| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
| Cc: | Greg Sabino Mullane <greg(at)turnstep(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [GENERAL] SHA1 on postgres 8.3 |
| Date: | 2008-01-20 18:12:55 |
| Message-ID: | 47938F27.7000603@hagander.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
Alvaro Herrera wrote:
> Greg Sabino Mullane wrote:
>
>> I also realize that SHA1 is not a great solution these days either,
>> but I'd at least like to see a discussion on moving Postgres to
>> somewhere between "only has md5()" and "all pg_crypto functions inside
>> core", even if it only means a handful of SHA functions. Moving this
>> over to -hackers.
>>
>> In summary: what would objections be to my writing a sha1() patch?
>
> Isn't sha1 considered broken for some uses anyway? Perhaps if you're
> going to do that it would make sense to move the whole pgcrypto/sha2.c
> stuff to core, I think.
IIRC not anymore than md5, which we already do...
That said, it would make sense to include sha1() for compatibility
reasons and a stronger sha for people that need something better.
//Magnus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2008-01-20 18:13:37 | Re: ATTN: Clodaldo was Performance problem. Could it be related to 8.3-beta4? |
| Previous Message | Martijn van Oosterhout | 2008-01-20 18:08:37 | Re: Sun acquires MySQL |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2008-01-20 18:22:48 | Re: message string fixes |
| Previous Message | Martijn van Oosterhout | 2008-01-20 18:06:49 | Re: [GENERAL] SHA1 on postgres 8.3 |