Re: Postgres 11 release notes

From: Michael Paquier <michael(at)paquier(dot)xyz>
To: Bruce Momjian <bruce(at)momjian(dot)us>
Cc: PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Postgres 11 release notes
Date: 2018-05-16 04:22:45
Message-ID: 20180516042245.GC3880@paquier.xyz
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers pgsql-www

On Mon, May 14, 2018 at 08:45:44PM -0400, Bruce Momjian wrote:
> What TLS does is to mix the offered ciphers into the negotiation hash so
> a man-in-the-middle can't pretend it doesn't support something. Could
> we do something like that here?

I have to admit that I don't quite follow here, the shape of channel
binding data is decided by RFC 5929, so we need to stick with it.

> I have to question the value of man-in-the-middle protection that is so
> easily bypassed.

Well, the backend does its job, and answers based on what the client
wants to do. But what you are questioning here is the handling of
authentication downgrade attempts from a server by libpq, which is a
different problem, larger than just channel binding as it relates as
well to MD5/SCRAM interactions. For example, it is perfectly possible
to implement downgrade protections for any drivers which speak the
protocol, like JDBC, even with a v11 backend.
--
Michael

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Amit Kapila 2018-05-16 04:25:05 Re: Postgres 11 release notes
Previous Message Michael Paquier 2018-05-16 04:13:30 Re: Make description of heap records more talkative for flags

Browse pgsql-www by date

  From Date Subject
Next Message Amit Kapila 2018-05-16 04:25:05 Re: Postgres 11 release notes
Previous Message Bruce Momjian 2018-05-16 00:03:49 Re: Postgres 11 release notes