On Mon, Jul 10, 2017 at 9:29 AM, Álvaro Hernández Tortosa
<aht@8kdata.com> wrote:
> Precisely yesterday I initiated a similar thread:
> https://www.postgresql.org/message-id/d4098ef4-2910-c8bf-f1e3-f178ba77c381%408kdata.com
>
> I think that a) the mere auth mechanism is not enough (channel binding
> or not, ssl or not, change a lot the effective security obtained) and b)
> maybe a categorization is a better way of specifying a connection security
> requirements.
>
> What's your opinion on this? Any answer should also be coordinated among
> the drivers.
Before rushing into implementing something that we may not want, let's
discuss the matter on the thread spawned by Álvaro and find an
agreement and a direction of implementation. I was planning to answer
your message with my own thoughts on the matter. Having more control
in libpq is definitely something that we should have.
--
Michael