On Wed, Apr 26, 2017 at 11:06:03AM +0900, Michael Paquier wrote:
> On Wed, Apr 26, 2017 at 10:56 AM, Bruce Momjian <bruce@momjian.us> wrote:
> > First, I don't think RFC references belong in the release notes, let
> > alone RFC links.
> >
> > Second, there seems to be some confusion over what SCRAM-SHA-256 gives
> > us over MD5. I think there are a few benefits:
> >
> > o packets cannot be replayed as easily, i.e. md5 replayed random salt
> > packets with a 50% probability after 16k sessions
> > o hard to re-use SCRAM-SHA-256 string if disclosed vs. simple for md5
> > o harder to brute-force trying all possible strings to find a matching
> > hash
> >
> > So if you tell users that SCRAM-SHA-256 is better than MD5 only because
> > of one of those, they will not realize that three benefits of changing
> > to SCRAM-SHA-256. I might have even missed some benefits.
>
> If the release notes keep a general tone, perhaps it would be better
> to mention as well that SCRAM is the recommended password-based
> authentication method moving forward?
Well, we could add "MD5 users are encouraged to switch to
SCRAM-SHA-256". Now whether we want to list this as something on the
SCRAM-SHA-256 description, or mention it as an incompatibility, or
under Migration. I am not clear that MD5 is in such terrible shape that
this is warranted.
-- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB
http://enterprisedb.com
+ As you are, so once was I. As I am, so you will be. +
+ Ancient Roman grave inscription +
