A tour through Merkle Town, Cloudflare's Certificate Transparency dashboard
March 24, 2018 2:59AM
The success of Certificate Transparency rests on the existence of a robust ecosystem of logs and log operators. Without logs that CAs can depend on, it’s not practical for browsers to require that SSL certificates have been logged to be trusted—as Chrome plans to do on April 30....
Continue reading »
Introducing Certificate Transparency and Nimbus
March 23, 2018 2:45PM
Certificate Authority
Security
HTTPS
SSL
Research
Certificate Transparency (CT) is an ambitious project to help improve security online by bringing accountability to the system that protects HTTPS. Cloudflare is announcing support for this project by introducing two new public-good services....
CAA of the Wild: Supporting a New Standard
December 07, 2017 2:00PM
Product News
SSL
DNS
Security
TLS 1.3
One thing we take pride in at Cloudflare is embracing new protocols and standards that help make the Internet faster and safer. Sometimes this means that we’ll launch support for experimental features or standards still under active development, as we did with TLS 1.3....
How to make your site HTTPS-only
July 06, 2017 2:35PM
HTTPS
SSL
Automatic HTTPS
Certificate Authority
HTTP2
The Internet is getting more secure every day as people enable HTTPS, the secure version of HTTP, on their sites and services....
How we built Origin CA: Web Crypto
May 10, 2016 4:21PM
Certificate Authority
JavaScript
API
Security
Cryptography
At CloudFlare we strive to combine features that are simple, secure, and backed by solid technology. The Origin CA is a great example of this. You no longer need to go to a third-party certificate authority to protect the connection between CloudFlare and your origin server....
December 22, 2015 4:43PM
Why it’s harder to forge a SHA-1 certificate than it is to find a SHA-1 collision
It’s well known that SHA-1 is no longer considered a secure cryptographic hash function. Researchers now believe that finding a hash collision (two values that result in the same value when SHA-1 is applied) is inevitable and likely to happen....