Re: should libpq also require TLSv1.2 by default?
| От | Tom Lane |
|---|---|
| Тема | Re: should libpq also require TLSv1.2 by default? |
| Дата | |
| Msg-id | 2339796.1593177583@sss.pgh.pa.us обсуждение |
| Ответ на | Re: should libpq also require TLSv1.2 by default? (Daniel Gustafsson <daniel@yesql.se>) |
| Ответы |
Re: should libpq also require TLSv1.2 by default?
|
| Список | pgsql-hackers |
Daniel Gustafsson <daniel@yesql.se> writes:
>> On 26 Jun 2020, at 00:44, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> BTW, the server-side report of the problem looks like
>> LOG: could not accept SSL connection: wrong version number
> I can totally see some thinking that it's the psql version at client side which
> is referred to and not the TLS protocol version. Perhaps we should add a hint
> there as well?
Not sure. We can't fix it in the case we're mainly concerned about,
namely an out-of-support server version. At the same time, it's certainly
true that "version number" is way too under-specified in this context.
Maybe improving this against the day that TLSv2 exists would be smart.
regards, tom lane
В списке pgsql-hackers по дате отправления: