[squid-users] Certificate transparency: problem for ssl-bumping, no effect, or?

Alex Rousskov rousskov at measurement-factory.com
Sat Apr 14 01:57:53 UTC 2018


On 04/13/2018 02:41 PM, MK2018 wrote:

> Alex Rousskov wrote
>> Believe it or not, there are still many Squid use cases where bumping is
>> unnecessary. This includes, but is not limited to, HTTPS proxying cases
>> with peek/splice/terminate rules and environments where Squid possesses
>> the certificate issued by CAs trusted by clients. There are also IETF
>> attempts to standardize transmission of encrypted but proxy-cachable
>> content.
>>
>> I agree that Squid user base will shrink if nobody can bump 3rd party
>> traffic, but that reduction alone will not kill Squid.

> I would definitely disagree.

With what? Nothing you said afterwards contradicts what I said above.

Alex.


More information about the squid-users mailing list