On 7/13/16 4:11 PM, Robert Haas wrote: > On Thu, Jun 16, 2016 at 3:42 AM, Magnus Hagander <mag...@hagander.net> wrote: >> You would think so. >> >> The default mode of "prefer" is ridiculous in a lot of ways. If you are >> using SSL in any shape or form you should simply not use "prefer". That's >> really the only answer at this point, unfortunately. > > Suppose we changed the default to "require". How crazy would that be?
If we think that that is appropriate, should we not also change the default pg_hba.conf to hostssl lines? I'm not convinced either of these would go over well. The original complaint was not actually that "prefer" is a bad default, but that in the presence of a root certificate on the client, a certificate validation failure falls back to plain text. That seems like a design flaw of the "prefer" mode, no matter whether it is the default or not. -- Peter Eisentraut http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers