José Luis Tallón <jltallon@adv-solutions.net> writes:
> In any case, just storing the "password BLOB"(text or base64 encoded)
> along with a mechanism identifier would go a long way towards making
> this part pluggable... just like we do with LDAP/RADIUS/Kerberos/PAM today.
That's exactly the direction we must NOT go.
Upgrading the security of stored passwords in pg_authid is at least as
important as upgrading the wire protocol security; very possibly more so.
Any solution that requires cleartext passwords to be kept by the server
is simply not going to be accepted.
Because of this constraint, I really suspect that we have zero chance of
achieving pluggability or farming out the problem to some third party
library.
Or in short: we've done that before, with LDAP/RADIUS/Kerberos/PAM,
and none of those solutions have proven very satisfactory; they certainly
have not replaced passwords to any measurable degree. Expecting the next
external solution to do so is the definition of insanity.
regards, tom lane
