> On Fri, Apr 20, 2018 at 07:58:00AM +0900, Tatsuo Ishii wrote: >> Yeah. Since SCRAM auth is implemented, some connection poolers >> including Pgpool-II are struggling to adopt it. > > Er, well. pgpool is also taking advantage of MD5 weaknesses... While > SCRAM fixes this class of problems, and channel binding actually makes > this harder for poolers to deal with.
One of Pgpool-II developers Usama are working hard to re-implement SCRAM auth for upcoming Pgpool-II 4.0: i.e. storing passwords (of course in some encrypted form) in Pgpool-II. Best regards, -- Tatsuo Ishii SRA OSS, Inc. Japan English: http://www.sraoss.co.jp/index_en.php Japanese:http://www.sraoss.co.jp