Re: SSL cleanups/hostname verification
| От | Peter Eisentraut |
|---|---|
| Тема | Re: SSL cleanups/hostname verification |
| Дата | |
| Msg-id | 48FD8C83.9000805@gmx.net обсуждение исходный текст |
| Ответ на | Re: SSL cleanups/hostname verification ("Robert Haas" <robertmhaas@gmail.com>) |
| Ответы |
Re: SSL cleanups/hostname verification
|
| Список | pgsql-hackers |
Robert Haas wrote: >>> How can you make that the default? Won't it immediately break every >>> installation without certificates? >> *all* SSL installations have certificate on the server side. You cannot >> run without it. > > s/without certificates/with self-signed certificates/ > > which I would guess to be a common configuration Yeah, but those setups are already broken anyway; the users just appear not to know it. If you install a new web browser, would you want it to be configured by default to warn about untrusted certificates or to "not bother" the user about it? It's pretty much the same question here.
В списке pgsql-hackers по дате отправления: