On 10/12/12 3:44 PM, Stephen Frost wrote: > wrt future-proofing, I don't like the "#-of-iterations" approach. There > are a number of examples of how to deal with multiple encryption types > being supported by a protocol, I'd expect hash'ing could be done in the > same way. For example, Negotiate, SSL, Kerberos, GSSAPI, all have ways > of dealing with multiple encryption/hashing options being supported. > Multiple iterations could be supported through that same mechanism (as > des/des3 were both supported by Kerberos for quite some time). > > In general, I think it's good to build on existing implementations where > possible. Perhaps we could even consider using something which already > exists for this?
Sounds like SASL to me. -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers