On Mon, Jan 25, 2021 at 11:27:28PM -0500, Bruce Momjian wrote: > On Mon, Jan 25, 2021 at 10:23:30PM -0600, Kenneth Marshall wrote: >> +1 I know that it has been deprecated, but it can be very useful when >> working with data from pre-deprecation. :) It is annoying to have to >> resort to plperl or plpython because it is not available. The lack or >> orthogonality is painful.
plperl and plpython can be annoying to require if you have strong security requirements as these are untrusted languages, but I don't completely agree with this argument because pgcrypto gives the option to use SHA1 with digest(), and this one is fine to have even in environments under STIG or equally-constrained environments. > Yes, I think having SHA1 makes sense --- there are probably still valid > uses for it. Consistency with the existing in-core SQL functions for cryptohashes and the possibility to not need pgcrypto are my only arguments at hand. ;) -- Michael
signature.asc
Description: PGP signature
