Re: reducing our reliance on MD5

José Luis Tallón <jltallon@adv-solutions.net> writes:
> In any case, just storing the "password BLOB"(text or base64 encoded) 
> along with a mechanism identifier would go a long way towards making 
> this part pluggable... just like we do with LDAP/RADIUS/Kerberos/PAM today.

That's exactly the direction we must NOT go.

Upgrading the security of stored passwords in pg_authid is at least as
important as upgrading the wire protocol security; very possibly more so.
Any solution that requires cleartext passwords to be kept by the server
is simply not going to be accepted.

Because of this constraint, I really suspect that we have zero chance of
achieving pluggability or farming out the problem to some third party
library.

Or in short: we've done that before, with LDAP/RADIUS/Kerberos/PAM,
and none of those solutions have proven very satisfactory; they certainly
have not replaced passwords to any measurable degree.  Expecting the next
external solution to do so is the definition of insanity.
        regards, tom lane