I'm not talking about the proxy doing it, I'm talking about the filter taking the key, decrypting the web page, and if its "bad", sending its own "Access Denied" page.
How's it going to decrypt the page with a public key? SSL doesn't use crappy encryption algorithms.
To Joe: The proxy server is what does the filtering. They're known as filtering proxies. I could name some, but Google can name more. And these proxies/filters aren't going to perform Man-in-the-Middle attacks. That would be dangerous for anybody who's behind them, because it means that they could be attacked more easily.
To Sidoh: It is possible, regardless of the encryption algorithm. The problem is that whenever you request content from an encrypted page, there are two separate encrypted tunnels:
You: Key A
Server: Key B
Proxy: Key C
Outgoing data:
You ===encrypted with A===> Proxy ===encrypted with C===>Server
Incoming data
You<===encrypted with C===Proxy <===encrypted with B<===Server
So everything you receive is encrypted with the same key. The problem there is that, whenever you go to an encrypted site, you'll get an error because the key you receive doesn't match the key that the server ought to have (because you're getting the proxy's key). So you'll always get a warning, and if somebody IS doing an attack on you, you won't know, because you're still getting the wrong key. For that reason, doing this is dumb, and no school or business would do it.