The tricky part of proxying TLS sessions is having the proxy provide
certificates that the client will trust. If your organization controls
the desktops, you can easily enough insert your root signing key in
their environment and create your own version of the certificates of the
servers they
Not really. You would have to do a man-in-the middle "attack" on the TLS
sessions. It can, and has, be done. There is no code or plugin in ATS that
provides this feature, but the plumbing is there if you wish to write the code.
Squid does have something for it already.
This is murky water at be
