On 02/02/18 15:12, Roberto Carna wrote:
Unless you are using ssl-bump/peek and splice (which will be show up a
warning in the browser if squid's CA in not installed in its list of
authorities) the traffic is tunneled through squid still encrypted. You
can't see anything but the domain part of the URL.
OK Matus, now I understand....but let me ask one more question:
In explicit mode, is it possible that a given person with Squid
advanced knowledge can see the plain text of the traffic? Because if
this person is the admin of the proxy server, I think it may be a way
to read the plain content of the connection user-remote server.
Thanks a lot again !!!
If you are bumping, and have installed CAs into browsers, just, of
course it's possible for a proxy admin to see the plaintext.
This message is intended only for the addressee and may contain
confidential information. Unless you are that person, you may not
disclose its contents or use it in any way and are requested to delete
the message along with any attachments and notify us immediately.
This email is not intended to, nor should it be taken to, constitute advice.
The information provided is correct to our knowledge & belief and must not
be used as a substitute for obtaining tax, regulatory, investment, legal or
any other appropriate advice.
"Transact" is operated by Integrated Financial Arrangements Ltd.
29 Clement's Lane, London EC4N 7AE. Tel: (020) 7608 4900 Fax: (020) 7608 5300.
(Registered office: as above; Registered in England and Wales under
number: 3727592). Authorised and regulated by the Financial Conduct
Authority (entered on the Financial Services Register; no. 190856).
squid-users mailing list