* Bruce Momjian (br...@momjian.us) wrote: > One way to fix #2 would be to use a per-user or per-cluster counter for > the session salt, rather than a random number --- that would change > replays from ~16k to 4 billion, with no wire protocol change needed.
I'm not against doing that if we decide to ignore the pg_authid-based vector (which we could certainly do), but given the relatively poor hashing algorithm we use and the small salt, along with the commonly used practice of using TLS to address network-based attacks, I'm not sure it's really worth it. Note that changing the algorithm or the salt would require a wireline protocol change and therefore isn't interesting to consider as, if we're going to do that, we should be moving to a vetted solution instead. Thanks! Stephen
signature.asc
Description: Digital signature