Received: from malur.postgresql.org ([2a02:16a8:dc51::56])
	by arkaria.postgresql.org with esmtps
 (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA384:256)
	(Exim 4.89)
	(envelope-from <pgsql-docs-owner+archive@lists.postgresql.org>)
	id 1fraDr-0006nH-2N
	for pgsql-docs@arkaria.postgresql.org; Mon, 20 Aug 2018 02:47:15 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.89)
	(envelope-from <pgsql-docs-owner+archive@lists.postgresql.org>)
	id 1fraDl-0006Rh-Tl
	for pgsql-docs@arkaria.postgresql.org; Mon, 20 Aug 2018 02:47:09 +0000
Received: from makus.postgresql.org ([2001:4800:1501:1::229])
	by malur.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA384:256)
	(Exim 4.89)
	(envelope-from <michael@paquier.xyz>)
	id 1fraDl-0006Ra-L5
	for pgsql-docs@lists.postgresql.org; Mon, 20 Aug 2018 02:47:09 +0000
Received: from out1-smtp.messagingengine.com ([66.111.4.25])
	by makus.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA384:256)
	(Exim 4.89)
	(envelope-from <michael@paquier.xyz>)
	id 1fraDc-0003jl-Vy
	for pgsql-docs@postgresql.org; Mon, 20 Aug 2018 02:47:08 +0000
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
	by mailout.nyi.internal (Postfix) with ESMTP id 24D0821945;
	Sun, 19 Aug 2018 22:47:00 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
  by compute4.internal (MEProxy); Sun, 19 Aug 2018 22:47:00 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paquier.xyz; h=
	cc:content-type:date:from:in-reply-to:message-id:mime-version
	:references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=
	fm2; bh=dCpUW6DtOeAz2a7WoWuCgzkF5vQrZ1xv/FIjOdpCF3Q=; b=x7VckufO
	/DW2z4GZBEcwvQRTLtoTBOP6LgMxzWU6Nuar3dLDj9pglTnQi+y/XXyIYtVVzaZD
	FiW5omvVYrNWHEAebpi7Voc/ekbbMsoDFMKcJcSzPAgdzp218VuQmyTfxzlZnJVR
	FGGcc7d/A7fZEAfx6xpjTiRgdHPFmiuY0trhMNmgLvFwyF2y3LZwqYamQZkjM4Bz
	gVNOBcjpHm7wfyPxzsiQtMYT6X91PCMp/liy6vH3BL40WnCsMd6xzR99Srxc9ys+
	blkrxh5W/vGGjd0hX73+t4QFAqqyjk/oSibchwNEtud9Xwt7IEe8whX9QqVTIIA9
	B1GGtLxjOuY7IQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-type:date:from:in-reply-to
	:message-id:mime-version:references:subject:to:x-me-sender
	:x-me-sender:x-sasl-enc; s=fm3; bh=dCpUW6DtOeAz2a7WoWuCgzkF5vQrZ
	1xv/FIjOdpCF3Q=; b=Rkxva/bN7usRkhMamigrm4KTp4Vcixucji9emtixg0f1l
	P7b9ij+YnhFb4k49OksKi4WAMaViRWKkhxYw6XldAjuWllXSudLJTXfTlBM11SDD
	uU/C0wBk6nY2WYYq5X5CAQETJocbrMh0TDztFfewqbfOCgnwGxedKmRuWSmtQ0si
	5uBp4zfmvRhvKyg3JCVRgYFvhSiw6K03FjGfnyuSYQJ3EevAi9ilmBm8WHGNg+vG
	JfOPOmJreGEjdIx9sUv/vDut5h1vcOEEk0LcEw3veaMjzEsgAOgOCdwG+cB6EoYx
	mXhC/yXORrw98xN85LRV8jqKZhycvbAUJmLmej6xg==
X-ME-Proxy: <xmx:oit6W_qFoAfJEtENIQ_Rbgg_mG9l0TCUMVOrWfv7tHbsa-CcvHeNMg>
    <xmx:oit6WxAeONRdMTrkF5bFn2Fu9PdrvjJayBbHnBUQj8-cBCGGO_QOAQ>
    <xmx:oit6WxwxdVy3IEwFSVRq7Tlk2Ces60P8QIsS8Te3fL4JPj-qp0dTkQ>
    <xmx:oit6W-3sGCHAJsrZCvP2rqJjrs61GEsbVIqUDXoH-leNSaoNEZzRNQ>
    <xmx:oit6Wxw9pfv7ZmhQS8LjLSkxgRWSo6Nrhon22hjKd6Kkyqs12oqjPw>
    <xmx:pCt6W4zJTMmLwgYQ-ddTEwVThdx80RQtbP6w21CSXbOgBq8oqbfZbg>
X-ME-Sender: <xms:oit6W8_XQ-MsE6rMLR5H_hsRdcSabIuSjFjvKJTE73A3cU-WQWW2Eg>
Received: from paquier.xyz (c137162.net61215.cablenet.ne.jp [61.215.137.162])
	by mail.messagingengine.com (Postfix) with ESMTPA id 3D51310286;
	Sun, 19 Aug 2018 22:46:57 -0400 (EDT)
Date: Mon, 20 Aug 2018 11:46:54 +0900
From: Michael Paquier <michael@paquier.xyz>
To: Richard Hector <richard@walnut.gen.nz>
Cc: pgsql-docs@postgresql.org
Subject: Re: password storage docs
Message-ID: <20180820024654.GE7403@paquier.xyz>
References: <2da8edec-c930-bd42-1ba0-a8ed172c80f4@walnut.gen.nz>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="lkTb+7nhmha7W+c3"
Content-Disposition: inline
In-Reply-To: <2da8edec-c930-bd42-1ba0-a8ed172c80f4@walnut.gen.nz>
List-Id: <pgsql-docs.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-docs@lists.postgresql.org>
List-Owner: <mailto:pgsql-docs-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-docs>
Precedence: bulk


--lkTb+7nhmha7W+c3
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Aug 20, 2018 at 01:35:56PM +1200, Richard Hector wrote:
> I can't find information about the storage format for that at all -
> other than "... and supports storing passwords on the server in a
> cryptographically hashed form that is thought to be secure."
>=20
> It would be nice to see more information on this.

The SCRAM verifiers stored conform to RFC 5803:
https://tools.ietf.org/html/rfc5803.
This is mentioned in the comments of auth-scram.c.  Do you think that
mentioning that in this paragraph of this doc would be useful?  We could
for example append "as defined in RFC 5803" in the last sentence.
--
Michael

--lkTb+7nhmha7W+c3
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEG72nH6vTowiyblFKnvQgOdbyQH0FAlt6K54ACgkQnvQgOdby
QH0CAA/+PHeOsofBXmQ98lCQLSTWOh0ZIpkHOlcWEEjKsgWec7qdJL3SfSQBjH2p
gB2ze5m0Ikd7O33jQyVUHhy4u1cYs1fnv0DaZvCORXAUNuKmzqU68hVcLBXHsGdV
2a/Xcnfvk9tHrnW692zQp5iBWY08xgjy963Ye6KcaTi3WoSFevzhbE2N3DYEnkgY
omoGr4iTdL38n6LRAKbGZS+zawSL1wUZJKFhxZl7q0OC2xY2r7AkOdbPMjvhWGSq
Fi89VdOO2tLNZnXbdjfk6yT+GYV6rloApCDymhkEEfm5yJv454dXJuM4jYUAwnDy
Bz1cb9Z2slWR3j72I8E6pDuYGnB/12xljaPnahdA5mPUQh/1CLKDvekaMQavIOdN
sfQ/U3t0oIjBATVKEN9Br8q6Q4uUEUnYd5h3wx9hM0Os+qJ2i1kgyNTAuUZ/n76y
3VZpka2vBCuvTQ+bZUt9iSsVkGsqKLhYnG9TGYlg85H53jN377g8/bXs6b8R2NYH
/955aWk6RSn4/RaoKS1pYVR5W8BpZHw3bok6NwmCZBK8S8anctJCW6fqO5amTLmj
54NqxBt6IaM2cWOJsWly7yGDSoo8bS+NfEx1dCY2c6Va3+Bu6KHgi6o3JsWe/R/6
rxuIKBh21lheNBk/hEtWfjrAfkdBxwtruM91zp/B0G+Xg0xLvEM=
=3stv
-----END PGP SIGNATURE-----

--lkTb+7nhmha7W+c3--