Re: [HACKERS] SCRAM in the PG 10 release notes

On 9/21/17 14:15, Jeff Janes wrote: > Here is a patch that expands the SCRAM documentation a bit, adds more > explanation how the different options are related, and sets some better > links.  I think now you can get from the release notes to the relevant > documentation and have eno

Re: [HACKERS] SCRAM in the PG 10 release notes

On 9/21/17 14:15, Jeff Janes wrote: > This looks good to me.  Might suggest adding verifying the clients as a > specific step:   > > "To upgrade an existing installation from md5 to scram-sha-256, verify > that all client software supports it, set password_encryption = > 'scram-sha-256' in postgre

Re: [HACKERS] SCRAM in the PG 10 release notes

On Thu, Sep 21, 2017 at 7:42 AM, Peter Eisentraut < peter.eisentr...@2ndquadrant.com> wrote: > On 9/19/17 20:45, Peter Eisentraut wrote: > > On 9/19/17 17:55, Jeff Janes wrote: > >> I guess I'm late to the party, but I don't see why this is needed at > >> all. We encourage people to use any and a

Re: [HACKERS] SCRAM in the PG 10 release notes

On 09/21/2017 07:51 AM, Peter Eisentraut wrote: On 9/20/17 15:52, Jeff Janes wrote: I think that the addition of a link to > https://wiki.postgresql.org/wiki/List_of_drivers would be appropriate. I don't have any expectation

Re: [HACKERS] SCRAM in the PG 10 release notes

On 9/20/17 15:52, Jeff Janes wrote: > I think that the addition of a link to > > https://wiki.postgresql.org/wiki/List_of_drivers > would be appropriate. > > I don't have any expectation that that list will be kept up to date. > >

Re: [HACKERS] SCRAM in the PG 10 release notes

On 9/19/17 20:45, Peter Eisentraut wrote: > On 9/19/17 17:55, Jeff Janes wrote: >> I guess I'm late to the party, but I don't see why this is needed at >> all.  We encourage people to use any and all new features which are >> appropriate to them--that is why we implement new features.  Why does >>

Re: [HACKERS] SCRAM in the PG 10 release notes

On Wed, Sep 20, 2017 at 6:42 AM, Peter Eisentraut < peter.eisentr...@2ndquadrant.com> wrote: > On 9/19/17 21:44, Michael Paquier wrote: > >> The patch that Heikki posted seemed reasonable to me as a starting > >> point, but there probably needs to be more "how" information somewhere. > > > > I agr

Re: [HACKERS] SCRAM in the PG 10 release notes

On Wed, Sep 20, 2017 at 9:42 AM, Peter Eisentraut wrote: > I don't have any expectation that that list will be kept up to date. Ditto. I suggest removing this as an open item. There's no defect in the code alleged, and whether there is a defect in the documentation is a matter of opinion on whi

Re: [HACKERS] SCRAM in the PG 10 release notes

On 9/19/17 21:44, Michael Paquier wrote: >> The patch that Heikki posted seemed reasonable to me as a starting >> point, but there probably needs to be more "how" information somewhere. > > I agree with that. > > + > +Installations using MD5 authentication are encouraged to switch to > +

Re: [HACKERS] SCRAM in the PG 10 release notes

On Wed, Sep 20, 2017 at 9:45 AM, Peter Eisentraut wrote: > On 9/19/17 17:55, Jeff Janes wrote: >> I guess I'm late to the party, but I don't see why this is needed at >> all. We encourage people to use any and all new features which are >> appropriate to them--that is why we implement new feature

Re: [HACKERS] SCRAM in the PG 10 release notes

On 9/19/17 17:55, Jeff Janes wrote: > I guess I'm late to the party, but I don't see why this is needed at > all.  We encourage people to use any and all new features which are > appropriate to them--that is why we implement new features.  Why does > this feature need a special invitation? It's no

Re: [HACKERS] SCRAM in the PG 10 release notes

On Tue, Sep 19, 2017 at 4:29 PM, Michael Paquier wrote: > On Wed, Sep 20, 2017 at 6:55 AM, Jeff Janes wrote: > > On Tue, Sep 19, 2017 at 1:32 PM, Heikki Linnakangas > wrote: > >> I'm not sure what exactly to do here. Where should we stick that notice? > >> We could put it in the release notes,

Re: [HACKERS] SCRAM in the PG 10 release notes

On Wed, Sep 20, 2017 at 6:55 AM, Jeff Janes wrote: > On Tue, Sep 19, 2017 at 1:32 PM, Heikki Linnakangas wrote: >> I'm not sure what exactly to do here. Where should we stick that notice? >> We could put it in the release notes, where the bullet point about SCRAM is, >> but it would be well hidde

Re: [HACKERS] SCRAM in the PG 10 release notes

On Tue, Sep 19, 2017 at 1:32 PM, Heikki Linnakangas wrote: > I'm not sure what exactly to do here. Where should we stick that notice? > We could put it in the release notes, where the bullet point about SCRAM > is, but it would be well hidden. If we want to give advice to people who > might not

Re: [HACKERS] SCRAM in the PG 10 release notes

Heikki Linnakangas writes: > I'm not sure what exactly to do here. Where should we stick that notice? > We could put it in the release notes, where the bullet point about SCRAM > is, but it would be well hidden. If we want to give advice to people who > might not otherwise pay attention, it sho

Re: [HACKERS] SCRAM in the PG 10 release notes

On 09/18/2017 11:13 AM, Noah Misch wrote: On Thu, Sep 14, 2017 at 09:57:36AM +0300, Heikki Linnakangas wrote: On 09/12/2017 04:09 AM, Noah Misch wrote: On Wed, May 10, 2017 at 10:50:51PM -0400, Bruce Momjian wrote: On Mon, May 1, 2017 at 08:12:51AM -0400, Robert Haas wrote: On Tue, Apr 25, 2

Re: [HACKERS] SCRAM in the PG 10 release notes

On Thu, Sep 14, 2017 at 09:57:36AM +0300, Heikki Linnakangas wrote: > On 09/12/2017 04:09 AM, Noah Misch wrote: > >On Wed, May 10, 2017 at 10:50:51PM -0400, Bruce Momjian wrote: > >>On Mon, May 1, 2017 at 08:12:51AM -0400, Robert Haas wrote: > >>>On Tue, Apr 25, 2017 at 10:16 PM, Bruce Momjian wr

Re: [HACKERS] SCRAM in the PG 10 release notes

On Fri, Sep 15, 2017 at 12:10 AM, Alvaro Hernandez wrote: >> On the JDBC driver, strictly speaking, code has not been released yet. >> It is scheduled for v 42.2.0, and maybe the wiki should also mention from >> what version of the driver it is supported (I guess for all cases, unless >> their

Re: [HACKERS] SCRAM in the PG 10 release notes

On 14/09/17 18:06, Dave Cramer wrote: On 14 September 2017 at 02:21, Alvaro Hernandez > wrote: On 14/09/17 08:57, Heikki Linnakangas wrote: On 09/12/2017 04:09 AM, Noah Misch wrote: On Wed, May 10, 2017 at 10:50:51PM -0400, Bruce Momjian wr

Re: [HACKERS] SCRAM in the PG 10 release notes

On 14 September 2017 at 02:21, Alvaro Hernandez wrote: > > > On 14/09/17 08:57, Heikki Linnakangas wrote: > >> On 09/12/2017 04:09 AM, Noah Misch wrote: >> >>> On Wed, May 10, 2017 at 10:50:51PM -0400, Bruce Momjian wrote: >>> On Mon, May 1, 2017 at 08:12:51AM -0400, Robert Haas wrote:

Re: [HACKERS] SCRAM in the PG 10 release notes

On 14/09/17 08:57, Heikki Linnakangas wrote: On 09/12/2017 04:09 AM, Noah Misch wrote: On Wed, May 10, 2017 at 10:50:51PM -0400, Bruce Momjian wrote: On Mon, May 1, 2017 at 08:12:51AM -0400, Robert Haas wrote: On Tue, Apr 25, 2017 at 10:16 PM, Bruce Momjian wrote: Well, we could add "MD5

Re: [HACKERS] SCRAM in the PG 10 release notes

On Thu, Sep 14, 2017 at 3:57 PM, Heikki Linnakangas wrote: > I updated the list of drivers on the wiki > (https://wiki.postgresql.org/wiki/List_of_drivers), adding a column for > whether the driver supports SCRAM authentication. Currently, the only > non-libpq driver that has implemented SCRAM is

Re: [HACKERS] SCRAM in the PG 10 release notes

On 09/12/2017 04:09 AM, Noah Misch wrote: On Wed, May 10, 2017 at 10:50:51PM -0400, Bruce Momjian wrote: On Mon, May 1, 2017 at 08:12:51AM -0400, Robert Haas wrote: On Tue, Apr 25, 2017 at 10:16 PM, Bruce Momjian wrote: Well, we could add "MD5 users are encouraged to switch to SCRAM-SHA-256"

Re: [HACKERS] SCRAM in the PG 10 release notes

On Wed, May 10, 2017 at 10:50:51PM -0400, Bruce Momjian wrote: > On Mon, May 1, 2017 at 08:12:51AM -0400, Robert Haas wrote: > > On Tue, Apr 25, 2017 at 10:16 PM, Bruce Momjian wrote: > > > Well, we could add "MD5 users are encouraged to switch to > > > SCRAM-SHA-256". Now whether we want to lis

Re: [HACKERS] SCRAM in the PG 10 release notes

On 11/05/17 09:20, Heikki Linnakangas wrote: On 05/11/2017 07:03 AM, Michael Paquier wrote: On Thu, May 11, 2017 at 11:50 AM, Bruce Momjian wrote: I have added this as an open item because we will have to wait to see where we are with driver support as the release gets closer. As Postgres

Re: [HACKERS] SCRAM in the PG 10 release notes

Heikki Linnakangas writes: > I updated the List of Drivers in the Wiki. I added a few drivers that > were missing, like the ODBC driver, and the pgtclng driver, as well as a > Go and Rust driver that I'm aware of. I reformatted it, and added a > column to indicate whether each driver uses libpq

Re: [HACKERS] SCRAM in the PG 10 release notes

On 05/11/2017 07:03 AM, Michael Paquier wrote: On Thu, May 11, 2017 at 11:50 AM, Bruce Momjian wrote: I have added this as an open item because we will have to wait to see where we are with driver support as the release gets closer. As Postgres ODBC now has a hard dependency with libpq, no ac

Re: [HACKERS] SCRAM in the PG 10 release notes

On Thu, May 11, 2017 at 11:50 AM, Bruce Momjian wrote: > I have added this as an open item because we will have to wait to see > where we are with driver support as the release gets closer. As Postgres ODBC now has a hard dependency with libpq, no actions is taken from there. At least this makes

Re: [HACKERS] SCRAM in the PG 10 release notes

On Mon, May 1, 2017 at 08:12:51AM -0400, Robert Haas wrote: > On Tue, Apr 25, 2017 at 10:16 PM, Bruce Momjian wrote: > > Well, we could add "MD5 users are encouraged to switch to > > SCRAM-SHA-256". Now whether we want to list this as something on the > > SCRAM-SHA-256 description, or mention it

Re: [HACKERS] SCRAM in the PG 10 release notes

On Tue, Apr 25, 2017 at 10:16 PM, Bruce Momjian wrote: > Well, we could add "MD5 users are encouraged to switch to > SCRAM-SHA-256". Now whether we want to list this as something on the > SCRAM-SHA-256 description, or mention it as an incompatibility, or > under Migration. I am not clear that MD