| From: | Joachim Wieland <joe(at)mcknight(dot)de> |
|---|---|
| To: | Bob <luckyratfoot(at)gmail(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org, Stephen Frost <sfrost(at)snowman(dot)net> |
| Subject: | Re: Transparent encryption in PostgreSQL? |
| Date: | 2005-07-14 08:41:51 |
| Message-ID: | 20050714084151.GA3183@mcknight.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Wed, Jul 13, 2005 at 11:18:04PM -0500, Bob wrote:
> Here is the link in case your fingers are broken and it hurts to type;)
> http://www.postgresql.org/docs/8.0/interactive/encryption-options.html
I think the "Password Storage Encryption" paragraph needs a note similar to
what Stephen Frost wrote in
http://archives.postgresql.org/pgsql-hackers/2005-04/msg00634.php
at the end. The encryption-options.html page says:
"If MD5 encryption is used for client authentication, the unencrypted
password is never even temporarily present on the server [...]"
which is right and wrong at the same time because the md5 hash becomes sort
of a new cleartext password.
Joachim
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Leif Jensen | 2005-07-14 11:28:10 | Recursive stored procedure in C. |
| Previous Message | Richard Huxton | 2005-07-14 08:33:59 | Re: Stopping Postgres |