TLS - The Cloudflare Blog (Page 2)

November 20, 2019 4:30PM

Even faster connection establishment with QUIC 0-RTT resumption

One of the more interesting features introduced by TLS 1.3, the latest revision of the TLS protocol, was the so called “zero roundtrip time connection resumption”, a mode of operation that allows a client to start sending application data, such as HTTP requests...

Alessandro Ghedini

October 30, 2019 1:00PM

The TLS Post-Quantum Experiment

Crypto Week Crypto TLS Security Research Post-Quantum

In June, we announced a wide-scale post-quantum experiment with Google. We implemented two post-quantum (i.e., not yet known to be broken by quantum computers) key exchanges, integrated them into our TLS stack and deployed the implementation on our edge servers and in Chrome Canary clients....

June 20, 2019 2:01PM

Towards Post-Quantum Cryptography in TLS

Crypto Week Crypto Cryptography Security Product News TLS Deep Dive

In anticipation of wide-spread quantum computing, the transition from classical public-key cryptography primitives to post-quantum (PQ) alternatives has started....

Kris Kwiatkowski

June 20, 2019 2:00PM

Introducing CIRCL: An Advanced Cryptographic Library

Crypto Week Crypto Cryptography Product News Security Elliptic Curves TLS Research

Today we are proud to release the source code of a cryptographic library we’ve been working on: a collection of cryptographic primitives written in Go, called CIRCL....

June 18, 2019 2:00PM

Securing Certificate Issuance using Multipath Domain Control Validation

Crypto Week Crypto Cryptography DNS BGP TLS CFSSL HTTPS Security Speed & Reliability

Trust on the Internet is underpinned by the Public Key Infrastructure (PKI). PKI grants servers the ability to securely serve websites by issuing digital certificates, providing the foundation for encrypted and authentic communication....

February 05, 2019 4:00PM

Cloudflare Support for Azure Customers

Cloudflare seeks to help its end customers use whichever public and private clouds best suit their needs. Towards that goal, we have been working to make sure our solutions work well with various public cloud providers including Microsoft’s Azure platform....

By

Peter Dumanian

1.1.1.1 , Microsoft , Partners , DNS , TLS

January 24, 2019 5:57PM

HTTP/3: From root to tip

Explore HTTP/3 from root to tip and discover the backstory of this new HTTP syntax that works on top of the IETF QUIC transport....

By

Lucas Pardue

QUIC , TLS , Security , HTTP3 , IETF

January 23, 2019 9:13AM

Tracing Soon-to-Expire Federal .gov Certificates with CT Monitors

As of December 22, 2018, parts of the US Government have “shut down” because of a lapse in appropriation. The shutdown has caused the furlough of employees across the government and has affected federal contracts....

By

Gabbi Fisher
, Brendan McMillion

Politics , TLS , Security

December 21, 2018 4:00PM

Encrypting DNS end-to-end

Over the past few months, we have been running a pilot with Facebook to test the feasibility of securing the connection between 1.1.1.1 and Facebook’s authoritative name servers....

By

Irtefa

1.1.1.1 , DNS , Resolver , Speed & Reliability , TLS

November 29, 2018 9:54AM

Know your SCM_RIGHTS

As TLS 1.3 was ratified earlier this year, I was recollecting how we got started with it here at Cloudflare. We made the decision to be early adopters of TLS 1.3 a little over two years ago. It was a very important decision, and we took it very seriously....

By

Vlad Krasnov

TLS 1.3 , TLS , Security , Linux , TCP

September 24, 2018 1:01PM

Encrypt it or lose it: how encrypted SNI works

Today we announced support for encrypted SNI, an extension to the TLS 1.3 protocol that improves privacy of Internet users....

By

Alessandro Ghedini

Birthday Week , Product News , Cryptography , Security , TLS

September 21, 2018 1:00PM

Roughtime: Securing Time with Digital Signatures

When you visit a secure website, it offers you a TLS certificate that asserts its identity. Every certificate has an expiration date, and when it’s passed due, it is no longer valid....

By

Christopher Patton

Crypto Week , Crypto , Security , TLS , OCSP

August 16, 2018 4:01PM

Enable Private DNS with 1.1.1.1 on Android 9 Pie

Android 9 Pie includes a slew of new features around digital well-being and privacy. Here's how to use the new Private DNS feature with 1.1.1.1....

By

Stephen Pinkerton

1.1.1.1 , Resolver , IPv6 , DNS , TLS

August 11, 2018 12:00AM

A Detailed Look at RFC 8446 (a.k.a. TLS 1.3)

TLS 1.3 (RFC 8446) was published today. This article provides a deep dive into the changes introduced in TLS 1.3 and its impact on the future of internet security....

By

Nick Sullivan

Crypto , Encryption , TLS , TLS 1.3 , HTTPS