Stephen Frost wrote: > * Magnus Hagander ([EMAIL PROTECTED]) wrote: >> The maintenance part of me suggesting getting rid of krb5 is the >> smallest one. It being a non-standard protocol is more important, and >> the fact that the exchange breaks the libpq protocol and is not >> protected by SSL is the big reason. > > Erm, it doesn't need to be protected by SSL? Breaking the libpq > protocol does kind of suck. I assume you're not requiring SSL for the > GSSAPI stuff...
No, no requirement. But you would certainly expect it to use it if you have SSL on the connection. //Magnus ---------------------------(end of broadcast)--------------------------- TIP 2: Don't 'kill -9' the postmaster
