Home > mailing lists

Re: Spoofing as the postmaster - Mailing list pgsql-hackers

From	Mark Mielke
Subject	Re: Spoofing as the postmaster
Date	December 29, 2007 03:34:39
Msg-id	4775CD7D.5010806@mark.mielke.cc Whole thread Raw
In response to	Re: Spoofing as the postmaster (Bruce Momjian <bruce@momjian.us>)
List	pgsql-hackers

Tree view

Bruce Momjian wrote:
> OK, updated paragraph:
>
>     It is possible to have authentication without encryption overhead by
>     using <literal>NULL-SHA</> or <literal>NULL-MD5</> ciphers.  However,
>     a man-in-the-middle could read and pass communications between client
>     and server.  Also, encryption overhead is minimal compared to the
>     overhead of authentication.  For these reasons NULL ciphers are not
>     recommended.
>   
Looks good!

Cheers,
mark

-- 
Mark Mielke <mark@mielke.cc>

pgsql-hackers by date:

From: Bruce Momjian
Date: 29 December 2007, 03:27:24
Subject: Re: Spoofing as the postmaster

From: Andrew Dunstan
Date: 29 December 2007, 04:40:20
Subject: Re: minimal update

Re: Spoofing as the postmaster - Mailing list pgsql-hackers

Previous

Next