On Mon, Oct 18, 2021 at 12:37:39PM -0400, Robert Haas wrote:
> I do really like the idea of using AES-GCM-SIV not because I know
> anything about it, but because the integrity checking seems cool, and
----------
> storing the nonce seems like it would improve security. However, based
Frankly, I think we need to be cautious about doing anything related to
security for "cool" motivations. (This might be how OpenSSL became such
a mess.) For non-security features, you can often add a few lines of
code to enable some cool use-case. For security features, you have to
block its targeted attack methods fully or it is useless. (It doesn't
need to block all attack methods.) To fully block attack methods,
security features must be thoroughly designed and all potential
interactions must be researched.
When adding non-security Postgres features, cool features can be more
easily implemented because they are built on the sold foundation of
Postgres. For security features, you have to assume that attacks can
come from anywhere, so the foundation is unclear and caution is wise.
--
Bruce Momjian <bruce@momjian.us> https://momjian.us
EDB https://enterprisedb.com
If only the physical world exists, free will is an illusion.
