[38533] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords

daemon@ATHENA.MIT.EDU (Bruno Wolff III)
Fri Apr 22 13:56:14 2005

Date: Thu, 21 Apr 2005 17:27:16 -0500
From: Bruno Wolff III <bruno@wolff.to>
To: Tom Lane <tgl@sss.pgh.pa.us>, "Jim C. Nasby" <decibel@decibel.org>,
        pgsql-hackers@postgresql.org, bugtraq@securityfocus.com
Message-ID: <20050421222716.GA2730@wolff.to>
Mail-Followup-To: Tom Lane <tgl@sss.pgh.pa.us>,
	"Jim C. Nasby" <decibel@decibel.org>, pgsql-hackers@postgresql.org,
	bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20050421022701.GU29028@ns.snowman.net>

On Wed, Apr 20, 2005 at 22:27:01 -0400,
  Stephen Frost <sfrost@snowman.net> wrote:
> 
> SHA2 would also be nice.

I think the new hash functions are called SHA256 and SHA512.
For Postgres' purposes the recent weaknesses found in SHA1 and MD5
aren't a big deal.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[38533] in bugtraq

Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords

daemon@ATHENA.MIT.EDU (Bruno Wolff III)Fri Apr 22 13:56:14 2005

daemon@ATHENA.MIT.EDU (Bruno Wolff III)
Fri Apr 22 13:56:14 2005