Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1rIbpD-009jZs-Do for pgsql-hackers@arkaria.postgresql.org; Wed, 27 Dec 2023 21:52:27 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1rIbpC-00A5yt-3Q for pgsql-hackers@arkaria.postgresql.org; Wed, 27 Dec 2023 21:52:26 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1rIbpB-00A5yO-6s for pgsql-hackers@lists.postgresql.org; Wed, 27 Dec 2023 21:52:25 +0000 Received: from wout3-smtp.messagingengine.com ([64.147.123.19]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1rIbp8-00ECmF-9r for pgsql-hackers@postgresql.org; Wed, 27 Dec 2023 21:52:24 +0000 Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailout.west.internal (Postfix) with ESMTP id D622B3200A0A; Wed, 27 Dec 2023 16:52:17 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute6.internal (MEProxy); Wed, 27 Dec 2023 16:52:18 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=eisentraut.org; h=cc:cc:content-transfer-encoding:content-type:content-type :date:date:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:subject:subject:to:to; s=fm1; t=1703713937; x=1703800337; bh=Rofj8LaPQXzKVZzF+TAOMpGtHjd3eTRC KEuQUjifPiM=; b=cT88Dkz4DVoq5VsAUnNc+Q/nLcUZix55Wkw2mGwBo9KYnETx qcIR9nAm9/3WEDpGmAP6B3j57CcZaEWtICgHLG4BN6b2R0iR3IMULlGvp4G9lmb4 Xy+IBBiSMsH/gQUNN3kkQFLqQ0w0ReeTuA8Pzb+gpiL7LP5pd/VxVLu0g8y9Q7kO AKZ/p4ajv50wEXCKBtjVMjUm2kesZYvQcsPDC9GUV2E7FgwiWTh3u/bx27hb20ex 9VbkcHle2Ohywq7lOHof4dwdftzCoWEd5MeKsa/de9D0RLqjfuwTbiiyi6HZmg1h 5YxdBv+yq+QC4BGylsQj3WbYWISxVTZG3+Yw2w== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1703713937; x= 1703800337; bh=Rofj8LaPQXzKVZzF+TAOMpGtHjd3eTRCKEuQUjifPiM=; b=n UPBUtngxGeq6dQyJjuk0MBBbyxv8IQO/tUJHQ0mh2Uhq/uI+J0ycmBq6QWLZ6+KY nmj8q27ykHbmvYy8q3w0a3Gx9xWIVSNm0bjo+iZH1kp5C4fZWHzuYNVMjVQpQM1r jr1Ht8SDbnzouwWMwE3VVMihKBf9aN0QW2mQ94GqyEpBS2TupduhuukdZNhAOsPT fmk/vbdxcRTo2QUqNm1OdC5HHNSGFyXyV6NhixAeeIbSiePQVh8auluEZ7XrIHVH jj5K0kzB8ImQiPm8Lehh2Gytq41AEgI2RvpxRAo2IUuRKvYsDKdUn7cRvHVEFR/X bIvoGQVVEnXgatAXf+r1Q== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrvddvledgudehiecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefkffggfgfuvfevfhfhjggtgfesthejredttddvjeenucfhrhhomheprfgv thgvrhcugfhishgvnhhtrhgruhhtuceophgvthgvrhesvghishgvnhhtrhgruhhtrdhorh hgqeenucggtffrrghtthgvrhhnpefgjedthfekfedtuefgieelheetleejgefhueeltdfh ueetvdffudekfeejhfegheenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmh grihhlfhhrohhmpehpvghtvghrsegvihhsvghnthhrrghuthdrohhrgh X-ME-Proxy: Feedback-ID: ie0a040ee:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 27 Dec 2023 16:52:16 -0500 (EST) Message-ID: Date: Wed, 27 Dec 2023 22:52:15 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [HACKERS] Changing references of password encryption to hashing Content-Language: en-US To: Bruce Momjian , Robert Haas Cc: Stephen Frost , Michael Paquier , PostgreSQL mailing lists References: From: Peter Eisentraut In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 27.12.23 02:04, Bruce Momjian wrote: > I did_not_ change the user API, so CREATE/ALTER ROLE still uses > [ENCRYPTED] PASSWORD, the GUC is still called password_encryption, and > the libpq function is still called PQencryptPasswordConn(). This makes > the user interface confusing since the API uses "encryption" but the > text calls it "hashing". Is there support for renaming the API to use > "hash" and keeping "encrypt" for backward compatiblity. Yeah, this is clearly confusing. I think we should just leave it alone. Some gentle rewording here and there to clarify things might be appropriate (but the text already uses hashing on some occasions), but the blanket replacement does not make things better, I think.