Re: sunsetting md5 password support

On Thu, 2024-10-10 at 18:39 -0400, Tom Lane wrote:
> Jesper Pedersen <jesper(dot)pedersen(at)comcast(dot)net> writes:
> > On 10/10/24 5:45 PM, Heikki Linnakangas wrote:
> > > Note that some authentication methods like LDAP and Radius use
> > > "password" authentication on the wire.
>
> > Please, deprecate - aka remove - old methods.
> > All client libraries have caught up, and if they havn't then it their
> > issue not Core.
>
> It's not the libraries that are the problem.  It's the users that
> want to use these auth methods --- perhaps even are required to
> by dubiously-well-thought-out corporate policies.

A voice from the field: I know at least one application out there
(that is used by more than one customer) that implemented the line
protocol by itself, back in the days when "crypt" authentication still
existed. So they support "crypt" and "password", and now that
PostgreSQL has removed "crypt", the users are stuck with "password"...

Actually, that may be a good reason to deprecate "password", because
then the vendor might get motivated to remedy that malady. On the other
hand, you can expect some protest...

Yours,
Laurenz Albe