Search squid archive

Re: intercepting SSL connections with client certificate

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hey Shinoj,

Your problem is not your own.
The main issue with SSL is even intercepting it.
I would not just say it on the law side of the matter.

One of the issues is that SSL should be and end-to-end connection.
In infrastructure that a SSL encryption is enabled the SSL end point in many cases do that as a SSL dedicated HW\SW node.
Behind a SSL reverse proxy there can be a whole new Internet for example.

So breaking the SSL is as you see a very complicated task.
I would assume that when SSL interception is being done it means that these connections needs inspection and it is possible that a client certificate is not even allowed as a policy.

I can think of a VPN solutions that use client side certificates.

In this case I would assume that access to encrypted information from inside this place will be so restricted that only system and engineering staff will be allowed to access some places.

Best Regards,
Eliezer

On 19/11/13 15:39, Shinoj Gangadharan wrote:
I guess I am stuck:)

Thanks and Regards,
Shinoj.





[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux