Ben Laurie wrote:
|| Errr - its tricky anyway, coz the cert has to match the final
|| destination, and, by definition almost, that can't be the proxy.
provided you can impose a CA cert onto the user browser (not hard in a
corporate environment) it isn't as if signing a certificate "on the fly"
is
Adam Back wrote:
> On Tue, Jul 23, 2002 at 06:11:04PM +, Jason Holt wrote:
>
>> The default behavior for an SSL proxy is to pass the encrypted bytes
>>back and forth, allowing you to connect all the way to the other server.
>
>
> This isn't just the default behavior; it's the only de
On Tue, 23 Jul 2002, Adam Back wrote:
[...]
> > However, it is possible for the proxy to have its own CA which has
> > been added to your browser. Then it acts as a man in the middle and
> > pretends to be the remote host to you, and vice versa. In that
> > case, it works as you describe, watchi
On Tue, Jul 23, 2002 at 06:11:04PM +, Jason Holt wrote:
> The default behavior for an SSL proxy is to pass the encrypted bytes
> back and forth, allowing you to connect all the way to the other server.
This isn't just the default behavior; it's the only defined behavior
right?
> Howe
>> Roy M. Silvernail[SMTP:[EMAIL PROTECTED]]
>> Given internet access from a private intranet, through an HTTP
>> proxy out of the user's control, is it possible to establish a secure
>> tunnel to an outside server? I'd expect that ordinary SSL
>> connections will secure user <-> proxy and pro