On Wed, Aug 10, 2011 at 7:06 PM, Peter Eisentraut <pete...@gmx.net> wrote: > I would like to see whether there is support for adding sha1 and sha2 > functions into the core. These are obviously well-known and widely used > functions, but currently the only way to get them is either through > pgcrypto or one of the PLs. We could say that's OK, but then we do > support md5 in core, which then encourages people to use that, when they > really shouldn't use that for new applications.
Slightly different, but related - I've seen complaints that we only use md5 for password storage/transmission, which is apparently not acceptable under some government security standards. In the most recent case, they wanted to be able to use sha256 for password storage (transmission isn't really an issue where SSL can be used of course). If we're ready to move more hashing functions into core, then it seems reasonable to add more options for password storage to help those who need to meet mandated standards. -- Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EnterpriseDB UK: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
