On 01/19/2010 05:57 PM, Dimitri Syuoul wrote:
> Thank you... for the inmense amount of users who have been waiting
> years.. is there any opportunity that you can release a patch to the
> stable version for this feature to be enabled.. so that we dont have
> to compile the 3.1 beta?
Sorry, but our cycles are probably better spent on moving forward than
on backporting. I hope there are are even more users waiting for other
features on the to-do list.
> Do you know of any opensource alternatives to this solution?
Not sure what you mean. SSL Bump is open source; it is a part of Squid.
The new dynamic SSL certificate generation code will be submitted for
the Squid Project review shortly as well. I am waiting for the final
round of test results to post the patch to squid-dev.
Cheers,
Alex.
> On Tue, Jan 19, 2010 at 5:38 PM, Alex Rousskov
> <rousskov_at_measurement-factory.com> wrote:
>> On 01/13/2010 10:30 AM, Dimitri Syuoul wrote:
>>> Hello,
>>>
>>> Ive been reading over this new feature. It is unclear to me if this
>>> can be used for transparently proxying SSL (by this I mean not
>>> configuring any proxy in the computers of the clients.. it is ok if
>>> clients get cert warnings).
>> Yes, SSL Bump can be used in a transparent environment.
>>
>> Due to a large number of certificate warnings, complex sites that use
>> multiple secure servers on one page are barely usable without dynamic
>> SSL certificate generation though.
>>
>> HTH,
>>
>> Alex.
Received on Wed Jan 20 2010 - 03:12:00 MST
This archive was generated by hypermail 2.2.0 : Wed Jan 20 2010 - 12:00:04 MST