Re: MD5-based passwords

> > Also, if the code proves to have bugs, what's the downside? Only that
> > JDBC users will be unable to use MD5 passwords; but that will certainly
> > be true if we don't try. So I think I'd go for it.
> >
> > On the other hand, some of the other stuff Dave mentioned sounded like
> > whole new features, and since we are in beta now I think the "no new
> > features during beta" rule ought to apply.
>
> I believe we should include the new stuff, as it would assist in the 7.2
> release having more of an "Enterprise" functionality level than
> without. Might as well have MD5 all round.
>
> If bugs are found during our beta testing process, then it might delay
> the release for a week or two, which is probably worth it.

I can say pretty reliably that we are long past time in 7.2 where we can
add code that will push back a final release date. It is fine to slip
stuff in and take the responsibility for it, but we are in beta now and
anything that pushes back final is bad, because it pushes back _all_ 7.2
features from the general user community.

Thinking of it another way, the value of any single feature can not
possibly be large compared to all the new features in 7.2 already. If
we add code now, patch appliers have to be willing to take the heat if
the patch delays final release.

Now, of course I myself am applying stuff, but if it delays final, I
have failed and must take the responsibility for it. This is probably
the biggest difference between patch application during development
cycle and final. During development, patches are applied if they look
good and no one complains. During beta, responsibility lies solely with
the patch applier.

Of course, you can patch things up during 7.2.X, and this often happens.

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026