[squid-users] Alert unknown CA
Jason Haar
Jason_Haar at trimble.com
Wed Feb 4 06:32:50 UTC 2015
On 04/02/15 18:47, Daniel Greenwald wrote:
> And happens to be one that squid desperately needs to remain in order
> to continue ssl bumping..
...and is one that diminishes in value as cert pinning becomes more
popular...
It's a tough life: on the one hand we want to do TLS intercept in order
to do content filtering of HTTPS (because the bad guys are deliberately
putting more and more malware onto HTTPS websites), and yet on the other
hand we all want some things to be private.
Bring back RFC3514, then all of this would be easy!!!
--
Cheers
Jason Haar
Corporate Information Security Manager, Trimble Navigation Ltd.
Phone: +1 408 481 8171
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
More information about the squid-users
mailing list