Re: Re: Re: Encrypting pg_shadow passwords
| От | Doug McNaught |
|---|---|
| Тема | Re: Re: Re: Encrypting pg_shadow passwords |
| Дата | |
| Msg-id | m3d783gldu.fsf@belphigor.mcnaught.org обсуждение исходный текст |
| Ответ на | Re: Encrypting pg_shadow passwords (Vince Vielhaber <vev@michvhf.com>) |
| Список | pgsql-hackers |
Lincoln Yeoh <lyeoh@pop.jaring.my> writes: > My point is if you really need encryption, then your data should be > encrypted too, otherwise it seems a waste of time or more a "feel > good" thing. I would disagree. I think there is a level of security where it's not a catastrophe if someone sniffs and reconstructs your traffic, but it's fairly important that such a person not be able to authenticate as you. Most of my personal email (and, I assert, most people's) falls into this category. Encrypted challenge/response addresses this need quite well. Naturally, if you're working at a level where intercepted traffic *is* catastrophic, you should be doing end-to-end encryption and all that good stuff. -Doug -- The rain man gave me two cures; he said jump right in, The first was Texas medicine--the second was just railroad gin, And like a fool I mixed them, and it strangled up my mind, Now people just get uglier, and I got no sense of time... --Dylan
В списке pgsql-hackers по дате отправления: