Marko Kreen <mark...@gmail.com> writes: > On Sat, Jan 25, 2014 at 12:25:30PM -0500, Tom Lane wrote: >> Alternatively, given that TLS has been around for a dozen years and >> openssl versions that old have not gotten security updates for a long >> time, why don't we just reject SSLv3 on the backend side too?
> Attached patch disables SSLv3 in backend. > TLS is supported in OpenSSL since fork from SSLeay, in Java since 1.4.2, > in Windows since XP. It's hard to imagine this causing any > compatibility problems. I didn't hear anyone objecting to this idea, so I'll go ahead and commit this in HEAD. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers