[Privoxy-devel] HTTPS filtering in Privoxy

Fabian Keil fk at fabiankeil.de
Wed Oct 12 13:15:21 UTC 2016 

<vasek.svec at email.cz> wrote:

> I'm student of third year at Czech technical university in Prague and
> I'm choosing topic for my bachelor thesis. My teacher has offered to me
> this topic:
> Study the current state of proxy servers with respect to the HTTPS
> protocol. Analyze the available implementations and specify approaches
> to filtering HTTPS communication; focus at the security issues related
> to these approaches. Implement a module for Privoxy (www.privoxy.org)
> which will add the support for filtering of the HTTPS communication
> between a browser and a server.
> 
> I'd like to ask you about your opinion on this topic. I'm not really
> great C programmer, but I'm not C beginner and I have some small
> experiences with OpenSSL library. I find this topic very interesting,
> but I'm little bit scared of the programming part. Could you please say
> me, how difficult would be this implementation. And could I ask you for
> advice when I encountered some problem during implementation?

I'd expect the programming part to be time consuming but not too
difficult. Documenting it in a way a non-technical user understands
is likely to be challenging, but this could be out of scope for your
thesis anyway.

One non-technical issue with using OpenSSL is that Privoxy is
licensed under the GPLv2 which is incompatible with the OpenSSL
license. This causes problems for platforms that don't contain
OpenSSL as part of the base system and thus aren't covered by
the system library exception in the GPLv2.

Most GNU/Linux distributions probably would not be able to enable
the OpenSSL support for their Privoxy packages and Windows users
would have to compile it themselves as well.

This doesn't mean that OpenSSL can't be used for this, but it's
something you should be aware of from the beginning.

Feel free to ask any additional questions you have about this.

Fabian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.privoxy.org/pipermail/privoxy-devel/attachments/20161012/2ce6b972/attachment.bin>

More information about the Privoxy-devel mailing list