Re: reducing our reliance on MD5
| От | Joshua D. Drake |
|---|---|
| Тема | Re: reducing our reliance on MD5 |
| Дата | |
| Msg-id | 54DB848A.4060203@commandprompt.com обсуждение исходный текст |
| Ответ на | Re: reducing our reliance on MD5 (José Luis Tallón <jltallon@adv-solutions.net>) |
| Список | pgsql-hackers |
On 02/11/2015 07:54 AM, José Luis Tallón wrote: > > On 02/11/2015 04:40 PM, Tom Lane wrote: >> José Luis Tallón <jltallon@adv-solutions.net> writes: >>> In any case, just storing the "password BLOB"(text or base64 encoded) >>> along with a mechanism identifier would go a long way towards making >>> this part pluggable... just like we do with LDAP/RADIUS/Kerberos/PAM >>> today. >> That's exactly the direction we must NOT go. From a practitioners and one step at a time perspective, why don't we just offer SHA-2 as an alternative to MD5? As a longer term approach, it seems something like key based auth (ala SSH) which proved popular when I brought it up before seems like a reasonable solution. Sincerely, Joshua D. Drake -- Command Prompt, Inc. - http://www.commandprompt.com/ 503-667-4564 PostgreSQL Support, Training, Professional Services and Development High Availability, Oracle Conversion, @cmdpromptinc "If we send our children to Caesar for their education, we should not be surprised when they come back as Romans."
В списке pgsql-hackers по дате отправления: