Home > mailing lists

Re: Replay attack of query cancel - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Replay attack of query cancel
Date	August 8, 2008 20:45:23
Msg-id	17823.1218228313@sss.pgh.pa.us Whole thread Raw
In response to	Re: Replay attack of query cancel (Alvaro Herrera <alvherre@commandprompt.com>)
Responses	Re: Replay attack of query cancel (Zdenek Kotala <Zdenek.Kotala@Sun.COM>)
List	pgsql-hackers

Tree view

Alvaro Herrera <alvherre@commandprompt.com> writes:
> I wonder if we can do something diffie-hellman'ish, where we have a
> parameter exchanged in the initial SSL'ed handshake, which is later used
> to generate new cancel keys each time the previous one is used.

Seems like the risk of getting out of sync would outweigh any benefits.
Lose one cancel message in the network, you have no hope of getting any
more accepted.
        regards, tom lane

pgsql-hackers by date:

From: Tom Lane
Date: 08 August 2008, 20:24:20
Subject: Re: IN vs EXISTS equivalence

From: Magnus Hagander
Date: 08 August 2008, 20:54:49
Subject: Re: Replay attack of query cancel

Re: Replay attack of query cancel - Mailing list pgsql-hackers

Previous

Next