On Tue, 2019-08-13 at 11:56 +0900, Michael Paquier wrote: > I tend to prefer #2 as well and that's the kind of approach we were > tending to agree on when we discussed this issue during the v11 beta > for the downgrade issues with libpq. And as you say extend it so as > we can apply filtering of more AUTH_REQ requests, inclusing GSS and > krb5.
Can you please offer a concrete proposal? I know the proposals I've put out aren't perfect (otherwise there wouldn't be three of them), so if you have something better, please share. Regards, Jeff Davis