| From: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
|---|---|
| To: | Abhijit Menon-Sen <ams(at)2ndQuadrant(dot)com> |
| Cc: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, Josh Berkus <josh(at)agliodbs(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Bruce Momjian <bruce(at)momjian(dot)us>, pgsql-hackers(at)postgreSQL(dot)org |
| Subject: | Re: MD5 authentication needs help -SCRAM |
| Date: | 2015-03-18 13:19:56 |
| Message-ID: | 20150318131956.GV3636@alvh.no-ip.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Abhijit Menon-Sen wrote:
> P.S. I don't know why the SRP code was removed from LibreSSL; nor am I
> sure how seriously to take that. It's possible that it's only because
> it's (still) rather obscure.
As I recall, the working principle of the LibreSSL guys is to remove
everything that can't be understood quickly, to reduce the code base to
the minimum required to support the basic features they want, and still
be sure that there are little or no security holes. In a later stage
their intention is to re-add interesting features as they have time to
audit the code.
--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2015-03-18 13:26:34 | Re: Future directions for inheritance-hierarchy statistics |
| Previous Message | Devrim Gündüz | 2015-03-18 13:19:22 | Help needed for PL/Ruby |