Hi to all, i have readed that in the roadmap of squid 3.3 will be available dynamic ssl cert hijacking.
I'm interested in this functionality plus icap module to record all ssl session for network forensic analysis, post incident. Do you think is possible to use squid + sslbump + icap/ecap to write down in an structured way all the ssl data forwarded by the proxy ? anyone have any suggestion or experience in this kind of utilization, or icap/ecap functionality cant be used for this purpose ? is it out of the scope ? great thanks in advance. R.
