From: | Jelte Fennema-Nio <postgres(at)jeltef(dot)nl> |
---|---|
To: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
Cc: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>, Daniel Gustafsson <daniel(at)yesql(dot)se>, Robert Haas <robertmhaas(at)gmail(dot)com>, Michael Paquier <michael(at)paquier(dot)xyz>, Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
Subject: | Re: Direct SSL connection with ALPN and HBA rules |
Date: | 2024-05-13 14:19:36 |
Message-ID: | CAGECzQQtddvUtA3+sOqOhb2h6hXJx66YNdMuz-Eim4pzQUJ-BQ@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Mon, 13 May 2024 at 13:07, Heikki Linnakangas <hlinnaka(at)iki(dot)fi> wrote:
> "channel_binding=require sslmode=require" also protects from MITM attacks.
Cool, I didn't realize we had this connection option and it could be
used like this. But I think there's a few security downsides of
channel_binding=require over sslmode=verify-full: If the client relies
on channel_binding to validate server authenticity, a leaked
server-side SCRAM hash is enough for an attacker to impersonate a
server. While normally a leaked scram hash isn't really much of a
security concern (assuming long enough passwords). I also don't know
of many people rotating their scram hashes, even though many rotate
TLS certs.
> I think these options should be designed from the user's point of view,
> so that the user can specify the risks they're willing to accept, and
> the details of how that's accomplished are handled by libpq. For
> example, I'm OK with (tick all that apply):
>
> [ ] passive eavesdroppers seeing all the traffic
> [ ] MITM being able to hijack the session
> [ ] connecting without verifying the server's identity
> [ ] divulging the plaintext password to the server
> [ ] ...
I think that sounds like a great idea, looking forward to the proposal.
From | Date | Subject | |
---|---|---|---|
Next Message | Isaac Morland | 2024-05-13 14:37:27 | Re: Is there any chance to get some kind of a result set sifting mechanism in Postgres? |
Previous Message | Andrew Dunstan | 2024-05-13 14:19:04 | Re: Why is citext/regress failing on hamerkop? |