-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 10.05.16 16:07, Amos Jeffries пишет: > On 10/05/2016 9:56 p.m., Ralf Hildebrandt wrote: >>> Once you know the legal situation look into >>> <http://wiki.squid-cache.org/Features/SslPeekAndSplice>. You will also >>> need to be using the latest Squid packages (3.5.19 or 4.0.10 today) and >>> regularly updating. TLS interception is an arms race situation that is >>> constantly changing both the security encryption and the attack methods >>> to break into it. >> >> Does that even work with Chrome (certificate pinning for google sites)? >> (just curious) >> > > Maybe. They document that manually inserted CA certs override pinning. > But I'm not sure they follow that documented practice 100% of the time. AFAIK not. Chrome on PC seems not using certificate pinning as well. > > > Amos > > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJXMcIcAAoJENNXIZxhPexGDygH/jeKcbR4Uk0JuOIPDC5NUi5e QAnUA69adzfriS5F5v//cIzAtRz9FsWJ15bHgKxEXT1F22N2i11i28vhs9kdoxK+ mTpzpj48YXqL2df4jOe0EhLsGe532QtfN5axf04zStum4rXhyXyu0buAodvIj1l6 6UXFLHWUmilHr4A2kLKLxAyPItVcjSKR2M4SIwBb/vKyu/7CQabf+b+9lCEY855q SaIWiBpcOiLA0SMn9Lxe8h2M1HanD+e3yMNo0JhaqFpRx2IHguE2iAgnVyBKpiSL 0Ft9AP/U683go9y3KWkYjFsoCyb34UeIRn94IkYix0Nia60j+GewGp6sTizwF9U= =zvDM -----END PGP SIGNATURE-----
Attachment:
0x613DEC46.asc
Description: application/pgp-keys
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
