From: Michael Paquier <michael@paquier.xyz>
Date: Sat, 3 Jun 2023 21:44:09 +0000 (-0400)
Subject: doc: Add note to prevent server spoofing with SCRAM
X-Git-Tag: REL_16_BETA2~89
X-Git-Url: http://git.postgresql.org/gitweb/?a=commitdiff_plain;h=d0f4824a54104bb831ebcd46982e6e3b337ef5fa;p=postgresql.git

doc: Add note to prevent server spoofing with SCRAM

The set of recommendations added in the documentation with this commit
helps in avoiding SCRAM exchanges with untrusted servers.

Author: Jacob Champion, Jonathan Katz
Reviewed-by: Stephen Frost, Daniel Gustafsson, Michael Paquier
Discussion: https://postgr.es/m/CAAWbhmg5Gh0JetNbQi7z0yOsdsN9YECv8GoY-QBGBBiip9+JOw@mail.gmail.com
---

diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml
index dbe23db54f0..64753d9c014 100644
--- a/doc/src/sgml/runtime.sgml
+++ b/doc/src/sgml/runtime.sgml
@@ -2014,6 +2014,19 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433
    CA.
   </para>
 
+  <para>
+   To prevent server spoofing from occurring when using
+   <link linkend="auth-password">scram-sha-256</link> password authentication
+   over a network, you should ensure that you connect to the server using SSL
+   and with one of the anti-spoofing methods described in the previous
+   paragraph. Additionally, the SCRAM implementation in
+   <application>libpq</application> cannot protect the entire authentication
+   exchange, but using the <literal>channel_binding=require</literal> connection
+   parameter provides a mitigation against server spoofing. An attacker that
+   uses a rogue server to intercept a SCRAM exchange can use offline analysis to
+   potentially determine the hashed password from the client.
+  </para>
+
   <para>
     To prevent spoofing with GSSAPI, the server must be configured to accept
     only <literal>hostgssenc</literal> connections