Re: SCRAM in the PG 10 release notes

On Thu, Sep 14, 2017 at 09:57:36AM +0300, Heikki Linnakangas wrote:
> On 09/12/2017 04:09 AM, Noah Misch wrote:
> >On Wed, May 10, 2017 at 10:50:51PM -0400, Bruce Momjian wrote:
> >>On Mon, May 1, 2017 at 08:12:51AM -0400, Robert Haas wrote:
> >>>On Tue, Apr 25, 2017 at 10:16 PM, Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> >>>>Well, we could add "MD5 users are encouraged to switch to
> >>>>SCRAM-SHA-256". Now whether we want to list this as something on the
> >>>>SCRAM-SHA-256 description, or mention it as an incompatibility, or
> >>>>under Migration. I am not clear that MD5 is in such terrible shape that
> >>>>this is warranted.
> >>>
> >>>I think it's warranted. The continuing use of MD5 has been a headache
> >>>for some EnterpriseDB customers who have compliance requirements which
> >>>they must meet. It's not that they themselves necessarily know or
> >>>care whether MD5 is secure, although in some cases they do; it's that
> >>>if they use it, they will be breaking laws or regulations to which
> >>>their business or agency is subject. I imagine customers of other
> >>>PostgreSQL companies have similar issues. But leaving that aside, the
> >>>advantage of SCRAM isn't merely that it uses a better algorithm to
> >>>hash the password. It has other advantages also, like not being
> >>>vulnerable to replay attacks. If you're doing password
> >>>authentication, you should really be using SCRAM, and encouraging
> >>>people to move to SCRAM after upgrading is a good idea.
> >>>
> >>>That having been said, SCRAM is a wire protocol break. You will not
> >>>be able to upgrade to SCRAM unless and until the drivers you use to
> >>>connect to the database add support for it. The only such driver
> >>>that's part of libpq; other drivers that have reimplemented the
> >>>PostgreSQL wire protocol will have to be updated with SCRAM support
> >>>before it will be possible to use SCRAM with those drivers. I think
> >>>this should be mentioned in the release notes, too. I also think it
> >>>would be great if somebody would put together a wiki page listing all
> >>>the popular drivers and (1) whether they use libpq or reimplement the
> >>>wire protocol, and (2) if the latter, the status of any efforts to
> >>>implement SCRAM, and (3) if those efforts have been completed, the
> >>>version from which they support SCRAM. Then, I think we should reach
> >>>out to all of the maintainers of those driver authors who aren't
> >>>moving to support SCRAM and encourage them to do so.
> >>
> >>I have added this as an open item because we will have to wait to see
> >>where we are with driver support as the release gets closer.
> >
> >With the release near, I'm promoting this to the regular open issues section.
>
> Thanks.
>
> I updated the list of drivers on the wiki
> (https://wiki.postgresql.org/wiki/List_of_drivers), adding a column for
> whether the driver supports SCRAM authentication. Currently, the only
> non-libpq driver that has implemented SCRAM is the JDBC driver. I submitted
> a patch for the Go driver, but it hasn't been committed yet.
>
> As for a recommendation in the release notes, maybe something like
> "Installations using MD5 authentication are encouraged to switch to
> SCRAM-SHA-256, unless using older client programs or drivers that don't
> support it yet."

That sounds reasonable.

This PostgreSQL 10 open item is past due for your status update. Kindly send
a status update within 24 hours, and include a date for your subsequent status
update. Refer to the policy on open item ownership:
https://www.postgresql.org/message-id/20170404140717.GA2675809%40tornado.leadboat.com