| From: | "Frank Ch(dot) Eigler" <fche(at)redhat(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Re: Encrypting pg_shadow passwords |
| Date: | 2001-06-27 16:41:09 |
| Message-ID: | 20010627124109.E7873@redhat.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi -
tgl wrote:
: > Oh, I see finally. You already put a custom little
: > challenge/response authentication scheme into postgresql,
: [...]
: Long before any of the current generation of developers, AFAIK.
Okay. (Sorry about misinferring "You" above!)
: In any case, as several people have pointed out, one may well want to
: guard one's password more carefully than one guards the entire session
: contents. Running SSL on a session that may transfer many megabytes
: is a lot of overhead.
Sure, but that's a separate performance question that shouldn't affect
the logical layering of the mechanisms. With SSL, for example, methinks
it's possible to renegotiate a connection to turn off encryption after
a certain point.
- FChE
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2001-06-27 16:44:29 | Re: Re: 7.2 items |
| Previous Message | Jan Wieck | 2001-06-27 16:40:46 | Re: functions returning records |