On Jun 24, 2015 5:13 PM, "Tom Lane" <[email protected]> wrote: > > Andres Freund <[email protected]> writes: > > I, by now, have come to a different conclusion. I think it's time to > > entirely drop the renegotiation support. > > Well, that's a radical proposal, but I think we should take it seriously. >
Yes. Just on my phone right now, but wasn't renegotiation also an attack vector in one of the recent openssl bugs? /Magnus
