Issue Details (XML | Word | Printable)

Key: CORE-3251
Type: Improvement Improvement
Status: Closed Closed
Resolution: Won't Fix
Priority: Minor Minor
Assignee: Alexander Peshkov
Reporter: Tony Whyman
Votes: 6
Watchers: 3
Operations

If you were logged in you would be able to see more operations.
Firebird Core

Use SSL/TLS support for both encryption and user authentication

Created: 19/Nov/10 04:29 PM   Updated: 05/Mar/13 05:17 PM
Component/s: Engine
Affects Version/s: None
Fix Version/s: 3.0 Alpha 1

Environment: All


 Description  « Hide
Firebird has inherited a low security environment from Interbase. There is no means to encrypt connections and client authentication uses weak password based authentication. SSL/TLS could be used to improve both areas. Four levels of use are proposed, controlled through the configuration file and/or on a per user basis:

1. No SSL/TLS i.e. the current situation

2. SSL/TLS used to authenticate the server to the client and encrypt the subsequent connection.This is the typical https mode of use and makes use of X.509 certificate based authentication. A PKI is required. However, this does not have to be a paid for service and in most cases a local PKI based on OpenSSL should suffice.

3. SSL/TLS is additionally used to authenticate a client to the server. The client certificate must be signed by a Certification Authority recognised by the client.

4. In addition to authenticating the client, the common name component of the client certificate is used as the "username" and no password is required. This provides strong certificate based authentication of the client.

Most, if not all, of the above functionality already exists in external libraries and is used in ways, similar to the above proposal, by projects such as Sendmail, Dovecot, MySQL, Apache, Racoon, etc.

 All   Comments   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
Alexander Peshkov added a comment - 05/Mar/13 01:00 PM
This issue is marked as 'Wont Fix' due to the only one reason - we have authentication and encyption plugins support in FB3. Default SRP authentication plugin appears to be very good from security POV (20 byte passwords + protection from man in the middle attack), moreover it produces unique cryptographically strong encryption keys for aRC4 network crypt plugin. But certainly everyone who wants another authentication and/or encryption is free to write own plugins.