Hi, On 2018-10-07 11:37:20 -0400, Tom Lane wrote: > Michael Paquier <mich...@paquier.xyz> writes: > > On Sat, Oct 06, 2018 at 11:43:06PM -0700, Andres Freund wrote: > >> Now that we probably have shaken the worst issues out of scram, > >> shouldn't we change the default password_encryption to something that > >> doesn't scare people? The only reason I could think of not wanting to > >> do that for is that we don't necessarily guarantee that we have a strong > >> random generator, but if that's the issue, we should change initdb to > >> default it to something safe if the platform provides something. Which > >> is just about any sane one, no? > > > In short, +1. > > > The random function issue would apply to any platform in need of > > --disable-strong-random, but this applies mainly to some old HP-UX stuff > > if my memory serves me well, so I'd like to think that we should be safe > > to just switch the default and not complicate initdb. > > Yeah, I don't see why that should affect anything. SCRAM with a poor > random function is probably still better than MD5.
Cool. > As I recall, the reason for not defaulting to SCRAM right away had > nothing to do with that; it was worry about how many clients would > get locked out for lack of SCRAM support. Right, but two releases should be enough of a warning window. > But the list at https://wiki.postgresql.org/wiki/List_of_drivers looks > pretty positive, and another year would probably be enough to give the > stragglers time to catch up ... especially if they know this is > coming. I've updated the list, and I think it looks a bit better now. Go/pq and Node/node-postgres seem to be the only somewhat important ones without support. The former has had open PRs for it for quite a while. Greetings, Andres Freund
