| From: | "Bossart, Nathan" <bossartn(at)amazon(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Isaac Morland <isaac(dot)morland(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Maximum password length |
| Date: | 2018-10-12 23:02:54 |
| Message-ID: | B507DFCA-B70E-450C-9CB2-D03881D45B60@amazon.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 10/12/18, 4:24 PM, "Stephen Frost" <sfrost(at)snowman(dot)net> wrote:
> * Bossart, Nathan (bossartn(at)amazon(dot)com) wrote:
>> My main motivation for suggesting the increase to 8k is to provide
>> flexibility for alternative authentication methods like LDAP, RADIUS,
>> PAM, and BSD.
>
> Specific use-cases here would be better than hand-waving at "these other
> things." Last I checked, all of those work with what we've got today
> and I don't recall hearing complaints about them not working due to this
> limit.
The main one I am thinking of is generated security tokens. It seems
reasonable to me to limit md5 and scram-sha-256 passwords to a much
shorter length, but I think the actual server message limit should be
somewhat more flexible.
Nathan
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2018-10-12 23:34:53 | Re: [HACKERS] removing abstime, reltime, tinterval.c, spi/timetravel |
| Previous Message | Amit Langote | 2018-10-12 22:43:55 | Re: Calculate total_table_pages after set_base_rel_sizes() |