Re: [squid-users] SSL Acceleration

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Thu, 15 Mar 2001 23:54:23 +0100

Not sure what you are referring to. This thread is about "acceleration",
not proxying. Very different by nature as in accelerators the "proxy" is
the origin server in the view of the client.

If you are talking about the previous thread about transparent proxying
of SSL it is because Squid does not know how to listen for such
transparently hijacked SSL connections. Yes, it is technically possible
just as it is to "transparently" proxy HTTP, just that Squid does not
know how to as noone has coded the tools required (as noone has seen it
a job fit for Squid, as it has nothing to do with HTTP, URLs or
anything, only IP addresses and TCP ports between which some unknown
encrypted data needs to flow).

--
Henrik Nordstrom
Squid hacker
HUNT_STEVE wrote:
> 
> Yes, you're right, I guess it can't do that (cache or even proxy in
> accelerator mode)
> I understand why it can't cache SSL stuff, but I wonder if there is any
> fundamental reason it couldn't be able to proxy it?
Received on Thu Mar 15 2001 - 15:59:43 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:39 MST