On Fri, Mar 18, 2016 at 2:12 PM, Stephen Frost <sfr...@snowman.net> wrote: > I'm not sure that I agree with the above. This patch has been through > the ringer multiple times regarding the user-facing bits and, by and > large, the results appear reasonable. Further, getting a better auth > method into PG is something which I do view as a priority considering > the concerns and complaints that have been, justifiably, raised against > our current password-based authentication support. > > This isn't a new patch set either, it was submitted initially over the > summer after it was pointed out, over a year ago, that people actually > do care about the problems with our current implementation (amusingly, I > recall having pointed out the same 5+ years ago, but only did so to this > list).
I am not disputing the importance of the topic, and I do realize that the patch has been around in some form since March. However, I don't think there's been a whole heck of a lot in terms of detailed code-level review, and I think that's pretty important for something that necessarily involves wire protocol changes. Doing that with the level of detail and care that it seems to me to require seems like an almost-impossible task. Most of the major features I've committed this CommitFest are patches where I've personally done multiple rounds of review on over the last several months, and in many cases, other people have been doing code reviews for months before that. I'm not denying that this patch has prompted a good deal of discussion and what I would call design review, but detailed code review? I just haven't seen much of that. >> And I'd rather see all of the changes in one release than split them >> across two releases. > > I agree with this. If we aren't going to get SCRAM into 9.6 then the > rest is just breaking things with little benefit. I'm optomistic that > we will be able to include SCRAM support in 9.6, but if that ends up not > being feasible then we need to put all of the changes to the next > release. OK, glad we agree on that. > I do think that if we push this off to 9.7 then we're going to have > SCRAM *plus* a bunch of other changes around password policies in that > release, and it'd be better to introduce SCRAM independently of the > other changes. Well, for my part, I'd be happy enough to do all of that in a release cycle - maybe SCRAM at the beginning and those other changes a little later on. I don't see that as a real conflict, and in fact, sometimes when you do several things like that in a single cycle, people start to see whatever the common theme is - security, say - as part of the message of that release a little more than they would if a feature lands here and another there. That's not all a bad thing. > All that said, this is just my voice from having followed this thread > and discussing it with David and I'm not trying to force anything. It'd > certainly be nice to have and to be able to tell people that we do have > a strong and recognized approach to password-based authentication in PG, > but I've long been telling everyone that they should be using GSSAPI > and/or SSL and can continue to do so for another year if necessary. I agree it's unfortunate, but IMHO that's kinda where we are at. If Heikki were still involved and had been working on this, I strongly suspect it would have been committed already. But he's not, and it's not clear when or if he's coming back, and I cannot imagine how we are going to begin and complete pushing in a feature of this magnitude in the three weeks before feature freeze without a lot of collateral damage. That is an opinion, not a fact, but it's one I feel pretty confident about. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers