[squid-users] Extraneous question regarding SSL interception
odhiambo at gmail.com
Thu Apr 21 21:41:39 UTC 2016
Yes! That SSL _Bump_ name!
Thanks for explaining the origins.
On 23:53, Thu, Apr 21, 2016 Alex Rousskov <rousskov at measurement-factory.com>
> On 04/21/2016 02:22 PM, Antony Stone wrote:
> > Forgive me if this is answered in the documentation somewhere (but please
> > point me at it if so, because I haven't been able to find it), but where
> do the
> > terms "bump", "peek", "splice" and "stare" come from?
> "splice" comes from a standard networking technique of "TCP splicing"
> which is exactly what Squid is trying to do when the "splice" action wins.
> "bump" comes from a more-or-less standard networking concept of "bump in
> the wire" that describes temporary elevating processing to the next
> protocol level. In Squid's case, we are temporary elevating processing
> from SSL to HTTP level.
> "peek" comes from the English verb "to peek" which means "look quickly"
> and has such synonyms as "take a stealthy look", which is exactly what
> Squid is trying to do when the "peek" action wins.
> "stare" comes from the English verb "to stare" and was chosen as a kind
> of antonym to "to peek". When Squid stares at the SSL exchanges, it may
> modify things and generally prepare connections for bumping, which is a
> much longer operation compared to peeking.
> There is also "terminate" which does what it says.
> In my biased opinion, the action names are actually pretty accurate and
> descriptive. My only regret is that the feature itself was called SSL
> _Bump_ and not something more action-neutral. Unfortunately, I did not
> predict the necessary for more actions when we started writing bumping
> squid-users mailing list
> squid-users at lists.squid-cache.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the squid-users