[K12OSN] PROXY, CACHES, and secure sites???

Les Mikesell les at futuresource.com
Fri Nov 19 17:27:00 UTC 2004


On Fri, 2004-11-19 at 11:09, David Trask wrote:
> Maybe you can help educate me.  I'm using an SME server as my gateway and
> it also is my proxy server (Squid) using DansGuardian and doing
> transparent proxying.  Some folks I talked to recently felt that using a
> proxy server was a security risk as it caches secure sites that can then
> be opened by anyone.  I've never heard of this happening...is it true and
> if so...preventable?  Am I (or actually they) worried about nothing?  Any
> info welcome.

(A) Pages that should not be cached should be marked as such by the
server with appropriate http headers, and
(B) Pages that require authentication or session cookies are not
cached anyway.
These are true whether the connection is secure or not and apply nearly
as much to the browser itself and it's local file cache which may
not be on a secure machine.

---
  Les Mikesell
    les at futuresource.com





More information about the K12OSN mailing list