Re: [REVIEW]: Password identifiers, protocol aging and SCRAM protocol

On Wed, Mar 2, 2016 at 4:05 AM, Dmitry Dolgov <9erthalion6@gmail.com> wrote:
> [...]

Thanks for the review.

> The default value contains "scram". Shouldn't be here also:
>
>>        Specifies a comma-separated list of supported password formats by
>>        the server. Supported formats are currently <literal>plain</>,
>>        <literal>md5</> and <literal>scram</>.
>
> Or I missed something?

Ah, I see. That's in the documentation of password_protocols. Yes
scram should be listed there as well. That should be fixed in 0009.

>>       <para>
>>        <varname>db_user_namespace</> causes the client's and
>>        server's user name representation to differ.
>>        Authentication checks are always done with the server's user name
>>        so authentication methods must be configured for the
>>        server's user name, not the client's.  Because
>>        <literal>md5</> uses the user name as salt on both the
>>        client and server, <literal>md5</> cannot be used with
>>        <varname>db_user_namespace</>.
>>       </para>
>
> Looks like the same (pls, correct me if I'm wrong) is applicable for "scram"
> as I see from the code below. Shouldn't be "scram" mentioned here also?

Oops. Good catch. Yes it should be mentioned as part of the SCRAM patch (0009).
-- 
Michael