Home > mailing lists

Re: Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) - Mailing list pgsql-hackers

From	Michael Paquier
Subject	Re: Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?)
Date	July 11, 2015 15:09:11
Msg-id	CAB7nPqQnjiDixR5qNJ86QnM++sKpyTedTNLF_vNPmVtu5xOZyQ@mail.gmail.com Whole thread Raw
In response to	Re: Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) (Andres Freund <andres@anarazel.de>)
Responses	Re: Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) (Andres Freund <andres@anarazel.de>)
List	pgsql-hackers

Tree view

On Fri, Jul 10, 2015 at 7:47 PM, Andres Freund <andres@anarazel.de> wrote:

On 2015-07-01 23:32:23 -0400, Noah Misch wrote:
> We'd need to be triply confident that we know better than the DBA before
> removing flexibility in back branches.
> +1 for just changing the default.

I think we do. But I also think that I pretty clearly lost this
argument, so let's just change the default.

Is anybody willing to work on this?

Something like the patches attached could be considered, one is for master and REL9_5_STABLE to remove ssl_renegotiation_limit, the second one for ~REL9_4_STABLE to change the default to 0.

Regards,

Michael

Attachment

pgsql-hackers by date:

From: Tomas Vondra
Date: 11 July 2015, 15:01:09
Subject: Re: PATCH: index-only scans with partial indexes

From: Andres Freund
Date: 11 July 2015, 15:28:58
Subject: Re: Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?)

Re: Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) - Mailing list pgsql-hackers

Attachment

Previous

Next