Home > mailing lists

Re: change password_encryption default to scram-sha-256? - Mailing list pgsql-hackers

From	Dave Cramer
Subject	Re: change password_encryption default to scram-sha-256?
Date	April 8, 2019 22:56:02
Msg-id	CADK3HHKOdbti2XXacDGJyc6+9kt8Xh_J-ta4wo73h4C4BJoPwg@mail.gmail.com Whole thread Raw
In response to	Re: change password_encryption default to scram-sha-256? (Alvaro Herrera <alvherre@2ndquadrant.com>)
Responses	Re: change password_encryption default to scram-sha-256?
List	pgsql-hackers

Tree view

Alvaro,

On Mon, 8 Apr 2019 at 13:34, Alvaro Herrera <alvherre@2ndquadrant.com> wrote:

I'm not sure I understand all this talk about deferring changing the
default to pg13. AFAICS only a few fringe drivers are missing support;
not changing in pg12 means we're going to leave *all* users, even those
whose clients have support, without the additional security for 18 more
months.

IIUC the vast majority of clients already support SCRAM auth. So the
vast majority of PG users can take advantage of the additional security.
I think the only massive-adoption exception is JDBC, and apparently they
already have working patches for SCRAM.

We have more than patches this is already in the driver.

What do you mean by "massive-adoption exception"

Dave Cramer

davec@postgresintl.com

www.postgresintl.com

pgsql-hackers by date:

From: Justin Pryzby
Date: 08 April 2019, 22:49:12
Subject: Re: change password_encryption default to scram-sha-256?

From: Dave Cramer
Date: 08 April 2019, 23:03:35
Subject: Re: change password_encryption default to scram-sha-256?

Re: change password_encryption default to scram-sha-256? - Mailing list pgsql-hackers

Previous

Next