Home > mailing lists

Re: Successor of MD5 authentication, let's use SCRAM - Mailing list pgsql-hackers

From	Stephen Frost
Subject	Re: Successor of MD5 authentication, let's use SCRAM
Date	October 13, 2012 02:25:42
Msg-id	20121012232537.GZ29165@tamriel.snowman.net Whole thread Raw
In response to	Re: Successor of MD5 authentication, let's use SCRAM (Josh Berkus <josh@agliodbs.com>)
Responses	Re: Successor of MD5 authentication, let's use SCRAM (John R Pierce <pierce@hogranch.com>) Re: Successor of MD5 authentication, let's use SCRAM (Darren Duncan <darren@darrenduncan.net>)
List	pgsql-hackers

Tree view

* Josh Berkus (josh@agliodbs.com) wrote:
> Problem is, the fact that setting up SSL correctly is hard is outside of
> our control.

Agreed, though the packagers do make it easier..

> Unless we can give people a "run these three commands on each server and
> you're now SSL authenticating" script, we can continue to expect the
> majority of users not to use SSL.  And I don't think that level of
> simplicity is even theoretically possible.

The Debian-based packages do quite a bit to ease this pain.  Do the
other distributions do anything to set up SSL certificates, etc on
install?  Perhaps they could be convinced to?
Thanks,
    Stephen

pgsql-hackers by date:

From: Josh Berkus
Date: 13 October 2012, 01:59:02
Subject: Re: Successor of MD5 authentication, let's use SCRAM

From: Josh Berkus
Date: 13 October 2012, 02:53:24
Subject: Potential autovacuum optimization: new tables

Re: Successor of MD5 authentication, let's use SCRAM - Mailing list pgsql-hackers

Previous

Next