* Bruce Momjian:
> I am not thrilled about moving _some_ of pgcrypto into the backend ---
> pgcrypto right now seems well designed and if we pull part of it out it
> seems it will be less clear than what we have now. Perhaps we just need
> to document that md5() isn't for general use and some function in
> pgcrypto should be used instead?
Yes, that would probably help those folks doing checklist-based
security audits.
--
Florian Weimer <fweimer@bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99