Re: SCRAM in the PG 10 release notes

On Wed, Sep 20, 2017 at 9:45 AM, Peter Eisentraut
<peter(dot)eisentraut(at)2ndquadrant(dot)com> wrote:
> On 9/19/17 17:55, Jeff Janes wrote:
>> I guess I'm late to the party, but I don't see why this is needed at
>> all. We encourage people to use any and all new features which are
>> appropriate to them--that is why we implement new features. Why does
>> this feature need a special invitation?
>
> It's not clear to me how an average user would get from the press
> release or release notes to upgrading their installation to use
> SCRAM-based authentication and passwords. A little bit more guidance
> somewhere would be helpful.
>
> The patch that Heikki posted seemed reasonable to me as a starting
> point, but there probably needs to be more "how" information somewhere.

I agree with that.

+ <para>
+ Installations using MD5 authentication are encouraged to switch to
+ SCRAM-SHA-256, unless using older client programs or drivers that don't
+ support it yet.
+ </para>
I think that the addition of a link to
https://wiki.postgresql.org/wiki/List_of_drivers would be appropriate.
--
Michael