Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?)
| От | Andres Freund |
|---|---|
| Тема | Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) |
| Дата | |
| Msg-id | 20150627161336.GH30708@awork2.anarazel.de обсуждение |
| Ответ на | Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: Removing SSL renegotiation (Was: Should we back-patch SSL
renegotiation fixes?)
|
| Список | pgsql-hackers |
On 2015-06-27 12:10:49 -0400, Tom Lane wrote: > Andres Freund <andres@anarazel.de> writes: > > On 2015-06-27 15:07:05 +0900, Michael Paquier wrote: > >> +1 for removing on master and just disabling on back-branches. > > > The problem with that approach is that it leaves people hanging in the > > dry if they've uncommented the default value, or changed it. That > > doesn't seem nice to me. > > I think at least 99% of the people who are using a nondefault value of > ssl_renegotiation_limit are using zero and so would have no problem with > this at all. Possibly 100% of them; there's not really much use-case for > changing from 512MB to some other nonzero value, is there? While still at 2ndq I've seen some increase it to nonzero values to cope with the connection breaks. Andres
В списке pgsql-hackers по дате отправления: