Re: Transparent Proxy and HEAT.NET

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Wed, 16 Dec 1998 22:52:49 +0100

Jason Ackley wrote:

> Yes, basically you have to have a direct connection to them, the
> webservers will reject with then mentioned error when the IP for
> the SSL socket does not match the IP for the HTTP socket. This of
> course could have changed since I have been there but it sounds
> like the exact same thing..

Alias yet another site who have misunderstood the concept of IP
addresses and HTTP security. See numberous posts and articles why IP
based security in WWW applications is close to void today.

This will not only fail in environments using transparent proxying for
port 80, but it will also fail if a cache hierarchy is used or even if a
cache array is used.

---
Henrik Nordstrom
Spare time Squid hacker
Received on Wed Dec 16 1998 - 15:20:07 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:43:40 MST