Quote:
Originally Posted by BetterRed
I appreciate 'they' can't intercept HTTPS to interrogate content - but what about source address, file name, file size and destination address, reading the Wikipedia entry its not clear to me that that metadata is not available. I'm not minded to read the RFC's 
BR |
Wikipedia on HTTP proxies (transparent proxy/http cache proxy):
http://en.wikipedia.org/wiki/Proxy_server#Detection
Quote:
Detection- By comparing the result of online IP checkers when accessed using https vs http, as most intercepting proxies do not intercept SSL. If there is suspicion of SSL being intercepted, one can examine the certificate associated with any secure web site, the root certificate should indicate whether it was issued for the purpose of intercepting.
|
My google-fu gave me the impression that the ISP literally cannot see anything you are doing on the website. Like this SuperUser question:
http://superuser.com/questions/56385...-https-traffic
tl;dr
They can see the domain/IP address you connected to. And an indecipherable stream of encrypted data transferred between that IP address and your IP address.
Unless they use an SSL proxy with SSL certificates they signed themselves and conned you into adding to your computer's certificates bundle. (Read: shady man-in-the-middle attack.)
As the purpose of HTTPS is to encrypt your web traffic from both spying and tampering by anyone other than the two parties involved -- you and the website -- and the traditional way to circumvent this is with a man-in-the-middle attack, we must simply ask ourselves: how shady is this ISP anyway? The problem may be far greater -- they may be seeing all our bank info as well. If they can intercept and view or change the https MSI download, they can see/edit our online banking just as easily.