The following documentation comment has been logged on the website: Page: https://www.postgresql.org/docs/16/preventing-server-spoofing.html Description:
When I read: To prevent spoofing on TCP connections, either use SSL certificates and make sure that clients check the server's certificate, or use GSSAPI encryption (or both, if they're on separate connections). It takes some thought to figure out what "separate connections" are being referred to. Does it mean separate TLS connection and non-tls-with-gssapi-encryption?
