Re: Password identifiers, protocol aging and SCRAM protocol

On Mon, Mar 21, 2016 at 11:07 PM, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> Well, I said before and I'll say again that I don't like the idea of
> multiple password verifiers. I think that's an accident waiting to
> happen, and I'm not prepared to put in the amount of time and energy
> that it would take to get that feature committed despite not wanting
> it myself, or for being responsible for it afterwards. I'd prefer we
> didn't do it at all, although I'm not going to dig in my heels. I
> might be willing to deal with SCRAM itself, but this whole area is not
> my strongest suit. So ideally some other committer would be willing
> to pick this up.

I won't bet my hand on that.

> But the problem isn't even just that somebody has to hit the final
> commit button - as we've both said, there's a woeful lack of any
> meaningful review on this thread, and this sort of change really needs
> quite a lot of review.

Yep.

> This has implications for
> backward-compatibility, for connectors that don't use libpq, etc.
> Really, I'm not even sure we have consensus on the direction. I mean,
> Heikki's proposal to adopt SCRAM sounds good enough at a broad level,
> but I don't really know what the alternatives are, I'm mostly just
> taking his word for it, and like you say, there's been a fair amount
> of miscellaneous negativity floating around.

PAKE or J-PAKE are other alternatives I have in mind.

I have marked the patch as returned with feedback.
--
Michael