But make it "hostssl" instead of "host", to require some cryptography
in the channel used, specially to authenticate the connection.
Opening your access to everyone without crypto sounds like something
you don't want to do. Specially if users can change their own
passwords...
My understanding is no password is sent in the clear with md5 per:
http://www.postgresql.org/docs/8.3/interactive/auth-methods.html#AUTH-PASSWORD
Paul
However, it depends on the sort of data you are accessing. Sending a MD5
password is all well and good but if your data consists of credit card
info or trade secrets then you'll want that encrypted too.
---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
choose an index scan if your joining column's datatypes do not
match
