Re: SSL renegotiation - Mailing list pgsql-hackers

From Robert Haas
Subject Re: SSL renegotiation
Date
Msg-id CA+TgmobqrJ+m7Ke+F+1jbDEsaCLgm0Vm8DDqAw-UfTDtzXve0g@mail.gmail.com
Whole thread Raw
In response to Re: SSL renegotiation  (Noah Misch <noah@leadboat.com>)
List pgsql-hackers
On Fri, Jul 12, 2013 at 8:51 PM, Noah Misch <noah@leadboat.com> wrote:
> On Fri, Jul 12, 2013 at 04:32:52PM -0400, Alvaro Herrera wrote:
>> Now, should we support the 0.9.6-and-earlier mechanism?  My inclination
>> is no; even RHEL 3, the oldest supported Linux distribution, uses 0.9.7
>> (Heck, even Red Hat Linux 9, released on 2003).  To see OpenSSL 0.9.6
>> you need to go back to Red Hat Linux 7.2, released on 2001 using a Linux
>> kernel 2.4.  Surely no one in their right mind would use a current
>> Postgres release on such an ancient animal.
>
> Agreed.  The OpenSSL Project last applied a security fix to 0.9.6 over eight
> years ago.  Compatibility with 0.9.6 has zero or negative value.

+1 from me as well, if any more are needed.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company



pgsql-hackers by date:

Previous
From: Andres Freund
Date:
Subject: Re: findDependentObjects() mutual exclusion vs. MVCC catalog scans
Next
From: Tom Lane
Date:
Subject: Re: Differences in WHERE clause of SELECT