Hi!
I'm a long time squid user and I never found anything that I wanted to get
from squid that wasn't already there, but it seems this time I found
something missing and seems time to "pay" back ;-)
Server Name Indication (SNI as some say) is an extension to ssl and tls
https connections that was mainly written to allow web servers to serve
secure sites on the same IP/Ports with different certificates, what it does
is send the server name to connect to on client hello, so the server knows
what certificate to present before getting into ssl/tls. It is descrived on
rfc3546.
The thing I'd like to do and I haven't seen how to do with current squid, is
to allow transparent proxy of incoming https connections based on this
Server Name Indication. Maybe I missed this and it is already implemented,
but if this is not yet implemented I'd like to know if you'd like me to
implement it and how would you like it to be implemented and on which squid
code.
I belive that's all for now, we can get to more details if you want me to do
something regarding this.
Regards...
-- Manty/BestiaTester -> http://manty.netReceived on Mon Apr 02 2012 - 19:59:16 MDT
This archive was generated by hypermail 2.2.0 : Tue Apr 03 2012 - 12:00:04 MDT