Tom, all, * Tom Lane (t...@sss.pgh.pa.us) wrote: > ... which the user can't tell apart from having fat-fingered the password, > I suppose? Doesn't sound terribly friendly. A report of a certificate > mismatch is far more likely to lead people to realize there's a MITM.
We might be able to improve on that. > So this seems more like a hack than like a feature we need so desperately > as to push it into v10 post-freeze. Channel binding certainly isn't a 'hack' and is something we should support, but I agree that it doesn't need to go into v10. Thanks! Stephen
signature.asc
Description: Digital signature