On Thu, May 25, 2023 at 6:10 PM Jonathan S. Katz <jkatz@postgresql.org> wrote:
> I read through the proposal and like this much better.
Great!
> I rewrote this to just focus on server spoofing that can occur with
> SCRAM authentication and did some wordsmithing. I was torn on keeping in
> the part of offline analysis of an intercepted hash, given one can do
> this with md5 as well, but perhaps it helps elaborate on the consequences.
This part:
> + To prevent server spoofing from occurring when using
> + <link linkend="auth-password">scram-sha-256</link> password authentication
> + over a network, you should ensure you are connecting using SSL.
seems to backtrack on the recommendation -- you have to use
sslmode=verify-full, not just SSL, to avoid handing a weak(er) hash to
an untrusted party.
--Jacob