| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Channel binding |
| Date: | 2019-02-16 01:12:19 |
| Message-ID: | 20190216011219.GG2240@paquier.xyz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, Feb 15, 2019 at 04:17:07PM -0500, Bruce Momjian wrote:
> We removed channel binding from PG 11 in August of 2018 because we were
> concerned about downgrade attacks. Are there any plans to enable it for
> PG 12?
The original implementation of channel binding for SCRAM has included
support for two channel binding types: tls-unique and
tls-server-end-point. The original implementation also had a
connection parameter called scram_channel_binding to control the
channel binding type to use or to disable it.
What has been removed via 7729113 are tls-unique and the libpq
parameter, and we still have basic channel binding support. The
reasons behind that is that tls-unique future is uncertain as of TLS
1.3, and that tls-server-end-point will still be supported. This also
simplified the protocol as it is not necessary to let the client
decide which channel binding to use.
Downgrade attacks at protocol level are something different though, as
it is possible to trick libpq to lower down the initial level of
authentication wanted (say from SCRAM to MD5, or even worse from MD5
to trust). What we need here is additional frontend facility to allow
a client to authorize only a subset of authentication protocols. With
what's is v11 and HEAD, any driver speaking the Postgres protocol can
implement that.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2019-02-16 01:43:32 | Re: Optimze usage of immutable functions as relation |
| Previous Message | Benjamin Manes | 2019-02-16 00:48:50 | Re: [Patch][WiP] Tweaked LRU for shared buffers |