| From: | Robert Treat <rob(at)xzilla(dot)net> |
|---|---|
| To: | Michael Banck <mbanck(at)gmx(dot)net> |
| Cc: | Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: [Patch] Mention md5 is deprecated in postgresql.conf.sample |
| Date: | 2025-11-15 14:37:37 |
| Message-ID: | CABV9wwNJFyZKQH6jgytkxbmL71m1WQmi3d8vcAnM3rAjZcwD-Q@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, Nov 14, 2025 at 5:48 AM Michael Banck <mbanck(at)gmx(dot)net> wrote:
>
> Hi,
>
> while looking through postgresql.conf on PG18, I noticed that
> password_encryption mentions md5 as valid alternative to scram-sha-256.
> I think it would be useful to mention md5 is deprecated so that people
> looking at it (but have otherwise not gotten the memo) will realize and
> hopefully act on it.
>
> Patch attached, I think it would be a candidate for being back-patched
> to PG18 if accepted.
>
+1 to the general idea, though I think it should go the other way
around (it is a small enough grammatical point I'm sure some would
argue the other way around).
# password_encryption = scram-sha-256 # scram-sha-256 or md5 (deprecated)
Also +1 for backpatching. IIRC this would only show up in new
clusters, but we're still pretty early on in the cycle, so it seems
worth it.
Robert Treat
https://xzilla.net
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Banck | 2025-11-15 14:55:39 | Re: [Patch] Mention md5 is deprecated in postgresql.conf.sample |
| Previous Message | Bruce Momjian | 2025-11-15 14:31:56 | Re: regarding statistics retaining with 18 Upgrade |