On 3/15/22 15:09, Jason Spashett wrote:
I wonder if there is a set of workable acls at present that can detect
and/or block domain fronting. By way of my understanding, that would be
comparing the TLS SNI during a client connecting to squid and issuing a
CONNECT method. Squid would bump that T
On 16/03/22 08:09, Jason Spashett wrote:
Hello squid-users,
I wonder if there is a set of workable acls at present that can detect
and/or block domain fronting.
Unfortunately no.
By way of my understanding, that would be
comparing the TLS SNI during a client connecting to squid and issuing
Hello squid-users,
I wonder if there is a set of workable acls at present that can detect
and/or block domain fronting. By way of my understanding, that would be
comparing the TLS SNI during a client connecting to squid and issuing a
CONNECT method. Squid would bump that TLS request to also examin
