On Thu, Nov 20, 2025 at 12:59 PM * Neustradamus * <[email protected]> wrote: > In 2022, I have contacted PostgreSQL team about Channel Binding: > - https://www.postgresql.org/search/?m=1&q=tls-exporter&l=&d=-1&s=i
There was some initial work there [1], but we'd still need to figure out channel binding negotiation, which seems like something we should not be on the bleeding edge of. I still wish we'd made endpoint binding opt-in, but that's water under the bridge. The binding "infrastructure", such as it is, isn't really in a healthy place right now (as you've seen [2]), and I think we need SASL to give us additional agility before we can really make progress. > We are in 2025, I relaunch the subject because several developers always say > me: "it is not supported by PostgreSQL". ...who says that? > - XEP-0474: SASL SCRAM Downgrade Protection: > https://xmpp.org/extensions/xep-0474.html That says WARNING: This Standards-Track document is Experimental. Publication as an XMPP Extension Protocol does not imply approval of this proposal by the XMPP Standards Foundation. and In the long term the author strives to publish this as an RFC rather than a XEP to also make this protection available to other protocols, after gaining implementation experience. and If [an RFC is published for this] implementations SHOULD NOT implement this XEP and SHOULD implement the superseding RFC instead. So we should probably not implement production features based on it. > Linked to: > - Channel Binding: https://github.com/scram-sasl/info/issues/1 (Looks like you're on thin ice with several of the projects listed there. Please treat other OSS communities with respect, and don't spam their repositories.) Thanks, --Jacob [1] https://postgr.es/m/YwxWWQR6uwWHBCbQ%40paquier.xyz [2] https://mailarchive.ietf.org/arch/msg/kitten/zpesKSHsiuy1RvhPlbSUGajLbKQ/
