Re: [squid-users] enabling X-Authenticated-user from Brett Lymn on 2012-03-01 (squid-users)

From: Brett Lymn <brett.lymn_at_baesystems.com>
Date: Fri, 2 Mar 2012 09:31:36 +1030

On Fri, Mar 02, 2012 at 12:41:11AM +1300, Amos Jeffries wrote:
>
> You really want to trust a tutorial which begins with "Enable SSL
> interception on the proxy server."?
>

Unfortunately, want has little to do with this. I get no say in whether
or not we have what we have I am just the bunny that has to make it work
somehow.

> There really is no need for a proxy to use write-access to headers and
> client requests. The servers have PICS labeling or other newer rating
> systems available that the proxy can read and enforce site-wide policy
> for far easier.
> http://vancouver-webpages.com/PICS/HOWTO.html#tools
>
> Too many different sized wheels on that old cart.
>

Yep, there are many but those wheels don't address some of the concerns
of the people driving this. They want to do content scanning amongst
other things. If it were just URL filtering it would be pretty easy.

>
> Looked at, yes. Argued over, probably. Accepted, depends on how the
> audit and voting process goes. We are very democratic.
>

OK - if I try this path I will get myself onto squid-dev and gauge some
reactions first I guess.

> Personally I'm against the nasty uses naive people put it to without
> considering the consequences more than the feature itself. Adding it is
> the top of a slippery slope of feature requests we have managed to
> mostly avoid so far.
>

Totally understand - I do free software development in my spare time too
and know exactly what you are talking about.

-- 
Brett Lymn
"Warning:
The information contained in this email and any attached files is
confidential to BAE Systems Australia. If you are not the intended
recipient, any use, disclosure or copying of this email or any
attachments is expressly prohibited.  If you have received this email
in error, please notify us immediately. VIRUS: Every care has been
taken to ensure this email and its attachments are virus free,
however, any loss or damage incurred in using this email is not the
sender's responsibility.  It is your responsibility to ensure virus
checks are completed before installing any data sent in this email to
your computer."

Received on Thu Mar 01 2012 - 23:01:46 MST

This archive was generated by hypermail 2.2.0 : Fri Mar 02 2012 - 12:00:02 MST