Re: Re: Encrypting pg_shadow passwords
| От | Lincoln Yeoh |
|---|---|
| Тема | Re: Re: Encrypting pg_shadow passwords |
| Дата | |
| Msg-id | 3.0.5.32.20010617230552.0152b760@192.228.128.13 обсуждение исходный текст |
| Ответ на | Re: Re: Encrypting pg_shadow passwords (Jim Mercer <jim@reptiles.org>) |
| Ответы |
Re: Re: Re: Encrypting pg_shadow passwords
|
| Список | pgsql-hackers |
At 12:04 AM 6/16/01 -0400, Jim Mercer wrote: >On Sat, Jun 16, 2001 at 11:20:30AM +0800, Lincoln Yeoh wrote: >> If you need to use encryption then having _everything_ encrypted is a >> better idea - SSL etc. Those >1GHz CPUs are handy ;). > >[ yes, i noted the smiley ] > >it is rather unfortunate to see the OSS community buying into the tenents >that allowed microsoft to get world domination based on crap quality >software. > >"hardware is cheap" is a falsehood. My point is if you really need encryption, then your data should be encrypted too, otherwise it seems a waste of time or more a "feel good" thing. I find it hard to recommend a setup where just the authentication portion is encrypted but all the data is left in plaintext for everyone to see. Why go to all that trouble to _fool_ yourself, when you can either do it securely (encrypt everything), or do it quick (no encryption). I'd personally put "only authentication is encrypted" in the "crossing a chasm in two leaps" category. Yoda says it better ;). Cheerio, Link.
В списке pgsql-hackers по дате отправления: