Peter Eisentraut <> writes:
> Any other opinions on this out there?  All instances of other
> SSL-enabled servers out there, except nginx, default to some variant of
> DEFAULT:!LOW:... or HIGH:MEDIUM:....  The proposal here is essentially
> to disable MEDIUM ciphers by default, which is explicitly advised
> against in the Postfix and Dovecot documentation, for example.

Doesn't seem like a great idea then.  I assume that if left to its own
devices, PG presently selects some MEDIUM-level cipher by default?  If so,
it sounds like this change amounts to imposing a performance penalty for
SSL connections by fiat.  On the other hand, if we select a HIGH cipher by
default, then aren't we just refusing to let clients who explicitly ask
for a MEDIUM cipher have one?  Either way, I'd want to see a pretty darn
airtight rationale for that, and there sure isn't one in this thread
so far.

The part of the patch that removes @STRENGTH seems plausible, though,
if Marko is correct that that's effectively overriding a hand-tailored

In the end I wonder why our default isn't just "DEFAULT".  Anybody who
thinks that's an inappropriate default should be lobbying the OpenSSL
folk, not us, I should think.

                        regards, tom lane

Sent via pgsql-hackers mailing list (
To make changes to your subscription:

Reply via email to