dpage@postgresql.org> writes:
> Andrew Dunstan wrote:
>> Then I think I'd rather disable use of client certs for the offending
>> openssl versions in libpq, or let the apps die and refer the customers
>> to the openssl people to lobby them for a sane solution.
> If this were 8.0 I'd agree, but thats not a nice solution for those
> already using client certs (such as the pgAdmin user who brought this to
> my attention).
Doesn't really matter. Even if we were willing to hack our own client
apps like that (which I'm not), we can *not* transfer such a requirement
onto every libpq-using application. It's just not acceptable.
regards, tom lane
