RFC 9266: Channel Bindings for TLS 1.3 support #126
Comments
sunng87
added
enhancement
|
@Neustradamus Thank you for the information. Do you know if this is supported in original postgresql? How about its support on client side? I will leave this open for someone to pick up, or when I get time for myself |
|
@sunng87: After my original request here: @michaelpq has done: https://www.postgresql.org/message-id/YwxWWQR6uwWHBCbQ%40paquier.xyz But currently, I do not see tls-exporter in main code: https://github.com/postgres/postgres |
There is currently no active patch to add tls-exporter to PostgreSQL. The last thread about this matter was stuck on the point about channel binding negotiation between the client and the backend, and I recall that the RFCs don't tell much about that except "you can do as you wish". |
|
Got it. I will be waiting for a wider adoption of this feature to ensure typical postgres clients will work for pgwire. |
Can you add the support of RFC 9266: Channel Bindings for TLS 1.3?
Little details, to know easily:
I think that you have seen the jabber.ru MITM and Channel Binding is the solution:
Thanks in advance.
Linked to:
The text was updated successfully, but these errors were encountered: