Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA384:256) (Exim 4.89) (envelope-from ) id 1ei22x-0007ez-41 for pgsql-docs@arkaria.postgresql.org; Sat, 03 Feb 2018 17:56:15 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ei22u-0006cE-JO for pgsql-docs@arkaria.postgresql.org; Sat, 03 Feb 2018 17:56:12 +0000 Received: from makus.postgresql.org ([2001:4800:1501:1::229]) by malur.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1ei22u-0006c5-0e for pgsql-docs@lists.postgresql.org; Sat, 03 Feb 2018 17:56:12 +0000 Received: from mail-lf0-x243.google.com ([2a00:1450:4010:c07::243]) by makus.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.89) (envelope-from ) id 1ei22l-0008UE-VF for pgsql-docs@lists.postgresql.org; Sat, 03 Feb 2018 17:56:10 +0000 Received: by mail-lf0-x243.google.com with SMTP id g72so36104380lfg.5 for ; Sat, 03 Feb 2018 09:56:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=roji.org; s=roji; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=bw7Erh87rU4QIn45XSG7N+DGL4I8Nj+izTC1ZzGC4wA=; b=Uw/skhcDQNuHGzpYcunzb9zqHRz7g9lb/R2ghN16Jrm/6FumEujCpMShn8fw2LRXFY K5GIiC/cfI0RB2m1w2aeK9u2I0uGq9BK0/54CmaiNDsyiatt1ULL5teXI48R1pchoeB+ yEPujLe26rtjkxiIM/KI9TLfOZbhfQIIGesLk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=bw7Erh87rU4QIn45XSG7N+DGL4I8Nj+izTC1ZzGC4wA=; b=rmbsno7ICp4ouV8nGGMLPpIknuOvXNgzREQxmSIl5iu7Y2C6QB2hJd7P8wXsw0a2qb mDgc0s3bBHp4m5LLMF8yEXMHqWEP6ARWwS2VYWz7A//BsXgwCHG/9m93n+p1/dVYAJhD LWR5VcFQ3+SoFwmyspMscPFXedPLzfCOQle94q6m7T8okTE78QJwgoHGls7TqwVvUxT1 zOrCEnwWdJHCtwYhlwKNPvXZgiRfn9y0rh3aGdvc0L+wUmyweCPUw9r8ZHvI9XTM1FNC AfTJElamBHL16HDxd8dtH9H+Eo90q6rZkuwnPVVqb/jfzGkwDvvJY7AY5Hggx8/y9F8Q 8uxg== X-Gm-Message-State: AKwxytdzjjJnIBd0mRAMBnB05S/+SlPIKS/A/FJl6BpSCWAZCMjU1iAe WwTOhU+3AVJJz+EFECkWPVwZIgRA0Y4Lyof25Ki70vw3 X-Google-Smtp-Source: AH8x227dzREE5WLdW04tNSgDD/Y28ZFT+ud4GPR7UFPofj+UDiyi8cFAehsbUyJLkuSFZhyeoO0jasV2r45t3hS20SA= X-Received: by 10.46.41.12 with SMTP id u12mr14720570lje.52.1517680560377; Sat, 03 Feb 2018 09:56:00 -0800 (PST) MIME-Version: 1.0 Received: by 10.25.145.84 with HTTP; Sat, 3 Feb 2018 09:55:59 -0800 (PST) In-Reply-To: <49cbab10-9354-f06e-bcea-6291b6398a28@2ndquadrant.com> References: <151761495500.1247.9000430848889983044@wrigleys.postgresql.org> <49cbab10-9354-f06e-bcea-6291b6398a28@2ndquadrant.com> From: Shay Rojansky Date: Sat, 3 Feb 2018 09:55:59 -0800 Message-ID: Subject: Re: Update encryption options doc for SCRAM-SHA-256 To: Peter Eisentraut Cc: pgsql-docs@lists.postgresql.org Content-Type: multipart/alternative; boundary="94eb2c1c06c6af2b720564528a2f" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Precedence: bulk --94eb2c1c06c6af2b720564528a2f Content-Type: text/plain; charset="UTF-8" Thanks for your attention to this. I'm definitely not a cryptography expert, but it seems to me that the actual mechanisms (MD5, SHA-256) are more important than the protocols used to negotiate them (SASL, SCRAM). When some security expert unfamiliar with PostgreSQL goes over itss documentation to determine whether it's secure, I think it's important to make sure that the word SHA-256 is actually there. On Sat, Feb 3, 2018 at 8:30 AM, Peter Eisentraut < peter.eisentraut@2ndquadrant.com> wrote: > On 2/2/18 18:42, PG Doc comments form wrote: > > The following documentation comment has been logged on the website: > > > > Page: https://www.postgresql.org/docs/10/static/encryption-options.html > > Description: > > > > Section "18.8. Encryption Options" only mentions MD5 as the password > storage > > encryption mechanism, although PostgreSQL 10 introduced the superior > SHA256 > > - somebody looking at the docs would get a bad idea of PostgreSQL's > > capabilities... > > I propose the attached patch. I have combined the password storage and > password transmission items, because I don't want to go into the details > of how SCRAM works on the wire. > > -- > Peter Eisentraut http://www.2ndQuadrant.com/ > PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services > --94eb2c1c06c6af2b720564528a2f Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Thanks for your attention to this.

I= 9;m definitely not a cryptography expert, but it seems to me that the actua= l mechanisms (MD5, SHA-256) are more important than the protocols used to n= egotiate them (SASL, SCRAM). When some security expert unfamiliar with Post= greSQL goes over itss documentation to determine whether it's secure, I= think it's important to make sure that the word SHA-256 is actually th= ere.

O= n Sat, Feb 3, 2018 at 8:30 AM, Peter Eisentraut <peter.eise= ntraut@2ndquadrant.com> wrote:
On 2/2/18 18:42, PG Doc comments form wrote:
> The following documentation comment has been logged on the website: >
> Page: https://www.postgresql.o= rg/docs/10/static/encryption-options.html
> Description:
>
> Section "18.8. Encryption Options" only mentions MD5 as the = password storage
> encryption mechanism, although PostgreSQL 10 introduced the superior S= HA256
> - somebody looking at the docs would get a bad idea of PostgreSQL'= s
> capabilities...

I propose the attached patch.=C2=A0 I have combined the password storage an= d
password transmission items, because I don't want to go into the detail= s
of how SCRAM works on the wire.

--
Peter Eisentraut=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 http://w= ww.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

--94eb2c1c06c6af2b720564528a2f--