Re: sunsetting md5 password support

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Jesper Pedersen <jesper.pedersen@comcast.net>
Cc: Heikki Linnakangas <hlinnaka@iki.fi>, Bruce Momjian <bruce@momjian.us>, Jelte Fennema-Nio <postgres@jeltef.nl>, Nathan Bossart <nathandbossart@gmail.com>, pgsql-hackers@postgresql.org
Date: 2024-10-10T22:39:35Z
Lists: pgsql-hackers
Jesper Pedersen <jesper.pedersen@comcast.net> writes:
> On 10/10/24 5:45 PM, Heikki Linnakangas wrote:
>> Note that some authentication methods like LDAP and Radius use 
>> "password" authentication on the wire.

> Please, deprecate - aka remove - old methods.
> All client libraries have caught up, and if they havn't then it their 
> issue not Core.

It's not the libraries that are the problem.  It's the users that
want to use these auth methods --- perhaps even are required to
by dubiously-well-thought-out corporate policies.

			regards, tom lane



Commits

  1. Deprecate MD5 passwords.