| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | sanjay sharma <sanksh(at)hotmail(dot)com> |
| Cc: | Greg Sabino Mullane <greg(at)turnstep(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [GENERAL] SHA1 on postgres 8.3 |
| Date: | 2008-04-02 17:05:14 |
| Message-ID: | 5835.1207155914@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
sanjay sharma <sanksh(at)hotmail(dot)com> writes:
> md5 is not being recommended anywhere because it contains hash
> collision.
For the purposes we are using it for, that's just about 100% irrelevant.
> Would replacing md5 with SHA1 in core involve much work?
Yes, it would be a tremendous problem, because the use of md5 is part of
our password protocol. We'd have to change client-side code in sync
with the servers to do that.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ian Sillitoe | 2008-04-02 17:12:22 | Re: (FAQ?) JOIN condition - 'WHERE NULL = NULL' |
| Previous Message | Tom Lane | 2008-04-02 17:00:46 | Re: [GENERAL] SHA1 on postgres 8.3 |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | PFC | 2008-04-02 17:11:20 | Re: first time hacker ;) messing with prepared statements |
| Previous Message | Tom Lane | 2008-04-02 17:00:46 | Re: [GENERAL] SHA1 on postgres 8.3 |