Re: md5_password_warnings for password auth with MD5-encrypted passwords

From: Nathan Bossart <nathandbossart(at)gmail(dot)com>
To: Michael Paquier <michael(at)paquier(dot)xyz>
Cc: Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>, Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com>, masao(dot)fujii(at)gmail(dot)com, pgsql-hackers(at)lists(dot)postgresql(dot)org
Subject: Re: md5_password_warnings for password auth with MD5-encrypted passwords
Date: 2026-06-29 14:33:56
Message-ID: akKCVNsYiT14e2yq@nathan
Views: Whole Thread | Raw Message | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Mon, Jun 29, 2026 at 12:00:31PM +0900, Michael Paquier wrote:
> On Fri, Jun 26, 2026 at 01:18:55PM -0500, Nathan Bossart wrote:
>> TBH I'm not too opinionated here, if for no other reason than all this code
>> should be getting deleted in the next couple of years.
>
> v20 perhaps? Let's be on the very optimistic side of the spectrum. :p

My plan was to allow a couple more years for word to spread and warnings to
be seen, and then to remove it in ~v22. If there's consensus to do it
earlier, I'm happy to do so, but I lean towards extreme caution with the
timeline.

--
nathan

In response to

Browse pgsql-hackers by date

  From Date Subject
Previous Message Thom Brown 2026-06-29 14:30:51 Re: Per-thread leak in ECPG's memory.c