public inbox for [email protected]  
help / color / mirror / Atom feed
From: Jonathan S. Katz <[email protected]>
To: Jacob Champion <[email protected]>
To: Tom Lane <[email protected]>
Cc: Nathan Bossart <[email protected]>
Cc: Michael Paquier <[email protected]>
Cc: Alexander Lakhin <[email protected]>
Cc: pgsql-hackers <[email protected]>
Subject: Re: Should rolpassword be toastable?
Date: Thu, 3 Oct 2024 22:17:31 -0400
Message-ID: <[email protected]> (raw)
In-Reply-To: <CAOYmi+mVJDy+ja1Un3PSZHq2G4PYq1A-ROfR-rSoOtN-PVK4XA@mail.gmail.com>
References: <[email protected]>
	<[email protected]>
	<Zuzh6Nq750L9BZn5@nathan>
	<[email protected]>
	<[email protected]>
	<Zu2eT2H8OT3OXauc@nathan>
	<[email protected]>
	<Zu8r0oO0Vi0FxdpB@nathan>
	<Zv8MTMy87pRlRqD_@nathan>
	<[email protected]>
	<Zv8X3YVzuPfh1Fht@nathan>
	<[email protected]>
	<CAOYmi+mVJDy+ja1Un3PSZHq2G4PYq1A-ROfR-rSoOtN-PVK4XA@mail.gmail.com>

On 10/3/24 7:29 PM, Jacob Champion wrote:
> On Thu, Oct 3, 2024 at 3:25 PM Tom Lane <[email protected]> wrote:
>>
>> Nathan Bossart <[email protected]> writes:
>>> I don't mind proceeding with the patch if there is strong support for it.
>>> I wavered only because it's hard to be confident that we are choosing the
>>> right limit.
>>
>> I'm not that fussed about it; surely 256 is more than anyone is using?
>> If not, we'll get push-back and then we can have a discussion about the
>> correct limit that's informed by more than guesswork.
> 
> +1.
> 
> Next up is probably SCRAM-SHA-512, which should still have smaller
> entries than that -- 222 bytes, I think, with 128-bit salts and a
> 5-digit iteration count?

The challenge is that salts can be an arbitrary length, even today (as 
can the iterator value, though IIRC I think we check if it's in int 
bounds, and a large iterator becomes pretty impractical for usage).

Probabalistically, it's unlikely there are many very large salts in the 
wild (though I don't have data on that) and most folks are using the 
default length, but that probability isn't 0.

I think Tom's initial suggestion (BLCKSZ/2) is better than 256, given we 
really don't know what' out there in the wild, and this could end up 
being a breaking change. Every other type in pg_authid is pretty small. 
That said, I'm also imagining other things we may add that could require 
TOAST support (remembering previous passwords? storing multiple 
passwords options)?

Thanks,

Jonathan


Attachments:

  [application/pgp-signature] OpenPGP_signature.asc (840B, ../[email protected]/2-OpenPGP_signature.asc)
  download

view thread (17+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
  Subject: Re: Should rolpassword be toastable?
  In-Reply-To: <[email protected]>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox