Security of SSL proxies

Jeff Barber jeffb at issl.atl.hp.com
Mon Mar 24 08:28:59 PST 1997


Peter Trei writes:
> 
> pgut001 at cs.auckland.ac.nz (Peter Gutmann) writes:
> > A number of vendors are now selling SSL proxies which implement secure 
> > tunnelling for web browsers using a non-crippled SSL implementation running on 
> > the client machine.

> I'm a little confused by your use of the term 'SSL proxy'. Netscape 
> defined an extension to HTTP to allow SSL traffic through a firewall:
> the encrypted request is prepended (in clear) with the actual 
> destination IP address and port. The firewall proxy then opens a 
> TCP/IP channel to the actual destination/port, and blindly relays packets
> between the actual destination and the browser until one side or the
> other shuts down the link.

> Or are you talking about something entirely different? 

Something different.  There are several products that are designed to
improve the strength of the encryption securing the connection between
the browser and server.  Here are a couple of URLs with more info:

    http://www.c2.net/products/spwp/
    http://www.medcom.se/ssr/

I believe there are a couple of other competitors as well, but don't 
know the URLs.


-- Jeff






More information about the cypherpunks-legacy mailing list