On 07/13/2017 10:46 PM, Chapman Flack wrote:

> Neither is suitable on an unencrypted channel (as has been repeatedly

Please forgive my thinko about md5. I had overlooked the second
salted md5 used in the protocol, and that had to be some years ago
when I was sure I had looked for one in the code. But it's been there
since 2001, so I simply overlooked it somehow. Not sure how. I've had
an unnecessarily jaundiced view of "md5" auth for years as a result.

I feel much better now. Sorry for the noise.


Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to