[squid-users] SQUID3 HTTPs forward proxy and sha256/512 authentication

[Yuri Voinov]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Eliezer,

Squid can be cascaded with Privoxy+Tor. :)

And then - we can route users into it using ACL's.... ;)

Yep, not Squid itself. But with external services......... ;)

04.02.2015 2:23, Eliezer Croitoru пишет:
> On 03/02/2015 17:14, Anton Radkevich wrote:
>> so just to be clear the connection flow will look like:
>>
>> browser <Encrypted Tunnel> Server <HTTP or HTTPS connection> Destination
>>
>> where <Encrypted Tunnel> is probably some form of HTTPS connection for
>> support with the browser PAC
>
> Hey Anton,
>
> Squid do not support socks connection or any other form of encryption.
> The known options to encrypt the connection between the client and the
server are:
> - ssl vpn tunnel
> - ssh vpn tunnel
> - some other weird and special ways
>
> Since I am not familiar with all authentication methods I cannot answer.
> On the other hand squid offers couple ways to authenticate and I am
sure that the choice between md5 or other sha algorithm is not important
if you are encrypting the connection between the server and the client
using a tunnel.
> If you wish to use some higher security levels you can use client side
certificates and pin IP addresses to the certificates.
>
> All The Bests,
> Eliezer
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBAgAGBQJU0S77AAoJENNXIZxhPexGw6QIAMUsnpSP4nYZB1rqO+M80J1q
/w6qkbtDiQIN1Uo2aVD3YG1kldEGzyyIV+j4uCHet2OLznzyReobV5k+Nc3kk3t2
7/qpclaMVR/tHVtwPv/BoKHFUWSD49bQEBff7tl+7FV7QdA3zFE3URlYDz7vQ6EJ
8+kRVnhi/N57rFjSu3V8UC77CG81jAhx1vVy2iDofVvbEpXY1zX/gNU581hPcmQ0
h8trHn8WnQmVqT1PFqQLPAjijBg546EcKzZbV+6cFnn/27+WdakwOChFrYp+sP3D
pY0DB9upmc1XSLg6le6YrHEhRaCKj3gTinOkICywttvB5Xp89jNqcT5MahwHfA8=
=pYLW
-----END PGP SIGNATURE-----