On Mon, Apr 29, 2024 at 12:32 PM Jacob Champion <jacob.champ...@enterprisedb.com> wrote: > > On Mon, Apr 29, 2024 at 12:06 PM Heikki Linnakangas <hlinn...@iki.fi> wrote: > > On 29/04/2024 21:43, Jacob Champion wrote: > > > But if you're in that situation, what does the use of directonly give > > > you over `sslnegotiation=direct`? You already know that servers > > > support direct, so there's no additional performance penalty from the > > > less strict mode. > > > > Well, by that argument we don't need requiredirect/directonly at all. > > This goes back to whether it's a security feature or a performance feature. > > That's what I've been trying to argue, yeah. If it's not a security > feature... why's it there?
Er, I should clarify this. I _want_ requiredirect. I just want it to be a security feature. --Jacob
