Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1s6bI5-000cQS-Dm for pgsql-hackers@arkaria.postgresql.org; Mon, 13 May 2024 19:24:54 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1s6bI4-004ibV-Dv for pgsql-hackers@arkaria.postgresql.org; Mon, 13 May 2024 19:24:52 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1s6bI4-004ibN-4B for pgsql-hackers@lists.postgresql.org; Mon, 13 May 2024 19:24:52 +0000 Received: from mail-ej1-x62b.google.com ([2a00:1450:4864:20::62b]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1s6bHw-0003mc-1r for pgsql-hackers@lists.postgresql.org; Mon, 13 May 2024 19:24:51 +0000 Received: by mail-ej1-x62b.google.com with SMTP id a640c23a62f3a-a59e4136010so1228849666b.3 for ; Mon, 13 May 2024 12:24:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1715628284; x=1716233084; darn=lists.postgresql.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=yBXN5zcdmlTDyv73IMGQAhyEQa2iMKFAj7EI5OZ0ty0=; b=PT/7E4OVNCRIDITUYsH3lN088jiZmMsxNQJB5bsJ0KBVLWCZQw6tKOTc2g4su9JMGU geRHmDij9AvwJGet9h5pq3v93tLweOq6dhys/eZg0RkR9crz7iQhZ96PFn0LCyVLIH5w NrABjN2TprCXEqTlmPglNp0ioVv8X9hL/4U2c70jvNWcfR4Nkkf6BeMuKAa/I8mh3cJi dGqgQoxBK5gFRzVRPOlgXJUFCEwf5CA345dZH/mZAeEJd+euPN7Y7IC7TGAXynlaXZgN YQGS8CdCzY3FmF1BPByswuX9Sb7ufObt+EJ1K6aR7Of/S97v9kvz496lMKXNPEUoJbbq 72Mg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715628284; x=1716233084; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yBXN5zcdmlTDyv73IMGQAhyEQa2iMKFAj7EI5OZ0ty0=; b=vmLbEfXUlxBe9Q2ANE7UyNI8YjVdeDnX/NPeowy2c8GyxK59HgVbSol4RvOdLK+ztp eXkOYoop1eInyQ/9A/KgD6bcu/39TlalrfccG79WAHXVphdZew8w/5srj7pdFqqqdTuA XhGWJQ4u+jNddvFg3O1qCK6yekIIW6FU3G5GB6m79wNzAwZq+H2tuZzyUx0gpNW7EtY1 xfLtc3X394s4S8dh68K7j2Nuu79s+LsiljRXHNiL+8Zw//D4MhLFA0P9ICcduggOK5gU SaCp87eE1DzcihNV12Brixmimgi7uzFt0WT8tRmGyFI1O2pHlpC5k/81WoDd3MvcCKPZ TKyg== X-Forwarded-Encrypted: i=1; AJvYcCWLTxcSAFMWJ1X4g0Fo9AFShSUiESLzsMCEHZSpTADALmYCQ9ht8/fVUJPwK5LBAqPz/Lo0zAKxT2pG54AtvmT+CoxNLl6KJBfzT7UOqobaGJMU X-Gm-Message-State: AOJu0YyqvV7WnAyeapc2ZTdG+/BUfRPMTiOZ3jBK68QIu0uvOAWfx4OX Lu4cE/qciKaN2xMteYbb3AcSiM3BfmU9xC7ibAS2OFxM2D9hcsh+0dLigEZAaPhFOl27zPnZmmC j0k4v5LLmZvvCZClLZ5SMfAp/Cvg= X-Google-Smtp-Source: AGHT+IGVyYVfLBfuVzr53invuakIOcjzFIPx9ia9jy1C6i/3+tkJ/DbGrnQc3gzqDDjsEg5MgiG9SYbhWmN2IKGuz9I= X-Received: by 2002:a17:906:1159:b0:a59:ce25:9b88 with SMTP id a640c23a62f3a-a5a2d65ece9mr685556666b.54.1715628283933; Mon, 13 May 2024 12:24:43 -0700 (PDT) MIME-Version: 1.0 References: <5a79ed71-b365-4b20-80bc-9c2bf97bf84b@iki.fi> <3a6f126c-e1aa-4dcc-9252-9868308f6cf0@iki.fi> <1a717f65-7390-4111-8efd-c6e9b213805e@iki.fi> <3fdaf4b1-82d1-45bb-8175-f97ff53a1f01@iki.fi> In-Reply-To: From: Robert Haas Date: Mon, 13 May 2024 15:24:32 -0400 Message-ID: Subject: Re: Direct SSL connection with ALPN and HBA rules To: Jelte Fennema-Nio Cc: Heikki Linnakangas , Jacob Champion , Daniel Gustafsson , Michael Paquier , Postgres hackers Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On Mon, May 13, 2024 at 1:42=E2=80=AFPM Jelte Fennema-Nio wrote: > Like Jacob already said, I guess you meant me here. The main point I > was trying to make is that sslmode=3Drequire is extremely insecure too, > so if we're changing the default then I'd rather bite the bullet and > actually make the default a secure one this time. No-ones browser > trusts self-signed certs by default, but currently lots of people > trust self-signed certs when connecting to their production database > without realizing. > > IMHO the only benefit that sslmode=3Drequire brings over sslmode=3Dprefer > is detecting incorrectly configured servers i.e. servers that are > supposed to support ssl but somehow don't due to a misconfigured > GUC/pg_hba. Such "incorrectly configured server" detection avoids > sending data to such a server, which an eavesdropper on the network > could see. Which is definitely a security benefit, but it's an > extremely small one. In all other cases sslmode=3Dprefer brings exactly > the same protection as sslmode=3Drequire, because sslmode=3Dprefer > encrypts the connection unless postgres actively tells the client to > downgrade to plaintext (which never happens when the server is > configured correctly). I think I agree with *nearly* every word of this. However: (1) I don't want to hijack this thread about a v17 open item to talk too much about a hypothetical v18 proposal. (2) While in general you need more than just SSL to ensure security, I'm not sure that there's only one way to do it, and I doubt that we should try to pick a winner. (3) I suspect that even going as far as sslmode=3Drequire by default is going to be extremely painful for hackers, the project, and users. Moving the goalposts further increases the likelihood of nothing happening at all. --=20 Robert Haas EDB: http://www.enterprisedb.com