Home > mailing lists

Re: [HACKERS] Some thoughts about SCRAM implementation - Mailing list pgsql-hackers

From	Stephen Frost
Subject	Re: [HACKERS] Some thoughts about SCRAM implementation
Date	April 12, 2017 22:42:04
Msg-id	20170412164204.GC9812@tamriel.snowman.net Whole thread Raw
In response to	Re: [HACKERS] Some thoughts about SCRAM implementation (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: [HACKERS] Some thoughts about SCRAM implementation (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

Tom, all,

* Tom Lane (tgl@sss.pgh.pa.us) wrote:
> ... which the user can't tell apart from having fat-fingered the password,
> I suppose?  Doesn't sound terribly friendly.  A report of a certificate
> mismatch is far more likely to lead people to realize there's a MITM.

We might be able to improve on that.

> So this seems more like a hack than like a feature we need so desperately
> as to push it into v10 post-freeze.

Channel binding certainly isn't a 'hack' and is something we should
support, but I agree that it doesn't need to go into v10.

Thanks!

Stephen

pgsql-hackers by date:

From: Robert Haas
Date: 12 April 2017, 22:38:22
Subject: Re: [HACKERS] Some thoughts about SCRAM implementation

From: Robert Haas
Date: 12 April 2017, 22:51:49
Subject: Re: [HACKERS] the need to finish

Re: [HACKERS] Some thoughts about SCRAM implementation - Mailing list pgsql-hackers

Previous

Next