Greetings, * Jeff Davis (pg...@j-davis.com) wrote: > On Wed, 2022-03-02 at 10:54 -0500, Stephen Frost wrote: > > It's our decision what we want to support and maintain in the code > > base > > and what we don't. > > That might be an argument in favor of custom auth methods, because we > could move built-in methods that we don't like into a contrib module > that implements it as a custom auth method.
Feel like I already answered this but just to be clear- I don't view that as actually addressing the issue since we'd still be maintaining and distributing insecure auth methods. Thanks, Stephen
signature.asc
Description: PGP signature
