> On 12/12/19 1:49 am, Scott wrote:
> >> On 11/12/19 8:51 pm, Scott wrote:
> >>> Hi,
> >>>
> >>> I understand that squid does some security checking that the SNI of an
> >>> intercepted/WCCP HTTPS requests matches the reverse DNS of the IP of the
> >>> connection. Or something like that.
> >>
>
On 12/12/19 1:49 am, Scott wrote:
>> On 11/12/19 8:51 pm, Scott wrote:
>>> Hi,
>>>
>>> I understand that squid does some security checking that the SNI of an
>>> intercepted/WCCP HTTPS requests matches the reverse DNS of the IP of the
>>> connection. Or something like that.
>>
>> Not being able
> On 11/12/19 8:51 pm, Scott wrote:
> > Hi,
> >
> > I understand that squid does some security checking that the SNI of an
> > intercepted/WCCP HTTPS requests matches the reverse DNS of the IP of the
> > connection. Or something like that.
>
> Not being able to say precisely what Squid is actu
On 11/12/19 8:51 pm, Scott wrote:
> Hi,
>
> I understand that squid does some security checking that the SNI of an
> intercepted/WCCP HTTPS requests matches the reverse DNS of the IP of the
> connection. Or something like that.
Not being able to say precisely what Squid is actually doing shows
Hi,
I understand that squid does some security checking that the SNI of an
intercepted/WCCP HTTPS requests matches the reverse DNS of the IP of the
connection. Or something like that.
However with the prevalence of CDNs and badly configured DNSs and geographic
DNSs, this breaks lots of connec
