On 7/14/06, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> I don't see a strong need for moving pgcrypto into core, and there's at
> least one argument against it: if someone needs a crypto-free version of
> postgres for use someplace with benighted laws, they would be screwed.
Image of hypothetical evil government is not a thing to base decisions on :)
Although I've tried to develop pgcrypto to be easily mergable into core,
I don't want to push it myself, the push should come from users.
That said, there is one situation that is badly handled in current
setup - storing passwords in database. There is md5() function in
core and everything in /contrib in basically invisible in website
and official docs. So even PG core devs suggest using md5() for
this task. But this is inadequate - bruteforcing md5 hash can be
done pretty easily on todays desktop computers. PostgreSQL itself
can get away with it only because it regular users cant see the hash.
But that is not so for ordinary apps.
So I would like either some mention of the more useful/stable modules
in core docs or a way for contrib modules to become 'official' add-on
modules (like PL-s are).
Full merge into core would fix this also, but indeed there is not many
techical reasons for it. (And editing pg_proc.h is PITA - I'd consider
it technical reason against it ;)
--
marko
