Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps
 (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <pgsql-pkg-yum-owner+archive@lists.postgresql.org>)
	id 1jbOTV-0003aH-SG
	for pgsql-pkg-yum@arkaria.postgresql.org; Wed, 20 May 2020 13:09:33 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.92)
	(envelope-from <pgsql-pkg-yum-owner+archive@lists.postgresql.org>)
	id 1jbOTU-0002F2-QI
	for pgsql-pkg-yum@arkaria.postgresql.org; Wed, 20 May 2020 13:09:32 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <peter.eisentraut@2ndquadrant.com>)
	id 1jbOTU-0002Db-Kx
	for pgsql-pkg-yum@lists.postgresql.org; Wed, 20 May 2020 13:09:32 +0000
Received: from forward5-smtp.messagingengine.com ([66.111.4.239])
	by magus.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <peter.eisentraut@2ndquadrant.com>)
	id 1jbOTR-0004XK-IP
	for pgsql-pkg-yum@postgresql.org; Wed, 20 May 2020 13:09:31 +0000
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
	by mailforward.nyi.internal (Postfix) with ESMTP id 690A21941320;
	Wed, 20 May 2020 09:09:27 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
  by compute1.internal (MEProxy); Wed, 20 May 2020 09:09:27 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-transfer-encoding:content-type
	:date:from:in-reply-to:message-id:mime-version:references
	:subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender
	:x-sasl-enc; s=fm2; bh=mJh8sbjB4sQJelRsmrxRr5y7OjN04so5x7vmJSzHg
	58=; b=wiGIg5BKET2wo7FXQ7ApVIKIpyutQLcQlqdcwJJb802f/JG77iDIx+U+p
	El5octnSsdACWYc6CTH+vqqEFpsCwPzHrsibjSaMur/2OK/O7rKmU4bxTSjR/9EV
	R08qPSBN98ueCLU09TRuTxVq/q5yxIIEzq7YAJb0aLBYLuHBlW8WsPFPo2xhJuTM
	N2wQVuCXnugdLHd5pwqqxoL3NonwDqeyz0iE3+kq+wBw13BIHoIDWHx488PckvSs
	IRJCN+fi3b2kRlKyYIAx/7Xfx6oyuZcCqKdkhTubt3bIQHq8S5/uYujAabCQx7WS
	m54cpJyl42JC4rOQTmAuiVw2DVfiw==
X-ME-Sender: <xms:BizFXho-TgAOm4qIcy3OdnRnddZODQQ8iey8k5xcUpNlHq2E5jiP_g>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgeduhedruddtledgiedtucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
    cujfgurhepuffvfhfhohfkffgfgggjtgfgsehtkeertddtfeejnecuhfhrohhmpefrvght
    vghrucfgihhsvghnthhrrghuthcuoehpvghtvghrrdgvihhsvghnthhrrghuthesvdhnug
    hquhgrughrrghnthdrtghomheqnecuggftrfgrthhtvghrnhepleffffetffejfefhheff
    veekieetieekudeffffhheevieelhfethfegfeduhedtnecuffhomhgrihhnpedvnhguqh
    hurggurhgrnhhtrdgtohhmnecukfhppeelfedrvdegfedrkedvrddvgeeinecuvehluhhs
    thgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepphgvthgvrhdrvghish
    gvnhhtrhgruhhtsedvnhguqhhurggurhgrnhhtrdgtohhm
X-ME-Proxy: <xmx:BizFXjrpCYE3kZ_fX2hbhheDTXWjXWhWOls2fxTR3fsqfN8x_zHcHg>
    <xmx:BizFXuPBmh0CuIEQx75zN8Sc9XK7fFW4CQ1uOWAH0To27jfVdEyycQ>
    <xmx:BizFXs7rPYF7ECv1oK_zEws7X6xqj12OW3fl9TrtiqKN9MUTgcZGPw>
    <xmx:ByzFXttdjz8hYwH80XwwnKZUYLq2bC_9_ugI1kYjxKsJSKstu-UHkA>
Received: from april.pezone.net (p5df352f6.dip0.t-ipconnect.de
 [93.243.82.246])
	by mail.messagingengine.com (Postfix) with ESMTPA id 7580A328005A;
	Wed, 20 May 2020 09:09:25 -0400 (EDT)
Subject: Re: Can we stop defaulting to 'ident'?
To: =?UTF-8?B?RGV2cmltIEfDvG5kw7x6?= <devrim@gunduz.org>,
 Stephen Frost <sfrost@snowman.net>
References: 
 <CAMsr+YFCuBGWh4=aM-K2LCsBEwcrqm=pphKKHEH09vHwXcspow@mail.gmail.com>
 <7761d006b5ace13a4d86ce489123e5004aaf8b6c.camel@gunduz.org>
 <20200519212710.GQ13712@tamriel.snowman.net>
 <6089d4c8e262dd6fe8a6510c283e674543a24b5c.camel@gunduz.org>
Cc: Craig Ringer <craig@2ndquadrant.com>,
 pgsql-pkg-yum <pgsql-pkg-yum@postgresql.org>
From: Peter Eisentraut <peter.eisentraut@2ndquadrant.com>
Organization: 2ndQuadrant
Message-ID: <3869d8c9-c212-8d73-52f4-13b03abe4813@2ndquadrant.com>
Date: Wed, 20 May 2020 15:09:24 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:52.0)
 Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <6089d4c8e262dd6fe8a6510c283e674543a24b5c.camel@gunduz.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
List-Id: <pgsql-pkg-yum.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-pkg-yum@lists.postgresql.org>
List-Owner: <mailto:pgsql-pkg-yum-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-pkg-yum>
Precedence: bulk

On 2020-05-20 00:26, Devrim Gündüz wrote:
>> +1 to scram-sha-256 for the default for host-based/TCP connections.
>> For local, we should be using peer, just like Debian's default has
>> been for ages.
> 
> YEah, this is what I committed just now. Still, would love to hear from
> others if there are any objections.

The upstream default is still to use md5 passwords by default, and some 
deliberation has gone into that to keep it that way.  So it would make 
sense to have the RPMs also do that.  The Debian packages also still use 
md5.  Some consistency across the board would be good.  Otherwise it 
will be very confusing for users if everyone just goes into their own 
direction.

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services