Peter Eisentraut [2009-04-10 22:46 +0300]: > This whole debate hinges on the argument that encryption without > anti-spoofing > is *not* useful.
I don't disagree, but it is not *worse* than having no encryption at all. The reason why Debian/Ubuntu install a snakeoil SSL certificate and configure all packages to use it by default is not because we think that this default configuration is "secure" in any way. The reason is that configuring it that way is that it becomes darn easy to make your entire server with all daemons such as postgresql, postfix, dovecot, etc. trusted by simply replacing that central certificate. You can still configure individual services to use a different one. Martin -- Martin Pitt | http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) -- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs
