Skip site navigation (1) Skip section navigation (2)

Re: [GENERAL] SHA1 on postgres 8.3

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: sanjay sharma <sanksh(at)hotmail(dot)com>
Cc: Greg Sabino Mullane <greg(at)turnstep(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: [GENERAL] SHA1 on postgres 8.3
Date: 2008-04-02 17:05:14
Message-ID: 5835.1207155914@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-generalpgsql-hackers
sanjay sharma <sanksh(at)hotmail(dot)com> writes:
> md5 is not being recommended anywhere because it contains hash
> collision.

For the purposes we are using it for, that's just about 100% irrelevant.

> Would replacing md5 with SHA1 in core involve much work?

Yes, it would be a tremendous problem, because the use of md5 is part of
our password protocol.  We'd have to change client-side code in sync
with the servers to do that.

			regards, tom lane

In response to

pgsql-hackers by date

Next:From: PFCDate: 2008-04-02 17:11:20
Subject: Re: first time hacker ;) messing with prepared statements
Previous:From: Tom LaneDate: 2008-04-02 17:00:46
Subject: Re: [GENERAL] SHA1 on postgres 8.3

pgsql-general by date

Next:From: Ian SillitoeDate: 2008-04-02 17:12:22
Subject: Re: (FAQ?) JOIN condition - 'WHERE NULL = NULL'
Previous:From: Tom LaneDate: 2008-04-02 17:00:46
Subject: Re: [GENERAL] SHA1 on postgres 8.3

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group