| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Craig Ringer <craig(at)2ndquadrant(dot)com> |
| Cc: | PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: TODO item for protocol revision: Negotiate encryption in connection handshake |
| Date: | 2014-09-03 12:52:44 |
| Message-ID: | CABUevEyEXm-GM7jK-Y+kGzp4grgnTxqXadOcQ7KPnY130PcGnA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Sep 3, 2014 at 12:17 PM, Craig Ringer <craig(at)2ndquadrant(dot)com> wrote:
> Hi all
>
> Another thing I keep on wishing Pg's protocol had is an after-connection
> negotiation for transport encryption, like STARTTLS .
>
> Right now, the client has to guess if the server requires, permits, or
> rejects SSL, and decide whether to start with SSL or !SSL. If that
> fails, it has to try the other one.
>
> The way it's managed in pg_hba.conf means that users usually just get
> confusing errors like:
>
> FATAL: no pg_hba.conf entry for host "192.168.0.1", user "postgres",
> database "whatever", SSL off
>
> without the client app being given the opportunity to be told by the
> server "Please upgrade to transport level security before proceeding".
>
> I like how IMAP does it, where the server announces its capabilities.
>
> Reasonable to aim for in a protocol v4?
Yeah, it definitely does I think. Should be in the form of some more
generic "capabilities negotiation" though, even if we only have SSL to
begin with.
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Vik Fearing | 2014-09-03 12:55:32 | Re: GSoC on WAL-logging hash indexes |
| Previous Message | Heikki Linnakangas | 2014-09-03 12:09:54 | Re: Escaping from blocked send() reprised. |