Re: reducing our reliance on MD5

On 02/11/2015 03:52 PM, Robert Haas wrote:
> On Wed, Feb 11, 2015 at 8:02 AM, Heikki Linnakangas
> <hlinnakangas(at)vmware(dot)com> wrote:
>> On 02/11/2015 02:49 PM, Robert Haas wrote:
>>> So, this all sounds fairly nice if somebody's willing to do the work,
>>> but I can't help noticing that you originally proposed adopting SCRAM
>>> in 2012, and it's 2015 now. So I wonder if anyone's really going to
>>> do all this work, and if not, whether we should go for something
>>> simpler. Just plugging something else in for MD5 would be a lot less
>>> work for us to implement and for clients to support, even if it is (as
>>> it unarguably is) less elegant.
>>
>> "Just plugging something else in for MD5" would still be a fair amount of
>> work. Not that much less than the full program I proposed.
>>
>> Well, I guess it's easier if you immediately stop supporting MD5, have a
>> "flag day" in all clients to implement the replacement, and break
>> pg_dump/restore of passwords in existing databases. That sounds horrible.
>> Let's do this properly. I can help with that, although I don't know if I'll
>> find the time and enthusiasm to do all of it alone.
>
> So are you thinking to integrate with the Cyrus SASL library, or do
> you have another thought?

I think we need to implement the primary MD5 replacement ourselves, so
that it's always available without extra libraries. Otherwise it will
not get much adoption, or the extra dependency will be a hassle anyway.
It's not that complicated, after all.

We could also support using a library like that for additional
authentication mechanisms, though, for those who really need them.

- Heikki