On Fri, Sep 15, 2017 at 1:58 AM, Peter Eisentraut
<peter.eisentraut@2ndquadrant.com> wrote:
> Second thoughts, to make things simpler. All we need for channel
> binding is a connection flag that says "I require channel binding". It
> could be modeled after the sslmode parameter, e.g., cbind=disable (maybe
> for debugging), cbind=prefer (default), cbind=require. If you specify
> "require", then libpq would refuse to proceed unless scram-sha2-256-plus
> (or future similar mechanisms) was offered for authentication.
>
> We don't even need a parameter that specifies which channel binding type
> to use. If libpq implements tls-unique, it should always use that. We
> might need a flag for testing other types, but that should not be an
> in-the-user's-face option.
JDBC folks are willing to have end-point, and we should have a way to
enforce it in my opinion for at least testing with an implementation
at client-level in Postgres core. I agree that without the JDBC needs
having a on/off switch would be sufficient, and actually RFC compliant
as tls-unique is mandatory.
--
Michael
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers