Re: BUG #4340: SECURITY: Is SSL Doing Anything?

Gregory Stark wrote:
> "Tom Lane" <tgl@sss.pgh.pa.us> writes:
>
>
>> Actually, I had missed that the OP was looking at 7.3 rather than 8.3.
>> There was a "verify_peer()" in 7.3 but it was #ifdef'd out.  The
>> question remains whether there's a reason to have it.  It would be good
>> if the discussion were based on a non-obsolete PG version ...
>>
>
> Well in theory SSL without at least one-way authentication is actually
> worthless. It's susceptible to man-in-the-middle attacks meaning someone can
> sniff all the contents or even inject into or take over connections. It is
> proof against passive attacks but active attacks are known in the field so
> that's cold comfort these days.
As the finder of recent DNS issues, I'm pretty aware of real world
active attacks.

My question has been:  When you attempt to create an SSL connection to
database.backend.com, do you actually validate that:

1) The subject name of the certificate you're connecting to is
database.backend.com, and
2) At least the basic checks (expiration, chaining back to a valid root)
occur?

I've gotten some reasonable hints that #2 happen, but I don't know if #1
happens, and these comments make me worry.

--Dan