On 08/24/2016 06:36 AM, Yuri Voinov wrote: > 24.08.2016 18:32, Antony Stone пишет: >> He wants to configure his browser to connect to the proxy over an SSL >> connection, and then inside this secure connection send standard HTTP and >> HTTPS requests > Yeah, I get it. It seems to me, is absolutely crazy and insecure idea. No, you do not get it. If you were getting it, you would not call it "crazy" or "insecure". Please do not scare folks away from the configuration that makes a lot of sense and is actually used in highly secure environments. If you would like to understand why this configuration makes sense, please carefully study available documentation, resist the urge to post one-sentence knee-jerk responses, and think about what gets encrypted between the client and Squid (hint: There are two layers of encryption in case of HTTPS) and between Squid and the server. If, after all that effort, you still think that this is "crazy" or "insecure", then consider carefully itemizing a few specific reasons behind that [incorrect] conclusion so that others can correct your mistake. Thank you, Alex. >> See "Encrypted browser-Squid connection" at the bottom of >> http://wiki.squid-cache.org/Features/HTTPS _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
