Re: sha1, sha2 functions into core?
| От | Joshua D. Drake |
|---|---|
| Тема | Re: sha1, sha2 functions into core? |
| Дата | |
| Msg-id | 5032D7C9.3050201@commandprompt.com обсуждение исходный текст |
| Ответ на | Re: sha1, sha2 functions into core? (Andrew Dunstan <andrew@dunslane.net>) |
| Список | pgsql-hackers |
On 08/20/2012 05:12 PM, Andrew Dunstan wrote: > > > On 08/20/2012 07:08 PM, Tom Lane wrote: > > >> Moreover, as Josh just mentioned, anybody who >> thinks it might be insufficiently secure for their purposes has got >> plenty of alternatives available today (SSL certificates, PAM backed >> by whatever-you-want, etc). >> > > Yeah, I think we need to emphasize this lots more. Anyone who wants > really secure authentication needs to be getting away from password > based auth altogether. Another hash function will make very little > difference. Actually, I concede here. If we were pushing our other abilities more visibly, I don't know that this argument would ever come up. Sincerely, Joshua D. Drake > > cheers > > andrew > > > > -- Command Prompt, Inc. - http://www.commandprompt.com/ PostgreSQL Support, Training, Professional Services and Development High Availability, Oracle Conversion, Postgres-XC @cmdpromptinc - 509-416-6579
В списке pgsql-hackers по дате отправления: