[RL_Quine]

Who cares though? All connections to SQL servers are going to be localhost or over a VPN, if your setup for postgres has a SSL certificate you're doing something terribly wrong to begin with. I'm not even sure why the option exists to begin with, there's no use case.

[outworlder]

> if your setup for postgres has a SSL certificate you're doing something terribly wrong to begin with.

No, that's a bad take. We should encrypt everything. The reasoning for not doing so in the past was computing power. Nowadays, that's really not a problem. Even my personal servers in my home network are all operating with encrypted links - because why the heck not? At work, everything that can be encrypted is encrypted, otherwise it's a bug. Even if currently 'there's no way' for attackers to get to that particular network. Emphasis on "currently". We shouldn't be a compromise away from leaking everything. Defense in depth.

Plus, the more you are familiar with setting up encryption, the less tempted you are going to be to cut corners when you are setting up something that's at a higher risk.

[orev]

Many places have security policies that require all traffic to be encrypted, even over local networks.

[thayne]

So in that case, require ssl. But, that probably shouldn't be the default.

[RL_Quine]

So, a VPN then?

[orev]

A VPN generally connects networks, so that’s probably overkill for a database connection, but sure you could use one. Or something like stunnel, etc. or you could just use the built in feature already in Postgres. Why such resistance to simply having this option?

[RL_Quine]

It’s something akin to a layer violation to have a database server running openssl and encrypting its own communication. It isn’t it’s business at all.

[imtringued]

This is one of the most disappointing hackernews submissions I have seen in a while. I use a private CA and client certificate authentication. It might be overkill but it is easy to implement.