Quick Links

Re: Successor of MD5 authentication, let's use SCRAM

From:	Daniel Farina <daniel(at)heroku(dot)com>
To:	Andrew Dunstan <andrew(at)dunslane(dot)net>
Cc:	Darren Duncan <darren(at)darrenduncan(dot)net>, John R Pierce <pierce(at)hogranch(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject:	Re: Successor of MD5 authentication, let's use SCRAM
Date:	2012-10-14 03:59:51
Message-ID:	CAAZKuFaTJDdQqecB=ZuRNp9+6eGNKRZuJoCkNoM__LV9CFb2RQ@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Sat, Oct 13, 2012 at 7:00 AM, Andrew Dunstan <andrew(at)dunslane(dot)net> wrote:
> Does Debian they create a self-signed certificate? If so, count me as
> unimpressed. I'd argue that's worse than doing nothing. Here's what the docs
> say (rightly) about such certificates:

Debian will give you a self signed certificate by default. Protecting
against passive eavesdroppers is not an inconsiderable benefit to get
for "free", and definitely not a marginal attack technique: it's
probably the most common.

For what they can possibly know about the end user, Debian has it right here.

--
fdr

In response to

Re: Successor of MD5 authentication, let's use SCRAM at 2012-10-13 14:00:34 from Andrew Dunstan

Responses

Re: Successor of MD5 authentication, let's use SCRAM at 2012-10-14 09:04:01 from Magnus Hagander

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Fujii Masao	2012-10-14 04:26:26	Re: pg_stat_lwlocks view - lwlocks statistics, round 2
Previous Message	Andrew Dunstan	2012-10-14 02:46:04	Re: parallel pg_dump