ons 2006-04-12 klockan 10:40 -0400 skrev Dwayne Hottinger:
> That is what I was thinking. Does anyone know of another way to handle this?
I have been toying with the idea of making Squid a "man-in-the-middle"
https proxy, decrypting the requests and encrypting them again in a new
SSL session. But haven't found sufficient motivation to implement this
yet..
This obviously pretty much nullifies the end-to-end security of SSL
transactions as they have to fully trust the proxy as an CA, but there
is many environments where this isn't an issue and it's more important
to be able to filter and inspect the https traffic.
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Mon May 01 2006 - 12:00:02 MDT