On Sun, Jun 17, 2012 at 4:45 PM, Magnus Hagander <mag...@hagander.net> wrote:
> On Sun, Jun 17, 2012 at 11:42 PM, Tom Lane <t...@sss.pgh.pa.us> wrote:
>> Magnus Hagander <mag...@hagander.net> writes:
>>> Is there a reason why we don't have a parameter on the client
>>> mirroring ssl_ciphers?
>>
>> Dunno, do we need one?  I am not sure what the cipher negotiation process
>> looks like or which side has the freedom to choose.
>
> I haven't looked into the details, but it seems reasonable that
> *either* side should be able to at least define a list of ciphers it
> *doens't* want to talk with.
>
> Do we need it - well, it makes sense for the client to be able to say
> "I won't trust 56-bit encryption" before it sends over the password,
> imo..

I would certainly like to see that.

-- 
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to