-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 06.07.15 18:06, Amos Jeffries пишет: > On 6/07/2015 9:30 p.m., adam900710 wrote: >> >> Here is some of my experiments: >> 1) Remove "never_direct" >> Then ssl_bump works as expected, but all traffic doesn't goes through >> the SOCKS5 proxy. So a lot of sites I can't access. >> >> 2) Use local 8118 proxy >> That works fine without any problem, but SSL_dump is needed... >> So just prove privoxy are working. >> >> Any clue? > >> Also, If I disable "ssl_bump" at http_port line, squid works without >> any problem just as a forwarder. >> But that makes no sense anyway. > > Makes perfect sense. Would you like anybody to be able to decrypt your > HTTPS traffic and send it as plain-text wherever they want? Disagree. Not anybody, but anything. Like SpamAsassin reads my mail. And so what? > > > Squid does not permit that. All inbound encrypted traffic must one way > or another leave upstream only by encrypted channels. Aha, without caching. And will we need caching proxy this way? > > > Amos > > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJVmnd+AAoJENNXIZxhPexGAQ0IAKdNK16UITyVODfIdpXeE0J7 XqSuzGNVF29zbZFKF77+0YURoTvP+9QAz0etQqxw/B5vXMSuUmeRABkmzeFmnSJp aYevXI59j1I+a/1Y+cxR5r99vk+hiEEjNECEq+y1xR7/W3xL1RwaJNlzT9IsbUsU 8lmyZ7WRNIudRmH7DaGiiGdfUC0/hXiKEcEZBhjVe8okYCDKyloG7i4GQisaHZqG hp2hSckPLp4URhu/qj20i3mrEcplpf1XUvfBnr9FngZni4IiyiclxSAcgCAw3ukE 0dWYtE382Q1WVOLDLsFNYTwBlBuVSko2ddUk246GtBIVhnF6/2D0fmsw2SL3GYc= =FXay -----END PGP SIGNATURE----- _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
