[38526] in bugtraq
Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords
daemon@ATHENA.MIT.EDU (Stephen Frost)
Fri Apr 22 12:36:20 2005
Date: Thu, 21 Apr 2005 20:05:29 -0400
From: Stephen Frost <sfrost@snowman.net>
To: Tom Lane <tgl@sss.pgh.pa.us>, "Jim C. Nasby" <decibel@decibel.org>,
pgsql-hackers@postgresql.org, bugtraq@securityfocus.com
Message-ID: <20050422000529.GJ29028@ns.snowman.net>
Mail-Followup-To: Tom Lane <tgl@sss.pgh.pa.us>,
"Jim C. Nasby" <decibel@decibel.org>, pgsql-hackers@postgresql.org,
bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="fwblGvOBo7NCOYks"
Content-Disposition: inline
In-Reply-To: <20050421222716.GA2730@wolff.to>
--fwblGvOBo7NCOYks
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
* Bruno Wolff III (bruno@wolff.to) wrote:
> On Wed, Apr 20, 2005 at 22:27:01 -0400,
> Stephen Frost <sfrost@snowman.net> wrote:
> > SHA2 would also be nice.
>=20
> I think the new hash functions are called SHA256 and SHA512.
> For Postgres' purposes the recent weaknesses found in SHA1 and MD5
> aren't a big deal.
Well, alright, SHA256 and SHA512. It would be nice to have Postgres
support them.
Stephen
--fwblGvOBo7NCOYks
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFCaD/JrzgMPqB3kigRAndWAJwPLkk014FEUHGkfSWrR7oKNTfe4ACbBSCB
MHM4g85UkBflh9jGAV4/BxY=
=uxkI
-----END PGP SIGNATURE-----
--fwblGvOBo7NCOYks--
