Default SSL Settings
|
Oct. 06, 2010, 04:29 AM
Post: #2
|
|||
|
|||
RE: Beta Config (Sep 19 2010)
(Oct. 05, 2010 05:19 PM)sidki3003 Wrote: After a longer while of thinking about this matter, i came to the conclusion that such a change would be irresponsible:I have no problem with whatever decision is made. Personally, I would prefer to use https filtering, but my understanding from previous discussions was that the expected filtering happened to fail in a fair number of https situations. The default configuration/documentation can be directed toward a crowd who will (should) take the extra steps to enable https filtering, or toward a crowd who will not. If users are informed about the advantage of https filtering and given proper direction for initial installation, the DLL message troubles can be avoided and the better configuration choice will be delivered as the default. Does UseSSLEAY=TRUE provide security if users are not told that browser https proxy configuration and DLL installation are REQUIREMENTS for the desired "normal" configuration? What I'm getting at is that Sidki's documentation represents the https filtering as optional, where the new user can just install the software, configure the browser for http proxy and do nothing else. Installing the dll files and configuring the browser to use Prox. for https is additional action that must be taken, if this is the default preference. The documentation for these steps belongs in the "normal" installation description of Sidki's website Readme, rather than in the optional section. Just one more observation about the current state of affairs: with UseSSLeay=TRUE, and the user not doing the other configuration steps - believing that UseSSLeay is not active by default - the Prox. gui shows a checkmark, thus a somewhat misleading indication of https filtering status. If a user were to uncheck and then recheck this box, attempting to get back to the "oob" configuration, the "mysterious" dll errors will appear. The user notices it was checked previously and Prox. did not present errors. With UseSSLEAY=FALSE and no expectations of https filtering in place as default, the misleading indication and dll errors are less likely. I'm making a suggestion to review and rewrite the Readme documentation on the Sidki website, and include mention of the full installation requirements for the desired configuration. Users like me who do indeed "RTFM" for accuracy will not be disappointed. |
|||
« Next Oldest | Next Newest »
|
Messages In This Thread |
Default SSL Settings - sidki3003 - Oct. 05, 2010, 05:19 PM
RE: Default SSL Settings - wammie - Oct. 09, 2010, 07:37 AM
RE: Default SSL Settings - Mele20 - Oct. 09, 2010, 01:28 PM
RE: Default SSL Settings - JJoe - Oct. 09, 2010, 03:18 PM
RE: Default SSL Settings - wammie - Oct. 09, 2010, 03:33 PM
RE: Default SSL Settings - JJoe - Oct. 09, 2010, 05:08 PM
RE: Default SSL Settings - wammie - Oct. 15, 2010, 04:12 AM
RE: Default SSL Settings - Mele20 - Oct. 25, 2010, 10:43 PM
RE: Default SSL Settings - JJoe - Oct. 26, 2010, 12:19 AM
RE: Default SSL Settings - Mele20 - Oct. 26, 2010, 12:49 AM
RE: Beta Config (Sep 19 2010) - wammie - Oct. 06, 2010 04:29 AM
RE: Beta Config (Sep 19 2010) - sidki3003 - Oct. 06, 2010, 06:11 PM
|