Search squid archive

Re: squid 3.3.8 https (Yuri Voinov)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 9/08/2016 9:54 a.m., Erdosain9 wrote:
> but, its possible to do with this version?? (3.3.8).... i have CentOs 7 and
> thats the official packet.

With difficulty. HTTPS was designed to prevent MITM being possible. So
the Squid SSL-Bump feature(s) have been in an arms race situation with
the whole security community since before it was even designed. It is
still quote volatile with changes to how bumping works right up to the
very latest releases.

If you want to SSL-Bump traffic you really need to be following the
latest changes. Old packages will have an increasing number of sites
where it suddenly stops working because they fixed the security hole
that old version as using. Or added some new TLS extension the old
version is not aware of.


The <http://wiki.squid-cache.org/KnowledgeBase/CentOS> page lists where
you can get more up-to-date packages for CentOS.

Amos

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux