Broken link in pgcrypto documentation
The following documentation comment has been logged on the website:
Page: https://www.postgresql.org/docs/16/pgcrypto.html
Description:
I was going through the links in pgcrypto documentation and I realized that
one of the links at Useful Reading section do not work.
interhack.net seems to be down for a while whereas interhack.com contains a
portion of the contents of the former website in a different hierarchy. I
did some digging and I believe we can update that link to the same set of
information on the other website.
Relevant page:
https://www.postgresql.org/docs/current/pgcrypto.html#PGCRYPTO-NOTES-USEFUL-READING
Current link that does not work:
http://www.interhack.net/people/cmcurtin/snake-oil-faq.html
Last capture at Web Archive:
https://web.archive.org/web/20211114090731/http://www.interhack.net/people/cmcurtin/snake-oil-faq.html
My suggestion for updating the link:
http://web.interhack.com/publications/snake-oil-faq
Thanks,
Hanefi
On 12 Feb 2024, at 13:55, PG Doc comments form <noreply@postgresql.org> wrote:
The following documentation comment has been logged on the website:
Page: https://www.postgresql.org/docs/16/pgcrypto.html
Description:I was going through the links in pgcrypto documentation and I realized that
one of the links at Useful Reading section do not work.
Thanks for the report!
However, I wonder if we aren't better off removing the "Useful Reading" section
altogether? The field of crypto is continuously advancing and keeping a stale
10+ year old list of links is unlikely to provide more insights than what more
curated sites can do.
--
Daniel Gustafsson
On Tue, Feb 13, 2024 at 7:12 PM Daniel Gustafsson <daniel@yesql.se> wrote:
On 12 Feb 2024, at 13:55, PG Doc comments form <noreply@postgresql.org> wrote:
The following documentation comment has been logged on the website:
Page: https://www.postgresql.org/docs/16/pgcrypto.html
Description:I was going through the links in pgcrypto documentation and I realized that
one of the links at Useful Reading section do not work.Thanks for the report!
However, I wonder if we aren't better off removing the "Useful Reading" section
altogether? The field of crypto is continuously advancing and keeping a stale
10+ year old list of links is unlikely to provide more insights than what more
curated sites can do.
+1. I don't think it's the job of a postgres contrib module to maintain that.
--
Magnus Hagander
Me: https://www.hagander.net/
Work: https://www.redpill-linpro.com/
Magnus Hagander <magnus@hagander.net> writes:
On Tue, Feb 13, 2024 at 7:12 PM Daniel Gustafsson <daniel@yesql.se> wrote:
However, I wonder if we aren't better off removing the "Useful Reading" section
altogether? The field of crypto is continuously advancing and keeping a stale
10+ year old list of links is unlikely to provide more insights than what more
curated sites can do.
+1. I don't think it's the job of a postgres contrib module to maintain that.
+1. We haven't maintained that list in the past and it seems unlikely
that we'll get better at it.
I'm a little dubious about the "Technical References" list right below
it, too. The RFC references are probably useful and stable, and maybe
the wikipedia ref is OK, but I have little faith in either the
stability or the long-term relevance of the other two links.
regards, tom lane
On 13 Feb 2024, at 20:42, Tom Lane <tgl@sss.pgh.pa.us> wrote:
Magnus Hagander <magnus@hagander.net> writes:
On Tue, Feb 13, 2024 at 7:12 PM Daniel Gustafsson <daniel@yesql.se> wrote:
However, I wonder if we aren't better off removing the "Useful Reading" section
altogether? The field of crypto is continuously advancing and keeping a stale
10+ year old list of links is unlikely to provide more insights than what more
curated sites can do.+1. I don't think it's the job of a postgres contrib module to maintain that.
+1. We haven't maintained that list in the past and it seems unlikely
that we'll get better at it.I'm a little dubious about the "Technical References" list right below
it, too. The RFC references are probably useful and stable, and maybe
the wikipedia ref is OK, but I have little faith in either the
stability or the long-term relevance of the other two links.
Not even those are all that stable, while the RFCs' in question haven't been
replaced they have all been updated with new RFC's which we don't link to. I
think we are better off removing them as well and leaving reading up on
security/crypto subject an exercise for the reader.
Specifically, I propose the attached.
--
Daniel Gustafsson
Attachments:
pgcrypto_links.diffapplication/octet-stream; name=pgcrypto_links.diff; x-unix-mode=0644Download+0-66
Daniel Gustafsson <daniel@yesql.se> writes:
On 13 Feb 2024, at 20:42, Tom Lane <tgl@sss.pgh.pa.us> wrote:
I'm a little dubious about the "Technical References" list right below
it, too. The RFC references are probably useful and stable, and maybe
the wikipedia ref is OK, but I have little faith in either the
stability or the long-term relevance of the other two links.
Not even those are all that stable, while the RFCs' in question haven't been
replaced they have all been updated with new RFC's which we don't link to. I
think we are better off removing them as well and leaving reading up on
security/crypto subject an exercise for the reader.
Good point. Nuking both lists works for me.
regards, tom lane
On Tue, Feb 13, 2024 at 9:08 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
Daniel Gustafsson <daniel@yesql.se> writes:
On 13 Feb 2024, at 20:42, Tom Lane <tgl@sss.pgh.pa.us> wrote:
I'm a little dubious about the "Technical References" list right below
it, too. The RFC references are probably useful and stable, and maybe
the wikipedia ref is OK, but I have little faith in either the
stability or the long-term relevance of the other two links.Not even those are all that stable, while the RFCs' in question haven't been
replaced they have all been updated with new RFC's which we don't link to. I
think we are better off removing them as well and leaving reading up on
security/crypto subject an exercise for the reader.Good point. Nuking both lists works for me.
+1.
--
Magnus Hagander
Me: https://www.hagander.net/
Work: https://www.redpill-linpro.com/
On 13 Feb 2024, at 21:24, Magnus Hagander <magnus@hagander.net> wrote:
On Tue, Feb 13, 2024 at 9:08 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
Daniel Gustafsson <daniel@yesql.se> writes:
On 13 Feb 2024, at 20:42, Tom Lane <tgl@sss.pgh.pa.us> wrote:
I'm a little dubious about the "Technical References" list right below
it, too. The RFC references are probably useful and stable, and maybe
the wikipedia ref is OK, but I have little faith in either the
stability or the long-term relevance of the other two links.Not even those are all that stable, while the RFCs' in question haven't been
replaced they have all been updated with new RFC's which we don't link to. I
think we are better off removing them as well and leaving reading up on
security/crypto subject an exercise for the reader.Good point. Nuking both lists works for me.
+1.
Alright, sounds good. I'll go ahead with that in the morning then, backpatched
all the way down since the links are equally outdated everywhere.
--
Daniel Gustafsson