CloudFlare Crypto Meetup: April 21, 2016
April 08, 2016 1:40 PM
Now back in HD: the CloudFlare Cryptography Meetup series. A while back, CloudFlare hosted a pair of Meetups focused on encryption and cryptographic technology. ...
It takes two to ChaCha (Poly)
April 04, 2016 11:50 AM
Not long ago we introduced support for TLS cipher suites based on the ChaCha20-Poly1305 AEAD, for all our customers. Back then those cipher suites were only supported by the Chrome browser and Google's websites, but were in the process of standardization. ...
Introducing CFSSL 1.2
March 31, 2016 12:00 PM
Continuing our commitment to high quality open-source software, we’re happy to announce release 1.2 of CFSSL, our TLS/PKI Swiss Army knife. We haven’t written much about CFSSL here since we originally open sourced the project in 2014, so we thought we’d provide an update....
Going to IETF 95? Join the TLS 1.3 hackathon
March 28, 2016 9:00 PM
If you’re in Buenos Aires on April 2-3 and are interested in building, come join the IETF Hackathon. CloudFlare and Mozilla will be working on TLS 1.3, the first new version of TLS in eight years!...
TLS Certificate Optimization: The Technical Details behind "No Browser Left Behind"
March 23, 2016 4:03 PM
Back in early December we announced our "no browser left behind" initiative to the world. Since then, we have served well over 500 billion SHA-1 certificates to visitors that otherwise would not have been able to communicate securely with our customers’ sites using HTTPS....
MORE POSTS
February 12, 2016 2:00 PM
Padding oracles and the decline of CBC-mode cipher suites
At CloudFlare, we’re committed to making sure the encrypted web is available to everyone, even those with older browsers. At the same time, we want to make sure that as many people as possible are using the most modern and secure encryption available to them. ...
- By
February 11, 2016 12:49 AM
Change the (S)Channel! Deconstructing the Microsoft TLS Session Resumption bug
Several months ago we started hearing occasional reports from .NET developers that they were having trouble maintaining HTTPS sessions with one of our customer’s websites. ...
- By
December 25, 2015 8:49 AM
How to Talk to Your Parents About Encryption
It’s December 25th, which means most of you are probably at home visiting with family. I asked a few of the security engineers here at CloudFlare how they explain their jobs when they’re home for the holidays, and here's what they had to say....
- By
December 09, 2015 1:53 PM
SHA-1 Deprecation: No Browser Left Behind
fter December 31, 2015, SSL certificates that use the SHA-1 hash algorithm for their signature will be declared technology non grata on the modern Internet. ...
- By
December 03, 2015 1:59 PM
HTTP/2 is here! Goodbye SPDY? Not quite yet
Why choose, if you can have both? Today CloudFlare is introducing HTTP/2 support for all customers using SSL/TLS connections, while still supporting SPDY. There is no need to make a decision between SPDY or HTTP/2. ...
- By
September 16, 2015 5:47 PM
Cloudflare + WHMCS: faster websites for your customers
We’re at the cPanel Conference in Denver this week, so feel free to drop by our booth and say hello. It’s a great opportunity to connect with our partners and better understand their needs....
- By
June 24, 2015 1:57 PM
How to build your own public key infrastructure
A major part of securing a network as geographically diverse as CloudFlare’s is protecting data as it travels between datacenters. Customer data and logs are important to protect but so is all the control data that our applications use to communicate with each other. ...
- By
June 11, 2015 10:31 AM
iOS Developers — Migrate to iOS 9 with CloudFlare
Thousands of developers use CloudFlare to accelerate and secure the backend of their mobile applications and websites. This week is WWDC, where thousands of Apple developers come to San Francisco to talk, learn and share best practices for developing software for Apple platforms....
- By
May 20, 2015 11:52 PM
Logjam: the latest TLS vulnerability explained
Yesterday, a group from INRIA, Microsoft Research, Johns Hopkins, the University of Michigan, and the University of Pennsylvania published a deep analysis of the Diffie-Hellman algorithm as used in TLS and other protocols. ...
- By
May 07, 2015 10:06 AM
Go crypto: bridging the performance gap
It is no secret that we at CloudFlare love Go. We use it, and we use it a LOT. There are many things to love about Go, but what I personally find appealing is the ability to write assembly code!...
- By
April 30, 2015 12:02 PM
An introduction to JavaScript-based DDoS
CloudFlare protects millions of websites from online threats. One of the oldest and most pervasive attacks launched against websites is the Distributed Denial of Service (DDoS) attack....
- By
April 29, 2015 2:30 PM
Introducing Multi-User Organizations: Share An Account Without Sharing A Login
An enterprise needs security and controls around access. Your web developer needs to update your website’s logo and make sure it’s live immediately, but doesn’t need access to your SSL keys. ...
- By
April 21, 2015 10:14 PM
Contributing back to the security community
This Friday at the RSA Conference in San Francisco, along with Marc Rogers, Principal Security Researcher at CloudFlare, I'm speaking about a version of The Grugq's PORTAL, an open source network security device designed to make life easier and safer....
- By
February 27, 2015 11:50 PM
Protecting web origins with Authenticated Origin Pulls
As we have been discussing this week, securing the connection between CloudFlare and the origin server is arguably just as important as securing the connection between end users and CloudFlare. ...
- By