On 2021-May-10, Bruce Momjian wrote: > I reworeded it to: > > <listitem> > <!-- > Author: Peter Eisentraut <pe...@eisentraut.org> > 2020-06-10 [c7eab0e97] Change default of password_encryption to > scram-sha-256 > --> > > <para> > Limit the ways password_encryption can enable md5 hashing (Peter > Eisentraut) > </para> > > <para> > Previously on/true/yes/1 values enabled md5. Now, only the string md5 > does this. > </para> > </listitem> > > I also have this entry: > > <listitem> > <!-- > Author: Peter Eisentraut <pe...@eisentraut.org> > 2020-06-10 [c7eab0e97] Change default of password_encryption to > scram-sha-256 > --> > > <para> > Change password_encryption's default to scram-sha-256 (Peter Eisentraut) > </para> > > <para> > Previously it was md5. > </para> > </listitem> > > I am hesitant to merge them since they are different changes.
Different? The commit IDs look pretty similar to me, not to say exactly identical. Reading these, it's pretty unclear what password_encryption *is* in the first place. The item should say "the password_encryption server parameter" -- that's what we have in the pg10 note for precursor commit eb61136dc. I would suggest <para> Change the default of the password_encryption server parameter to scram-sha-256. </para> <para> Also, the legacy (and undocumented) boolean-like values which were previously synonyms of <literal>md5</literal> are no longer accepted. </para> -- Álvaro Herrera Valdivia, Chile "The Gord often wonders why people threaten never to come back after they've been told never to return" (www.actsofgord.com)
