Re: Proposal: Support custom authentication methods using hooks,Re: Proposal: Support custom authentication methods using hooks

Поиск
Список
Период
Сортировка
От Tatsuo Ishii
Тема Re: Proposal: Support custom authentication methods using hooks,Re: Proposal: Support custom authentication methods using hooks
Дата
Msg-id 20220304.135042.469462829650498133.t-ishii@sranhm.sra.co.jp
обсуждение исходный текст
Ответ на Re: Proposal: Support custom authentication methods using hooks,Re: Proposal: Support custom authentication methods using hooks  (Stephen Frost <sfrost@snowman.net>)
Ответы Re: Proposal: Support custom authentication methods using hooks,Re: Proposal: Support custom authentication methods using hooks  (Joshua Brindle <joshua.brindle@crunchydata.com>)
Список pgsql-hackers
Дерево обсуждения 
>> So, dropping plaintext password authentication support from libpq will
>> make it impossible for users to use the former method.
> 
> Yes, just like dropping support for md5 would make it impossible for
> users to have their passwords be hashed with md5, which is an altogether
> good thing considering how easy it is to brute-force md5 these days.

I still don't understand why using plaintex password authentication
over SSL connection is considered insecure. Actually we have been
stating opposite in the manual:
https://www.postgresql.org/docs/14/auth-password.html

"If the connection is protected by SSL encryption then password can be
used safely, though."

Best reagards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Japin Li
Дата:
Сообщение: Re: Doc about how to set max_wal_senders when setting minimal wal_level
Следующее
От: Michael Paquier
Дата:
Сообщение: Re: standby recovery fails (tablespace related) (tentative patch and discussion)