On 2019-08-12 18:02, Jeff Davis wrote: > https://postgr.es/m/daf0017a1a5c2caabf88a4e00f66b4fcbdfeccad.camel%40j-davis.com > > The weakness of proposal #1 is that it's not very "future-proof" and we > would likely need to change something about it later when we support > new methods. That wouldn't break clients, but it would be annoying to > need to support some old syntax and some new syntax for the connection > parameters. > > Proposal #3 does not have this weakness. When we add sha-512, we could > also add a parameter to specify that the client requires a certain hash > algorithm for SCRAM. > > Do you favor that existing proposal #3, or are you proposing a fourth > option?
In this context, I would prefer #2, but I would expand that to cover all authentication methods, not only password methods. -- Peter Eisentraut http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
