On 07/13/2017 10:13 PM, Robert Haas wrote:
On Thu, Jul 13, 2017 at 1:30 PM, Tom Lane <t...@sss.pgh.pa.us> wrote:
Heikki Linnakangas <hlinn...@iki.fi> writes:
I don't think this can be backpatched. It changes the default DH
parameters from 1024 bits to 2048 bits. That's a good thing for
security, but older clients might not support it, and would refuse to
connect or would fall back to something less secure.

Do we have any hard information about which versions of which clients
might not support that?  (In particular I'm wondering if any still exist
in the wild.)

Yeah.  If we break clients for v10 two months from release, some
drivers won't be updated by release time, and that sounds pretty
unfriendly to me.  On the other hand, if there is only a theoretical
risk of breakage and no clients that we actually know about will have
a problem with it, then the argument for waiting is weaker.  I'm not
generally very excited about changing things after beta2, which is
where are, but if this is a security issue then we might need to hold
our nose and go ahead.  I'm against it if it's likely to cause
real-world connectivity problems, though.

Googling around, I believe Java 6 is the only straggler [1]. So we would be breaking that. Java 7 also doesn't support DH parameters > 1024 bits, but it supports ECDHE, which is prioritized over DH ciphers, so it doesn't matter.

Java 6 was released back in 2006. The last public release was in 2013. It wouldn't surprise me to still see it bundled with random proprietary software packages, though. The official PostgreSQL JDBC driver still supports it, but there has been discussion recently on dropping support for it, and even for Java 7. [2]

I would be OK with breaking DH with Java 6 in PostgreSQL 10, especially since there's a simple workaround (generate a 1024-bit DH parameters file). I would be less enthusiastic about doing that in a minor release, although maybe that wouldn't be too bad either, if we put a prominent notice with the workaround in the release notes.

[1] https://wiki.mozilla.org/Security/Server_Side_TLS#DHE_and_ECDHE_support

[2] https://www.postgresql.org/message-id/69ae857b-15cc-36dd-f380-6620ef1effb9%408kdata.com

- Heikki

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to