Re: Proxy or Firewall

2000-05-01 Thread Tony Nelson
On Mon, May 01, 2000 at 10:16:28PM +0200, Richard Levitte - VMS Whacker wrote: > From: Tony Nelson <[EMAIL PROTECTED]> > > I understand that some corporations choose to do that, although I do > not agree with that kind of practice. Basically, companies do it to protect themselves.. for the very

Re: Proxy or Firewall

2000-05-01 Thread Richard Levitte - VMS Whacker
From: Tony Nelson <[EMAIL PROTECTED]> tnelson> On Mon, May 01, 2000 at 08:44:17AM -0600, Mike Nigbor wrote: tnelson> > OK, so how does this differ from a "man-in-the-middle" attack? tnelson> > tnelson> > Since there are two SSL sessions, there must be two session tnelson> > encryption keys and t

RE: Proxy or Firewall

2000-05-01 Thread Harry Whitehouse
ch? TIA Harry -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tony Nelson Sent: Monday, May 01, 2000 9:35 AM To: [EMAIL PROTECTED] Subject: Re: Proxy or Firewall On Mon, May 01, 2000 at 08:44:17AM -0600, Mike Nigbor wrote: > OK, so how does this differ

Re: Proxy or Firewall

2000-05-01 Thread Tony Nelson
--- -- Hope this helps, Tony Nelson TIS Worldwide, Firewall Admin > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of James Dabbs > Sent: Saturday, April 29, 2000 6:41 AM > To: [EMAIL PROTECTED] > Subj

RE: Proxy or Firewall

2000-05-01 Thread Mike Nigbor
Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of James Dabbs Sent: Saturday, April 29, 2000 6:41 AM To: [EMAIL PROTECTED] Subject: RE: Proxy or Firewall I believe that many enterprises that do not allow an unbroken SSL connection directly from the client throught t

Re: Proxy or Firewall

2000-04-29 Thread Bodo Moeller
James Dabbs <[EMAIL PROTECTED]>: > I believe that many enterprises that do not allow an unbroken SSL > connection directly from the client throught the proxy/firewall to > the remote server. [...] SSL is "broken" at the proxy, and > reestablished with a seperate SSL session between the proxy an

RE: Proxy or Firewall

2000-04-29 Thread James Dabbs
sknecht, Deborah A [SMTP:[EMAIL PROTECTED]] > Sent: Friday, April 28, 2000 2:57 PM > To: '[EMAIL PROTECTED]' > Subject: RE: Proxy or Firewall > > A few comments included within... > > > -Original Message- > > From: James Dabbs [mailto:[E

RE: Proxy or Firewall

2000-04-28 Thread Boyet, Adam C
No since in re-inveting the wheel. Does anyone have code that they would share? > -- > From: David Lang[SMTP:[EMAIL PROTECTED]] > Reply To: [EMAIL PROTECTED] > Sent: Friday, April 28, 2000 11:39 AM > To: [EMAIL PROTECTED] > Subject: RE:

RE: Proxy or Firewall

2000-04-28 Thread Hansknecht, Deborah A
A few comments included within... > -Original Message- > From: James Dabbs [mailto:[EMAIL PROTECTED]] > Sent: April 28, 2000 5:37 AM > To: [EMAIL PROTECTED] > Subject: RE: Proxy or Firewall ..deleted stuff > HTTP over SSL, though, works transparently

RE: Proxy or Firewall

2000-04-28 Thread David Lang
o: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Subject: RE: Proxy or Firewall > > Generally speaking, use of "raw" SSL through a proxy requires special setup > changes in the proxy itself. Depending on the environment, this may also > require a security waiver f

RE: Proxy or Firewall

2000-04-28 Thread James Dabbs
Generally speaking, use of "raw" SSL through a proxy requires special setup changes in the proxy itself. Depending on the environment, this may also require a security waiver from the MIS department in charge of the proxy and a security screen on the endpoints in question. HTTP over SSL, though,

Re: Proxy or Firewall

2000-04-28 Thread Rudolf Schreiner
On Thu, 27 Apr 2000, Boyet, Adam C wrote: > Is it possible to use Net::SSLeay and OpenSSL to make a SSL request through > a proxy or firewall. SSL thru TCP-level firewalls is no problem. Cheers, Rudi __ OpenSSL Project

RE: Proxy or Firewall

2000-04-28 Thread Michal Otoupalik
Boyet, Adam C wrote: > > Is it possible to use Net::SSLeay and OpenSSL to make a SSL request through > a proxy or firewall. > Yes, it's possible. You must add some short code before SSL_Accept to make connection through proxy. If you use HTTP proxy, you may try something like this pseudocode: