

Cloudflare pledges to double SSL usage on the web in 2014 - jgrahamc
http://www.theverge.com/2013/12/17/5217800/cloudflare-pledges-to-double-ssl-usage-on-the-web-in-2014

======
dsp
"company statistics suggest they route roughly five percent of global web
requests"

What is CloudFlare's request rate, and how did they arrive at the five percent
estimate?

------
mooism2
Is there a link to the primary source? I see nothing about it on the
CloudFlare blog.

~~~
cloudflare
We'll blog about it later.

~~~
mooism2
Thanks.

------
drill_sarge
>give secret ssl key to cloudflare

meh

~~~
mooism2
What are you quoting from? That text doesn't appear in the linked article.

~~~
drill_sarge
This is how SSL works if you use Cloudflare. You have to hand them your
private key. Also the article doesn't state this, I would guess they mean that
everyone on their service should use ssl (maybe they will enable ssl on their
free plan or something). I may be wrong, lets see what they will write on
their blog.

~~~
mooism2
My understanding is that they generate their own ssl key and certificate to
use on your site. So they mitm your site, yes (I don't see how their service
could work otherwise). If you're worried that they could enable the NSA to
decrypt all your site's traffic: yes, they could do that.

But if you're worried that they could enable the NSA to decrypt all your
site's _past_ traffic: no, I don't see how they could do that.

