Home > mailing lists

Re: Time to drop RADIUS support? - Mailing list pgsql-hackers

From	Aleksander Alekseev
Subject	Re: Time to drop RADIUS support?
Date	January 26 16:06:35
Msg-id	CAJ7c6TNS5TrAvEo343LDqWZ48J_yhSKOZ0ez0V-_feJmwFeeMw@mail.gmail.com Whole thread Raw
In response to	Time to drop RADIUS support? (Thomas Munro <thomas.munro@gmail.com>)
List	pgsql-hackers

Tree view

Hi,

> 3.  That mitigation would help, but in the end it's still leaky
> obfuscation of credentials + MD5-based technology that is being
> formally deprecated with a mandated replacement[2], and de facto has
> been for a long time.
>
> The real recommendation of the paper was "don't use RADIUS/UDP at
> all", and I don't want to expend energy writing a RADIUS/TLS client
> for a hypothetical user, so I think we should just delete it all, and
> stick a deprecation notice in the release branch documentation, as
> attached.  That'd also mean our Windows select() and non-thread-safe
> UDP kludges can be VACUUMed.

All things considered, it sounds perfectly reasonable. +1.

-- 
Best regards,
Aleksander Alekseev

pgsql-hackers by date:

From: Heikki Linnakangas
Date: 26 January, 15:33:02
Subject: Re: Is abort() still needed in WalSndShutdown()?

From: Anthonin Bonnefoy
Date: 26 January, 16:16:45
Subject: Re: Auto-tune shared_buffers to use available huge pages

Re: Time to drop RADIUS support? - Mailing list pgsql-hackers

Previous

Next