On Wed, May 23, 2018 at 11:15:28AM +0200, Magnus Hagander wrote: > On Wed, May 23, 2018 at 11:08 AM, Heikki Linnakangas <hlinn...@iki.fi> wrote: > SCRAM, even without channel binding, does prove that you're talking to the > correct server. Or to be precise, it proves to the client, that the server > also knows the password, so assuming that you're using strong passwords > and > not sharing them across servers, you know that you're talking to the > correct server. > > Right. It provides a very different guarantee from what ssl certs provide. > They > are not replaceable, or mutually exclusive. Trying to force those into a > single > configuration parameter doesn't make a lot of sense IMO.
True. sslmode is checking the the SSL endpoint with which you have a shared secret has access to the private key of a server certificate that is signed by a trusted CA, and perhaps the certificate's subject name also matches the hostname. With channel binding, you are proving that the SSL endpoint with which you have a shared secret has access to the user password hash. I can imagine someone wanting both checks so merging them into a single options seems unwise, as Magnus mentioned. -- Bruce Momjian <br...@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + As you are, so once was I. As I am, so you will be. + + Ancient Roman grave inscription +
