| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "Jonathan S(dot) Katz" <jkatz(at)postgresql(dot)org>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>, Noah Misch <noah(at)leadboat(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net> |
| Subject: | Re: initdb recommendations |
| Date: | 2019-05-24 02:30:09 |
| Message-ID: | 20190524023009.GL2480@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-docs pgsql-hackers |
Greetings,
* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> "Jonathan S. Katz" <jkatz(at)postgresql(dot)org> writes:
> > For now I have left in the password based method to be scram-sha-256 as
> > I am optimistic about the support across client drivers[1] (and FWIW I
> > have an implementation for crystal-pg ~60% done).
>
> > However, this probably means we would need to set the default password
> > encryption guc to "scram-sha-256" which we're not ready to do yet, so it
> > may be moot to leave it in.
>
> > So, thinking out loud about that, we should probably use "md5" and once
> > we decide to make the encryption method "scram-sha-256" by default, then
> > we update the recommendation?
>
> Meh. If we're going to break things, let's break them. Set it to
> scram by default and let people who need to cope with old clients
> change the default. I'm tired of explaining that MD5 isn't actually
> insecure in our usage ...
+many.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2019-05-24 07:08:57 | graphviz file extension |
| Previous Message | Tom Lane | 2019-05-24 02:28:27 | Re: initdb recommendations |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ajin Cherian | 2019-05-24 02:30:19 | Re: Zedstore - compressed in-core columnar storage |
| Previous Message | Tom Lane | 2019-05-24 02:28:27 | Re: initdb recommendations |