Package: postgresql-common Severity: wishlist Following repeated discussions on #postgresql-apt, we should move this to the BTS:
Do we want ssl to be enabled by default in newly created clusters? The problem with ssl enabled is that it eats CPU even when clients connect from localhost (jdbc!). The problem with ssl disabled is of course that this isn't a very adequate setup for 2014. PostgreSQL upstream defaults to ssl off, but Debian's postgresql-common has set ssl = on since 2005. Users who want to change the default behaviour for new clusters they create can set "ssl = off" in /etc/postgresql-common/createcluster.conf (in jessie, not available yet in wheezy). I'd be very reluctant to change the "default default" behaviour there, though what could be done would be to add a Debconf question that asks what people would like to have in their initial createcluster.conf file. So, what do people think? The spectrum of solutions would be: 1) leave ssl = on 2) add a low priority debconf question about the default, defaulting to "on" 3) add a high priority debconf question about the default, defaulting to "on" 4) add a high priority debconf question about the default, defaulting to "off" 5) add a low priority debconf question about the default, defaulting to "off" 6) set ssl = off In any case, we should include ssl = <whatever> in the default createcluster.conf file along with a comment so people can configure it easily, plus a note in README.Debian (people do read that, don't they?). Personally I'd tend to 2) (but then few people would actually be seeing the question, so maybe 3) is better, depending on how big the note in README.Debian is). (Generally, I'd like libpq to just use a different sslmode when connecting to localhost, but that'd be a pretty invasive change from upstream.) Christoph -- c...@df7cb.de | http://www.df7cb.de/
signature.asc
Description: Digital signature