On Wed, May 26, 2021 at 10:18 AM Matus UHLAR - fantomas <uh...@fantomas.sk> wrote:
> >On 22/05/21 2:06 am, Odhiambo Washington wrote: > >>I installed this on my Windows 10 but gave up when I could not make > >>it to cache anything. > > On 26.05.21 12:57, Amos Jeffries wrote: > >Squid by default uses a memory based cache these days. Unless your > >traffic is non-cacheable you should be seeing some things stored there > >without any configuration. > > The main problem is that most of web content it HTTPS, which means it's > hardly cacheable outside of web browsers. > > with https, proxy only sees stream of encrypted data: > the "s" in https means "secure" so no third party sees your data. > > caching it requires decrypting of the connection, which means doing > man-in-the-mittle attack. It requires private certififacion authority > installed on squid and in the browser, and for some domains using CAA > browsers will still complain, or you'll have to fake DNS CAA records, which > is harder with when using DNSSES, DoT or DoH. In the light of the foregoing, what is the standard way of deploying Squid these days? Is the use of the ssl_bump becoming standard or no one needs any caching within Squid these days so that Squid has become a tool for filtering and access control only? -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft.", egrep -v "^$|^.*#" :-)
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
