Re: Future of krb5 authentication

On Wed, Jul 18, 2007 at 12:16:49PM +0100, Heikki Linnakangas wrote:
> Magnus Hagander wrote:
> > On Wed, Jul 18, 2007 at 11:57:19AM +0100, Dave Page wrote:
> >> Magnus Hagander wrote:
> >>>> libpq would still work against older server versions, right?
> >>> Not once krb5 is removed. Assuming the older server version used krb5 auth.
> >> OK, well thats a problem. pgAdmin supports back to 7.3...
> >
> > You have a similar problem there already - 8.1 removed support for Kerberos
> > 4, so if your 7.3 server is configged with krb4, you loose anyway.
>
> Let's be practical here. We're going to have support for both in libpq
> for at least one version anyway. What do we gain by removing that
> support in a later release? I think we should just keep it around until
> we have a pressing reason to remove it, say if it gets in the way of
> implementing some new feature.
>
> In the server, I think we could remove it sooner. But even there, is
> there a reason why we should?

The main reasons would be to have less code to maintain, and to make life
easier for packagers. For example, win32 would no longer need to ship the
kerberos binaries in the package (and update it properly etc).

But sure, we might leave it in there until there's a direct problem with it
(other than the ones we already know). Can I still get my deprecation of it
though? ;-)

//Magnus