Re: change password_encryption default to scram-sha-256? - Mailing list pgsql-hackers

From Tom Lane
Subject Re: change password_encryption default to scram-sha-256?
Date
Msg-id 29779.1554732487@sss.pgh.pa.us
Whole thread Raw
In response to Re: change password_encryption default to scram-sha-256?  ("Jonathan S. Katz" <jkatz@postgresql.org>)
Responses Re: change password_encryption default to scram-sha-256?
Re: change password_encryption default to scram-sha-256?
List pgsql-hackers
"Jonathan S. Katz" <jkatz@postgresql.org> writes:
> On 4/8/19 8:49 AM, Magnus Hagander wrote:
>> I think the real question is, is it OK to give them basically 5months
>> warning, by right now saying if you don't have a release out in 6
>> months, things will break.

> Given the supported libraries all have open pull requests or issues, it
> should be fairly easy to inquire if they would be able to support it for
> PG12 vs PG13. If this sounds like a reasonable plan, I'm happy to reach
> out and see.

I think that the right course here is to notify these developers that
we will change the default in PG13, and it'd be good if they put out
stable releases with SCRAM support well before that.  This discussion
seems to be talking as though it's okay if we allow zero daylight
between availability of fixed drivers and release of a PG version that
defaults to using SCRAM.  That'd be totally unfair to packagers and
users.  There needs to be a pretty fair-size window for those fixed
drivers to propagate into the wild.  A year is not too much; IMO it's
barely enough.

            regards, tom lane



pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Re: hyrax vs. RelationBuildPartitionDesc
Next
From: Justin Pryzby
Date:
Subject: Re: clean up docs for v12