Re: password_encryption default - Mailing list pgsql-hackers

From Tom Lane
Subject Re: password_encryption default
Date
Msg-id 10329.1590182503@sss.pgh.pa.us
Whole thread Raw
In response to Re: password_encryption default  (Vik Fearing <vik@postgresfriends.org>)
Responses Re: password_encryption default
List pgsql-hackers
Vik Fearing <vik@postgresfriends.org> writes:
> On 5/22/20 9:09 PM, Jonathan S. Katz wrote:
>> As someone who is an unabashed SCRAM fan and was hoping the default
>> would be up'd for v13, I would actually +1 making it the default in v14,
>> i.e. because 9.5 will be EOL at that point, and as such we both have
>> every* driver supporting SCRAM AND every version of PostgreSQL
>> supporting SCRAM.

> Wasn't SCRAM introduced in 10?

Yeah.  But there's still something to Jonathan's argument, because 9.6
will go EOL in November 2021, which is pretty close to when v14 will
reach public release (assuming we can hold to the typical schedule).
If we do it in v13, there'll be a full year where still-supported
versions of PG can't do SCRAM, implying that clients would likely
fail to connect to an up-to-date server.

            regards, tom lane



pgsql-hackers by date:

Previous
From: Peter Geoghegan
Date:
Subject: Re: xid wraparound danger due to INDEX_CLEANUP false
Next
From: "Jonathan S. Katz"
Date:
Subject: Re: password_encryption default