On Fri, Nov 29, 2019 at 11:10 AM Daniel Gustafsson <daniel@yesql.se> wrote:
> On 29 Nov 2019, at 08:36, Peter Eisentraut <peter.eisentraut@2ndquadrant.com> wrote: > > I propose to change the default of ssl_min_protocol_version to TLSv1.2 (from TLSv1, which means 1.0). Older versions would still be supported, just not by default.
+1 for having a sane default with a way to fall back to older versions in case they are required.
+1. As long as we still have support to change it down if needed, it's a good thing to ship with a proper default.