How to build your own public key infrastructure

Published on by Nick Sullivan.

A major part of securing a network as geographically diverse as CloudFlare’s is protecting data as it travels between datacenters. Customer data and logs are important to protect but so is all the control data that our applications use to communicate with each other. For example, our application servers

Logjam: the latest TLS vulnerability explained

Published on by Filippo Valsorda.

Image: "Logjam" as interpreted by @0xabad1dea. Yesterday, a group from INRIA, Microsoft Research, Johns Hopkins, the University of Michigan, and the University of Pennsylvania published a deep analysis of the Diffie-Hellman algorithm as used in TLS and other protocols. This analysis included a novel downgrade attack against the TLS protocol