> -----Original Message-----
> From: Sturgis, Grant
> Sent: Friday, August 12, 2005 9:00 AM
> To: squid-users@squid-cache.org
> Subject: Alternatives to Transparent Proxy https
>
>
> Hello all,
>
> It appears that it is impossible to transparent proxy HTTPS
> (if you think this is not true, please let me know!).
>
> What are the alternatives? Do you just let users go directly
> out to the web server? We are trying to avoid using PAC
> files since they tend to cause problems for travelers.
>
> Thanks for any ideas,
>
> Grant
> ---------
>
To clarify a bit, my concern is that malicious websites will provide
service on tcp/443 (not ssl wrapped http) for the purpose of proxy
avoidance or something else. Users will request this URL and will avoid
our proxy and therefore content scrubbing. I wish I could allow direct
connection to tcp/443 knowing that the traffic is indeed https. If it
is not, shut it down and investigate.
>
>
> Pardon this rubbish:
>
>
This electronic message transmission is a PRIVATE communication which contains
information which may be confidential or privileged. The information is intended
to be for the use of the individual or entity named above. If you are not the
intended recipient, please be aware that any disclosure, copying, distribution
or use of the contents of this information is prohibited. Please notify the
sender of the delivery error by replying to this message, or notify us by
telephone (877-633-2436, ext. 0), and then delete it from your system.
Received on Fri Aug 12 2005 - 10:29:57 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Sep 01 2005 - 12:00:01 MDT