On 08/17/2017 04:04 PM, Robert Haas wrote:
On Wed, Aug 16, 2017 at 10:42 PM, Michael Paquier
<michael.paqu...@gmail.com> wrote:
In the initial discussions there was as well a mention about using 16 bytes.
https://www.postgresql.org/message-id/507550bd.2030...@vmware.com
As we are using SCRAM-SHA-256, let's bump it up and be consistent.
That's now or never.


This was discussed and changed once before at
https://www.postgresql.org/message-id/df8c6e27-4d8e-5281-96e5-131a4e638...@8kdata.com

Different thing. That was the nonce length, now we're talking about salt length.

I think 2^96 is large enough. The RFC doesn't say anything about salt length, but the one example in it uses a 16 byte string as the salt. That's more or less equal to the current default of 12 raw bytes, after base64-encoding.

On 08/17/2017 05:42 AM, Michael Paquier wrote:
> That's now or never.

Not really. That constant is just the default to use when creating new password verifiers, but the code can handle any salt length, and different verifiers can have different lengths.

- Heikki


--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to