Re: [squid-users] Using squid as transparent proxy causes problem with pages on https

From: Matus UHLAR - fantomas <uhlar_at_fantomas.sk>
Date: Wed, 11 Apr 2012 13:43:07 +0200

On 11.04.12 16:01, Ahmed Talha Khan wrote:
>So whats the advantage of the ssl_bump feature left then if it cannot
>act as an ssl endpoint. Does squid not support ssl end-point
>termination?

I don't think so. Note that redirecting connection to your own machine
and behave as the server is called "man-in-the-middle" attack, and it
is a security breach. SSL was designed to make secret, encrypted
end-to-end connection between browser and a final server and it should
remain so.

-- 
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
99 percent of lawyers give the rest a bad name. 
Received on Wed Apr 11 2012 - 11:43:11 MDT

This archive was generated by hypermail 2.2.0 : Wed Apr 11 2012 - 12:00:03 MDT