Home > mailing lists

Re: Successor of MD5 authentication, let's use SCRAM - Mailing list pgsql-hackers

From	Josh Berkus
Subject	Re: Successor of MD5 authentication, let's use SCRAM
Date	October 13, 2012 01:59:02
Msg-id	5078A0B1.8030401@agliodbs.com Whole thread Raw
In response to	Re: Successor of MD5 authentication, let's use SCRAM (Stephen Frost <sfrost@snowman.net>)
Responses	Re: Successor of MD5 authentication, let's use SCRAM (Stephen Frost <sfrost@snowman.net>)
List	pgsql-hackers

Tree view

On 10/12/12 12:44 PM, Stephen Frost wrote:
> Don't get me wrong- I really dislike that
> we don't have something better today for people who insist on password
> based auth, but perhaps we should be pushing harder for people to use
> SSL instead?

Problem is, the fact that setting up SSL correctly is hard is outside of
our control.

Unless we can give people a "run these three commands on each server and
you're now SSL authenticating" script, we can continue to expect the
majority of users not to use SSL.  And I don't think that level of
simplicity is even theoretically possible.

-- 
Josh Berkus
PostgreSQL Experts Inc.
http://pgexperts.com

pgsql-hackers by date:

From: Josh Berkus
Date: 13 October 2012, 01:56:20
Subject: Re: Truncate if exists

From: Stephen Frost
Date: 13 October 2012, 02:25:42
Subject: Re: Successor of MD5 authentication, let's use SCRAM

Re: Successor of MD5 authentication, let's use SCRAM - Mailing list pgsql-hackers

Previous

Next