Re: [HACKERS] SSL and Encryption

2017-11-02 Thread Michael Paquier 
On Fri, Nov 3, 2017 at 3:19 AM, Craig Ringer  wrote:
> This is probably off topic for pgsql-hackers.
>
> For password crypto please go read the SCRAM thread and the PostgreSQL
> 10 release notes.

The SCRAM discussion is spread across two threads mainly with hundreds
of emails, which may discourage even the bravest. Here are links to
the important documentation:
https://www.postgresql.org/docs/current/static/auth-methods.html#auth-password
https://www.postgresql.org/docs/10/static/sasl-authentication.html

And PostgreSQL implements SCRAM-SHA-256 following RFCs 7677 and 5802:
https://tools.ietf.org/html/rfc5802
https://tools.ietf.org/html/rfc7677
-- 
Michael


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] SSL and Encryption

2017-11-02 Thread Craig Ringer 
On 3 November 2017 at 11:16, chiru r  wrote:
> Hi ,
>
> Please suggest the best chiper suite to configure openSSL for PostgreSQL
> Server and client?.
>
> How to use other than md5 encryption algorithm to encrypt the passwords in
> PostgreSQL?

This is probably off topic for pgsql-hackers.

For password crypto please go read the SCRAM thread and the PostgreSQL
10 release notes.



-- 
 Craig Ringer   http://www.2ndQuadrant.com/
 PostgreSQL Development, 24x7 Support, Training & Services


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

[HACKERS] SSL and Encryption

2017-11-02 Thread chiru r 
Hi ,

Please suggest the best chiper suite to configure openSSL for PostgreSQL
Server and client?.

How to use other than md5 encryption algorithm to encrypt the passwords in
PostgreSQL?

Thanks,
Chiru