On 04/12/2017 11:22 AM, Magnus Hagander wrote:
On Wed, Apr 12, 2017 at 3:25 AM, Bruce Momjian <[email protected]> wrote:And which enterprises are using SSL without certificates? And I thought channel binding required certificates anyway, e.g.: https://en.wikipedia.org/wiki/Salted_Challenge_Response_ Authentication_Mechanism#Channel_binding For instance, for the tls-server-end-point channel binding, it is the server's TLS certificate.AFAIK it does require the TLS certifificates, but it does not require TLS certificate *validation*. You can use channel binding with just self-signed certs.
tls-server-end-point channel binding type relies on certificates. But SCRAM uses "tls-unique" by default, and it does not use certificates. It's a bit weird that the wikipedia article uses tls-server-end-point as the example, I don't know why anyone would use tls-server-end-point with SCRAM.
That said, I stand by my comment that I don't think it's the enterprises that need or want the channel binding. If they care about it, they have already put certificate validation in place, and it won't buy them anything. Because channel binding also only secures the authentication (SCRAM), not the actual contents and commands that are then sent across the channel, AFAIK?
TLS protects the contents and the commands. The point of channel binding is to defeat a MITM attack, where the client connects to a malicious server, using TLS, which then connects to the real server, using another TLS connection. Channel binding will detect that the client and the real server are not communicating over the same TLS connection, but two different TLS connections, and make the authentication fail.
SSL certificates, with validation, achieves the same, but channel binding achieves it without the hassle of certificates.
- Heikki -- Sent via pgsql-hackers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
