Re: Patch to add Heimdal kerberos support

On Wed, 14 Nov 2001, Peter Eisentraut wrote:

> No idea about the deprecatedness, but our Kerberos code does compile with
> the Kerberos V shipped in Red Hat 7.0 (MIT, I think), and the Kerberos IV
> code compiled successfully with KTH Kerberos last time I checked.
>
> However, most of the three people that ever mentioned anything detailed
> about the Kerberos support in PostgreSQL had the sound of "fundementally
> flawed", "totally insecure", etc.

I'll admit our kerberos support was NOT what I expected it to be when I
got it working; I was quite surprised to see all of the queries going by
in the clear.

It depends on what you want. If you want to not have clear-text passwords
go by and to have a very good idea who the person on the other side of the
session is, then this kerberos support does that. No one will be able to
sniff a password off of this. It's like kpop or telnet -a

If you expected an encrypted session, well, you don't get it. This isn't
telnet -ax. :-(

Is there interest in supporting encrypted sessions? I can think of two
ways to do it: 1) in addition to kerberos as an authentication, we also
add kerbers-priv which is the current kerberos but we switch to encryption
once we indicate successful authentication. 2) we add a start-encrypting
command to the protocol.

I dislike 2) as the best encryption key to use is the one we got with the
authentication step, which we'd have to hang onto for a while in case we
decided to start encrypting.

Take care,

Bill