Re: sslmode=require fallback
| От | Magnus Hagander |
|---|---|
| Тема | Re: sslmode=require fallback |
| Дата | |
| Msg-id | CABUevEynJrohfSZ6yLg9-Mzt6EgHP2fMb40GXYM7wma2HHfWkg@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: sslmode=require fallback (Peter Eisentraut <peter.eisentraut@2ndquadrant.com>) |
| Ответы |
Re: sslmode=require fallback
|
| Список | pgsql-hackers |
On Tue, Jul 19, 2016 at 10:57 PM, Peter Eisentraut <peter.eisentraut@2ndquadrant.com> wrote:
On 7/19/16 3:32 PM, Magnus Hagander wrote:
> There are definitely cases where it's useful. I'm only arguing for
> changing the default.
I don't understand why you want to change the default. Is it for
performance? Has it been measured?
Yes. I've run into it multiple times, but I haven't specifically measured it. But I've had more than one situation where turning it off has completely removed a performance problem.
I've only seen it in apps without proper connection pooling. It's the negotiation of new sessions that's expensive, not actually encrypting the data.
Most people definitely don't run into it, because most people don't use localhost when they're local - they use the Unix socket. But for example a locally running java application will be using localhost.
В списке pgsql-hackers по дате отправления: