Quick Links

Re: Replay attack of query cancel

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Alvaro Herrera <alvherre(at)commandprompt(dot)com>
Cc:	Heikki Linnakangas <heikki(at)enterprisedb(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: Replay attack of query cancel
Date:	2008-08-08 20:45:13
Message-ID:	17823.1218228313@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Alvaro Herrera <alvherre(at)commandprompt(dot)com> writes:
> I wonder if we can do something diffie-hellman'ish, where we have a
> parameter exchanged in the initial SSL'ed handshake, which is later used
> to generate new cancel keys each time the previous one is used.

Seems like the risk of getting out of sync would outweigh any benefits.
Lose one cancel message in the network, you have no hope of getting any
more accepted.

regards, tom lane

In response to

Re: Replay attack of query cancel at 2008-08-08 19:15:19 from Alvaro Herrera

Responses

Re: Replay attack of query cancel at 2008-08-10 12:44:20 from Andrew Gierth
Re: Replay attack of query cancel at 2008-08-10 15:00:32 from Zdenek Kotala

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Magnus Hagander	2008-08-08 20:54:43	Re: Replay attack of query cancel
Previous Message	Tom Lane	2008-08-08 20:23:57	Re: IN vs EXISTS equivalence