squid-cache (10 Part Series)
All previous two posts talk about SSL bumping, and the previous post talks about google might not be your friend for this, because some of those you found may be outdated.
What could be wrong?
Let's focus on the SSL bumping this time.
SSL bumping has actually evolved and formed into three different versions:
- The https://wiki.squid-cache.org/Features/SslBump, which was the first hit in my google search, actually points to the "Squid-in-the-middle SSL Bump" method, which is the oldest of the three versions. It enables ICAP inspection of SSL traffic.
- The next version is the SslBump using Bump-Server-First method. It enhances on mimicking server certificates details.
- The latest version is SslBump Peek and Splice. This is the actual transparently intercepting TLS/SSL bumping.
It'll be quite obvious when you visit each of the three different versions on their official page, but I think it is nice to point them out, because merely looking at the urls might give you another impression.
This is part of my fact-collecting blog of the squid caching server series, focusing on SSL bumping part. Next we'll be looking at more SSL bumping articles in details.