[squid-users] Settings for Bank & Health
Al Grant
bigal.nz at gmail.com
Tue Mar 13 08:17:21 UTC 2018
On Tue, Mar 13, 2018 at 9:06 PM, Matus UHLAR - fantomas <uhlar at fantomas.sk>
wrote:
> On 13.03.18 20:37, Al Grant wrote:
>
>> I have been told it would be good practice to respect users privacy when
>> it
>> comes to banking and health websites.
>>
>
> it's good practice respect users privacy when it comes to all websites.
>
> I am not sure whether this means not logging those websites, not caching
>> them or something else?
>>
>
> in fact, both. However it's not a problem unless you bump SSL connections.
> without it, you just see CONNECT requests in proxy logs, which doesn't
> violate privacy.
>
>
So would you see all the URLs for a given site in the logs?
> .
>>
>
> Bumping SSL connections means decrypting the traffic and removing privacy.
> (SSL is designed for end-to-end encryption and valication).
>
> Bumping decrypts the connection, provide own certificates, and make own SSL
> connection to the web sites.
>
> Users will not see the green bar commonly seen at banking sites, coming
> from
> extended validation certificate.
>
>
I don't see the need to go as far as filtering traffic based on content.
However I would like to be able to view the URLs visited.
Thanks for the explanation.
--
"Beat it punk!"
- Clint Eastwood
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20180313/24c9efa8/attachment-0001.html>
More information about the squid-users
mailing list