[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security of SSL proxies
Peter Trei writes:
>
> [email protected] (Peter Gutmann) writes:
> > A number of vendors are now selling SSL proxies which implement secure
> > tunnelling for web browsers using a non-crippled SSL implementation running on
> > the client machine.
> I'm a little confused by your use of the term 'SSL proxy'. Netscape
> defined an extension to HTTP to allow SSL traffic through a firewall:
> the encrypted request is prepended (in clear) with the actual
> destination IP address and port. The firewall proxy then opens a
> TCP/IP channel to the actual destination/port, and blindly relays packets
> between the actual destination and the browser until one side or the
> other shuts down the link.
> Or are you talking about something entirely different?
Something different. There are several products that are designed to
improve the strength of the encryption securing the connection between
the browser and server. Here are a couple of URLs with more info:
http://www.c2.net/products/spwp/
http://www.medcom.se/ssr/
I believe there are a couple of other competitors as well, but don't
know the URLs.
-- Jeff