On 02.03.22 21:26, Stephen Frost wrote:
Part of the point, for my part anyway, of dropping support for plaintext transmission would be to remove support for that from libpq, otherwise a compromised server could still potentially convince a client to provide a plaintext password be sent to it.
I think there should be a generalized feature for client-side selecting or filtering of authentication methods. As long as there exists more than one method, there will be tradeoffs and users might want to avoid one or the other. I don't think removing a method outright is the right solution for that.