From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Vince Vielhaber <vev(at)michvhf(dot)com> |
Cc: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, Hannu Krosing <hannu(at)tm(dot)ee>, The Hermit Hacker <scrappy(at)hub(dot)org>, "Sverre H(dot) Huseby" <sverrehu(at)online(dot)no>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: So we're in agreement.... |
Date: | 2000-05-07 17:15:20 |
Message-ID: | 18529.957719720@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general pgsql-hackers |
Vince Vielhaber <vev(at)michvhf(dot)com> writes:
> It could add a level of security. The client knows the username. If
> the client were to only send LOGIN or something like that to the server
> without sending the username and the server only replied with the random
> salt, the client would know that the username was the fixed salt and could
> use that with random salt received from the server. So it's really a
> hidden salt.
Hidden from whom? The client *must* send the username to the server,
so a sniffer who is able to see both sides of the conversation will
still have all the same pieces. If the sniffer only sees one side of
the conversation, he's still in trouble: he'll get the random salt, or
the hashed password, but not both. So I still don't see what the
username is adding to the process that will make up for rendering it
much more difficult to rename users.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Vince Vielhaber | 2000-05-07 17:21:54 | Re: So we're in agreement.... |
Previous Message | Vince Vielhaber | 2000-05-07 16:16:45 | Re: So we're in agreement.... |
From | Date | Subject | |
---|---|---|---|
Next Message | Vince Vielhaber | 2000-05-07 17:21:54 | Re: So we're in agreement.... |
Previous Message | Vince Vielhaber | 2000-05-07 16:16:45 | Re: So we're in agreement.... |