| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Ned Wolpert <wolpert(at)yahoo(dot)com>, psql-jdbc <pgsql-jdbc(at)postgresql(dot)org> |
| Subject: | Re: MD5-based passwords |
| Date: | 2001-11-09 02:03:01 |
| Message-ID: | 200111090203.fA9231T06589@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-jdbc |
> Ned Wolpert <wolpert(at)yahoo(dot)com> writes:
> > Well, if we're talking about 7.2 versus 7.3, I'd rather see them in the
> > 7.2 release. If, however, we're talking about 7.2 version 7.2.x, then
> > we may want to wait until 7.2.x.
>
> Standard procedure for the Postgres project has always been that
> dot-releases contain no new features, only bug-fixes (and, usually,
> only fairly critical ones).
Agreed. I would get it into 7.2.0 or wait for 7.3.
> I think that it's okay to add the jdbc MD5 password code now; we can
> call it a bug fix on either of two grounds:
>
> (a) if you stand back far enough that jdbc is indistinguishable
> from the rest of the system, then this is arguably
> completion of an existing feature, not adding a new one.
Yes, I thought of that too. I like the "stand back far enough" comment.
When I implemented MD5 for 7.2, I couldn't do jdbc and didn't try ODBC,
until today. It is a shame not to have all interfaces covered.
> (b) in any case, JDBC users will certainly see it as a bug
> if everyone but them can use MD5 passwords.
True.
> Also, if the code proves to have bugs, what's the downside? Only that
> JDBC users will be unable to use MD5 passwords; but that will certainly
> be true if we don't try. So I think I'd go for it.
Yes, just make sure that the feature can't adversely affect other parts
of the system, i.e. it doesn't compile on some jdbc implementations or
something like that.
> On the other hand, some of the other stuff Dave mentioned sounded like
> whole new features, and since we are in beta now I think the "no new
> features during beta" rule ought to apply.
Also agree. I didn't comment on this earlier because I have a vested
interest in this. I just did MD5 for ODBC and if someone tests it and
it works, I may ask to add that into 7.2 also. :-)
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2001-11-09 02:13:02 | Re: MD5-based passwords |
| Previous Message | Justin Clift | 2001-11-09 01:49:48 | Re: MD5-based passwords |