Quick Links

Re: Successor of MD5 authentication, let's use SCRAM

From:	Josh Berkus <josh(at)agliodbs(dot)com>
To:	pgsql-hackers(at)postgresql(dot)org
Subject:	Re: Successor of MD5 authentication, let's use SCRAM
Date:	2012-10-12 22:58:57
Message-ID:	5078A0B1.8030401@agliodbs.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On 10/12/12 12:44 PM, Stephen Frost wrote:
> Don't get me wrong- I really dislike that
> we don't have something better today for people who insist on password
> based auth, but perhaps we should be pushing harder for people to use
> SSL instead?

Problem is, the fact that setting up SSL correctly is hard is outside of
our control.

Unless we can give people a "run these three commands on each server and
you're now SSL authenticating" script, we can continue to expect the
majority of users not to use SSL. And I don't think that level of
simplicity is even theoretically possible.

--
Josh Berkus
PostgreSQL Experts Inc.
http://pgexperts.com

In response to

Re: Successor of MD5 authentication, let's use SCRAM at 2012-10-12 19:44:06 from Stephen Frost

Responses

Re: Successor of MD5 authentication, let's use SCRAM at 2012-10-12 23:25:37 from Stephen Frost

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Stephen Frost	2012-10-12 23:25:37	Re: Successor of MD5 authentication, let's use SCRAM
Previous Message	Josh Berkus	2012-10-12 22:56:14	Re: Truncate if exists