Solved

Is the path of an url encrypted when using https?

Posted on 2002-07-17
5
159 Views
Last Modified: 2010-04-11
Let's say I connect to https://niceserver.com/howtofoolyourboss.html trough a proxy, using https. Will the proxy then only see the server  and port I connect to (niceserver.com:80) or will it also be able to pick up the document i requested from the server (howtofoolyourboss.html)?

I'm asuming that the proxy doesn't do any man-in-the-middle attack.
0
Comment
Question by:tunheim
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 11

Expert Comment

by:geoffryn
ID: 7159796
If your browser is set to use the proxy, then the https://url will be listed in the proxy logs.  If you are using only the winsock proxy client and not the browser settings, then the logs record ip, source and destination port.
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 50 total points
ID: 7160473
depends on the proxy.
If you get the notification for accepting the certificate from the remote server, the proxy sees only IP and port.
If the notificatipn for the certificate is from the proxy, it does not forward the https connection, but do it itself. In this case the proxy can see the data too.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 7161086
> I'm asuming that the proxy doesn't do any man-in-the-middle attack.

true.  tunheim, you have it! plain proxy does plain stuff, just the address.

Now there are many other ways devices or services, add-ons can get in the middle and run interference. See also: Carnivore.
0
 

Author Comment

by:tunheim
ID: 7161704
I _do_ get the notification from the remote server. Didn't think of it as relevant for the question. Thanks for bringing it up, it sort of fills some gaps in my understanding of networks.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7162051
so you just need to proofe that the certificate is not faked (man-in-the-middle), simple, isn't it ;-)
0

Featured Post

Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
save browser passwords 11 83
Scan Mac for security breach? 5 82
Exchange in house vs office 365 for security 6 43
nemesis decryptor - torproject.org 7 38
Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question