On 02/04/2014 03:34 AM, Yury Paykov wrote: > MY QUESTION IS - Is there a way to use CN information from server > certificate which is retrieved with /server-first/ method? Can I construct > an ACL rule based on it? Yes, but only after Peek and Splice project is finished. And, as discussed on that project wiki page, learning CN while still being able to splice the connection later often requires that you refuse to bump the connection (you can still terminate it at TCP level after learning CN, of course). Cheers, Alex.
