Skip site navigation (1) Skip section navigation (2)

Re: Spoofing as the postmaster

From: Mark Mielke <mark(at)mark(dot)mielke(dot)cc>
To: Bruce Momjian <bruce(at)momjian(dot)us>
Cc: Tomasz Ostrowski <tometzky(at)batory(dot)org(dot)pl>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Gregory Stark <stark(at)enterprisedb(dot)com>, Marko Kreen <markokr(at)gmail(dot)com>, Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Spoofing as the postmaster
Date: 2007-12-29 03:52:58
Message-ID: 4775C49A.3040708@mark.mielke.cc (view raw or flat)
Thread:
Lists: pgsql-hackers
Bruce Momjian wrote:
> Good point.  I have added the last two sentences to the documentation
> paragraph to highlight this issue:
>
>    <productname>OpenSSL</productname> supports a wide range of ciphers
>    and authentication algorithms, of varying strength.  While a list of
>    ciphers can be specified in the <productname>OpenSSL</productname>
>    configuration file, you can specify ciphers specifically for use by
>    the database server by modifying <xref linkend="guc-ssl-ciphers"> in
>    <filename>postgresql.conf</>.  It is possible to have authentication
>    without the overhead of encryption by using <literal>NULL-SHA</> or
>    <literal>NULL-MD5</> ciphers.  However, a man-in-the-middle could read
>    and pass communications between client and server.
>   
A fact that the above misses, is that symmetric key encryption is 
actually quite cheap. It is asymmetric key encryption that is expensive. 
If you look up information on SSL accelerators, you will find claims 
that the initial SSL authentication negotiation is 1000X as expensive as 
the actual data encryption for a running session, and that SSL web 
services are usually limited by their ability to negotiate NEW sessions. 
In other words, as well intentioned and accurate as the claim you make 
above, it may be irrelevant in many real world scenarios. If you are 
going to go through all the expensive processing of having 
authentication enabled, you may as well have encryption enabled too.

Cheers,
mark

-- 
Mark Mielke <mark(at)mielke(dot)cc>

In response to

Responses

pgsql-hackers by date

Next:From: Mark MielkeDate: 2007-12-29 04:02:14
Subject: Re: Spoofing as the postmaster
Previous:From: Bruce MomjianDate: 2007-12-29 03:44:49
Subject: Re: Spoofing as the postmaster

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group