[clamav-users] Squid + ClamAV
Andrea Venturoli
ml at netfence.it
Thu Apr 2 06:14:21 UTC 2020
On 2020-04-01 19:38, Henrik K wrote:
>> But pretty much all
>> websites are SSL encrypted these days, so there's nothing to scan
>> unless you do nasty man-in-the-middle decryption. Everyone has virus
>> scanners on their PC, browsers have all sorts of proctection etc.
>> The days of proxy scanning are long gone, it's just categorizing and
>> blacklisting urls these days..
Well, you'll need MITM anyway if you want to see HTTPS URLs and be able
to blacklist them.
> (I sometimes wonder what the *net* improvement in security
> is when HTTPS is used, given that one is now almost totally dependent
> on how secure the Web server is.)
Rather, I wonder what the net security improvement of *HTTPS everywhere*
is: if TLS was limited to sites where it's needed/useful, our job would
be much easier.
bye
av.
P.S.
I'm investigatint your other message about the reload patch.
Thanks.
More information about the clamav-users
mailing list