On 20/11/2025 22:58, * Neustradamus * wrote:
Dear PostgreSQL team, dear all,
In 2022, I have contacted PostgreSQL team about Channel Binding:
- https://www.postgresql.org/search/?m=1&q=tls-exporter&l=&d=-1&s=i
We are in 2025, I relaunch the subject because several developers always say me: "it
is not supported by PostgreSQL".
Can you add the support of RFC 9266: Channel Bindings for TLS 1.3?
- https://datatracker.ietf.org/doc/html/rfc9266
I think that would be great. Patches are welcome!
The tricky part is probably going to be to make the protocol changes in
a way that is both backwards-compatible and as secure as possible. But
I'm sure it can be done.
Channel Bindings for TLS: https://datatracker.ietf.org/doc/html/rfc5929
- XEP-0388: Extensible SASL Profile: https://xmpp.org/extensions/xep-0388.html
- XEP-0440: SASL Channel-Binding Type Capability:
https://xmpp.org/extensions/xep-0440.html
- XEP-0474: SASL SCRAM Downgrade Protection:
https://xmpp.org/extensions/xep-0474.html
- XEP-0480: SASL Upgrade Tasks: https://xmpp.org/extensions/xep-0480.html
Little details, to know easily:
- tls-unique for TLS =< 1.2 (RFC5929)
- tls-server-end-point =< 1.2 + 1.3 (RFC5929)
- tls-exporter for TLS = 1.3 (RFC9266)
After the jabber.ru MITM, it is time to add it:
- https://notes.valdikss.org.ru/jabber.ru-mitm/
- https://snikket.org/blog/on-the-jabber-ru-mitm/
- https://www.devever.net/~hl/xmpp-incident
- https://blog.jmp.chat/b/certwatch/certwatch
PostgreSQL does support channel binding, with tls-server-end-point. I
believe that sufficient to prevent an attack like that. (Assuming that
it's configured correctly, but that's an issue of insecure defaults
rather than a missing feature).
What are the benefits of tls-exporter over tls-server-end-point? I agree
it would be good to support tls-exporter, since RFC9266 specifies it as
mandatory for channel binding over TLS 1.3. But aside from the RFC, is
there some practical difference?
- Heikki
