Quick Links

Re: Successor of MD5 authentication, let's use SCRAM

From:	Stephen Frost <sfrost(at)snowman(dot)net>
To:	Josh Berkus <josh(at)agliodbs(dot)com>
Cc:	pgsql-hackers(at)postgresql(dot)org
Subject:	Re: Successor of MD5 authentication, let's use SCRAM
Date:	2012-10-12 23:25:37
Message-ID:	20121012232537.GZ29165@tamriel.snowman.net
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

* Josh Berkus (josh(at)agliodbs(dot)com) wrote:
> Problem is, the fact that setting up SSL correctly is hard is outside of
> our control.

Agreed, though the packagers do make it easier..

> Unless we can give people a "run these three commands on each server and
> you're now SSL authenticating" script, we can continue to expect the
> majority of users not to use SSL. And I don't think that level of
> simplicity is even theoretically possible.

The Debian-based packages do quite a bit to ease this pain. Do the
other distributions do anything to set up SSL certificates, etc on
install? Perhaps they could be convinced to?

Thanks,

Stephen

In response to

Re: Successor of MD5 authentication, let's use SCRAM at 2012-10-12 22:58:57 from Josh Berkus

Responses

Re: Successor of MD5 authentication, let's use SCRAM at 2012-10-13 00:42:03 from John R Pierce
Re: Successor of MD5 authentication, let's use SCRAM at 2012-10-13 04:00:08 from Darren Duncan

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Josh Berkus	2012-10-12 23:53:15	Potential autovacuum optimization: new tables
Previous Message	Josh Berkus	2012-10-12 22:58:57	Re: Successor of MD5 authentication, let's use SCRAM