On 01/15/2018 02:12 PM, Brian J. Murrell wrote: > On Mon, 2018-01-15 at 13:48 -0700, Alex Rousskov wrote: >> >> both transparent and forward/explicit proxies have approximately the same >> support for HTTPS. In other words, if you find a forward/explicit >> proxy useful for HTTPS, then a transparent proxy can be used similarly. > And can be done *WITHOUT* doing a MitM attack on my users? The answer depends on what you want the proxy to do, but proxy abilities rarely depend on the proxy deployment mode (transparent or explicit/forward) in this context. Neither transparent nor explicit/forward proxy can decrypt traffic without MitM attacks, of course. I have interpreted your earlier response as essentially saying that, in the "TLS Everywhere" world, you find explicit/forward proxy useful but a transparent proxy useless. Since both can do approximately the same things, the statement did not compute for me. Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
