Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nPQUP-00069G-QQ for pgsql-hackers@arkaria.postgresql.org; Wed, 02 Mar 2022 15:02:05 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1nPQUO-0005gU-Ab for pgsql-hackers@arkaria.postgresql.org; Wed, 02 Mar 2022 15:02:04 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nPQUO-0005gC-1b for pgsql-hackers@lists.postgresql.org; Wed, 02 Mar 2022 15:02:04 +0000 Received: from sss.pgh.pa.us ([66.207.139.130]) by makus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nPQUL-0000oB-Sc for pgsql-hackers@lists.postgresql.org; Wed, 02 Mar 2022 15:02:03 +0000 Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1]) by sss.pgh.pa.us (8.15.2/8.15.2) with ESMTP id 222F1x652978763; Wed, 2 Mar 2022 10:01:59 -0500 From: Tom Lane To: Stephen Frost cc: Bruce Momjian , Michael Paquier , Jeff Davis , samay sharma , pgsql-hackers@lists.postgresql.org Subject: Re: Proposal: Support custom authentication methods using hooks In-reply-to: <20220302145841.GA10577@tamriel.snowman.net> References: <1905579.1645810764@sss.pgh.pa.us> <2718414dc095b716e59e126c03af343997d14c7b.camel@j-davis.com> <1980351.1645816239@sss.pgh.pa.us> <9004b18218eae293f1ee888e49d13d8a6b02810d.camel@j-davis.com> <20220228204634.GM10577@tamriel.snowman.net> <2738622.1646083128@sss.pgh.pa.us> <20220228214255.GO10577@tamriel.snowman.net> <20220301133119.GR10577@tamriel.snowman.net> <20220302145841.GA10577@tamriel.snowman.net> Comments: In-reply-to Stephen Frost message dated "Wed, 02 Mar 2022 09:58:41 -0500" MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <2978761.1646233319.1@sss.pgh.pa.us> Date: Wed, 02 Mar 2022 10:01:59 -0500 Message-ID: <2978762.1646233319@sss.pgh.pa.us> List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk Stephen Frost writes: > * Bruce Momjian (bruce@momjian.us) wrote: >> What is the logic to removing md5 but keeping 'password'? > I don't think we should keep 'password'. I don't see much point in that unless we deprecate *all* the auth methods that transmit a cleartext password. regards, tom lane