| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | Heikki Linnakangas <heikki(at)enterprisedb(dot)com>, Dave Page <dpage(at)postgresql(dot)org>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Future of krb5 authentication |
| Date: | 2007-07-18 14:46:58 |
| Message-ID: | 18294.1184770018@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Magnus Hagander <magnus(at)hagander(dot)net> writes:
> But sure, we might leave it in there until there's a direct problem with it
> (other than the ones we already know). Can I still get my deprecation of it
> though? ;-)
In the krb4 case, we left it in there until there was very little
probability anyone was using it anymore, and AFAIR there was no
significant maintenance burden from that. I don't see a reason to be
harsher on the krb5 case.
The real problem in my mind is this business of the gssapi and krb5
support being mutually exclusive. That is going to cause tremendous
pain because there won't be any convenient upgrade path. Particularly
not for users of binary packages (RPMs etc) --- they'll be screwed
if their packager changes, and have no way to upgrade if he doesn't.
This needs to be fixed.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Chris Browne | 2007-07-18 14:54:17 | Re: Future of krb5 authentication |
| Previous Message | Dave Page | 2007-07-18 14:45:45 | Re: Future of krb5 authentication |