Home > mailing lists

Re: Re: Proposal for encrypting pg_shadow passwords - Mailing list pgsql-patches

From	Bruce Momjian
Subject	Re: Re: Proposal for encrypting pg_shadow passwords
Date	August 16, 2001 13:51:01
Msg-id	200108161408.f7GE8hi17713@candle.pha.pa.us Whole thread Raw
In response to	Re: Re: Proposal for encrypting pg_shadow passwords (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-patches

Tree view

> Bruce Momjian <pgman@candle.pha.pa.us> writes:
> > Just a reminder.  What I think it insecure is the size of our salt.
> > With only 3300 possible salts, it doesn't take long to playback a
> > duplicate.  That is true of MD5 and crypt.
>
> But aren't we increasing the size of the salt keyspace for MD5?
> It'd surely be a major oversight not to.

We aren't.  I can do that, but have not discussed it yet.  If we do it
is clearly a protocol change.  How will old clients handle longer salt,
and how do I know if they are older if I don't bump up the protocol
version number?

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026

pgsql-patches by date:

From: Tom Lane
Date: 16 August 2001, 13:45:24
Subject: Re: Re: Proposal for encrypting pg_shadow passwords

From: Thomas Lockhart
Date: 16 August 2001, 14:17:25
Subject: Re: Fix for fetchone() and fetchmany() in Python interface

Re: Re: Proposal for encrypting pg_shadow passwords - Mailing list pgsql-patches

Previous

Next