Home > mailing lists

Re: Update minimum SSL version - Mailing list pgsql-hackers

From	Magnus Hagander
Subject	Re: Update minimum SSL version
Date	November 29, 2019 15:40:48
Msg-id	CABUevEy4meLCVnrTbjU9zoJvRoWUjvmdmUUkaoAqKYkk0MWHYA@mail.gmail.com Whole thread Raw
In response to	Re: Update minimum SSL version (Daniel Gustafsson <daniel@yesql.se>)
Responses	Re: Update minimum SSL version (Michael Paquier <michael@paquier.xyz>)
List	pgsql-hackers

Tree view

On Fri, Nov 29, 2019 at 11:10 AM Daniel Gustafsson <daniel@yesql.se> wrote:

> On 29 Nov 2019, at 08:36, Peter Eisentraut <peter.eisentraut@2ndquadrant.com> wrote:
>
> I propose to change the default of ssl_min_protocol_version to TLSv1.2 (from TLSv1, which means 1.0). Older versions would still be supported, just not by default.

+1 for having a sane default with a way to fall back to older versions in case
they are required.

+1. As long as we still have support to change it down if needed, it's a good thing to ship with a proper default.

Magnus Hagander
Me: https://www.hagander.net/
Work: https://www.redpill-linpro.com/

pgsql-hackers by date:

From: Amit Kapila
Date: 29 November 2019, 15:09:58
Subject: Re: Do XID sequences need to be contiguous?

From: Michael Paquier
Date: 29 November 2019, 15:57:27
Subject: Re: Update minimum SSL version

Re: Update minimum SSL version - Mailing list pgsql-hackers

Previous

Next