[squid-users] SSL Attacks against Squid in reverse proxy mode

From: Will Roberts <ironwill42_at_gmail.com>
Date: Tue, 16 Oct 2012 23:34:23 -0400

Hi,

I'm using squid 3.1.20 as a reverse proxy to provide an SSL frontend as
well as caching.

I'm looking for configuration directives that would allow me to prevent
squid from being susceptible to CRIME. Is there a way to pass a flag to
the SSL library to disable compression (CRIME)?

Thanks,
--Will
Received on Wed Oct 17 2012 - 03:34:32 MDT

This message: [ Message body ]
Next message: Amos Jeffries: "Re: [squid-users] Trouble filtering/denying HTTPS traffic"
Previous message: Cameron Charles: "[squid-users] Trouble filtering/denying HTTPS traffic"
Next in thread: Amos Jeffries: "Re: [squid-users] SSL Attacks against Squid in reverse proxy mode"
Reply: Amos Jeffries: "Re: [squid-users] SSL Attacks against Squid in reverse proxy mode"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

This archive was generated by hypermail 2.2.0 : Wed Oct 17 2012 - 12:00:02 MDT