Re: PostgreSQL - Weak DH group

On Thu, Jul 13, 2017 at 1:30 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Heikki Linnakangas <hlinnaka(at)iki(dot)fi> writes:
>> I don't think this can be backpatched. It changes the default DH
>> parameters from 1024 bits to 2048 bits. That's a good thing for
>> security, but older clients might not support it, and would refuse to
>> connect or would fall back to something less secure.
>
> Do we have any hard information about which versions of which clients
> might not support that? (In particular I'm wondering if any still exist
> in the wild.)

Yeah. If we break clients for v10 two months from release, some
drivers won't be updated by release time, and that sounds pretty
unfriendly to me. On the other hand, if there is only a theoretical
risk of breakage and no clients that we actually know about will have
a problem with it, then the argument for waiting is weaker. I'm not
generally very excited about changing things after beta2, which is
where are, but if this is a security issue then we might need to hold
our nose and go ahead. I'm against it if it's likely to cause
real-world connectivity problems, though.

--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company