On 20/11/2025 22:58, * Neustradamus * wrote:
> Dear PostgreSQL team, dear all,
>
> In 2022, I have contacted PostgreSQL team about Channel Binding:
> - https://www.postgresql.org/search/?m=1&q=tls-exporter&l=&d=-1&s=i
>
> We are in 2025, I relaunch the subject because several developers always say me: "it is not supported by
PostgreSQL".
>
> Can you add the support of RFC 9266: Channel Bindings for TLS 1.3?
> - https://datatracker.ietf.org/doc/html/rfc9266
I think that would be great. Patches are welcome!
The tricky part is probably going to be to make the protocol changes in
a way that is both backwards-compatible and as secure as possible. But
I'm sure it can be done.
> Channel Bindings for TLS: https://datatracker.ietf.org/doc/html/rfc5929
>
> - XEP-0388: Extensible SASL Profile: https://xmpp.org/extensions/xep-0388.html
> - XEP-0440: SASL Channel-Binding Type Capability: https://xmpp.org/extensions/xep-0440.html
> - XEP-0474: SASL SCRAM Downgrade Protection: https://xmpp.org/extensions/xep-0474.html
> - XEP-0480: SASL Upgrade Tasks: https://xmpp.org/extensions/xep-0480.html
>
> Little details, to know easily:
> - tls-unique for TLS =< 1.2 (RFC5929)
> - tls-server-end-point =< 1.2 + 1.3 (RFC5929)
> - tls-exporter for TLS = 1.3 (RFC9266)
>
> After the jabber.ru MITM, it is time to add it:
> - https://notes.valdikss.org.ru/jabber.ru-mitm/
> - https://snikket.org/blog/on-the-jabber-ru-mitm/
> - https://www.devever.net/~hl/xmpp-incident
> - https://blog.jmp.chat/b/certwatch/certwatch
PostgreSQL does support channel binding, with tls-server-end-point. I
believe that sufficient to prevent an attack like that. (Assuming that
it's configured correctly, but that's an issue of insecure defaults
rather than a missing feature).
What are the benefits of tls-exporter over tls-server-end-point? I agree
it would be good to support tls-exporter, since RFC9266 specifies it as
mandatory for channel binding over TLS 1.3. But aside from the RFC, is
there some practical difference?
- Heikki
