On Mon, Aug 12, 2019 at 07:05:08PM +0200, Peter Eisentraut wrote: > In this context, I would prefer #2, but I would expand that to cover all > authentication methods, not only password methods.
I tend to prefer #2 as well and that's the kind of approach we were tending to agree on when we discussed this issue during the v11 beta for the downgrade issues with libpq. And as you say extend it so as we can apply filtering of more AUTH_REQ requests, inclusing GSS and krb5. -- Michael
signature.asc
Description: PGP signature
