| From: | Greg Stark <stark(at)mit(dot)edu> |
|---|---|
| To: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: WIP: SCRAM authentication |
| Date: | 2015-08-08 18:43:52 |
| Message-ID: | CAM-w4HOm-kRnz7Fe9nnoOdeO6OQWti42GhTNcXO17uWRjE5Scw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sat, Aug 8, 2015 at 6:23 PM, Heikki Linnakangas <hlinnaka(at)iki(dot)fi> wrote:
> Like Joe and Stephen, I actually find it highly confusing that we call the
> MD5 hash an "encrypted password". The term "password verifier" is fairly
> common in the specifications of authentication mechanisms. I think we should
> adopt it.
Speaking as someone who hasn't read the specifications I found
"password verifier" surprising. I would have known what "password
hash" was but I misread "verifier" to be something functional like a
PAM plugin. I tend to agree we should just use terminology out of the
specs though even if it's a little opaque, better one opaque piece of
terminology than having to learn and translate between multiple
terminologies.
--
greg
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2015-08-08 18:49:21 | Re: 9.5 release notes |
| Previous Message | Bruce Momjian | 2015-08-08 17:51:13 | Re: 9.5 release notes |