On Wed, Feb 11, 2015 at 8:02 AM, Heikki Linnakangas <hlinnakan...@vmware.com> wrote: > On 02/11/2015 02:49 PM, Robert Haas wrote: >> So, this all sounds fairly nice if somebody's willing to do the work, >> but I can't help noticing that you originally proposed adopting SCRAM >> in 2012, and it's 2015 now. So I wonder if anyone's really going to >> do all this work, and if not, whether we should go for something >> simpler. Just plugging something else in for MD5 would be a lot less >> work for us to implement and for clients to support, even if it is (as >> it unarguably is) less elegant. > > "Just plugging something else in for MD5" would still be a fair amount of > work. Not that much less than the full program I proposed. > > Well, I guess it's easier if you immediately stop supporting MD5, have a > "flag day" in all clients to implement the replacement, and break > pg_dump/restore of passwords in existing databases. That sounds horrible. > Let's do this properly. I can help with that, although I don't know if I'll > find the time and enthusiasm to do all of it alone.
So are you thinking to integrate with the Cyrus SASL library, or do you have another thought? -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
