Re: SCRAM with channel binding downgrade attack
Michael Paquier <michael@paquier.xyz>
On Mon, Jun 11, 2018 at 04:54:45PM +0200, Magnus Hagander wrote: > I'm wondering if that means we should then also not do it specifically for > scram in this version. Otherwise we're likely to end up with a parameter > that only has a "lifetime" of one version, and that seems like a bad idea. > If nothing else we should clearly think out what the path is to make sure > that doesn't happen. (e.g. we don't want a > scram_channel_binding_mode=require in this version, if the next one is > going to replace it with something like heikkis suggested > allowed_authentication_methods=SCRAM-SHA-256-PLUS or whatever we end up > coming up with there). Conceptually, it depends on if we consider SCRAM and SCRAM+channel_binding as two separate authentication protocols. However it seems to me that as both are the same thing as they use the same protocol so it would be confusing for the user to be able to define both SCRAM-SHA-256 and SCRAM-SHA-256-PLUS within the same list, so I would tend to think that we should have in this future "allowed_authentication_methods" only scram-sha-256 listed as an option, which counts for both SCRAM with and without channel binding. Thinking harder about this thread, it could be as well possible in the future that we add support for channel binding for some other SASL mechanism, in which case I would tend to rename scram_channel_binding_type and scram_channel_binding_mode to simply channel_binding_type and channel_binding_mode, without any concepts of SCRAM attached to it. So in short, I'd like to keep both enforcement mechanisms as separate concepts. One future compatibility issue is how to deal with for example cases like allowed_authentication_methods="md5" and channel_binding_mode=require where an allowed authentication does not have channel binding? And it seems to me that this should result in an error. Opinions of others are welcome. -- Michael
Commits
-
doc: update PG 11 release notes
- 6eb612fea9d0 12.0 cited
-
Fix misspelled pg_trgm contrib name in PostgreSQL 11 release notes
- 3abc5a67edfd 12.0 landed
-
Doc: clarify release note text about v11's new window function features.
- 510421c45fb4 11.0 landed
- 11a3aeeb5e17 12.0 landed
-
Improve wording of release notes item
- bee6a683a5c3 11.0 landed
-
Fix typos in release notes
- fb6accd27b99 11.0 landed
-
Doc: preliminary list of PG11 major features.
- 4aad161c9a6d 11.0 landed
-
Make numeric power() handle NaNs according to the modern POSIX spec.
- d1fc750b5199 11.0 landed
-
Various improvements of skipping index scan during vacuum technics
- 8e12f4a250d2 11.0 cited
-
Revert back-branch changes in power()'s behavior for NaN inputs.
- f74d83b3034f 10.4 cited
-
Avoid wrong results for power() with NaN input on more platforms.
- 6bdf1303b34b 11.0 cited
-
Avoid wrong results for power() with NaN input on some platforms.
- 61b200e2f582 11.0 cited
-
Skip full index scan during cleanup of B-tree indexes when possible
- 857f9c36cda5 11.0 cited
-
Rewrite the code that applies scan/join targets to paths.
- 11cf92f6e2e1 11.0 cited
-
Postpone generate_gather_paths for topmost scan/join rel.
- 3f90ec8597c3 11.0 cited
-
Add casts from jsonb
- c0cbe00fee6d 11.0 cited
-
Make plpgsql use its DTYPE_REC code paths for composite-type variables.
- 4b93f57999a2 11.0 cited
-
Don't allow VACUUM VERBOSE ANALYZE VERBOSE.
- 921059bd66c7 11.0 cited
-
Pass InitPlan values to workers via Gather (Merge).
- e89a71fb449a 11.0 cited
-
Account for the effect of lossy pages when costing bitmap scans.
- 5edc63bda68a 11.0 cited
-
Allow no-op GiST support functions to be omitted.
- d3a4f89d8a3e 11.0 cited
-
Rearm statement_timeout after each executed query.
- f8e5f156b30e 11.0 cited
-
Push limit through subqueries to underlying sort, where possible.
- 1f6d515a67ec 11.0 cited