On Sun, Jun 17, 2012 at 4:45 PM, Magnus Hagander <mag...@hagander.net> wrote: > On Sun, Jun 17, 2012 at 11:42 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: >> Magnus Hagander <mag...@hagander.net> writes: >>> Is there a reason why we don't have a parameter on the client >>> mirroring ssl_ciphers? >> >> Dunno, do we need one? I am not sure what the cipher negotiation process >> looks like or which side has the freedom to choose. > > I haven't looked into the details, but it seems reasonable that > *either* side should be able to at least define a list of ciphers it > *doens't* want to talk with. > > Do we need it - well, it makes sense for the client to be able to say > "I won't trust 56-bit encryption" before it sends over the password, > imo..
I would certainly like to see that. -- Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EnterpriseDB UK: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers