On 08.10.25 16:39, Robert Haas wrote:
To be honest, I think part of the problem here has to do with our choice of syntax. For HTTP, you just change the URL from http to https and it's one extra character. Decorating every connection string with sslmode=none (if the default is verify-full and you're running on a trusted network) or sslmode=verify-full (if the default is none and you're not running on a trusted network) feels bad, especially if you have to type those connection strings by hand with any frequency.
But even a browser has a default setting for which variant to use when you type in a domain name without a scheme. And in most cases, that default was changed at some point during the last 20 years.
