On Fri, Jul 12, 2013 at 08:51:52PM -0400, Noah Misch wrote: > On Fri, Jul 12, 2013 at 04:32:52PM -0400, Alvaro Herrera wrote: > > Now, should we support the 0.9.6-and-earlier mechanism? My > > inclination is no; even RHEL 3, the oldest supported Linux > > distribution, uses 0.9.7 (Heck, even Red Hat Linux 9, released on > > 2003). To see OpenSSL 0.9.6 you need to go back to Red Hat Linux > > 7.2, released on 2001 using a Linux kernel 2.4. Surely no one in > > their right mind would use a current Postgres release on such an > > ancient animal. > > Agreed. The OpenSSL Project last applied a security fix to 0.9.6 > over eight years ago. Compatibility with 0.9.6 has zero or negative > value.
You've made a persuasive case that we should actively break backward compatibility here. Would that be complicated to do? Cheers, David. -- David Fetter <da...@fetter.org> http://fetter.org/ Phone: +1 415 235 3778 AIM: dfetter666 Yahoo!: dfetter Skype: davidfetter XMPP: david.fet...@gmail.com iCal: webcal://www.tripit.com/feed/ical/people/david74/tripit.ics Remember to vote! Consider donating to Postgres: http://www.postgresql.org/about/donate -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers