Peter Eisentraut <peter_e@gmx.net> writes:
> Any other opinions on this out there? All instances of other
> SSL-enabled servers out there, except nginx, default to some variant of
> DEFAULT:!LOW:... or HIGH:MEDIUM:.... The proposal here is essentially
> to disable MEDIUM ciphers by default, which is explicitly advised
> against in the Postfix and Dovecot documentation, for example.
Doesn't seem like a great idea then. I assume that if left to its own
devices, PG presently selects some MEDIUM-level cipher by default? If so,
it sounds like this change amounts to imposing a performance penalty for
SSL connections by fiat. On the other hand, if we select a HIGH cipher by
default, then aren't we just refusing to let clients who explicitly ask
for a MEDIUM cipher have one? Either way, I'd want to see a pretty darn
airtight rationale for that, and there sure isn't one in this thread
so far.
The part of the patch that removes @STRENGTH seems plausible, though,
if Marko is correct that that's effectively overriding a hand-tailored
ordering.
In the end I wonder why our default isn't just "DEFAULT". Anybody who
thinks that's an inappropriate default should be lobbying the OpenSSL
folk, not us, I should think.
regards, tom lane