HTTPS redirects to HTTP for monitoring

Ca By cb.list6 at
Sun Jan 18 18:29:05 UTC 2015

On Sunday, January 18, 2015, John Levine <johnl at> wrote:

> >> So your idea is to block every HTTPS website?
> >From my point of view, it is better than violate user privacy & safety.
> >
> >Sneaky is evil.
> I expect your users would fire you when they found you'd blocked access to
> Google.
And they would sue you for gross negligence for decrypting their ssn when
access company  payroll and cpni data

>>> These boxes that violate end to end encryption are a great place for
> >>> hackers to steal the bank and identity info of everyone in your
> company.
> Since the end user machines are generally running Windows, why would bad
> guys
> waste time on a much harder and more obscure target?
Who said the mitm box was not running windows ?

That said, a properly admin'd win7 box is about as secure as any other end
station in my opinion. Yea, win2k and xp were a pain, msft has come a long
long way.

The same cannot be said for Adobe or Java.


More information about the NANOG mailing list