Re: Postgres 11 release notes
Bruce Momjian <bruce@momjian.us>
On Wed, May 16, 2018 at 09:09:22PM -0400, Bruce Momjian wrote: > > > FYI, I think the server could also require channel binding for SCRAM. We > > > already have scram-sha-256 in pg_hba.conf, and I think > > > scram-sha-256-plus would be reasonable. > > > > Noted as well. There is of course the question of v10 libpq versions > > which don't support channel binding, but if an admin is willing to set > > up scram-sha-256-plus in pg_hba.conf then he can request his users to > > update his drivers/libs as well. > > Yes, I don't see a way around it. Once you accept that someone in the > middle can change what you request undetected, then you can't do > fallback. Imagine a man-in-the-middle with TLS where the > man-in-the-middle allows the two end-points to negotiate the shared > secret, but the man-in-the-middle forces a weak cipher. This is what is > happening with Postgres when the man-in-the-middle forces a weaker > authentication method. Technically, you can do automatic fallback if the fallback has man-in-the-middle and downgrade protection. Technically, because TLS is already active when we start authentication negotiation, we don't need downgrade protection as long as we have man-in-the-middle protection. Unfortunately, only SCRAM with channel binding and sslmode=verify-full have man-in-the-middle protection. Therefore, downgrading from SCRAM with channel binding to SCRAM without channel binding, MD5, or 'password' is only safe if sslmode=verify-full is enabled. Technically MD5, or 'password' has weak or non-existent replay protection, but if we are requiring TLS, then that doesn't really matter, assuming we have man-in-the-middle protection. I don't know if falling back from SCRAM with channel binding to a lesser authentication methods only if sslmode=verify-full is enabled is really helpful to anyone since it requires certificate installation. TLS has similar downgrade issues: http://www.educatedguesswork.org/2012/07/problems_with_secure_upgrade_t.html but many of its downgrade options have downgrade protection, and you don't lose man-in-the-middle protection by downgrading. Man-in-the-middle protection via certificate checking happens independent of the TLS version being used, which is not the case for Postgres authentication downgrade options. -- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + As you are, so once was I. As I am, so you will be. + + Ancient Roman grave inscription +
Commits
-
doc: update PG 11 release notes
- 6eb612fea9d0 12.0 cited
-
Fix misspelled pg_trgm contrib name in PostgreSQL 11 release notes
- 3abc5a67edfd 12.0 landed
-
Doc: clarify release note text about v11's new window function features.
- 510421c45fb4 11.0 landed
- 11a3aeeb5e17 12.0 landed
-
Improve wording of release notes item
- bee6a683a5c3 11.0 landed
-
Fix typos in release notes
- fb6accd27b99 11.0 landed
-
Doc: preliminary list of PG11 major features.
- 4aad161c9a6d 11.0 landed
-
Make numeric power() handle NaNs according to the modern POSIX spec.
- d1fc750b5199 11.0 landed
-
Various improvements of skipping index scan during vacuum technics
- 8e12f4a250d2 11.0 cited
-
Revert back-branch changes in power()'s behavior for NaN inputs.
- f74d83b3034f 10.4 cited
-
Avoid wrong results for power() with NaN input on more platforms.
- 6bdf1303b34b 11.0 cited
-
Avoid wrong results for power() with NaN input on some platforms.
- 61b200e2f582 11.0 cited
-
Skip full index scan during cleanup of B-tree indexes when possible
- 857f9c36cda5 11.0 cited
-
Rewrite the code that applies scan/join targets to paths.
- 11cf92f6e2e1 11.0 cited
-
Postpone generate_gather_paths for topmost scan/join rel.
- 3f90ec8597c3 11.0 cited
-
Add casts from jsonb
- c0cbe00fee6d 11.0 cited
-
Make plpgsql use its DTYPE_REC code paths for composite-type variables.
- 4b93f57999a2 11.0 cited
-
Don't allow VACUUM VERBOSE ANALYZE VERBOSE.
- 921059bd66c7 11.0 cited
-
Pass InitPlan values to workers via Gather (Merge).
- e89a71fb449a 11.0 cited
-
Account for the effect of lossy pages when costing bitmap scans.
- 5edc63bda68a 11.0 cited
-
Allow no-op GiST support functions to be omitted.
- d3a4f89d8a3e 11.0 cited
-
Rearm statement_timeout after each executed query.
- f8e5f156b30e 11.0 cited
-
Push limit through subqueries to underlying sort, where possible.
- 1f6d515a67ec 11.0 cited