"JT" <toruser@xxxxxxxxxxx> wrote: > I just found an example of what I was asking: > > http://www.stunnel.org/examples/https_client.html > > Would it be technically possible to make privoxy SSL capable with > stunnel, so that it can still filter browserbugs but also encrypt end to > end ? If you use stunnel as HTTP forwarder for SSL connections, Privoxy will always see HTTP traffic which it can then filter. The configuration is pretty straight forward and by following the documentation you shouldn't have any problems setting it up. There are several disadvantages though: - you have to configure both Privoxy and stunnel in advance for every host you plan to connect to. - you have to somehow convince stunnel to connect through Tor, either by running Tor as intercepting proxy (you'll also need something like dns-proxy-tor) or by using a socks4a patch that you can find somewhere on the stunnel web site (I never used it). - the encryption ends with stunnel, so your browser can no longer tell if the connection is secure or not. As a result you probably can't tell either. There may be more, but I don't remember them right now. There is at least one Privoxy support request about this as well, you might want to try digging it up for additional information. I only use SSL for sites I trust enough to give them privacy-sensitive information anyway and after I did that, user tracking is the least of my worries. As a result I don't think adding stunnel to the proxy chain is worth the effort and I also think the lost transparency (how secure the connection is) comes pretty close to being a show stopper. Your mileage may vary of course. Fabian
Attachment:
signature.asc
Description: PGP signature