Mailinglist Archive: opensuse (1355 mails)

< Previous Next >
Re: [opensuse] Re: opensuse mailing list site ridiculousness
  • From: Per Jessen <per@xxxxxxxxxxxx>
  • Date: Sun, 17 Jun 2018 14:20:52 +0200
  • Message-id: <pg5jn4$g6g$1@saturn.local.net>
Carlos E. R. wrote:

On 2018-06-17 13:07, Per Jessen wrote:
Carlos E. R. wrote:

On 2018-06-17 11:57, Per Jessen wrote:
Carlos E. R. wrote:

On 2018-06-17 11:01, Per Jessen wrote:
Carlos E. R. wrote:

On 2018-06-17 06:45, L A Walsh wrote:

Thank-you google for making the need for decryption a standard
such that even I go through the trouble so I can continue to
cache traffic.

Ah, caches stop working. Good point.

Not entirely, I think squid has been doing some work:
https://wiki.squid-cache.org/Features/SslBump

It is an interesting point, isn't?

We use https to be secure when talking to the bank, yet it is
possibly to put a proxy server that deciphers the traffic and
provides a cache.

AFAICT, the user is warned about a possible man-in-the-middle
attack. The article is quite clear about it.

Sure.

But I will not know if my ISP places such a cache on their network.

Yes, I think that is the whole point. Squid cannot decrypt your
https traffic without your browser warning you.

And others, more malicious, can they do it silently?

I don't see how, but I'm no expert. If it could be done silently, I
think squid would have offered that option too.



--
Per Jessen, Zürich (21.6°C)
http://www.dns24.ch/ - free dynamic DNS, made in Switzerland.


--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >