> On 27 Sep 2025, at 06:36, Samuel Sieb <[email protected]> wrote: > > That is terrible and breaks all security. You can't trust any sites if you > do that.
It’s a fact of life that it is one of the few reliable ways to detect malware and prevent data leaks is to intercept the TLS data. To do that you need a man-in-the-middle proxy. You are given the companies CA that you install in the clients so that you can trust the certs created by the proxy. If you trust the security company then you can trust the CA. I used to work on such a product, it is a valid solution for many enterprises, and it works very well in practice. Barry -- _______________________________________________ users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
