Re: sunsetting md5 password support
Daniel Gustafsson <daniel@yesql.se>
From: Daniel Gustafsson <daniel@yesql.se>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Andrew Dunstan <andrew@dunslane.net>,
Heikki Linnakangas <hlinnaka@iki.fi>,
Nathan Bossart <nathandbossart@gmail.com>,
PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2024-10-10T22:34:01Z
Lists: pgsql-hackers
> On 11 Oct 2024, at 00:28, Tom Lane <tgl@sss.pgh.pa.us> wrote: > On the whole I agree with Heikki's comment that we should just > do it (disallow MD5, full stop) whenever we feel that enough > time has passed. These intermediate states are mostly going to > add headaches. Maybe we could do something with an intermediate > release that just emits warnings, without any feature changes. +1, warnings and ample documentation for how to perform the migration (and why, I'm sure it will come as a surprise to *many*) is likely our best investment. That coupled with a well communicated point in time for when MD5 goes away with notices in all release notes up until that point. -- Daniel Gustafsson
Commits
-
Deprecate MD5 passwords.
- db6a4a985bc0 18.0 landed