> I think Polipo was a better cache, and since an HTTP proxy can't filter > evil content out of HTTPS responses, Privoxy's filtering was not very > useful.
Note though that the definition of evil can be game changed by running your instance inside a secure sandbox, behind a nat, and minding your session data appropriately. With no access to the rest of the system and no crosssite cookie/etc trails, that's a good win. You're really only left with the case of a rogue applet doing a 'whatismyip.com' to defeat your use of 1918 space and then sending the result to whoever your adversary may be. Depending on what the user is doing, that could be a big weakness that warrants the tradeoff of disabling 'evil' features. As usual, it would be awesome to have a tool that could de and re encapsulate https so that proxies and caches could do their thing with it. *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/