Thread: RFC 9266: Channel Bindings for TLS 1.3 support
Hello all, Can you add the support of RFC 9266: Channel Bindings for TLS 1.3? - https://datatracker.ietf.org/doc/html/rfc9266 Little details, to know easily: - tls-unique for TLS =< 1.2 - tls-exporter for TLS = 1.3 It is linked to: - https://github.com/postgres/postgres/search?q=tls-unique Thanks in advance. Regards, Neustradamus
Hi, On Thu, Jul 28, 2022 at 08:33:50PM +0000, * Neustradamus * wrote: > Can you add the support of RFC 9266: Channel Bindings for TLS 1.3? > - https://datatracker.ietf.org/doc/html/rfc9266 > > Little details, to know easily: > - tls-unique for TLS =< 1.2 tls-unique is not planned, as we have already tls-server-end-point for TLS1.2 and Postgres requires a certificate, anyway. > - tls-exporter for TLS = 1.3 > > It is linked to: > - https://github.com/postgres/postgres/search?q=tls-unique So, tls-exporter has been made an official thing, finally. I was wondering when this was going to happen. Jacob Champion has given me a patch to support that, based on OpenSSL's SSL_export_keying_material() to do the job. The base integration is not complicated, but I still need to think a bit more about it when it comes to the min/max TLS protocols we allow in libpq, for example, and polish the whole with tests. We don't force any failures depending on the other connection parameters for tls-server-end-point, so I suspect that we should be fine with keeping things at their simplest. I should be able to get something sent to the mailing lists for the commit fest of September, so as we could have this feature in v16~. -- Michael
Attachment
On Thu, Jul 28, 2022 at 10:44 PM Michael Paquier <michael@paquier.xyz> wrote: > tls-unique is not planned, as we have already tls-server-end-point for > TLS1.2 and Postgres requires a certificate, anyway. I think we can provide tls-exporter for older TLS versions as well, as long as SSL_get_extms_support() returns 1 for the connection, per Section 4.2 [1]. That would let people use a unique binding even if they can't use TLS 1.3 for whatever reason. > I should be able to get something sent to the mailing lists for the > commit fest of September, so as we could have this feature in v16~. Thanks! --Jacob [1] https://datatracker.ietf.org/doc/html/rfc9266#section-4.2
On Fri, Jul 29, 2022 at 10:28:19AM -0700, Jacob Champion wrote: > I think we can provide tls-exporter for older TLS versions as well, as > long as SSL_get_extms_support() returns 1 for the connection, per > Section 4.2 [1]. That would let people use a unique binding even if > they can't use TLS 1.3 for whatever reason. Ah, good point. Thanks. -- Michael