Bruce Momjian <pgman@candle.pha.pa.us> writes:
> We aren't. I can do that, but have not discussed it yet. If we do it
> is clearly a protocol change. How will old clients handle longer salt,
> and how do I know if they are older if I don't bump up the protocol
> version number?
All of this is under the aegis of a new auth method code, so it doesn't
matter. Either clients handle the new auth method, or they don't.
The problem with bumping the protocol version number is that it breaks
client-to-server compatibility *whether or not a particular connection
needs the new auth method*. Eg, a new client will be unable to talk to
an old server. This is not good.
regards, tom lane