On 17-06-2012 12:45, Magnus Hagander wrote: > On Sun, Jun 17, 2012 at 11:42 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: >> Magnus Hagander <mag...@hagander.net> writes: >>> Is there a reason why we don't have a parameter on the client >>> mirroring ssl_ciphers? >> >> Dunno, do we need one? I am not sure what the cipher negotiation process >> looks like or which side has the freedom to choose. > Both. Client sends a cipher list and the server determines which cipher is used getting the first supported cipher in the client list.
> I haven't looked into the details, but it seems reasonable that > *either* side should be able to at least define a list of ciphers it > *doens't* want to talk with. > +1. -- Euler Taveira de Oliveira - Timbira http://www.timbira.com.br/ PostgreSQL: Consultoria, Desenvolvimento, Suporte 24x7 e Treinamento -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers