[squid-users] Quick peek-splice clarification
James Lay
jlay at slave-tothe-box.net
Thu Jun 11 00:16:36 UTC 2015
All,
>From the docs at:
http://wiki.squid-cache.org/Features/SslPeekAndSplice
peek
step1, step2
Receive SNI and client
certificate (step1), or
server certificate
(step2) while preserving
the possibility of
splicing the connection.
Peeking at the server
certificate usually
precludes future bumping
of the connection (see
Limitations). This
action is the focus of
this project.
stare
step1, step2
Receive SNI and client
certificate (step1), or
server certificate
(step2) while preserving
the possibility of
bumping the connection.
Staring at the server
certificate usually
precludes future
splicing of the
connection. Currently,
we are not aware of any
work being done to
support this action.
I see a lot of:
ssl_bump peek all
Does this perform both step1 with SNI and client cert, AND server cert?
Thank you.
James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150610/28f13d62/attachment.html>
More information about the squid-users
mailing list