Re: Password identifiers, protocol aging and SCRAM protocol

On Sat, Mar 19, 2016 at 12:28 AM, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> On Fri, Mar 18, 2016 at 9:31 AM, Michael Paquier
> <michael(dot)paquier(at)gmail(dot)com> wrote:
>> That's not an issue for me to rebase this set of patches. The only
>> conflicts that I anticipate are on 0009, but I don't have high hopes
>> to get this portion integrating into core for 9.6, the rest of the
>> patches is complicated enough, and everyone bandwidth is limited.
>
> I really think we ought to consider pushing this whole thing out to
> 9.7. I don't see how we're going to get all of this into 9.6, and
> these are big, user-facing changes that I don't think we should rush
> into under time pressure. I think it'd be better to do this early in
> the 9.7 cycle so that it has time to settle before the time crunch at
> the end. I predict this is going to have a lot of loose ends that are
> going to take months to settle, and we don't have that time right now.
> And I'd rather see all of the changes in one release than split them
> across two releases.

FWIW, the catalog separation is not that much a complicated patch, and
that's really a change independent on SCRAM, the main matter being to
manage critical index and relation entries correctly and it does not
touch the authentication code, which is what IMO is the sensitive
part. The catalog separation opens the door as well to multiple
verifiers for the same protocol for a single role, facilitating
password rolling policies, which is a feature that has been asked a
lot. Nothing prevents the development of moving validuntil into
pg_auth_verifiers in parallel of the SCRAM for the 9.7 release cycle,
though it would facilitate it to have some basic infra in place. Just
my 2c.
--
Michael