Search squid archive

Re: why squid can block https when i point my browser to port , and cant when its transparent ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 07/27/2014 04:49 PM, Jason Haar wrote:

> I do wonder where this will end.

Since one cannot combine interception, inspection, and secure delivery,
this can only end when at least one of those components dies.

Interception is probably the weak link here because it can be removed(*)
by technological means if enough folks decide it has to go. Inspection
(by trusted intermediaries) and secure delivery (through trusted
intermediaries) will probably stay (with modifications) because their
existence sprouts from the human nature (rather than just lack of
development discipline, will, and resources).


> How long before Firefox starts pinning,
> then MSIE, then it gets generalized, etc?

If applied broadly, pinning in an interception world will clash with
government, corporate, and parental desire to protect "assets".  With
todays technology, pinning can only survive on a limited scale IMHO. The
day after tomorrow, if interception dies, replaced by trusted
intermediaries, pinning will not be a problem.


Either that, or the entire web content is going to be owned by a few
content providers that would guarantee that their content is safe and
appropriate (hence, does not need to be inspected). This is what Google
claims with its pinning solution today, and I suspect it is not the
responsibility they actually want and enjoy.


Cheers,

Alex.
(*) I am only discussing overt technologies and needs here. Needless to
say, covert interception will stay with us for the foreseeable future.





[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux