|From:||Bill Studenmund <wrstuden(at)netbsd(dot)org>|
|To:||Peter Eisentraut <peter_e(at)gmx(dot)net>|
|Cc:||Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, <pgsql-patches(at)postgresql(dot)org>|
|Subject:||Re: Patch to add Heimdal kerberos support|
|Views:||Raw Message | Whole Thread | Download mbox|
On Wed, 14 Nov 2001, Peter Eisentraut wrote:
> No idea about the deprecatedness, but our Kerberos code does compile with
> the Kerberos V shipped in Red Hat 7.0 (MIT, I think), and the Kerberos IV
> code compiled successfully with KTH Kerberos last time I checked.
> However, most of the three people that ever mentioned anything detailed
> about the Kerberos support in PostgreSQL had the sound of "fundementally
> flawed", "totally insecure", etc.
I'll admit our kerberos support was NOT what I expected it to be when I
got it working; I was quite surprised to see all of the queries going by
in the clear.
It depends on what you want. If you want to not have clear-text passwords
go by and to have a very good idea who the person on the other side of the
session is, then this kerberos support does that. No one will be able to
sniff a password off of this. It's like kpop or telnet -a
If you expected an encrypted session, well, you don't get it. This isn't
telnet -ax. :-(
Is there interest in supporting encrypted sessions? I can think of two
ways to do it: 1) in addition to kerberos as an authentication, we also
add kerbers-priv which is the current kerberos but we switch to encryption
once we indicate successful authentication. 2) we add a start-encrypting
command to the protocol.
I dislike 2) as the best encryption key to use is the one we got with the
authentication step, which we'd have to hang onto for a while in case we
decided to start encrypting.
|Next Message||Tom Lane||2001-11-14 22:52:02||Re: Patch to add Heimdal kerberos support|
|Previous Message||Bill Studenmund||2001-11-14 22:18:57||Re: Patch to add Heimdal kerberos support|