| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | "Victor B(dot) Wagner" <vitus(at)cryptocom(dot)ru> |
| Cc: | Gregory Stark <stark(at)enterprisedb(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [PATCHES] Backend SSL configuration enhancement |
| Date: | 2006-09-01 15:07:06 |
| Message-ID: | 20060901150706.GA31759@wolff.to |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-patches |
On Thu, Aug 31, 2006 at 12:11:46 +0400,
"Victor B. Wagner" <vitus(at)cryptocom(dot)ru> wrote:
>
> It contains !MD5 element, because MD5 digest algorithm was broken about
> year ago, and PostgreSQL expected to work with versions of OpenSSL which
> still consider it strong.
MD5 wasn't completely broken and I believe it is still considered safe
for the way it is used in SSL. It looks like SHA-1 is pretty much in the
same boat now. (See http://www.heise-security.co.uk/news/77244)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Luke Lonergan | 2006-09-01 15:11:57 | Re: Sort performance |
| Previous Message | Paul B. Anderson | 2006-09-01 15:04:36 | Re: Vacuum error on database postgres |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2006-09-01 16:36:11 | Re: [HACKERS] DOC: catalog.sgml |
| Previous Message | Tom Lane | 2006-09-01 14:45:09 | Re: DOC: catalog.sgml |