On 14 April 2017 at 20:20, Peter Eisentraut <peter.eisentr...@2ndquadrant.com> wrote: > > Yeah, I think if you're concerned about MITM then you would also be > concerned about MITM siphoning off your data. So you should be using > TLS and then you don't need channel binding.
No. You can use TLS for authentication (by verifying SSL certs in both directions) in which case TLS will protect against MITM for you. But if you only use TLS for encryption but still want to use passwords for authentication then there's no protection against MITM as you don't know that the party doing the encryption is the same as the one you authenticated to. Channel binding is all about tying the authentication mechanism to the encryption to guarantee that the party doing the encryption is the same as the party you authenticated to. Otherwise someone could MITM the TLS connection and relay the raw bytes of of the scram negotiation. Under our md5 auth that gives them your password, under scram they won't get the password which is a huge improvement but they would still have the raw unencrypted data from your traffic. -- greg -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
