Hacker News new | past | comments | ask | show | jobs | submit login

But for many users, their downstream organization is their ISP. From my point of view, any caching by them is malicious. I didn't send my request to the IP of their caching server, I sent it to the IP of the site I'm trying to reach. Redirecting my request to their cache is a MITM attack.

If my employer wants to use caching, they can install a cert for their proxy on my machine (or require me to do so), so it's not a problem - although it is more technically complex.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: