Stephen Frost wrote:
-- Start of PGP signed section.
> * Andrew Dunstan (andrew@dunslane.net) wrote:
> > I think the behaviour on the wire should be more explcitly stated.
>
> Please comment on the message I just sent to -hackers which has a much
> longer and more detailed explanation of what happens.
The next paragraph in the docs is:
If you are at all concerned about password <quote>sniffing</> attacks then <literal>md5</> is preferred, with
<literal>crypt</>a second choice if you must support pre-7.2 clients. Plain <literal>password</> should especially be
avoidedfor connections over the open Internet (unless you use <acronym>SSL</acronym>, SSH, or other communications
securitywrappers around the connection).
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
359-1001+ If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square,
Pennsylvania19073