I was reading in comp.risks, } Subject: Re: MarketScore exploit (Emigh, RISKS-23.88) } } They're not the only ones. Microsoft ISA (Internet Security and } Acceleration) Server 2004 does the same thing: it allows clients to } establish a secure connection with it, and then it establishes a secure } connection with the remote site. } } It does not log the content of the session (though future versions of ISA } Server may allow this). But it does log the full URL, and HTTP headers } (such as user agent) that you would normally expect to be invisible over an } https connection.
By golly that's it. That's how wwwoffle can cache https sessions. No more staring at that last precious browser screen after disconnection. I hate volatile information. OK, you guys work out the details. I'm too busy off looking for my next ground shattering concept discovery.
