-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 04.02.2015 21:39, Amos Jeffries пишет: > On 4/02/2015 7:32 p.m., Jason Haar wrote: >> On 04/02/15 18:47, Daniel Greenwald wrote: >>> And happens to be one that squid desperately needs to remain in order >>> to continue ssl bumping.. >> ...and is one that diminishes in value as cert pinning becomes more >> popular... >> >> It's a tough life: on the one hand we want to do TLS intercept in order >> to do content filtering of HTTPS (because the bad guys are deliberately >> putting more and more malware onto HTTPS websites), and yet on the other >> hand we all want some things to be private. >> >> Bring back RFC3514, then all of this would be easy!!! >> > > While Squid is not able to be section-3 compliant due to lack of a > portable system API. By building with --disable-http-violations it > becomes mostly compliant with section-4 under its role as a network > protection gateway. ;-P > > Amos > > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users Http violations is our all. :-P -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJU0l8MAAoJENNXIZxhPexGJW8IALZHBtjXGs6kxbRf4vKJm1nD q/fdYBSUQ3w5fYR6FyiTY+BseSZbVglb2wBLY7hIemJDV/V+Eb/6/uD2kCSO4E0B l7dpuO1Mem3ZmavkCPLmPN8QSFZ4cTrYVAhxgH9KY/2gO00iokuKdPDj1WzGRaGA Snd5fXctcMCqsaVK4w1kWzXCk3RJmBxFxxArMjdvEukcWrjViWwLJp5v8cC4Vl01 eqWpw0ko+cvCf/U7pdyacSX89r8uWdjYg2H4Nl7ETRuki/XZsD+FCpRIoW/2cI3P DPUZ+izw/G3oiXehWu/acE6YItOdiSOp5vM35VzrukGOcmTEQCmZ/nRBnNvhbb0= =vffI -----END PGP SIGNATURE----- _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
