On 10/12/12 12:44 PM, Stephen Frost wrote:
> Don't get me wrong- I really dislike that
> we don't have something better today for people who insist on password
> based auth, but perhaps we should be pushing harder for people to use
> SSL instead?
Problem is, the fact that setting up SSL correctly is hard is outside of
our control.
Unless we can give people a "run these three commands on each server and
you're now SSL authenticating" script, we can continue to expect the
majority of users not to use SSL. And I don't think that level of
simplicity is even theoretically possible.
--
Josh Berkus
PostgreSQL Experts Inc.
http://pgexperts.com