[GTER] Status atual de Cache HTTP/FTP

Luiz Otavio O Souza lists.br at gmail.com
Wed Sep 21 18:23:53 -03 2016


2016-09-21 17:30 GMT-03:00 mantunes:
> Em 21 de setembro de 2016 16:55, Eduardo Schoedler
> <listas at esds.com.br> escreveu:
>> Em 21 de setembro de 2016 13:02, mantunes escreveu:
>>> O lance é https.. nem sei os caches no mercado tem isso.. alguns estão
>>> dando problema
>>
>> Eu *nunca* usaria uma rede onde fazem MITM para cachear o que não deve
>> ser cacheado.
>>
>
> https reflector squid

 WARNING:  HTTPS was designed to give users an expectation of privacy
and security. Decrypting HTTPS tunnels without user consent or
knowledge may violate ethical norms and may be illegal in your
jurisdiction. Squid decryption features described here and elsewhere
are designed for deployment with user consent or, at the very least,
in environments where decryption without consent is legal. These
features also illustrate why users should be careful with trusting
HTTPS connections and why the weakest link in the chain of HTTPS
protections is rather fragile. Decrypting HTTPS tunnels constitutes a
man-in-the-middle attack from the overall network security point of
view. Attack tools are an equivalent of an atomic bomb in real world:
Make sure you understand what you are doing and that your decision
makers have enough information to make wise choices.

Origem: http://wiki.squid-cache.org/Features/HTTPS

-l



More information about the gter mailing list