On 10/12/12 12:44 PM, Stephen Frost wrote: > Don't get me wrong- I really dislike that > we don't have something better today for people who insist on password > based auth, but perhaps we should be pushing harder for people to use > SSL instead?
Problem is, the fact that setting up SSL correctly is hard is outside of our control. Unless we can give people a "run these three commands on each server and you're now SSL authenticating" script, we can continue to expect the majority of users not to use SSL. And I don't think that level of simplicity is even theoretically possible. -- Josh Berkus PostgreSQL Experts Inc. http://pgexperts.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers