On Wed, Nov 29, 2023 at 04:02:11PM -0500, Robert Haas wrote:
> I'd fully support having good documentation that says "hey, here are
> the low security authentication configurations, here are the
> medium-security ones, here are the high security ones, and here's why
> these ones are better than those ones and what they protect against
> and what risks remain." That would be awesome.
+1. IMO the "Password Authentication" section [0] does this pretty well
already.
[0] https://www.postgresql.org/docs/devel/auth-password.html
--
Nathan Bossart
Amazon Web Services: https://aws.amazon.com