On May 9, 2016, at 5:54 PM, David Fifield david@bamsoftware.com wrote:
Well, an "HTTPS proxy" doesn't have to be a TLS interception device. When I think "HTTPS proxy", I think of an ordinary HTTP proxy using the CONNECT method to support TLS. In that case, the proxy does not get to see plaintext, which includes the path part of the URL. The proxy can tell what domain name you are connecting to, but not what document you are requesting.
In either case, there's no benefit to obfuscating the download names.
Ah, okay that makes sense. It's likely the domains are just blocked then. Thank you all very much for clarifying how this works!