Re: Deprecations in authentication

On Thu, Oct 18, 2012 at 5:59 PM, Robert Haas <robertmhaas@gmail.com> wrote:
> On Thu, Oct 18, 2012 at 7:20 AM, Magnus Hagander <magnus@hagander.net> wrote:
>> Since Simon stirred up a hornets nest suggesting deprecation of a
>> number of features, I figured I'd take it one step further and suggest
>> removal of some previously deprecated features :)
>>
>> In particular, we made a couple of changes over sveral releases back
>> in the authentication config, that we should perhaps consider
>> finishing by removing the old stuff now?
>>
>> 1. krb5 authentication. We've had gssapi since 8.3 (which means in all
>> supported versions). krb5 has been deprecated, also since 8.3. Time to
>> remove it?
>
> That seems like a sufficiently long deprecation window, but is gssapi
> a full substitute for krb5?  I don't really have a strong opinion on
> this, not being a user myself.

I'm pretty sure that it is.

Stephen, you usually have comments about the Kerberos stuff - want to
comment on this one? :)

-- Magnus HaganderMe: http://www.hagander.net/Work: http://www.redpill-linpro.com/