On 02/11/2015 07:54 AM, José Luis Tallón wrote:
On 02/11/2015 04:40 PM, Tom Lane wrote:
=?UTF-8?B?Sm9zw6kgTHVpcyBUYWxsw7Nu?= <jltal...@adv-solutions.net> writes:
In any case, just storing the "password BLOB"(text or base64 encoded)
along with a mechanism identifier would go a long way towards making
this part pluggable... just like we do with LDAP/RADIUS/Kerberos/PAM
today.
That's exactly the direction we must NOT go.
From a practitioners and one step at a time perspective, why don't we
just offer SHA-2 as an alternative to MD5?
As a longer term approach, it seems something like key based auth (ala
SSH) which proved popular when I brought it up before seems like a
reasonable solution.
Sincerely,
Joshua D. Drake
--
Command Prompt, Inc. - http://www.commandprompt.com/ 503-667-4564
PostgreSQL Support, Training, Professional Services and Development
High Availability, Oracle Conversion, @cmdpromptinc
"If we send our children to Caesar for their education, we should
not be surprised when they come back as Romans."
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
