Home > mailing lists

Re: SCRAM with channel binding downgrade attack - Mailing list pgsql-hackers

From	Michael Paquier
Subject	Re: SCRAM with channel binding downgrade attack
Date	May 23, 2018 15:10:36
Msg-id	20180523091036.GA2309@paquier.xyz Whole thread Raw
In response to	Re: SCRAM with channel binding downgrade attack (Michael Paquier <michael@paquier.xyz>)
List	pgsql-hackers

Tree view

On Wed, May 23, 2018 at 05:56:19PM +0900, Michael Paquier wrote:
> OK, being able to introduce a new default if necessary is a good point.
> Let's introduce a "require" mode then, which uses tls-unique
> underground, while "tls-unique" and "tls-server-end-point" are
> documented as developer-oriented.

By the way, if somebody could review the latest version of the patch
before I write a new version and agrees with the concept introduced
would be nice..  Adding one option is simple enough, making sure that we
agree that the patch is on good tracks is harder.
--
Michael

Attachment

signature.asc

pgsql-hackers by date:

From: Heikki Linnakangas
Date: 23 May 2018, 15:08:35
Subject: Re: SCRAM with channel binding downgrade attack

From: Magnus Hagander
Date: 23 May 2018, 15:15:28
Subject: Re: SCRAM with channel binding downgrade attack

Re: SCRAM with channel binding downgrade attack - Mailing list pgsql-hackers

Attachment

Previous

Next