> -----Original Message----- > From: Sturgis, Grant > Sent: Friday, August 12, 2005 9:00 AM > To: squid-users@xxxxxxxxxxxxxxx > Subject: Alternatives to Transparent Proxy https > > > Hello all, > > It appears that it is impossible to transparent proxy HTTPS > (if you think this is not true, please let me know!). > > What are the alternatives? Do you just let users go directly > out to the web server? We are trying to avoid using PAC > files since they tend to cause problems for travelers. > > Thanks for any ideas, > > Grant > --------- > To clarify a bit, my concern is that malicious websites will provide service on tcp/443 (not ssl wrapped http) for the purpose of proxy avoidance or something else. Users will request this URL and will avoid our proxy and therefore content scrubbing. I wish I could allow direct connection to tcp/443 knowing that the traffic is indeed https. If it is not, shut it down and investigate. > > > Pardon this rubbish: > > This electronic message transmission is a PRIVATE communication which contains information which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. Please notify the sender of the delivery error by replying to this message, or notify us by telephone (877-633-2436, ext. 0), and then delete it from your system.
