[squid-users] Extraneous question regarding SSL interception

Odhiambo Washington odhiambo at gmail.com
Thu Apr 21 21:41:39 UTC 2016


Yes! That SSL _Bump_ name!

Thanks for explaining the origins.

On 23:53, Thu, Apr 21, 2016 Alex Rousskov <rousskov at measurement-factory.com>
wrote:

> On 04/21/2016 02:22 PM, Antony Stone wrote:
>
> > Forgive me if this is answered in the documentation somewhere (but please
> > point me at it if so, because I haven't been able to find it), but where
> do the
> > terms "bump", "peek", "splice" and "stare" come from?
>
> "splice" comes from a standard networking technique of "TCP splicing"
> which is exactly what Squid is trying to do when the "splice" action wins.
>
> "bump" comes from a more-or-less standard networking concept of "bump in
> the wire" that describes temporary elevating processing to the next
> protocol level. In Squid's case, we are temporary elevating processing
> from SSL to HTTP level.
>
> "peek" comes from the English verb "to peek" which means "look quickly"
> and has such synonyms as "take a stealthy look", which is exactly what
> Squid is trying to do when the "peek" action wins.
>
> "stare" comes from the English verb "to stare" and was chosen as a kind
> of antonym to "to peek". When Squid stares at the SSL exchanges, it may
> modify things and generally prepare connections for bumping, which is a
> much longer operation compared to peeking.
>
> There is also "terminate" which does what it says.
>
>
> In my biased opinion, the action names are actually pretty accurate and
> descriptive. My only regret is that the feature itself was called SSL
> _Bump_ and not something more action-neutral. Unfortunately, I did not
> predict the necessary for more actions when we started writing bumping
> code.
>
> Alex.
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160421/6161bb97/attachment.html>


More information about the squid-users mailing list