Re: should libpq also require TLSv1.2 by default?

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Robert Haas <robertmhaas@gmail.com>
Cc: Michael Paquier <michael@paquier.xyz>, Daniel Gustafsson <daniel@yesql.se>, Peter Eisentraut <peter.eisentraut@2ndquadrant.com>, pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2020-06-25T19:57:00Z
Lists: pgsql-hackers
Robert Haas <robertmhaas@gmail.com> writes:
> I wonder how much of a problem this really is.

Yeah.  I find Robert's points about that pretty persuasive: by now
needing to connect to a server without TLSv1.2 support, *and* needing to
do so with SSL on, ought to be a tiny niche use case (much smaller than
the number of people who would like a more secure default).  If we can
make the error message about this be reasonably clear then I don't have
an objection to changing libpq's default.

			regards, tom lane



Commits

  1. Add hints about protocol-version-related SSL connection failures.

  2. Change libpq's default ssl_min_protocol_version to TLSv1.2.