Archives/SSLproxy
2
0
Fork 0
mirror of https://github.com/sonertari/SSLproxy synced 2024-11-19 21:25:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove legacy TODO file; move to Github issues

Browse Source
This commit is contained in:
Daniel Roethlisberger 2014-11-04 18:59:56 +01:00
parent fb2841f645
commit 0648f84bfc
1 changed files with 0 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
TODO
View File

@ -1,16 +0,0 @@
Legacy list of to do items; see github issues for a more up to date list.
- Control SSL_OP_SINGLE_ECDH_USE and other de-optimizations by a
"prefer speed to security" command line option
- Optionally add ephemeral RSA key to SSL_CTX to allow export cipher suites
http://www.openssl.org/docs/ssl/SSL_CTX_set_tmp_rsa_callback.html
- Dump cipher suites sent by the client in debug mode
- Consider memory pools for use by per-connection state
- Handle renego & client cert authentication more gracefully
- Separate orig cert retrieval from actual fwd address/proto config
- CRL denial mode based on targetdir cert's CDPs or by identifying CRL ASN.1
- Browser update denial mode
- Extendable approach to broken certificate verification implementations
- Client fingerprinting: only intercept clients with headers matching regex
- Configurable and/or scriptable modification of requests and/or responses
- Sample scripts for single file/fifo content log postprocessing