README.SSL
1src/backend/libpq/README.SSL
2
3SSL
4===
5
6>From the servers perspective:
7
8
9 Receives StartupPacket
10 |
11 |
12 (Is SSL_NEGOTIATE_CODE?) ----------- Normal startup
13 | No
14 |
15 | Yes
16 |
17 |
18 (Server compiled with USE_SSL?) ------- Send 'N'
19 | No |
20 | |
21 | Yes Normal startup
22 |
23 |
24 Send 'S'
25 |
26 |
27 Establish SSL
28 |
29 |
30 Normal startup
31
32
33
34
35
36>From the clients perspective (v6.6 client _with_ SSL):
37
38
39 Connect
40 |
41 |
42 Send packet with SSL_NEGOTIATE_CODE
43 |
44 |
45 Receive single char ------- 'S' -------- Establish SSL
46 | |
47 | '<else>' |
48 | Normal startup
49 |
50 |
51 Is it 'E' for error ------------------- Retry connection
52 | Yes without SSL
53 | No
54 |
55 Is it 'N' for normal ------------------- Normal startup
56 | Yes
57 |
58 Fail with unknown
59
60---------------------------------------------------------------------------
61
62Ephemeral DH
63============
64
65Since the server static private key ($DataDir/server.key) will
66normally be stored unencrypted so that the database backend can
67restart automatically, it is important that we select an algorithm
68that continues to provide confidentiality even if the attacker has the
69server's private key. Ephemeral DH (EDH) keys provide this and more
70(Perfect Forward Secrecy aka PFS).
71
72N.B., the static private key should still be protected to the largest
73extent possible, to minimize the risk of impersonations.
74
75Another benefit of EDH is that it allows the backend and clients to
76use DSA keys. DSA keys can only provide digital signatures, not
77encryption, and are often acceptable in jurisdictions where RSA keys
78are unacceptable.
79
80The downside to EDH is that it makes it impossible to use ssldump(1)
81if there's a problem establishing an SSL session. In this case you'll
82need to temporarily disable EDH (see initialize_dh()).
83