Re: Post-CVE Wishlist
| От | Jacob Champion |
|---|---|
| Тема | Re: Post-CVE Wishlist |
| Дата | |
| Msg-id | f032fe6d90a65f7dca5d3764c60a0581bc72e836.camel@vmware.com обсуждение |
| Ответ на | Post-CVE Wishlist (Jacob Champion <pchampion@vmware.com>) |
| Ответы |
Re: Post-CVE Wishlist
|
| Список | pgsql-hackers |
On Tue, 2021-11-23 at 18:27 +0000, Jacob Champion wrote: > Now that the MITM CVEs are published [1], I wanted to share my wishlist > of things that would have made those attacks difficult/impossible to > pull off. Now that we're post-commitfest, here's my summary of the responses so far: > = Client-Side Auth Selection = There is interest in letting libpq reject certain auth methods coming back from the server, perhaps using a simple connection option, and there are some prior conversations on the list to look into. > = Implicit TLS = Reactions to implicit TLS were mixed, from "we should not do this" to "it might be nice to have the option, from a technical standpoint". Both a separate-port model and a shared-port model were tentatively proposed. The general consensus seems to be that the StartTLS-style flow is currently sufficient from a security standpoint. I didn't see any responses that were outright in favor, so I think my remaining question is: are there any committers who think a prototype would be worth the time for a motivated implementer? Thanks for the discussion! --Jacob
В списке pgsql-hackers по дате отправления: