[MXS-4270] ed25519 authentication support Created: 2022-09-01  Updated: 2023-06-20  Resolved: 2023-01-09

Status: Closed
Project: MariaDB MaxScale
Component/s: Authenticator
Affects Version/s: None
Fix Version/s: 23.02.0

Type: New Feature Priority: Major
Reporter: Sylvain ARBAUDIE Assignee: Esa Korhonen
Resolution: Fixed Votes: 2
Labels: None

Issue Links:
Duplicate
duplicates MXS-2660 Add ed25519 Authentication Closed
Relates
relates to MDEV-9804 Implement a sha256_password / caching... Open
Epic Link: Authentication Improvements
Sprint: MXS-SPRINT-172, MXS-SPRINT-173, MXS-SPRINT-174

 Description   

with banking security requiremet being reviewed and upped throughout europe, more and more banks wants to move away from mariadb_nativepassword to ed25519.

bringing ed25519 to maxscale is already a most needed feature and will soon become a mandatory requirement.

 Comments   
Comment by Chris Calender (Inactive) [ 2022-09-21 ]

Duplicate ticket. See MXS-2660 for the reason on why this cannot be implemented in MaxScale.

Comment by Aurelien [ 2022-09-22 ]

Hello Chris,

I cannot see comment into MXS-2660

If I understand your comment, ed25519 will never be implement into Maxscale ?
What do you propose in place ?

We need to have a serious authentification method. Sha1 was broken in 2004.
Banking/Pharmacy regulation Office will not validate MariaDB in Europe.

Comment by Esa Korhonen [ 2023-01-09 ]

Ed-support has been added. For full functionality, either a mapping file or sha256-mode is needed.

Generated at Thu Feb 08 04:27:26 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.