Felix Karpfen <[EMAIL PROTECTED]> writes:
> * Andrew M. Bishop <[EMAIL PROTECTED]> [16.08.05 04:23]:
> >
> > It is all a question of trust. If you trust your proxy enough then
> > the proxy can make an https connection to the server.....
>
> This "if" caught my eye.
>
> I had massive problems with an https connection that needed a "user
> identification" and was patiently taken by the "help-desk" through all
> the required steps to make the connection work.
>
> One of the instructions was "connect direct; do not use a proxy".
>
> And I _always_ follow instructions; especially when I have no idea on
> what is going on.
>
> Ultimately, everything worked (the problem was due to the need to update
> my version of "java", in order to make it compatible with my updated
> browser).
>
> But I would welcome comments on the advice to "connect direct". Is it
> relevant when the proxy is WWWOFFLE on my box (Most of the "help-desk's
> clients use Windows. The help desk flagged that this advice was standard
> procedure for Windows and that it had no expertise in Linux)?
When you connect to an https server through WWWOFFLE the data is
tunneled transparently by WWWOFFLE, it does not, and can not look at
the data because it is encrypted. It should not make a difference to
the https link if you connecting directly or through a proxy.
The number of proxies that will look at the https data as it passes
through is very small. It depends on the trust that I explained
previously, most proxies don't take the step of asking the user to
trust them. Most people don't know that if ou trust the man in the
middle then he can look at your data.
--
Andrew.
----------------------------------------------------------------------
Andrew M. Bishop [EMAIL PROTECTED]
http://www.gedanken.demon.co.uk/
WWWOFFLE users page:
http://www.gedanken.demon.co.uk/wwwoffle/version-2.8/user.html
