Re: Docs: Encourage strong server verification with SCRAM

On Thu, May 25, 2023 at 6:10 PM Jonathan S. Katz <jkatz@postgresql.org> wrote:
> I read through the proposal and like this much better.

Great!

> I rewrote this to just focus on server spoofing that can occur with
> SCRAM authentication and did some wordsmithing. I was torn on keeping in
> the part of offline analysis of an intercepted hash, given one can do
> this with md5 as well, but perhaps it helps elaborate on the consequences.

This part:

> +   To prevent server spoofing from occurring when using
> +   <link linkend="auth-password">scram-sha-256</link> password authentication
> +   over a network, you should ensure you are connecting using SSL.

seems to backtrack on the recommendation -- you have to use
sslmode=verify-full, not just SSL, to avoid handing a weak(er) hash to
an untrusted party.

--Jacob