[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Squid in a school - problems with https



* nate <debian-user@aphroland.org> [2001.11.04 12:25:37-0800]:
> > squid for SSL? uhm, how?
> 
> easy.
> 
> acl all src 10.10.10.0/255.255.255.0 166.128.21.107/32
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl SSL_ports port 443 563
> acl Safe_ports port 80 21 443 563 70 210 910 1-99 1025-65535
> acl purge method PURGE
> acl CONNECT method CONNECT

okay, i saw these entries too. but what makes you believe that squid
actually proxies these? it may well be able to forward them, and it
has to if it is a non-transparent proxy for HTTPS, but there is no way
that it can decrypt the stream and cache the data - unless something
here is entirely broken, or i am failing to understand the trivial.

-- 
martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
  
i'd rather be riding a high speed tractor
with a beer on my lap,
and a six pack of girls next to me.

Attachment: pgpXWE9ihefjP.pgp
Description: PGP signature


Reply to: