| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Deprecations in authentication |
| Date: | 2012-10-21 07:52:57 |
| Message-ID: | CABUevEz9cDA0Daq1aveC0VC6oQX+kcfefw8N4crHwwqJ7=tNfg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Oct 18, 2012 at 5:59 PM, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> On Thu, Oct 18, 2012 at 7:20 AM, Magnus Hagander <magnus(at)hagander(dot)net> wrote:
>> Since Simon stirred up a hornets nest suggesting deprecation of a
>> number of features, I figured I'd take it one step further and suggest
>> removal of some previously deprecated features :)
>>
>> In particular, we made a couple of changes over sveral releases back
>> in the authentication config, that we should perhaps consider
>> finishing by removing the old stuff now?
>>
>> 1. krb5 authentication. We've had gssapi since 8.3 (which means in all
>> supported versions). krb5 has been deprecated, also since 8.3. Time to
>> remove it?
>
> That seems like a sufficiently long deprecation window, but is gssapi
> a full substitute for krb5? I don't really have a strong opinion on
> this, not being a user myself.
I'm pretty sure that it is.
Stephen, you usually have comments about the Kerberos stuff - want to
comment on this one? :)
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2012-10-21 07:55:50 | Re: Successor of MD5 authentication, let's use SCRAM |
| Previous Message | Jeff Davis | 2012-10-21 07:22:54 | Re: SP-GiST for ranges based on 2d-mapping and quad-tree |