Hey ST,
Indeed you can in a way use squid to do this task.
Just take consideration that Squid is a HTTP caching proxy while only
supporting FTP protocol.
Then take in account that to verify each gpg file you will need a whole
dedicated service that is capable to do so.
FTP upload is another story at all which Squid supports but what you do
require is a very purpose specific Software which should be designed to
match couple security levels and which should be handled by a
professional security developer.
I can say that if it's a highly secure environment that require this
feature a possible solution can be "ticketing" or inspection system that
the requester can ask for permission since gpg can be quite a security
breech sometimes.
note that The above are not a security specialist recommendations.
Eliezer
On 21/11/13 12:18, ST wrote:
Hi, how can I configure squid so that it:
1) will work only with FTP and block all other protocols
> 2) download only .gpg files that can be verified with certain key and
block all the rest
> 3) if user chooses to upload a file - it will upload it signed version?
Thank you in advance.
ST
