Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nPi2X-0006Tw-Jl for pgsql-hackers@arkaria.postgresql.org; Thu, 03 Mar 2022 09:46:29 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1nPi1z-000720-Pi for pgsql-hackers@arkaria.postgresql.org; Thu, 03 Mar 2022 09:45:55 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nPi1z-00071r-FY for pgsql-hackers@lists.postgresql.org; Thu, 03 Mar 2022 09:45:55 +0000 Received: from wout2-smtp.messagingengine.com ([64.147.123.25]) by makus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nPi1s-0001bG-Gx for pgsql-hackers@lists.postgresql.org; Thu, 03 Mar 2022 09:45:54 +0000 Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id 28FAE3200C6B; Thu, 3 Mar 2022 04:45:46 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Thu, 03 Mar 2022 04:45:46 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=s9+jfJ7G15gdSymCkv1rS7Af1JmHMwaUedEksdX14 xA=; b=JJnMNzabvmAJCTrSSATFkLZEYLM8hUAy5RHHpv6NdnOiO4T7jRFgu3NiP 8husSvFYu4tm1VEa/fbPjpK6HpRZ7djD51fZzMonBLGd0czcif8pU0DE8jZy6Ttc b0ftjzrMe4XebWN4gntPawe1EW2RiuTXgv1O4k+rG9l4vNH46HZHN+r3rKVnd8pT rWZU6Kz7KK9rVqmP7zVaoibHq4C6MctTgoU8bTNYKmPpdcF3X1AfJNxztmCNlEXN 8eLeLTaKOxaevCXgftGuNtZwxqHclOZBCTucIZ4jwy/XiuXBQhkPzCcpZNAVp4WK wa2DifkK9Dz2KF8jCwWw2MxcKCyEQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvvddruddtiedgtdejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepkfffgggfuffvfhfhjggtgfesthejredttdefjeenucfhrhhomheprfgvthgv rhcugfhishgvnhhtrhgruhhtuceophgvthgvrhdrvghishgvnhhtrhgruhhtsegvnhhtvg hrphhrihhsvggusgdrtghomheqnecuggftrfgrthhtvghrnhepfeejgeehteeuhfevvedu leeufedtjeetiefftedvudfhtdeifefgueettdevgefgnecuvehluhhsthgvrhfuihiivg eptdenucfrrghrrghmpehmrghilhhfrhhomhepphgvthgvrhdrvghishgvnhhtrhgruhht segvnhhtvghrphhrihhsvggusgdrtghomh X-ME-Proxy: Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 3 Mar 2022 04:45:43 -0500 (EST) Message-ID: <48f3d752-df62-7cb1-dbb1-82b781e16dc0@enterprisedb.com> Date: Thu, 3 Mar 2022 10:45:42 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.6.0 Subject: Re: Proposal: Support custom authentication methods using hooks Content-Language: en-US To: "Jonathan S. Katz" , Stephen Frost Cc: Michael Paquier , Tom Lane , Jeff Davis , samay sharma , pgsql-hackers@lists.postgresql.org References: <9004b18218eae293f1ee888e49d13d8a6b02810d.camel@j-davis.com> <20220228204634.GM10577@tamriel.snowman.net> <2738622.1646083128@sss.pgh.pa.us> <20220228214255.GO10577@tamriel.snowman.net> <20220301133119.GR10577@tamriel.snowman.net> <5de09fc4-8feb-8a91-d74a-fc9682208337@postgresql.org> <684c9d5b-2ab4-0546-4520-8e49a49ad1fb@enterprisedb.com> <115918cb-6009-3fac-712d-8d1eee3bb1a6@postgresql.org> <20220302153051.GD10577@tamriel.snowman.net> <04d1c0e9-2558-943a-0241-4269e42328a2@postgresql.org> From: Peter Eisentraut In-Reply-To: <04d1c0e9-2558-943a-0241-4269e42328a2@postgresql.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 02.03.22 16:45, Jonathan S. Katz wrote: > By that argument, we should have kept "password" (plain) as an > authentication method. For comparison, the time between adding md5 and removing password was 16 years. It has been 5 years since scram was added.