On Tue, Jun 26, 2001 at 12:20:40AM -0400, Bruce Momjian wrote:
> We will do double-crypt and everyone will be happy, right?
>
> > if the API as above existed, then i would be happy to see "password" go away
> > (although it should be depreciated to a --enable option, otherwise you are
> > going to ruin a bunch of existing code).
>
> Who is using it? We can continue to allow it but at some point there is
> no purpose to it unless you have clients that are pre-7.2. Double-crypt
> removes the use for it, no?
if the API allows a plain text password, and compares agains a cyrtpo-pg_shadow
i would imagine that would be fine.
at this point i should apologize for possibly arguing out of turn.
if 7.2 has the above, that is cool.
i'm sorta hoping my mods can make it into 7.1.3, if there is one.
> > i recognize that some of this can be done with the ident mapping facility,
> > but again, that is an external file, and thus presents management issues.
>
> Our authentication system is already too complex. I would prefer not to
> make it more so. The more complex, the more mistakes admins make.
understood, but you were asking for comments. 8^)
--
[ Jim Mercer jim@reptiles.org +1 416 410-5633 ]
[ Now with more and longer words for your reading enjoyment. ]
