| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
| Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Negotiating the SCRAM channel binding type |
| Date: | 2018-08-07 09:02:27 |
| Message-ID: | CA+TgmoY2q++3qwuqKMYp2GJo3FJ+aWC8NYX3M4NFUJ7ar_bJrQ@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sun, Aug 5, 2018 at 4:30 PM, Heikki Linnakangas <hlinnaka(at)iki(dot)fi> wrote:
> Well, it'd be useless for users, there is no reason to switch off channel
> binding if both the client and server support it. It might not add any
> security you care about, but it won't do any harm either. The
> non-channel-binding codepath is still exercised with non-SSL connections.
Is that true? What if it makes a connection fail that you wanted to
succeed? Suppose we discover a bug that makes connections using
channel binding fail on Thursdays.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Arseny Sher | 2018-08-07 09:37:14 | Re: [HACKERS] logical decoding of two-phase transactions |
| Previous Message | Amit Langote | 2018-08-07 08:09:46 | Re: Fix hints on CREATE PROCEDURE errors |