From: | Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org> |
---|---|
To: | Bruce Momjian <bruce(at)momjian(dot)us> |
Cc: | Ian Lawrence Barwick <barwick(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: PG 14 release notes, first draft |
Date: | 2021-05-12 22:19:28 |
Message-ID: | 20210512221928.GA7368@alvherre.pgsql |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 2021-May-10, Bruce Momjian wrote:
> I reworeded it to:
>
> <listitem>
> <!--
> Author: Peter Eisentraut <peter(at)eisentraut(dot)org>
> 2020-06-10 [c7eab0e97] Change default of password_encryption to scram-sha-256
> -->
>
> <para>
> Limit the ways password_encryption can enable md5 hashing (Peter Eisentraut)
> </para>
>
> <para>
> Previously on/true/yes/1 values enabled md5. Now, only the string md5 does this.
> </para>
> </listitem>
>
> I also have this entry:
>
> <listitem>
> <!--
> Author: Peter Eisentraut <peter(at)eisentraut(dot)org>
> 2020-06-10 [c7eab0e97] Change default of password_encryption to scram-sha-256
> -->
>
> <para>
> Change password_encryption's default to scram-sha-256 (Peter Eisentraut)
> </para>
>
> <para>
> Previously it was md5.
> </para>
> </listitem>
>
> I am hesitant to merge them since they are different changes.
Different? The commit IDs look pretty similar to me, not to say exactly
identical.
Reading these, it's pretty unclear what password_encryption *is* in the
first place. The item should say "the password_encryption server
parameter" -- that's what we have in the pg10 note for precursor commit
eb61136dc.
I would suggest
<para>
Change the default of the password_encryption server parameter to
scram-sha-256.
</para>
<para>
Also, the legacy (and undocumented) boolean-like values which were
previously synonyms of <literal>md5</literal> are no longer accepted.
</para>
--
Álvaro Herrera Valdivia, Chile
"The Gord often wonders why people threaten never to come back after they've
been told never to return" (www.actsofgord.com)
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2021-05-12 22:20:59 | Re: Replacing pg_depend PIN entries with a fixed range check |
Previous Message | Alvaro Herrera | 2021-05-12 22:06:31 | Re: PG 14 release notes, first draft |