Re: SSL cleanups/hostname verification

Magnus Hagander wrote:
> Robert Haas wrote:
>>>> How can you make that the default?  Won't it immediately break every
>>>> installation without certificates?
>>> *all* SSL installations have certificate on the server side. You cannot
>>> run without it.
>> s/without certificates/with self-signed certificates/
>>
>> which I would guess to be a common configuration
> 
> Self-signed still work. In a self-signed scenario, the server
> certificate *is* the CA certificate.

But the user needs to copy the CA to the client, which most people 
probably don't do nowadays.