Skip site navigation (1) Skip section navigation (2)

Re: MD5-based passwords

From: Justin Clift <justin(at)postgresql(dot)org>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Ned Wolpert <wolpert(at)yahoo(dot)com>, psql-jdbc <pgsql-jdbc(at)postgresql(dot)org>
Subject: Re: MD5-based passwords
Date: 2001-11-09 01:49:48
Message-ID: 3BEB363C.FE530A32@postgresql.org (view raw or flat)
Thread:
Lists: pgsql-jdbc

Tom Lane wrote:
> 
> Ned Wolpert <wolpert(at)yahoo(dot)com> writes:
> > Well, if we're talking about 7.2 versus 7.3, I'd rather see them in the
> > 7.2 release. If, however, we're talking about 7.2 version 7.2.x, then
> > we may want to wait until 7.2.x.
> 
> Standard procedure for the Postgres project has always been that
> dot-releases contain no new features, only bug-fixes (and, usually,
> only fairly critical ones).
> 
> I think that it's okay to add the jdbc MD5 password code now; we can
> call it a bug fix on either of two grounds:
> 
>         (a) if you stand back far enough that jdbc is indistinguishable
>             from the rest of the system, then this is arguably
>             completion of an existing feature, not adding a new one.
> 
>         (b) in any case, JDBC users will certainly see it as a bug
>             if everyone but them can use MD5 passwords.
> 
> Also, if the code proves to have bugs, what's the downside?  Only that
> JDBC users will be unable to use MD5 passwords; but that will certainly
> be true if we don't try.  So I think I'd go for it.
> 
> On the other hand, some of the other stuff Dave mentioned sounded like
> whole new features, and since we are in beta now I think the "no new
> features during beta" rule ought to apply.

I believe we should include the new stuff, as it would assist in the 7.2
release having more of an "Enterprise" functionality level than
without.  Might as well have MD5 all round.

If bugs are found during our beta testing process, then it might delay
the release for a week or two, which is probably worth it.

+ Justin

> 
> Just my $0.02 ...
> 
>                         regards, tom lane
> 
> ---------------------------(end of broadcast)---------------------------
> TIP 2: you can get off all lists at once with the unregister command
>     (send "unregister YourEmailAddressHere" to majordomo(at)postgresql(dot)org)

-- 
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
   - Indira Gandhi

In response to

Responses

pgsql-jdbc by date

Next:From: Bruce MomjianDate: 2001-11-09 02:03:01
Subject: Re: MD5-based passwords
Previous:From: Tom LaneDate: 2001-11-09 01:05:11
Subject: Re: MD5-based passwords

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group