Just to give some added reasoning...
As Andres suggested, Npgsql sends ssl_renegotiation_limit=0 because we've seen renegotiation bugs with the standard .NET SSL implementation (which Npgsql uses). Seems like everyone has a difficult time with renegotiation.
As Tom suggested, it gets sent in the startup packet so that DISCARD/RESET ALL resets back to 0 and not to the default 512MB (in older versions). Npgsql itself issues DISCARD ALL in its connection pool implementation to reset the connection to its original opened state, and of course users may want to do it themselves. Having SSL renegotiation accidentally turned on because a user sent RESET ALL, when the SSL implementation is known to have issues, is something to be avoided...
Shay