Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nPiFi-0007SM-Dd for pgsql-hackers@arkaria.postgresql.org; Thu, 03 Mar 2022 10:00:06 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1nPiFg-0001k2-Sa for pgsql-hackers@arkaria.postgresql.org; Thu, 03 Mar 2022 10:00:04 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nPiFg-0001jt-Aj for pgsql-hackers@lists.postgresql.org; Thu, 03 Mar 2022 10:00:04 +0000 Received: from wout2-smtp.messagingengine.com ([64.147.123.25]) by makus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nPiFc-0001nz-GX for pgsql-hackers@lists.postgresql.org; Thu, 03 Mar 2022 10:00:03 +0000 Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id 7DE8F32009EF; Thu, 3 Mar 2022 04:59:58 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Thu, 03 Mar 2022 04:59:59 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=h0HB+UcF8+NuE3qWuKrPdrs78xtIq3gwUzPWDkSgj fA=; b=JVheRhR0wYm8NsvMBnqH3xyt/3GDoQ11y4sX31jWSAB+KOgSCm7n1fHDw XLAYji/LFl4pxK8UOUQ38m1Ly6sKeGUx46NPfFIRgcXCXMM7d7zKS0r3+Qmdm6I3 AzjwZY3PCIln4R3yXHEJyA9UZiKrB87JdIbMqyGRfz5azL0Mc/P9I9f7wX2zBHJJ W5P10J2odlN96dKcU7kSieb0vXMtrtxp4JdoIxfEDMvMEwLtmU0MztOPpYD8qfgE hhvykV8fy5LlL67EJSdczgCZJ1KiP4l3xQll2sqEvY8xqJu4DspJ/5JlmJpnS3ji 3jHOq/wASRaOqi4S5MQCLikm+sv0w== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvvddruddtiedguddtucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepkfffgggfuffvfhfhjggtgfesthejredttdefjeenucfhrhhomheprfgvthgv rhcugfhishgvnhhtrhgruhhtuceophgvthgvrhdrvghishgvnhhtrhgruhhtsegvnhhtvg hrphhrihhsvggusgdrtghomheqnecuggftrfgrthhtvghrnhepfeejgeehteeuhfevvedu leeufedtjeetiefftedvudfhtdeifefgueettdevgefgnecuvehluhhsthgvrhfuihiivg eptdenucfrrghrrghmpehmrghilhhfrhhomhepphgvthgvrhdrvghishgvnhhtrhgruhht segvnhhtvghrphhrihhsvggusgdrtghomh X-ME-Proxy: Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 3 Mar 2022 04:59:56 -0500 (EST) Message-ID: <772c89f9-51ca-6849-05eb-078a7b2a579b@enterprisedb.com> Date: Thu, 3 Mar 2022 10:59:55 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.6.0 Subject: Re: Proposal: Support custom authentication methods using hooks Content-Language: en-US To: "Jonathan S. Katz" , Stephen Frost , Michael Paquier Cc: Tom Lane , Jeff Davis , samay sharma , pgsql-hackers@lists.postgresql.org References: <1737574.1645753674@sss.pgh.pa.us> <54dc198b56a87e31e9625405383f04a8c6589b8b.camel@j-davis.com> <1905579.1645810764@sss.pgh.pa.us> <2718414dc095b716e59e126c03af343997d14c7b.camel@j-davis.com> <1980351.1645816239@sss.pgh.pa.us> <9004b18218eae293f1ee888e49d13d8a6b02810d.camel@j-davis.com> <20220228204634.GM10577@tamriel.snowman.net> <2738622.1646083128@sss.pgh.pa.us> <20220228214255.GO10577@tamriel.snowman.net> <20220301133119.GR10577@tamriel.snowman.net> <5de09fc4-8feb-8a91-d74a-fc9682208337@postgresql.org> <684c9d5b-2ab4-0546-4520-8e49a49ad1fb@enterprisedb.com> <115918cb-6009-3fac-712d-8d1eee3bb1a6@postgresql.org> From: Peter Eisentraut In-Reply-To: <115918cb-6009-3fac-712d-8d1eee3bb1a6@postgresql.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 02.03.22 15:16, Jonathan S. Katz wrote: > What are the reasons they are still purposely using it? The ones I have > seen/heard are: > > - Using an older driver > - On a pre-v10 PG > - Unaware of SCRAM Another reason is that SCRAM presents subtle operational issues in distributed systems. As someone who is involved with products such as pgbouncer and bdr, I am aware that there are still unresolved problems and ongoing research in that area. Maybe they can all be solved eventually, even if it is concluding "you can't do that anymore" in certain cases, but it's not all solved yet, and falling back to the best-method-before-this-one is a useful workaround. I'm thinking there might be room for an authentication method between plain and scram that is less complicated and allows distributed systems to be set up more easily. I don't know what that would be, but I don't think we should prohibit the consideration of "anything less than SCRAM". I notice that a lot of internet services are promoting "application passwords" nowadays. I don't know the implementation details of that, but it appears that the overall idea is to have instead of one high-value password have many frequently generated medium-value passwords. We also have a recent proposal to store multiple passwords per user. (Obviously that could apply to SCRAM and not-SCRAM equally.) That's the kind of direction I would like to explore.