Home > mailing lists

Re: Negotiating the SCRAM channel binding type - Mailing list pgsql-hackers

From	Robert Haas
Subject	Re: Negotiating the SCRAM channel binding type
Date	August 7, 2018 15:02:27
Msg-id	CA+TgmoY2q++3qwuqKMYp2GJo3FJ+aWC8NYX3M4NFUJ7ar_bJrQ@mail.gmail.com Whole thread Raw
In response to	Re: Negotiating the SCRAM channel binding type (Heikki Linnakangas <hlinnaka@iki.fi>)
Responses	Re: Negotiating the SCRAM channel binding type
List	pgsql-hackers

Tree view

On Sun, Aug 5, 2018 at 4:30 PM, Heikki Linnakangas <hlinnaka@iki.fi> wrote:
> Well, it'd be useless for users, there is no reason to switch off channel
> binding if both the client and server support it. It might not add any
> security you care about, but it won't do any harm either. The
> non-channel-binding codepath is still exercised with non-SSL connections.

Is that true?  What if it makes a connection fail that you wanted to
succeed?  Suppose we discover a bug that makes connections using
channel binding fail on Thursdays.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

pgsql-hackers by date:

From: Amit Langote
Date: 07 August 2018, 14:09:46
Subject: Re: Fix hints on CREATE PROCEDURE errors

From: Arseny Sher
Date: 07 August 2018, 15:37:14
Subject: Re: [HACKERS] logical decoding of two-phase transactions

Re: Negotiating the SCRAM channel binding type - Mailing list pgsql-hackers

Previous

Next