Home > mailing lists

Re: Transparent encryption in PostgreSQL? - Mailing list pgsql-general

From	Joachim Wieland
Subject	Re: Transparent encryption in PostgreSQL?
Date	July 14, 2005 08:42:08
Msg-id	20050714084151.GA3183@mcknight.de Whole thread Raw
In response to	Re: Transparent encryption in PostgreSQL? (Bob <luckyratfoot@gmail.com>)
List	pgsql-general

Tree view

On Wed, Jul 13, 2005 at 11:18:04PM -0500, Bob wrote:
> Here is the link in case your fingers are broken and it hurts to type;)
> http://www.postgresql.org/docs/8.0/interactive/encryption-options.html

I think the "Password Storage Encryption" paragraph needs a note similar to
what Stephen Frost wrote in

http://archives.postgresql.org/pgsql-hackers/2005-04/msg00634.php

at the end. The encryption-options.html page says:

"If MD5 encryption is used for client authentication, the unencrypted
password is never even temporarily present on the server [...]"

which is right and wrong at the same time because the md5 hash becomes sort
of a new cleartext password.


Joachim

pgsql-general by date:

From: Harry Mantheakis
Date: 14 July 2005, 08:20:14
Subject: Re: Japanese words not distinguished

From: Richard Huxton
Date: 14 July 2005, 08:45:34
Subject: Re: Stopping Postgres

Re: Transparent encryption in PostgreSQL? - Mailing list pgsql-general

Previous

Next