| From: | Dan Kaminsky <dan(at)doxpara(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Gregory Stark <stark(at)enterprisedb(dot)com>, Alvaro Herrera <alvherre(at)commandprompt(dot)com>, Bruce Momjian <bruce(at)momjian(dot)us>, pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: BUG #4340: SECURITY: Is SSL Doing Anything? |
| Date: | 2008-08-19 17:04:15 |
| Message-ID: | 48AAFD0F.6040503@doxpara.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
Tom Lane wrote:
> Dan Kaminsky <dan(at)doxpara(dot)com> writes:
>
>> My question has been: When you attempt to create an SSL connection to
>> database.backend.com, do you actually validate that:
>>
>
>
>> 1) The subject name of the certificate you're connecting to is
>> database.backend.com, and
>> 2) At least the basic checks (expiration, chaining back to a valid root)
>> occur?
>>
>
> [ shrug... ] We do whatever OpenSSL's default validation behavior is.
> If that's inadequate you probably ought to be taking it up with them,
> instead of trying to get downstream projects to fix it one at a time.
>
> regards, tom lane
>
Heh, you're the one making guarantees to your users. I'm just asking
the exact nature of those guarantees. I agree that #2 is entirely under
the control of OpenSSL -- but I'd like to know if #1 is being satisfied,
i.e. OpenSSL knows you're looking to validate database.backend.com as
opposed to "some cert that chains back", which is a worthless security
assertion.
--Dan
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2008-08-19 18:12:47 | Re: BUG #4340: SECURITY: Is SSL Doing Anything? |
| Previous Message | Tom Lane | 2008-08-19 16:00:58 | Re: BUG #4340: SECURITY: Is SSL Doing Anything? |