Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1r7zV0-007k81-Lp for pgsql-hackers@arkaria.postgresql.org; Tue, 28 Nov 2023 14:55:42 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1r7zUz-005WhC-0d for pgsql-hackers@arkaria.postgresql.org; Tue, 28 Nov 2023 14:55:41 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1r7zUy-005Wgy-BQ for pgsql-hackers@lists.postgresql.org; Tue, 28 Nov 2023 14:55:40 +0000 Received: from tamriel.snowman.net ([2001:470:e38f::11]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1r7zUv-008zIQ-H7 for pgsql-hackers@postgresql.org; Tue, 28 Nov 2023 14:55:39 +0000 Received: by tamriel.snowman.net (Postfix, from userid 1000) id BAAC95F7BA; Tue, 28 Nov 2023 09:55:31 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=snowman.net; s=dkim; t=1701183331; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=HWPbecERVYhUs7by825q1ZgYqChPkfGYruCoFgAA014=; b=oeC6QcZBbAdWYIt25+N4Nu5H++RSC+rPjkWvlMdWY7YvKR0oFMzlw8ML/oodyULCcYvd4t OBghTRcKFxke+fyWmx0rT7vb7lUx614xV5b3lfI2cv6jYCSRpmQ9RF1tjl9bMgAQ2G8H/5 Yl+hKgtDJqnbhgQ+ahlpidvCaVihTVM= Date: Tue, 28 Nov 2023 09:55:31 -0500 From: Stephen Frost To: Bruce Momjian Cc: Michael Paquier , PostgreSQL mailing lists Subject: Re: [HACKERS] Changing references of password encryption to hashing Message-ID: References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="VBsolI4EnCD5szPn" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/2.1.4 (2021-12-11) List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --VBsolI4EnCD5szPn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Greetings, * Bruce Momjian (bruce@momjian.us) wrote: > Is there any interest in fixing our documentation that says encrypted > when it means hashed? Should I pursue this? I do think we should use the correct terminology in our documentation and would support your working on improving things in this area. I do wonder if perhaps we would be better off by having someone spend time on removing terribly insecure authentication methods like md5 and ldap though ... Thanks, Stephen --VBsolI4EnCD5szPn Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEwf6gbxKhD863zrx/7WyKOINHZFUFAmVl/2AACgkQ7WyKOINH ZFUlxw/+J1SyOaCZVV+EmPAXy3i4wtDkvifYnvNI3TEY2Xh7XG6U2Qb6AXasbprt nlNsrTw4kyWkLjYuGFlO7E9uINg1jp++zczs60rLxXlhkulILiTuV7c/L9iqlHNW bauRIqaKm//1iFhYGQAhwyXsJ50ixesIqavFi2JI5vW2L7QStmqioMaYvMTtBrod KZMQIaovQtGvAqhU5JTOwDN1EdwYaDrkOa4r0QYw8xfexI1JrHqOtWHjJV0atXra x0NCmkgyo1leUGC6UBxKH9MxkTDPC3UE7TufbJG7r9SLM//5IwZAfC0tjePDAxwL oPiYv264TnY3q31Z6+avfGUg75zR2Og062WbQpyv0xRqiGakHe6L8nDn6Wyx06Sp dUhWhoSzqJw5vSEQDf/wrsMIjdmKi3TuZu1eiyjplcRuWNYPxWix6xJydaQX7Fqt oVzdxOoXzraEv3SJnvrbspzTE5hI5Kxy3qOv30oPYq6ouDL0haPJF3FFD8samCxk M4bsRT69Jf1jI3pf/eXanmtwGGlp6xINA56uqyADpFkb78qIiULopl2lLJjulDHx XvzOFXNzGcXGA1Sc5DB6kaXI8Kla86vp8lTgQR7wrtZZVUNY6w1DAVMiH1GzCol2 FtGUCnT3DVdkploza/VKHv73Lc90J1XZTSwRA6IrR8i7DFQUn1o= =2cMH -----END PGP SIGNATURE----- --VBsolI4EnCD5szPn--