Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1qorS2-003DK6-Im for pgsql-hackers@arkaria.postgresql.org; Fri, 06 Oct 2023 20:29:34 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1qorS0-00Bnqw-Gz for pgsql-hackers@arkaria.postgresql.org; Fri, 06 Oct 2023 20:29:33 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1qorS0-00Bnqd-7R for pgsql-hackers@lists.postgresql.org; Fri, 06 Oct 2023 20:29:33 +0000 Received: from mail-pl1-x629.google.com ([2607:f8b0:4864:20::629]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1qorRu-000MvN-Fn for pgsql-hackers@lists.postgresql.org; Fri, 06 Oct 2023 20:29:31 +0000 Received: by mail-pl1-x629.google.com with SMTP id d9443c01a7336-1c6219307b2so18968785ad.1 for ; Fri, 06 Oct 2023 13:29:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=j-davis-com.20230601.gappssmtp.com; s=20230601; t=1696624165; x=1697228965; darn=lists.postgresql.org; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:from:to:cc:subject :date:message-id:reply-to; bh=umUSQBAl8akABku0G7SbR+INu1Ac2ydKioq3RO60Mys=; b=eRzCsOnlDW085SKj27Jm0D69jdtMVukb7ljEWE8OjNBvQxEqdeVQsNcs60bmGBlDo0 i6vwg/0YhMQyxywCOU7B0e6aPYbWU/kspFs3rhzgQT7HR5oxahk4EWU3mJuwtUFYm86i 8xhMTF/yTErbXwQSpiShkLKZFPlV+CmUNmklzlsATHD/pJyowxnygkSsjFwkxvy17ujt RO1q8oLFtofPKGqC+y0FKhzHwDl6EkQQWW84ZjR5xZOjyvmCYO1OD7SKeQw2IF9EH9NS IPfQU7rNn1EaPXqmt7E0HpWmivbonU0YnPl6QXBqna6oz/iFVabl8jefwQtnZ6xjh5a4 KEZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1696624165; x=1697228965; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=umUSQBAl8akABku0G7SbR+INu1Ac2ydKioq3RO60Mys=; b=S708RqNSHawbYxCNiME//+9+CrlAPV97AHU8eXJrZ1y6sZH770MYacEv3JkFVHQiSW /Ml22CEX406/91I2JfKS3QybozN9T6DEArv/StTojsguP8NkyPr51nm2FvfK9FGQcXwd HMgNo/fbF/TPEFQlaxc5MSAyZ8poL05kAAfWCVVKsH/Sl68flzj2nid2cfENkmwKjmz8 PM9bSvM04lOORjNz4FT+5VEPc+A1+XGAVYSGVdVGAOeQetxAoqOyEcOqFcfrgnJwUsBZ nTneFPfksQjRfL1DDC3/2fUIp6YEikPz2IeB1lkA02Rg+yfFmWCLIpT5GoQoSzsEXlqK 1Jfg== X-Gm-Message-State: AOJu0YzKJpo+T6Ciza5WoIkB7/8qxMaX0jr29UFHeblb2r9Gm3QMAH++ tWgaFfoyo+emlmduHlI19NksNQ== X-Google-Smtp-Source: AGHT+IFhN68Yy0FrnrBM7FQVQ1oSV2+nc+UXjw6+sXf3JZUjSVePRWNGmP0kY4fZvyV8UvYRYoYLJQ== X-Received: by 2002:a17:902:b698:b0:1c8:791c:d797 with SMTP id c24-20020a170902b69800b001c8791cd797mr7317344pls.56.1696624165665; Fri, 06 Oct 2023 13:29:25 -0700 (PDT) Received: from jeff-laptop.lan (c-98-45-81-55.hsd1.ca.comcast.net. [98.45.81.55]) by smtp.gmail.com with ESMTPSA id t17-20020a170902e85100b001b9c5e07bc3sm4338457plg.238.2023.10.06.13.29.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Oct 2023 13:29:25 -0700 (PDT) Message-ID: <3ba7717e5493f3c3b45127457f540b7811f6f6e1.camel@j-davis.com> Subject: Re: [PoC/RFC] Multiple passwords, interval expirations From: Jeff Davis To: Gurjeet Singh Cc: Nathan Bossart , PostgreSQL Hackers , Stephen Frost , "Brindle, Joshua" , Jacob Champion Date: Fri, 06 Oct 2023 13:29:24 -0700 In-Reply-To: References: <20220701002034.GA9030@tamriel.snowman.net> <80684017-18c6-4116-9249-bb049ffe1ecf@amazon.com> <41a690ee7b030e6f41709bd39375641ef934e05f.camel@j-davis.com> <20231005190453.GB151257@nathanxps13> <2644f1886c7f5e2691f837de138ac5c3a09a68f6.camel@j-davis.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.44.4-0ubuntu2 MIME-Version: 1.0 List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On Thu, 2023-10-05 at 14:28 -0700, Gurjeet Singh wrote: > This way there's a notion of a 'new' and 'old' passwords. IIUC, you are proposing that there are exactly two slots, NEW and OLD. When adding a password, OLD must be unset and it moves NEW to OLD, and adds the new password in NEW. DROP only works on OLD. Is that right? It's close to the idea of deprecation, except that adding a new password implicitly deprecates the existing one. I'm not sure about that -- it could be confusing. We could also try using a verb like "expire" that could be coupled with a date, and that way all old passwords would always have some validity period. That might make it a bit easier to manage if we do need more than two passwords. Regards, Jeff Davis