[squid-users] SSL and ACL, anyone?

From: Toni Mueller <[email protected]>
Date: Wed, 5 Jul 2006 12:46:20 +0200

Hello,

I've been asked to apply some (regex) ACLs on what people can surf -
here, in order to protect against malware. My ACLs work fine for
non-encrypted transfers, but are ineffective for SSL transfers. In the
FAQ (?) I've read that using CONNECT makes Squid only pass bytes to and
fro, being totally unaware about what it's doing there.

I see the conflict about breaking end-to-end security and invading
privacy on one side, and a requirement to keep malware out which could
sneak in via SSL transport.

If anyone has an idea on how to tackle this, I'd be glad to hear (and
no, I don't want to go for Cisco "content security" or some such).

TIA!

Best,
--Toni++
Received on Wed Jul 05 2006 - 04:46:24 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Aug 01 2006 - 12:00:01 MDT