Re: SSL renegotiation
| От | Robert Haas |
|---|---|
| Тема | Re: SSL renegotiation |
| Дата | |
| Msg-id | CA+TgmobqrJ+m7Ke+F+1jbDEsaCLgm0Vm8DDqAw-UfTDtzXve0g@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: SSL renegotiation (Noah Misch <noah@leadboat.com>) |
| Список | pgsql-hackers |
On Fri, Jul 12, 2013 at 8:51 PM, Noah Misch <noah@leadboat.com> wrote: > On Fri, Jul 12, 2013 at 04:32:52PM -0400, Alvaro Herrera wrote: >> Now, should we support the 0.9.6-and-earlier mechanism? My inclination >> is no; even RHEL 3, the oldest supported Linux distribution, uses 0.9.7 >> (Heck, even Red Hat Linux 9, released on 2003). To see OpenSSL 0.9.6 >> you need to go back to Red Hat Linux 7.2, released on 2001 using a Linux >> kernel 2.4. Surely no one in their right mind would use a current >> Postgres release on such an ancient animal. > > Agreed. The OpenSSL Project last applied a security fix to 0.9.6 over eight > years ago. Compatibility with 0.9.6 has zero or negative value. +1 from me as well, if any more are needed. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
В списке pgsql-hackers по дате отправления: