| From: | Tatsuo Ishii <ishii(at)sraoss(dot)co(dot)jp> |
|---|---|
| To: | joshua(dot)brindle(at)crunchydata(dot)com |
| Cc: | ishii(at)sraoss(dot)co(dot)jp, sfrost(at)snowman(dot)net, jkatz(at)postgresql(dot)org, tgl(at)sss(dot)pgh(dot)pa(dot)us, pgsql(at)j-davis(dot)com, smilingsamay(at)gmail(dot)com, pgsql-hackers(at)lists(dot)postgresql(dot)org, andres(at)anarazel(dot)de |
| Subject: | Re: Proposal: Support custom authentication methods using hooks,Re: Proposal: Support custom authentication methods using hooks |
| Date: | 2022-03-04 23:03:37 |
| Message-ID: | 20220305.080337.381345932292253507.t-ishii@sranhm.sra.co.jp |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
>> I still don't understand why using plaintex password authentication
>> over SSL connection is considered insecure. Actually we have been
>> stating opposite in the manual:
>> https://www.postgresql.org/docs/14/auth-password.html
>>
>> "If the connection is protected by SSL encryption then password can be
>> used safely, though."
>
> If you aren't doing client verification (i.e., cert in pg_hba) and are
> not doing verify-full on the client side then a man-in-the-middle
> attack on TLS is trivial, and the plaintext password will be
> sniffable.
So the plaintext password is safe if used with hostssl + verify-full
(server side) and sslmode = verify-full (client side), right?
Best reagards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Thomas Munro | 2022-03-05 00:21:26 | Re: Regression tests failures on Windows Server 2019 - on master at commit # d816f366b |
| Previous Message | Andres Freund | 2022-03-04 22:44:12 | Re: Regression tests failures on Windows Server 2019 - on master at commit # d816f366b |