| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Jeff Janes <jeff(dot)janes(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: scram and \password |
| Date: | 2017-03-14 03:34:14 |
| Message-ID: | 743.1489462454@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Michael Paquier <michael(dot)paquier(at)gmail(dot)com> writes:
> On Tue, Mar 14, 2017 at 11:47 AM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> Seems to me the intended behavior of \password is to use the best
>> available practice. So my guess is that it ought to use SCRAM when
>> talking to a >= 10.0 server. What the previous password was ought
>> to be irrelevant, even if it could find that out which it shouldn't
>> be able to IMO.
> And in a release or two? SCRAM being a fresh feature, switching the
> hashing now is not much a conservative approach.
If some other practice becomes better in v12, then we teach it about that
one. It's not like psql hasn't got many other server-version-dependent
behaviors.
Alternatively, if what you mean by that is you don't trust SCRAM at all,
maybe we'd better revert the feature as not being ready for prime time.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2017-03-14 03:38:42 | Re: [COMMITTERS] pgsql: Improve postmaster's logging of listen socket creation. |
| Previous Message | Michael Paquier | 2017-03-14 03:20:47 | Re: scram and \password |