The placement of an interception proxy in between a client and web server has its own implications. Therefore, it is more practical to take a “middle” approach that can moderate the ongoing and future SSL/TLS sessions while not compromising the user privacy. A policy rule in JSON schema and data is proposed in handling SSL/TLS connection delegated by a non-intrusive, pass-through proxy.