>On 22/05/21 2:06 am, Odhiambo Washington wrote:
>>I installed this on my Windows 10 but gave up when I could not make
>>it to cache anything.
On 26.05.21 12:57, Amos Jeffries wrote:
>Squid by default uses a memory based cache these days. Unless your
>traffic is non-cacheable you should be seeing some things stored there
>without any configuration.
On Wed, May 26, 2021 at 10:18 AM Matus UHLAR - fantomas <uhlar@xxxxxxxxxxx>
wrote:
The main problem is that most of web content it HTTPS, which means it's
hardly cacheable outside of web browsers.
with https, proxy only sees stream of encrypted data:
the "s" in https means "secure" so no third party sees your data.
caching it requires decrypting of the connection, which means doing
man-in-the-mittle attack. It requires private certififacion authority
installed on squid and in the browser, and for some domains using CAA
browsers will still complain, or you'll have to fake DNS CAA records, which
is harder with when using DNSSES, DoT or DoH.
On 26.05.21 11:25, Odhiambo Washington wrote:
In the light of the foregoing, what is the standard way of deploying Squid
these days?
Is the use of the ssl_bump becoming standard or no one needs any caching
within Squid these days so that Squid
has become a tool for filtering and access control only?
I guess it's the latter.
I personally think in cases of e.g. public documents where the only privacy
issue is that you know who accesses what content, simpler version of
security could be enough: confirmation of authenticity (the content was not
modified). Such content could be cacheable.
--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Quantum mechanics: The dreams stuff is made of.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users