"That’s easy with unencrypted traffic. If the site uses SSL, then you have to do some kind of SSL interception. Straightforward on a corporate network full of tightly-managed systems. Much harder on a network full of student machines, visitor laptops and the like, and in our opinion, something to be avoided."
Obviously, they do not see intercepting traffic as desirable. But who has time to read the article before commenting these days...?
Does SSL prevent the network admin from seeing the URL that is being visited? I did in fact read the article in full, but I was under the impression that the encryption just encrypted the data in the request.
From a read through of the Wikipedia article on SSL it's now clear to me that all HTTP headers are encrypted, including the requested path.
> Does SSL prevent the network admin from seeing the URL that is being visited?
My understanding is that SSL establishes an end-to-end secure channel, then HTTP is inside that channel. Consequently, GETs and POSTs are not visible to outside parties.
"That’s easy with unencrypted traffic. If the site uses SSL, then you have to do some kind of SSL interception. Straightforward on a corporate network full of tightly-managed systems. Much harder on a network full of student machines, visitor laptops and the like, and in our opinion, something to be avoided."
Obviously, they do not see intercepting traffic as desirable. But who has time to read the article before commenting these days...?