Home > mailing lists

Re: You're on SecurityFocus.com for the cleartext passwords. - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: You're on SecurityFocus.com for the cleartext passwords.
Date	May 6, 2000 21:03:11
Msg-id	12142.957650527@sss.pgh.pa.us Whole thread Raw
In response to	Re: You're on SecurityFocus.com for the cleartext passwords. ("Robert B. Easter" <reaster@comptechnews.com>)
List	pgsql-hackers

Tree view

"Robert B. Easter" <reaster@comptechnews.com> writes:
> Would public/private key pair authentication (like GPG) or SSL-like solutions
> work?

We already have SSL support --- that's why I wasn't especially excited
about making the password challenge itself be proof against sniffing.
Anybody who's afraid of sniffing attacks ought to be SSL-ifying his
entire database connection, not just trying to protect the password.
        regards, tom lane

pgsql-hackers by date:

From: Tom Lane
Date: 06 May 2000, 20:58:13
Subject: Re: You're on SecurityFocus.com for the cleartext passwords.

From: Tom Lane
Date: 06 May 2000, 21:14:09
Subject: Re: You're on SecurityFocus.com for the cleartext passwords.

Re: You're on SecurityFocus.com for the cleartext passwords. - Mailing list pgsql-hackers

Previous

Next