| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Justin Pryzby <pryzby(at)telsasoft(dot)com> |
| Cc: | "Jonathan S(dot) Katz" <jkatz(at)postgresql(dot)org>, Andres Freund <andres(at)anarazel(dot)de>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, Andrew Dunstan <andrew(dot)dunstan(at)2ndquadrant(dot)com>, Michael Paquier <michael(at)paquier(dot)xyz>, Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, David Fetter <david(at)fetter(dot)org>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: change password_encryption default to scram-sha-256? |
| Date: | 2019-04-08 20:18:48 |
| Message-ID: | 19976.1554754728@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Justin Pryzby <pryzby(at)telsasoft(dot)com> writes:
> On Mon, Apr 08, 2019 at 02:28:30PM -0400, Tom Lane wrote:
>> The scenario that worries me here is somebody using a bleeding-edge PGDG
>> server package in an environment where the rest of the Postgres ecosystem
>> is much less bleeding-edge.
> If someone installs a postgres RPM/DEB from postgresql.org, they could also
> install postgresql-jdbc, right ?
The client software is very possibly not on the same machine as the server,
and may indeed not be under the server admin's control. That sort of
complex interdependency is why we need to move slowly on changes that
require client updates.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2019-04-08 20:20:26 | Re: change password_encryption default to scram-sha-256? |
| Previous Message | Jonathan S. Katz | 2019-04-08 20:13:38 | Re: change password_encryption default to scram-sha-256? |