On Wednesday 04 September 2002 22.54, Ricardo Kustner wrote:
> All legal issues aside... I'm not sure how pratically possible this
> is... Most of all, if you have https encrypted sessions: the whole
> idea about ssl is that one cannot eavesdrop between the browser and
> the server on the other side... so neither squid nor any other
> proxy will be able to do this. So you'd have to ban https traffic.
Not neccesarily. If you can force all your users to accept that their
SSL traffic will be decrypted then you can use a SSL proxy to log the
traffic. Only ill efect for the user is that he will not be able to
use client-side certificates, or verify the server certificate.
(all the user will se is the certificate of your SSL proxy).
Regards
Henrik
Received on Wed Sep 04 2002 - 17:32:56 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:05 MST