Participants
Michael Paquier
Michael Paquier
* Neustradamus *
* Neustradamus *
Jacob Champion
Jacob Champion
Attachments
Show all attachments
Thread Outline
#1* Neustradamus ** Neustradamus *
Jul 28, 2022
#2Michael PaquierMichael Paquierto * Neustradamus * (#1)
Jul 29, 2022
#3Jacob ChampionJacob Championto Michael Paquier (#2)
Jul 29, 2022
#4Michael PaquierMichael Paquierto Jacob Champion (#3)
Jul 30, 2022

RFC 9266: Channel Bindings for TLS 1.3 support

Started by * Neustradamus *over 3 years ago4 messagesbugs
Jump to latest
#1* Neustradamus *
* Neustradamus *
neustradamus@hotmail.com

Hello all,

Can you add the support of RFC 9266: Channel Bindings for TLS 1.3?
- https://datatracker.ietf.org/doc/html/rfc9266

Little details, to know easily:
- tls-unique for TLS =< 1.2
- tls-exporter for TLS = 1.3

It is linked to:
- https://github.com/postgres/postgres/search?q=tls-unique

Thanks in advance.

Regards,

Neustradamus

#2Michael Paquier
Michael Paquier
michael@paquier.xyz
In reply to: * Neustradamus * (#1)
Re: RFC 9266: Channel Bindings for TLS 1.3 support

Hi,

On Thu, Jul 28, 2022 at 08:33:50PM +0000, * Neustradamus * wrote:

Can you add the support of RFC 9266: Channel Bindings for TLS 1.3?
- https://datatracker.ietf.org/doc/html/rfc9266

Little details, to know easily:
- tls-unique for TLS =< 1.2

tls-unique is not planned, as we have already tls-server-end-point for
TLS1.2 and Postgres requires a certificate, anyway.

- tls-exporter for TLS = 1.3

It is linked to:
- https://github.com/postgres/postgres/search?q=tls-unique

So, tls-exporter has been made an official thing, finally. I was
wondering when this was going to happen. Jacob Champion has given me
a patch to support that, based on OpenSSL's SSL_export_keying_material()
to do the job. The base integration is not complicated, but I still
need to think a bit more about it when it comes to the min/max TLS
protocols we allow in libpq, for example, and polish the whole with
tests. We don't force any failures depending on the other connection
parameters for tls-server-end-point, so I suspect that we should be
fine with keeping things at their simplest.

I should be able to get something sent to the mailing lists for the
commit fest of September, so as we could have this feature in v16~.
--
Michael

#3Jacob Champion
Jacob Champion
jacob.champion@enterprisedb.com
In reply to: Michael Paquier (#2)
Re: RFC 9266: Channel Bindings for TLS 1.3 support

On Thu, Jul 28, 2022 at 10:44 PM Michael Paquier <michael@paquier.xyz> wrote:

tls-unique is not planned, as we have already tls-server-end-point for
TLS1.2 and Postgres requires a certificate, anyway.

I think we can provide tls-exporter for older TLS versions as well, as
long as SSL_get_extms_support() returns 1 for the connection, per
Section 4.2 [1]https://datatracker.ietf.org/doc/html/rfc9266#section-4.2. That would let people use a unique binding even if
they can't use TLS 1.3 for whatever reason.

I should be able to get something sent to the mailing lists for the
commit fest of September, so as we could have this feature in v16~.

Thanks!

--Jacob

[1]: https://datatracker.ietf.org/doc/html/rfc9266#section-4.2

#4Michael Paquier
Michael Paquier
michael@paquier.xyz
In reply to: Jacob Champion (#3)
Re: RFC 9266: Channel Bindings for TLS 1.3 support

On Fri, Jul 29, 2022 at 10:28:19AM -0700, Jacob Champion wrote:

I think we can provide tls-exporter for older TLS versions as well, as
long as SSL_get_extms_support() returns 1 for the connection, per
Section 4.2 [1]. That would let people use a unique binding even if
they can't use TLS 1.3 for whatever reason.

Ah, good point. Thanks.
--
Michael

← Back to Topics