On 05/18/21 04:54, Magnus Hagander wrote: > I mean, if you have > hostssl somedatabase someuser 10.0.0.0/24 gss > hostssl somedatabase supseruser 10.0.0.0/24 gss tls_min_version=1.3 > > One would reasonably expect that "someuser" can connect with whatever > the default version i for tls_min_versino, whereas "superuser" would > require a minimum of 1.3. But that's *not* what would happen -- > superuser would also be allowed to connect with a lower version if > that's allowed in the global set.
Negatory. "superuser" would be allowed to send a StartupMessage containing the strings "somedatabase" and "superuser" (and possibly some settings of options) over a lower version if that's allowed in the global set ... and would then have the connection rejected because the negotiated protocol was lower than 1.3, without seeing any authentication message or having a chance to send any sensitive authentication credentials. So the risk of any information exposure over a too-low TLS version is limited to the name of a database, the name of a user, and possibly the settings of some options, and no sensitive authentication data. Regards, -Chap
