| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Oliver Jowett <oliver(at)opencloud(dot)com> |
| Cc: | Magnus Hagander <mha(at)sollentuna(dot)net>, Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, "T(dot)J(dot)" <tjtoocool(at)phreaker(dot)net>, pgsql-bugs(at)postgresql(dot)org, pgsql-hackers-win32(at)postgresql(dot)org |
| Subject: | Re: [pgsql-hackers-win32] More SSL questions.. |
| Date: | 2005-01-05 22:36:23 |
| Message-ID: | 1755.1104964583@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs pgsql-hackers-win32 |
Oliver Jowett <oliver(at)opencloud(dot)com> writes:
> Tom Lane wrote:
>> I'm not sure if this is desirable. Should libpq try to fall back to a
>> non-SSL-encrypted connection, instead?
> Only if the server certificate validates, otherwise an active attacker
> could intercept the SSL connection to force libpq to fall back to
> non-SSL and then intercept the unencrypted/unauthenticated connection.
The problem case is where there are no SSL support files, and so the client
isn't going to be able to validate the server cert anyway. So the above
doesn't seem real helpful...
Basically my point here is that the default "prefer" SSL mode
effectively becomes "require" if the server has a root.crt.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Oliver Jowett | 2005-01-05 23:02:58 | Re: [pgsql-hackers-win32] More SSL questions.. |
| Previous Message | Bruce Momjian | 2005-01-05 22:25:19 | Re: More SSL questions.. |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2005-01-05 22:39:59 | Re: [BUGS] More SSL questions.. |
| Previous Message | Matthew T. O'Connor | 2005-01-05 22:30:48 | Re: [BUGS] More SSL questions.. |