Home > mailing lists

Re: [HACKERS] SCRAM salt length - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: [HACKERS] SCRAM salt length
Date	August 25, 2017 00:22:17
Msg-id	5c138491-5c0c-532e-af62-f179839c80ef@2ndquadrant.com Whole thread Raw
In response to	Re: [HACKERS] SCRAM salt length (Joe Conway <mail@joeconway.com>)
List	pgsql-hackers

Tree view

On 8/17/17 17:00, Joe Conway wrote:
>> Hence my original inquiry: "I suspect that this length was chosen based
>> on the example in RFC 5802 (SCRAM-SHA-1) section 5.  But the analogous
>> example in RFC 7677 (SCRAM-SHA-256) section 3 uses a length of 16.
>> Should we use that instead?"
> Unless there is some significant downside to using 16 byte salt, that
> would be my vote.

committed

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

pgsql-hackers by date:

From: "Joshua D. Drake"
Date: 25 August 2017, 00:21:51
Subject: Re: [HACKERS] Proposal: global index

From: Tom Lane
Date: 25 August 2017, 00:24:40
Subject: Re: [HACKERS] [PATCH] Push limit to sort through a subquery

Re: [HACKERS] SCRAM salt length - Mailing list pgsql-hackers

Previous

Next