| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: SCRAM authentication, take three |
| Date: | 2017-02-19 11:44:03 |
| Message-ID: | CAB7nPqQ1eZ4Acryz_kDVLT8AnpQ+vyhV_AJzz4Q818SVsVS=2g@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sun, Feb 19, 2017 at 6:55 PM, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> Gosh, this SCRAM stuff seems to be taking us pretty deeply into
> dealing with encoding details which apparently we haven't formerly
> needed to worry about. That is a little surprising and maybe
> something we should try to avoid?
The RFC of SCRAM, RFC5802 is clear on the matter
(https://tools.ietf.org/html/rfc5802), SASLprep needs NFKC (RFC4013
here, the worst in the set https://tools.ietf.org/html/rfc4013) if we
want our implementation to be compatible with any other Postgres
driver that implement things at protocol level without libpq. I think
that JDBC is one of those things. So I am afraid we cannot avoid it if
we want SCRAM.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Petr Jelinek | 2017-02-19 12:03:07 | Re: Provide list of subscriptions and publications in psql's completion |
| Previous Message | Robert Haas | 2017-02-19 11:27:53 | Re: Index corruption with CREATE INDEX CONCURRENTLY |