[squid-users] SSL BUMP, https interception, etc

James Harper james at ejbdigital.com.au
Tue Oct 7 01:36:42 UTC 2014


> 
> Does it have sense to keep trying to do https interception with the arrive of
> pinning and all that things that prevent this kind of activities ?
> 

I think if you give it some time there will be commercial pressure to allow override of pinning.

I mean, you are only ever going to do SSL interception on devices you have full control over anyway (who else would trust you to install your CA? I wouldn't), so it makes sense to have a feature that allows you to override pinning for certain CA's in a controlled network.

James


More information about the squid-users mailing list