Re: [squid-users] HTTPS sites

From: Deb Heller-Evans <deb@dont-contact.us>
Date: Fri, 5 Oct 2001 09:55:20 -0700 (PDT)

Henrick echoes the same info, and confirms my conclusions and,
as Colin Campbell points out:

> So, (as everyone seems to miss) the proxy only ever sees encrypted
> packets. It doesn't know what's in them and cannot find out since it was
> never a party to the original encrypted session setup.

Yes, this is true. I understand this, and for the life of me I can't
figure out why I keep forgetting that the data *is* encrypted, and
thus non-parsable... under normal conditions.

However, in my current configuration, squid isn't logging that
the request has been made. Or, for that matter, VirusWall is not
logging it either (even though their TechSupport claims that it
"logs a CONNECT [site]:443" when the user is browsing a secure
site. It is NOT - even with verbose=yes).

Am I missing a variable in squid.conf to make an INFO logging
that the client has sent a request to a secure site (ie,
requests to port 443)? If not, would it seem reasonable to others
that this kind of request be logged as info only? If so, I would
like to request an enhancement.

Thanks,

deb
Received on Fri Oct 05 2001 - 10:55:22 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:37 MST