Re: change password_encryption default to scram-sha-256?
| От | Dave Cramer |
|---|---|
| Тема | Re: change password_encryption default to scram-sha-256? |
| Дата | |
| Msg-id | CADK3HHKOdbti2XXacDGJyc6+9kt8Xh_J-ta4wo73h4C4BJoPwg@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: change password_encryption default to scram-sha-256? (Alvaro Herrera <alvherre@2ndquadrant.com>) |
| Ответы |
Re: change password_encryption default to scram-sha-256?
|
| Список | pgsql-hackers |
Alvaro,
On Mon, 8 Apr 2019 at 13:34, Alvaro Herrera <alvherre@2ndquadrant.com> wrote:
I'm not sure I understand all this talk about deferring changing the
default to pg13. AFAICS only a few fringe drivers are missing support;
not changing in pg12 means we're going to leave *all* users, even those
whose clients have support, without the additional security for 18 more
months.
IIUC the vast majority of clients already support SCRAM auth. So the
vast majority of PG users can take advantage of the additional security.
I think the only massive-adoption exception is JDBC, and apparently they
already have working patches for SCRAM.
We have more than patches this is already in the driver.
What do you mean by "massive-adoption exception"
В списке pgsql-hackers по дате отправления: