Quick Links

Re: SHA1 authentication

From:	Bruno Wolff III <bruno(at)wolff(dot)to>
To:	Bohdan Linda <bohdan(dot)linda(at)seznam(dot)cz>, pgsql-general(at)postgresql(dot)org
Subject:	Re: SHA1 authentication
Date:	2005-10-27 16:16:00
Message-ID:	20051027161600.GA11072@wolff.to
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

On Mon, Oct 24, 2005 at 11:33:50 +0200,
Martijn van Oosterhout <kleptog(at)svana(dot)org> wrote:
>
> By all means, submit a patch but there's no real hurry right now. We
> should probably move straight to something more secure anyway, maybe
> SHA-256 or something.

This makes more sense. There is little point in going to the effort to
changing to SHA-1 only to change again later.
There isn't any hurry to change now, so it might be better to wait until
the next group of hash functions is designed, built on lessons learned from
the attacks against MD5 and SHA-1.

In response to

Re: SHA1 authentication at 2005-10-24 09:33:50 from Martijn van Oosterhout

Responses

Re: SHA1 authentication at 2005-10-27 20:27:58 from Brian Mathis

Browse pgsql-general by date

	From	Date	Subject
Next Message	Noel Whelan	2005-10-27 16:18:56	Re: improve 'where not exists' query..
Previous Message	codeWarrior	2005-10-27 15:49:30	Re: pg_dump fails when it gets to table containing bytea