On Thu, Sep 21, 2017 at 7:42 AM, Peter Eisentraut < peter.eisentr...@2ndquadrant.com> wrote:
> On 9/19/17 20:45, Peter Eisentraut wrote: > > On 9/19/17 17:55, Jeff Janes wrote: > >> I guess I'm late to the party, but I don't see why this is needed at > >> all. We encourage people to use any and all new features which are > >> appropriate to them--that is why we implement new features. Why does > >> this feature need a special invitation? > > > > It's not clear to me how an average user would get from the press > > release or release notes to upgrading their installation to use > > SCRAM-based authentication and passwords. A little bit more guidance > > somewhere would be helpful. > > Here is a patch that expands the SCRAM documentation a bit, adds more > explanation how the different options are related, and sets some better > links. I think now you can get from the release notes to the relevant > documentation and have enough information on how to put the new features > into use. > This looks good to me. Might suggest adding verifying the clients as a specific step: "To upgrade an existing installation from md5 to scram-sha-256, verify that all client software supports it, set password_encryption = 'scram-sha-256' in postgresql.conf..." Cheers, Jeff
