Re: [GENERAL] SHA1 on postgres 8.3

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Greg Sabino Mullane" <greg(at)turnstep(dot)com>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: [GENERAL] SHA1 on postgres 8.3
Date: 2008-04-02 15:38:31
Message-ID: 28388.1207150711@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general pgsql-hackers

"Greg Sabino Mullane" <greg(at)turnstep(dot)com> writes:
> I don't agree that we should just close discussion. Nobody seems happy
> with the status quo, which is that we provide md5 but not sha1,

There may be a few people who are unhappy, but the above claim seems
vastly overblown. md5 is sufficient for the purpose it is intended
for in core postgres (namely, obscuring the true source text of
passwords), and if you have needs much beyond that you'll soon be
installing pgcrypto anyway.

regards, tom lane

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Magnus Hagander 2008-04-02 15:49:28 Re: [GENERAL] SHA1 on postgres 8.3
Previous Message Tom Lane 2008-04-02 15:33:35 Re: Foreign keys causing conflicts leading toserialization failures

Browse pgsql-hackers by date

  From Date Subject
Next Message Bruce Momjian 2008-04-02 15:48:02 Re: varadic patch
Previous Message Alvaro Herrera 2008-04-02 15:37:49 Re: varadic patch