[squid-users] Extraneous question regarding SSL interception
Alex Rousskov
rousskov at measurement-factory.com
Thu Apr 21 20:53:35 UTC 2016
On 04/21/2016 02:22 PM, Antony Stone wrote:
> Forgive me if this is answered in the documentation somewhere (but please
> point me at it if so, because I haven't been able to find it), but where do the
> terms "bump", "peek", "splice" and "stare" come from?
"splice" comes from a standard networking technique of "TCP splicing"
which is exactly what Squid is trying to do when the "splice" action wins.
"bump" comes from a more-or-less standard networking concept of "bump in
the wire" that describes temporary elevating processing to the next
protocol level. In Squid's case, we are temporary elevating processing
from SSL to HTTP level.
"peek" comes from the English verb "to peek" which means "look quickly"
and has such synonyms as "take a stealthy look", which is exactly what
Squid is trying to do when the "peek" action wins.
"stare" comes from the English verb "to stare" and was chosen as a kind
of antonym to "to peek". When Squid stares at the SSL exchanges, it may
modify things and generally prepare connections for bumping, which is a
much longer operation compared to peeking.
There is also "terminate" which does what it says.
In my biased opinion, the action names are actually pretty accurate and
descriptive. My only regret is that the feature itself was called SSL
_Bump_ and not something more action-neutral. Unfortunately, I did not
predict the necessary for more actions when we started writing bumping code.
Alex.
More information about the squid-users
mailing list