[squid-users] I can't understand the SSL connectios interception concept in explicit mode

Alex Crow acrow at integrafin.co.uk
Fri Feb 2 15:25:02 UTC 2018


On 02/02/18 15:12, Roberto Carna wrote:
> OK Matus, now I understand....but let me ask one more question:
>
> In explicit mode, is it possible that a given person with Squid
> advanced knowledge can see the plain text of the traffic? Because if
> this person is the admin of the proxy server, I think it may be a way
> to read the plain content of the connection user-remote server.
>
> Thanks a lot again !!!
>
>
Unless you are using ssl-bump/peek and splice (which will be show up a 
warning in the browser if squid's CA in not installed in its list of 
authorities) the traffic is tunneled through squid still encrypted. You 
can't see anything but the domain part of the URL.

If you are bumping, and have installed CAs into browsers, just, of 
course it's possible for a proxy admin to see the plaintext.

Cheers

Alex
--
This message is intended only for the addressee and may contain
confidential information. Unless you are that person, you may not
disclose its contents or use it in any way and are requested to delete
the message along with any attachments and notify us immediately.
This email is not intended to, nor should it be taken to, constitute advice.
The information provided is correct to our knowledge & belief and must not
be used as a substitute for obtaining tax, regulatory, investment, legal or
any other appropriate advice.

"Transact" is operated by Integrated Financial Arrangements Ltd.
29 Clement's Lane, London EC4N 7AE. Tel: (020) 7608 4900 Fax: (020) 7608 5300.
(Registered office: as above; Registered in England and Wales under
number: 3727592). Authorised and regulated by the Financial Conduct
Authority (entered on the Financial Services Register; no. 190856).


More information about the squid-users mailing list