Andrew Dunstan <and...@dunslane.net> writes:
> (Personally I think there's a very good case for completely ripping out
> RFC1413 ident auth. I've not seen it used in a great long while, and
> it's always been a security risk.)
FWIW, I agree with that --- or at least making it a not-built-by-default
option.
Probably the right time to make any such changes is at the same time
we add the proposed more-secure-than-MD5 password option.
regards, tom lane
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
