Bruce Momjian <[EMAIL PROTECTED]> writes: > Agreed. Requiring client root certificate checking is heavy-handed.
There seems to be some confusion here. I didn't think anyone was proposing that we force every installation to require client root certificate checking. What was under discussion (I thought) was providing the ability for a DBA to *choose* to require it. > Of course I am not sure anyone knows how to get that information from > SSL. Yeah, if OpenSSL doesn't support testing for this then the discussion is moot... regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly