* Tom Lane:

>> MD5 is broken in the sense that you can create two or more meaningful
>> documents with the same hash.
>
> Note that this isn't actually very interesting for the purpose for
> which the md5() function was put into core: namely, hashing passwords
> before they are stored in pg_authid.

No doubt about that. But there are checklists out there, and if you
use MD5 at some point, you need to go to some lengths to explain that
it's okay. That's why I can understand the desire to have sha1 easily
available (even though SHA-1 isn't much better, really, and the
difference doesn't actually matter for many application).

It's a bit like justifying that you don't need a virus scanner on your
non-Windows server or database server. 8-P

BTW, I'd like to see MD5/SHA-1 for BYTEA, not just TEXT, and with a
BYTEA return value. Does pgcrypto provide that?
--
Florian Weimer <fweimer@bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99

---------------------------(end of broadcast)---------------------------
TIP 5: don't forget to increase your free space map settings

On 1/21/08, Florian Weimer <fweimer@bfk.de> wrote:
> BTW, I'd like to see MD5/SHA-1 for BYTEA, not just TEXT, and with a
> BYTEA return value. Does pgcrypto provide that?

Yes.

--
marko

---------------------------(end of broadcast)---------------------------
TIP 4: Have you searched our list archives?

http://archives.postgresql.org

On 1/21/08, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> > MD5 is broken in the sense that you can create two or more meaningful
> > documents with the same hash.
>
> Note that this isn't actually very interesting for the purpose for
> which the md5() function was put into core: namely, hashing passwords
> before they are stored in pg_authid.

Note: this was bad idea. The function that should have been
added to core would be pg_password_hash(username, password).

Adding md5() lessens incentive to install pgcrypto or push/accept
digest() into core and gives impression there will be sha1(), etc
in the future.

Now users who want to store passwords in database (the most
popular usage) will probably go with md5() without bothering
with pgcrypto. They probably see "Postgres itself uses MD5 too",
without realizing their situation is totally different from
pg_authid one.

It's like we have solution that is ACID-compliant 99% of the time in core,
so why bother with 100% one.

--
marko

---------------------------(end of broadcast)---------------------------
TIP 4: Have you searched our list archives?

http://archives.postgresql.org