On Mon, Jul 29, 2024 at 3:26 PM Daniel Gustafsson <daniel@yesql.se> wrote:
> > On 17 Jun 2024, at 19:56, Andres Freund <andres@anarazel.de> wrote:
> > On 2024-06-17 19:51:45 +0200, Daniel Gustafsson wrote:
>
> >> Changing the default of the ecdh GUC would perhaps be doable?
> >
> > I was wondering whether we could change the default so that it accepts both
> > x25519 and secp256r1. Unfortunately that seems to requires changing what we
> > use to set the parameter...
>
> Right. The patch in https://commitfest.postgresql.org/48/5025/ does allow for
> accepting both but that's a different discussion.
Just a reminder that, if we do want to change this for 18 onward, the
window is closing. Adding x25519 to the default groups seems like a
good idea to me, whether we can get something backpatched or not.
Thanks,
--Jacob
