Gregory Stark wrote:
> "Tom Lane" <tgl@sss.pgh.pa.us> writes:
>
>
>> Actually, I had missed that the OP was looking at 7.3 rather than 8.3.
>> There was a "verify_peer()" in 7.3 but it was #ifdef'd out. The
>> question remains whether there's a reason to have it. It would be good
>> if the discussion were based on a non-obsolete PG version ...
>>
>
> Well in theory SSL without at least one-way authentication is actually
> worthless. It's susceptible to man-in-the-middle attacks meaning someone can
> sniff all the contents or even inject into or take over connections. It is
> proof against passive attacks but active attacks are known in the field so
> that's cold comfort these days.
As the finder of recent DNS issues, I'm pretty aware of real world
active attacks.
My question has been: When you attempt to create an SSL connection to
database.backend.com, do you actually validate that:
1) The subject name of the certificate you're connecting to is
database.backend.com, and
2) At least the basic checks (expiration, chaining back to a valid root)
occur?
I've gotten some reasonable hints that #2 happen, but I don't know if #1
happens, and these comments make me worry.
--Dan