Stephen Frost wrote:
> * Magnus Hagander ([EMAIL PROTECTED]) wrote:
>> The maintenance part of me suggesting getting rid of krb5 is the
>> smallest one. It being a non-standard protocol is more important, and
>> the fact that the exchange breaks the libpq protocol and is not
>> protected by SSL is the big reason.
> Erm, it doesn't need to be protected by SSL?  Breaking the libpq
> protocol does kind of suck.  I assume you're not requiring SSL for the
> GSSAPI stuff...

No, no requirement. But you would certainly expect it to use it if you
have SSL on the connection.


---------------------------(end of broadcast)---------------------------
TIP 2: Don't 'kill -9' the postmaster

Reply via email to