Re: SSL (patch 2) - Mailing list pgsql-patches

From Bear Giles
Subject Re: SSL (patch 2)
Date
Msg-id 200205272147.PAA10863@eris.coyotesong.com
Whole thread Raw
In response to Re: SSL (patch 2)  (Peter Eisentraut <peter_e@gmx.net>)
List pgsql-patches
> Bear Giles writes:
>
> > This patch adds calls to SSL_get_error() after SSL_read() and
> > SSL_write(), adds SSL_shutdown() before SSL_free(), and changes
> > default protocol from SSLv3 to TLSv1.
>
> What are the advantages and ramifications of changing this protocol?  If
> it's the "default" protocol, how can I change it?  Patch is OK besides
> that.

It's politics.  SSL was written by Netscape, Microsoft came out with
their own incompatible extensions, and the IETF formed a group to find
a solution that left nobody happy but which everyone could live with.
It would have been adopted years ago except that the X.509 group
got hung up on something, and since TLS depends on X.509 it couldn't
be adopted until X.509 was.

So now SSL is essentially dead - it works, but it won't be fixed if
another security hole is found (which how SSLv2 begat SSLv3).  TLSv1
wants you to do some things that SSLv3 lets slide.

The only potential downside is that I'm not entirely sure old libraries
will be happy with the new server, but the rest of the changes are so
profound that the release notes should strongly recommend that anyone
using direct SSL upgrade anyway, so it's easier to make this change now
than in a future release.

Bear

pgsql-patches by date:

Previous
From: Joe Conway
Date:
Subject: Re: small dblink patch
Next
From: Neil Conway
Date:
Subject: Re: COPY and default values