Re: Docs: Encourage strong server verification with SCRAM

Поиск
Список
Период
Сортировка
От Daniel Gustafsson
Тема Re: Docs: Encourage strong server verification with SCRAM
Дата
Msg-id 6DE921FD-13FD-479A-9C52-D20C81E99A04@yesql.se
обсуждение исходный текст
Ответ на Re: Docs: Encourage strong server verification with SCRAM  (Michael Paquier <michael@paquier.xyz>)
Ответы Re: Docs: Encourage strong server verification with SCRAM  (Michael Paquier <michael@paquier.xyz>)
Список pgsql-hackers
Дерево обсуждения 
> On 31 May 2023, at 23:14, Michael Paquier <michael@paquier.xyz> wrote:
> On Wed, May 31, 2023 at 10:08:39AM -0400, Jacob Champion wrote:

>> LGTM!
> 
> Okay.  Does anybody have any comments and/or objections? 

LGTM. As a small nitpick, I think this sentence is a little bit misleading:

    "..can use offline analysis to determine the hashed password from
     the client"

It's true that an attacker kan use offline analysis but it makes it sound
easier than it might be in practice.  I would have written "to potentially
determine".

--
Daniel Gustafsson

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Daniel Gustafsson
Дата:
Сообщение: Re: [PATCH] Add LoongArch spinlock support in s_lock.h.
Следующее
От: "Shinoda, Noriyoshi (PN Japan FSIP)"
Дата:
Сообщение: RE: [16Beta1][doc] pgstat: Track time of the last scan of a relation