Re: Docs: Encourage strong server verification with SCRAM

On 5/25/23 3:27 PM, Jacob Champion wrote:
> On Thu, May 25, 2023 at 10:48 AM Jonathan S. Katz <jkatz(at)postgresql(dot)org> wrote:
>> Overall, +1 to tightening the language around the docs in this area.
>>
>> However, to paraphrase Stephen, I think the language, as currently
>> written, makes the problem sound scarier than it actually is, and I
>> agree that we should just inline it above.
>
> How does v2 look? I more or less divided the current text into a local
> section and a network section. (I'm still not clear on where in the
> current text you're wanting me to inline a sudden aside on SCRAM; it
> doesn't really seem to fit in any of the existing paragraphs.)

I read through the proposal and like this much better. I missed
Stephen's point on the "where" to put it in this section; I actually
don't know if I agree with that (he says while painting the bikeshed),
given the we spend two paragraphs describing how to prevent spoofing in
general over the network, vs. just during SCRAM authentication.

I rewrote this to just focus on server spoofing that can occur with
SCRAM authentication and did some wordsmithing. I was torn on keeping in
the part of offline analysis of an intercepted hash, given one can do
this with md5 as well, but perhaps it helps elaborate on the consequences.

Thanks,

Jonathan