On Wed, May 26, 2021 at 10:18 AM Matus UHLAR - fantomas <uhlar@xxxxxxxxxxx> wrote:
>On 22/05/21 2:06 am, Odhiambo Washington wrote:
>>I installed this on my Windows 10 but gave up when I could not make
>>it to cache anything.
On 26.05.21 12:57, Amos Jeffries wrote:
>Squid by default uses a memory based cache these days. Unless your
>traffic is non-cacheable you should be seeing some things stored there
>without any configuration.
The main problem is that most of web content it HTTPS, which means it's
hardly cacheable outside of web browsers.
with https, proxy only sees stream of encrypted data:
the "s" in https means "secure" so no third party sees your data.
caching it requires decrypting of the connection, which means doing
man-in-the-mittle attack. It requires private certififacion authority
installed on squid and in the browser, and for some domains using CAA
browsers will still complain, or you'll have to fake DNS CAA records, which
is harder with when using DNSSES, DoT or DoH.
In the light of the foregoing, what is the standard way of deploying Squid these days?
Is the use of the ssl_bump becoming standard or no one needs any caching within Squid these days so that Squid
has become a tool for filtering and access control only?
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v "^$|^.*#" :-)
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v "^$|^.*#" :-)
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
