|
|
|
|
|
|
by LogicX
3422 days ago
|
|
|
I'll jump on my current soap box, which is that we need a standard to allow MITM blocking, without interception, and a nicer user experience. This won't solve all use-cases, but selfishly, It will solve mine at DNSFilter: If a browser could recognize our SSL cert, or a special field in our cert, and present the user with a block message, and a static link to learn more, it would eliminate the need for us to have our customers install a CA of ours, and MITM traffic. We have not yet done so, and I'd prefer not to, but it seems to be the industry standard way of avoiding users being confused by errors when we block/MITM an SSL site. |
|
|
I might open-source it if there's interest but it's relatively basic.