Posts by Nick Sullivan

High-reliability OCSP stapling and why it matters

Published on by Nick Sullivan.

At Cloudflare our focus is making the internet faster and more secure. Today we are announcing a new enhancement to our HTTPS service: High-Reliability OCSP stapling. This feature is a step towards enabling an important security feature on the web: certificate revocation checking. Reliable OCSP stapling also improves connection times

A container identity bootstrapping tool

Published on by Nick Sullivan.

Everybody has secrets. Software developers have many. Often these secrets—API tokens, TLS private keys, database passwords, SSH keys, and other sensitive data—are needed to make a service run properly and interact securely with other services. Today we’re sharing a tool that we built at Cloudflare

Cloudflare Crypto Meetup #5: February 28, 2017

Published on by Nick Sullivan.

Come join us on Cloudflare HQ in San Francisco on Tuesday, Febrary 28, 2017 for another cryptography meetup. We again had a great time at the last one, we decided to host another. It's becoming a pattern. We’ll start the evening at 6:00p.m. with time for networking,

Opportunistic Encryption: Bringing HTTP/2 to the unencrypted web

Published on by Nick Sullivan.

Encrypting the web is not an easy task. Various complexities prevent websites from migrating from HTTP to HTTPS, including mixed content, which can prevent sites from functioning with HTTPS. Opportunistic Encryption provides an additional level of security to websites that have not yet moved to HTTPS and the performance benefits