Hi, On Fri, 02.09.2005 at 00:26:36 +0200, Markus Wernig <[EMAIL PROTECTED]> wrote: > [...] I am also a bit undecided about the usefulness > | of such devices. > Erm ... wasn't it you to suggest "that the control channel could > be used to break end-to-end encryption into two pieces, originating or > terminating at the gateway machine"? As said above, it would be > technically feasible.
yes, I said that that is the idea I have about how to do it. The remark about the "usefulness" was directed towards the implicit break of trust from the client's perspective because, as someone else already said, the client has to trust the proxy for everything (and checking certificates would need to be part of the proxy). > Hmm, considered using sftp? Hmmm... not quite. The "usual" application I had in mind when talking about this is people updating their web sites on some servers which offer (or enforce) FTP+SSL, and where I control only one end, not the other. Best, --Toni++
