[squid-users] Certificate transparency: problem for ssl-bumping, no effect, or?
Yuri Voinov
yvoinov at gmail.com
Tue Nov 1 21:03:28 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
02.11.2016 2:58, Alex Rousskov пишет:
> On 11/01/2016 02:47 PM, Yuri Voinov wrote:
>
>> if the SSL bump will be impossible to do -
>> whether it should be understood that in such a situation you close the
>> project Squid as unnecessary? :) Seriously, why does it then need to be
>> in a world without HTTP?
>
> Believe it or not, there are still many Squid use cases where bumping is
"Wow, Plop-Plop, what a terrible story" ;)
>
> unnecessary. This includes, but is not limited to, HTTPS proxying cases
> with peek/splice/terminate rules and environments where Squid possesses
Sure, I know. I meet this every day exactly. This is no problem still
remains relatively low percent.
>
> the certificate issued by CAs trusted by clients. There are also IETF
> attempts to standardize transmission of encrypted but proxy-cachable
> content.
Hope they not completely headless.
>
>
> I agree that Squid user base will shrink if nobody can bump 3rd party
> traffic, but that reduction alone will not kill Squid.
Hope at this. It is difficult to make long-term plans if the software
has to die soon. :)
>
>
> Alex.
- --
Cats - delicious. You just do not know how to cook them.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJYGQMgAAoJENNXIZxhPexGocQIAMU0g7zH7B7gMwgatt2PdA27
Jx+Frqnh+V8fYDEtLYwWRwSO5EmtCIG2Zx90LYiljN6mxvKd7hCBseJczf7nTsh4
bLumPaX6VWOLrPBGDRuWvqXfn6xFDX3uBLqyTWQUnNX6GuiuqkGQ2JvXctbNQA1A
NV0VYM5Dg/p/JZDKqQdB41ip7IEm+mWp7xcd7S377or0vNkiVS4oZWj0goYZGER5
yuWg9K2TA5HbLhjBou+G6VXPCLx5LDTCAl9gxTLm/qc/v/6cO1Wi6LxhAI7YOBuR
c/r5Rqj+bsbWqxD3ma9Pdg2m+WR8Z15mSTRm+jFYlsjae9b8ApggDXaabLWuL4I=
=kuNU
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x613DEC46.asc
Type: application/pgp-keys
Size: 2437 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20161102/a5bcd51b/attachment.key>
More information about the squid-users
mailing list