Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] telnet'ing to home with Java servlet



On Tue, 1 Nov 2005 18:18:01 +0900
Josh Glover <jmglov@example.com> wrote:

> > I originally thought of using it over https.  I didn't realize that
> > https via proxy resulted in clear text passwords being used.
> 
> It does not usually. I know that with Squid (which we used at my
> previous job), the HTTPS connexion was secure end-to-end--the only
> thing the proxy did was the name resolution for the end user's
> browser.
> 
> Jim, why do you think a proxy forces plaintext passwords with an HTTPS
> proxy? I do not doubt you, just wondering if you have specific example
> in mind.

I thought one of the goals of TLS was to be secure against
man-in-the-middle attacks. 
Whenever I use https over squid, it always presents the certificate of
the remote server and not its own. 
See this: http://www.squid-cache.org/Doc/FAQ/FAQ-1.html#ss1.12



Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links