On 07/13/2017 10:13 PM, Robert Haas wrote:
On Thu, Jul 13, 2017 at 1:30 PM, Tom Lane <t...@sss.pgh.pa.us> wrote:
Heikki Linnakangas <hlinn...@iki.fi> writes:
I don't think this can be backpatched. It changes the default DH
parameters from 1024 bits to 2048 bits. That's a good thing for
security, but older clients might not support it, and would refuse to
connect or would fall back to something less secure.
Do we have any hard information about which versions of which clients
might not support that? (In particular I'm wondering if any still exist
in the wild.)
Yeah. If we break clients for v10 two months from release, some
drivers won't be updated by release time, and that sounds pretty
unfriendly to me. On the other hand, if there is only a theoretical
risk of breakage and no clients that we actually know about will have
a problem with it, then the argument for waiting is weaker. I'm not
generally very excited about changing things after beta2, which is
where are, but if this is a security issue then we might need to hold
our nose and go ahead. I'm against it if it's likely to cause
real-world connectivity problems, though.
Googling around, I believe Java 6 is the only straggler [1]. So we would
be breaking that. Java 7 also doesn't support DH parameters > 1024 bits,
but it supports ECDHE, which is prioritized over DH ciphers, so it
doesn't matter.
Java 6 was released back in 2006. The last public release was in 2013.
It wouldn't surprise me to still see it bundled with random proprietary
software packages, though. The official PostgreSQL JDBC driver still
supports it, but there has been discussion recently on dropping support
for it, and even for Java 7. [2]
I would be OK with breaking DH with Java 6 in PostgreSQL 10, especially
since there's a simple workaround (generate a 1024-bit DH parameters
file). I would be less enthusiastic about doing that in a minor release,
although maybe that wouldn't be too bad either, if we put a prominent
notice with the workaround in the release notes.
[1] https://wiki.mozilla.org/Security/Server_Side_TLS#DHE_and_ECDHE_support
[2]
https://www.postgresql.org/message-id/69ae857b-15cc-36dd-f380-6620ef1effb9%408kdata.com
- Heikki
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers