Re: Data Encryption in PostgreSQL, and a Tutorial.
scott.marlowe <scott.marlowe@ihs.com>
From: "scott.marlowe" <scott.marlowe@ihs.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Christopher Browne <cbbrowne@acm.org>, <pgsql-general@postgresql.org>
Date: 2004-04-12T22:35:29Z
Lists: pgsql-general
On Mon, 12 Apr 2004, Tom Lane wrote: > "scott.marlowe" <scott.marlowe@ihs.com> writes: > > On Fri, 9 Apr 2004, Christopher Browne wrote: > >> See the "pgcrypto" contrib module in the source tree. > >> > >> It is not typically compiled into what gets distributed with the > >> typical Linux/BSD distribution because of the library dependencies > >> that it forces in, as well as because the legalities surrounding the > >> distribution of cryptographic software vary from country to country, > >> making it potentially legally unsafe to ubiquitously include it. > > > I thought md5() was a built-in nowadays... > > Yeah, it is, but md5 is not considered cryptography because it is not > reversible (you can't decrypt to get back what you put in). As such > it's not restricted under US munitions law, nor anyone else's that > I've heard of. True, but the original discussion, I believe, was on storing user passwords etc... for which md5 is the preferred method...