On Wed, Dec 27, 2023 at 10:52:15PM +0100, Peter Eisentraut wrote:
> On 27.12.23 02:04, Bruce Momjian wrote:
> > I did_not_ change the user API, so CREATE/ALTER ROLE still uses
> > [ENCRYPTED] PASSWORD, the GUC is still called password_encryption, and
> > the libpq function is still called PQencryp
On 27.12.23 02:04, Bruce Momjian wrote:
I did_not_ change the user API, so CREATE/ALTER ROLE still uses
[ENCRYPTED] PASSWORD, the GUC is still called password_encryption, and
the libpq function is still called PQencryptPasswordConn(). This makes
the user interface confusing since the API uses "
On Tue, Nov 28, 2023 at 10:01:57AM -0500, Robert Haas wrote:
> On Tue, Nov 28, 2023 at 9:55 AM Stephen Frost wrote:
> > I do think we should use the correct terminology in our documentation
> > and would support your working on improving things in this area.
>
> +1.
Attached is a draft patch to
On Wed, Nov 29, 2023 at 5:02 PM Nathan Bossart wrote:
> On Wed, Nov 29, 2023 at 04:02:11PM -0500, Robert Haas wrote:
> > I'd fully support having good documentation that says "hey, here are
> > the low security authentication configurations, here are the
> > medium-security ones, here are the high
On Wed, Nov 29, 2023 at 04:02:11PM -0500, Robert Haas wrote:
> I'd fully support having good documentation that says "hey, here are
> the low security authentication configurations, here are the
> medium-security ones, here are the high security ones, and here's why
> these ones are better than tho
On Wed, Nov 29, 2023 at 2:12 AM Stephen Frost wrote:
> I had been hoping you might shed some light on just what use cases you
> were referring to so that we could have a constructive discussion about
> if ldap is actually a reasonable solution. I even explicitly pointed
> out that there may still
Greetings,
* Robert Haas (robertmh...@gmail.com) wrote:
> On Tue, Nov 28, 2023 at 12:24 PM Stephen Frost wrote:
> > I don’t know what they’re doing now, as you don’t say, and so I really
> > couldn’t say if ldap is better or worse for them. In some cases, sure,
> > perhaps ldap is better than …
On Tue, Nov 28, 2023 at 12:24 PM Stephen Frost wrote:
> I don’t know what they’re doing now, as you don’t say, and so I really
> couldn’t say if ldap is better or worse for them. In some cases, sure,
> perhaps ldap is better than … something else,
That's EXACTLY right. You can't say whether LDA
Greetings,
On Tue, Nov 28, 2023 at 20:19 Robert Haas wrote:
> On Tue, Nov 28, 2023 at 10:16 AM Stephen Frost wrote:
> > We pass a completely cleartext password to the server from the client.
> > Yes, we might encrypt it on the way with TLS, but even SSH realized how
> > terrible that is long, l
On Tue, Nov 28, 2023 at 10:16 AM Stephen Frost wrote:
> We pass a completely cleartext password to the server from the client.
> Yes, we might encrypt it on the way with TLS, but even SSH realized how
> terrible that is long, long ago and strongly discourages it these days.
>
> The problem with ld
Greetings,
* Robert Haas (robertmh...@gmail.com) wrote:
> On Tue, Nov 28, 2023 at 9:55 AM Stephen Frost wrote:
> > I do think we should use the correct terminology in our documentation
> > and would support your working on improving things in this area.
>
> +1.
>
> > I do wonder if perhaps we w
On Tue, Nov 28, 2023 at 9:55 AM Stephen Frost wrote:
> I do think we should use the correct terminology in our documentation
> and would support your working on improving things in this area.
+1.
> I do wonder if perhaps we would be better off by having someone spend
> time on removing terribly
Greetings,
* Bruce Momjian (br...@momjian.us) wrote:
> Is there any interest in fixing our documentation that says encrypted
> when it means hashed? Should I pursue this?
I do think we should use the correct terminology in our documentation
and would support your working on improving things in t
On Wed, Nov 22, 2023 at 08:23:42PM -0500, Bruce Momjian wrote:
> Let me also add that I apologize for brining up these old threads. I
> feel badly I didn't address them years ago, I feel bad for the original
> posters, and I do think there is some value in addressing some of them,
> which I think
On Wed, Nov 22, 2023 at 07:01:32PM -0500, Bruce Momjian wrote:
> On Wed, Nov 22, 2023 at 05:55:06PM -0500, Tom Lane wrote:
> > Bruce Momjian writes:
> > > On Wed, Nov 22, 2023 at 12:52:23PM -0800, Andres Freund wrote:
> > >> What's the point of randomly reviving threads from 6 years ago, without
On Wed, Nov 22, 2023 at 05:55:06PM -0500, Tom Lane wrote:
> Bruce Momjian writes:
> > On Wed, Nov 22, 2023 at 12:52:23PM -0800, Andres Freund wrote:
> >> What's the point of randomly reviving threads from 6 years ago, without any
> >> further analysis?
>
> > Well, I feel like this is an imporant
Bruce Momjian writes:
> On Wed, Nov 22, 2023 at 12:52:23PM -0800, Andres Freund wrote:
>> What's the point of randomly reviving threads from 6 years ago, without any
>> further analysis?
> Well, I feel like this is an imporant change, and got dropped because it
> was determined to not be a new ch
On Wed, Nov 22, 2023 at 12:52:23PM -0800, Andres Freund wrote:
> On 2023-11-21 22:43:48 -0500, Bruce Momjian wrote:
> > Is there any interest in fixing our documentation that says encrypted
> > when it means hashed? Should I pursue this?
>
> What's the point of randomly reviving threads from 6 ye
On 2023-11-21 22:43:48 -0500, Bruce Momjian wrote:
> Is there any interest in fixing our documentation that says encrypted
> when it means hashed? Should I pursue this?
What's the point of randomly reviving threads from 6 years ago, without any
further analysis?
Is there any interest in fixing our documentation that says encrypted
when it means hashed? Should I pursue this?
---
On Fri, Mar 10, 2017 at 11:16:02AM +0900, Michael Paquier wrote:
> Hi all,
>
> As discussed here:
> htt
20 matches
Mail list logo
