On 22/02/2015 13:56, Amos Jeffries wrote:
The google page about forcing safesearch currently recommends hijacking
DNS. Which may also work for YouTube but its not clear.
I must mention also:
If only youtube is the issue, there is an idea to pre-identify these dns
requests and only ssl-bump these IP addresses which would point into any
youtube http domain.(*.youtube.com and similar)
If there is an option to pre create a ssl certificate which contains all
the needed domains for this interception you might be able to install
only a "bundle" of certificates which can be used by the users.
Installing a certificate in a windows system can be pretty simple if you
have the knowledge and the right permissions.
The main issue is "pinning" this certificate inside the ssl_crtd
certificates directory.
Eliezer
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
