From: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
---|---|
To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, Noah Misch <noah(at)leadboat(dot)com> |
Cc: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, Aleksander Alekseev <a(dot)alekseev(at)postgrespro(dot)ru>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>, magnus(at)hagander(dot)net, robertmhaas(at)gmail(dot)com |
Subject: | Re: SCRAM authentication, take three |
Date: | 2017-04-11 05:10:23 |
Message-ID: | 54e29e46-6e89-a736-764d-90536568c079@iki.fi |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 04/11/2017 04:52 AM, Peter Eisentraut wrote:
> On 4/10/17 04:27, Heikki Linnakangas wrote:
>> One thing to consider is that we just made the decision that "md5"
>> actually means "md5 or scram-sha-256". Extrapolating from that, I think
>> we'll want "scram-sha-256" to mean "scram-sha-256 or scram-sha-256-plus"
>> (i.e. the channel-bonding variant) in the future. And if we get support
>> for scram-sha-512, "scram-sha-256" would presumably allow that too.
>
> But how would you choose between scram-sha-256-plus and scram-sha-512?
Good question. We would need to decide the order of preference for those.
That question won't arise in practice. Firstly, if the server can do
scram-sha-256-plus, it presumably can also do scram-sha-512-plus. Unless
there's a change in the way the channel binding works, such that the
scram-sha-512-plus variant needs a newer version of OpenSSL or
something. Secondly, the user's pg_authid row will contain a
SCRAM-SHA-256 or SCRAM-SHA-512 verifier, not both, so that will dictate
which one to use.
- Heikki
From | Date | Subject | |
---|---|---|---|
Next Message | Michael Paquier | 2017-04-11 05:25:08 | Re: Implementation of SASLprep for SCRAM-SHA-256 |
Previous Message | Kato, Sho | 2017-04-11 05:00:56 | Host variables corresponding bytea type in ecpg |