Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps
 (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <pgsql-pkg-yum-owner+archive@lists.postgresql.org>)
	id 1jbQ2T-00075d-D5
	for pgsql-pkg-yum@arkaria.postgresql.org; Wed, 20 May 2020 14:49:45 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.92)
	(envelope-from <pgsql-pkg-yum-owner+archive@lists.postgresql.org>)
	id 1jbQ2R-0000LG-SX
	for pgsql-pkg-yum@arkaria.postgresql.org; Wed, 20 May 2020 14:49:43 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <peter.eisentraut@2ndquadrant.com>)
	id 1jbQ2R-0000L9-Nv
	for pgsql-pkg-yum@lists.postgresql.org; Wed, 20 May 2020 14:49:43 +0000
Received: from forward5-smtp.messagingengine.com ([66.111.4.239])
	by magus.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <peter.eisentraut@2ndquadrant.com>)
	id 1jbQ2O-00065H-Ch
	for pgsql-pkg-yum@postgresql.org; Wed, 20 May 2020 14:49:43 +0000
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
	by mailforward.nyi.internal (Postfix) with ESMTP id 5E7E01941E9A;
	Wed, 20 May 2020 10:49:38 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
  by compute1.internal (MEProxy); Wed, 20 May 2020 10:49:38 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=content-transfer-encoding:content-type
	:date:from:in-reply-to:message-id:mime-version:references
	:subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender
	:x-sasl-enc; s=fm2; bh=DDwY+qqGhTxHfM2rYrdMWe0RRsSelib89FAXf1sOt
	Uk=; b=kqkMnRtO9FUBMYhhQOb79AH8Costn729a7/Yn5ZBcuD7BvR3QJh1np2Gf
	95/H4wZaBh7xF0DifT4zpA/vapyqkkPEaZ5TK8H26QUF0z2W89MJga54yBfqtUQK
	u5KOGdQozWSKEJU0/rvh6txV6Gz5oUyoNW/DOascGHVhC5OWAnrIFsJwsyvgvw13
	zxmdZ/qER1Kfmgi8qQsWUSCHJkFiyjN8A58jw+1PGldoYKnp3hwx0zRit7pM+unF
	zb2nNehWUpODz7ft1nj6zDF6b4LLxVBQJX9Msa6XpsDJkZ5p7Xbk5y4Cbay7fr+N
	7uXoJ9veFxB2JcygoOX7/xtIfhWlQ==
X-ME-Sender: <xms:gUPFXgAy4iWFYYyIl_Lh7SmCtRpwMW0bS7eeAzhpaUWPX2r0BDE91w>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgeduhedruddtledgjeelucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
    cujfgurhepuffvfhfhohfkffgfgggjtgfgsehtjeertddtfeejnecuhfhrohhmpefrvght
    vghrucfgihhsvghnthhrrghuthcuoehpvghtvghrrdgvihhsvghnthhrrghuthesvdhnug
    hquhgrughrrghnthdrtghomheqnecuggftrfgrthhtvghrnheptdevgeehtdejvdevvdel
    jeeuveejjedtleelgfekleefieekjeelgfektdduuedvnecuffhomhgrihhnpedvnhguqh
    hurggurhgrnhhtrdgtohhmnecukfhppeelfedrvdegfedrkedvrddvgeeinecuvehluhhs
    thgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepphgvthgvrhdrvghish
    gvnhhtrhgruhhtsedvnhguqhhurggurhgrnhhtrdgtohhm
X-ME-Proxy: <xmx:gUPFXihmMbopH1vv0F4q16x4RyyxwBAKCOK-1X1AJMQnDDrdkyEdVw>
    <xmx:gUPFXjnHEH2nUXXmXsW9pq_qK2sycb0oGeJ3o087i9U_g-D63-TYqg>
    <xmx:gUPFXmx1ka49R0PwqmwMKB9uC2DzcjmSMpoWIt1MEAJH6evsXnnHJA>
    <xmx:gkPFXmTK4OWOzdWMLNP6jhCqFi9El2fHkfC6GbwsYo4USG4Mr7aBbg>
Received: from april.pezone.net (p5df352f6.dip0.t-ipconnect.de
 [93.243.82.246])
	by mail.messagingengine.com (Postfix) with ESMTPA id 7AD11328005D;
	Wed, 20 May 2020 10:49:36 -0400 (EDT)
Subject: Re: Can we stop defaulting to 'ident'?
To: Christoph Berg <myon@debian.org>, =?UTF-8?B?RGV2cmltIEfDvG5kw7x6?=
 <devrim@gunduz.org>, Stephen Frost <sfrost@snowman.net>,
 Craig Ringer <craig@2ndquadrant.com>,
 pgsql-pkg-yum <pgsql-pkg-yum@postgresql.org>
References: 
 <CAMsr+YFCuBGWh4=aM-K2LCsBEwcrqm=pphKKHEH09vHwXcspow@mail.gmail.com>
 <7761d006b5ace13a4d86ce489123e5004aaf8b6c.camel@gunduz.org>
 <20200519212710.GQ13712@tamriel.snowman.net>
 <6089d4c8e262dd6fe8a6510c283e674543a24b5c.camel@gunduz.org>
 <3869d8c9-c212-8d73-52f4-13b03abe4813@2ndquadrant.com>
 <20200520134035.GD296739@msg.df7cb.de>
From: Peter Eisentraut <peter.eisentraut@2ndquadrant.com>
Organization: 2ndQuadrant
Message-ID: <3a7d55ed-6abb-2005-23d7-8411bb9f5651@2ndquadrant.com>
Date: Wed, 20 May 2020 16:49:35 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:52.0)
 Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <20200520134035.GD296739@msg.df7cb.de>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: de-DE
Content-Transfer-Encoding: 7bit
List-Id: <pgsql-pkg-yum.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-pkg-yum@lists.postgresql.org>
List-Owner: <mailto:pgsql-pkg-yum-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-pkg-yum>
Precedence: bulk

On 2020-05-20 15:40, Christoph Berg wrote:
> Re: Peter Eisentraut
>> The upstream default is still to use md5 passwords by default, and some
>> deliberation has gone into that to keep it that way.  So it would make sense
>> to have the RPMs also do that.  The Debian packages also still use md5.
>> Some consistency across the board would be good.  Otherwise it will be very
>> confusing for users if everyone just goes into their own direction.
> 
> The upstream initdb default is still 'trust', but everyone agrees that
> it's good that distributions are changing that so something more
> secure, so we are already disconnected from the "true" default here.

Sorry, I should have been more clear.  The upstream default of the GUC 
parameter "password_encryption" is md5.

It is understood that the default client authentication method can be 
changed downstream.

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services