Re: reducing our reliance on MD5
| От | Robert Haas |
|---|---|
| Тема | Re: reducing our reliance on MD5 |
| Дата | |
| Msg-id | CA+TgmoaPGxZuW=BSyRZ98=hEM-YPfu0Z1jgxgcTUw7N0MRoYxg@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: reducing our reliance on MD5 (Heikki Linnakangas <hlinnakangas@vmware.com>) |
| Ответы |
Re: reducing our reliance on MD5
|
| Список | pgsql-hackers |
On Wed, Feb 11, 2015 at 8:02 AM, Heikki Linnakangas <hlinnakangas@vmware.com> wrote: > On 02/11/2015 02:49 PM, Robert Haas wrote: >> So, this all sounds fairly nice if somebody's willing to do the work, >> but I can't help noticing that you originally proposed adopting SCRAM >> in 2012, and it's 2015 now. So I wonder if anyone's really going to >> do all this work, and if not, whether we should go for something >> simpler. Just plugging something else in for MD5 would be a lot less >> work for us to implement and for clients to support, even if it is (as >> it unarguably is) less elegant. > > "Just plugging something else in for MD5" would still be a fair amount of > work. Not that much less than the full program I proposed. > > Well, I guess it's easier if you immediately stop supporting MD5, have a > "flag day" in all clients to implement the replacement, and break > pg_dump/restore of passwords in existing databases. That sounds horrible. > Let's do this properly. I can help with that, although I don't know if I'll > find the time and enthusiasm to do all of it alone. So are you thinking to integrate with the Cyrus SASL library, or do you have another thought? -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
В списке pgsql-hackers по дате отправления: