"Joshua D. Drake" <jd@commandprompt.com> writes:
> Tom Lane wrote:
>> I don't see a strong need for moving pgcrypto into core, and there's at
>> least one argument against it: if someone needs a crypto-free version of
>> postgres for use someplace with benighted laws, they would be screwed.
> Doesn't our inclusion of md5() pretty much blow that argument away?
No: md5 is hashing, not encryption. The difference is that you can't
retrieve the original plaintext from a hash. That is a very large
difference in the eyes of most munitions laws --- encryption is useful
for spies, hashing not so much.
regards, tom lane
