David Steele <da...@pgmasters.net> writes: > On 7/21/16 12:19 PM, Robert Haas wrote: >> On Wed, Jul 20, 2016 at 7:42 PM, Michael Paquier >> <michael.paqu...@gmail.com> wrote: >>>> People have, in the past, expressed concerns about linking in >>>> pgcrypto. Apparently, in some countries, it's a legal problem.
>>> Do you have any references? I don't see that as a problem. >> I don't have a link to previous discussion handy, but I definitely >> recall that it's been discussed. I don't think that would mean that >> libpgcrypto couldn't depend on libpgcommon, but the reverse direction >> would make libpgcrypto essentially mandatory which I don't think is a >> direction we want to go for both technical and legal reasons. > I searched a few different ways and finally came up with this post from Tom: > https://www.postgresql.org/message-id/11392.1389991...@sss.pgh.pa.us > It's the only thing I could find, but thought it might jog something > loose for somebody else. Way back when, like fifteen years ago, there absolutely were US export control restrictions on software containing crypto. I believe the US has figured out that that was silly, but I'm not sure everyplace else has. (And if you've been reading the news you will notice that legal restrictions on crypto are back in vogue, so it would not be wise to assume that the question is dead and buried.) So our project policy since at least the turn of the century has been that any crypto facility has to be in a separable extension, where it would be fairly easy for a packager to delete it if they need to ship a crypto-free version. Note that "crypto" for this purpose generally means reversible encryption; I've never heard that one-way hashes are illegal anywhere. So password hashing such as md5 is fine in core, and a stronger hash would be too. But pulling in pgcrypto lock, stock, and barrel is not OK. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers