

Killing RC4 (softly) - jgrahamc
http://blog.cloudflare.com/killing-rc4

======
jgrahamc
As a result Hacker News now gets an A+ rating from SSL Labs:
[https://www.ssllabs.com/ssltest/analyze.html?d=news.ycombina...](https://www.ssllabs.com/ssltest/analyze.html?d=news.ycombinator.com&s=198.41.191.47)

~~~
dsl
Can you talk about what requirements you have for connections back to origin
servers? Will you refuse to speak weak ciphers?

Given the volume of traffic you have and your large international presence, it
is not unreasonable to assume the NSA is tapping all your transit and peering
circuits. Failing to protect the origin connections effectively leaks all the
connection data while giving end users a false sense of security.

~~~
eastdakota
We're implementing an option to allow our customers to choose full validation
of the CloudFlare-to-origin connection. We're trying to balance the needs of
those who want the utmost connection security vs. those without the technical
ability to setup SSL on their own origin. Completely agree, however, that we
should provide an option that will validate the origin connection and fail if
it's not high security and properly credentialed.

~~~
sillysaurus2
Is it correct to say that if the government demands CloudFlare's SSL cert
private key (or acquires it surreptitiously) then they'll be able to decrypt
every packet served by CloudFlare? In other words, if the government seizes
your cert, then every website that uses CloudFlare will become vulnerable?

I came to that conclusion after realizing that CloudFlare doesn't require
websites to set up SSL properly (or perhaps at all?)

Are you using a different SSL cert for each website? Actually, such a thing
would probably be completely cost prohibitive even if you wanted to. So
therefore it must be true that if someone seized your central SSL key then
everyone who uses CloudFlare will lose all security.

This may or may not be an issue; it's my understanding that CloudFlare only
serves static, public content, which of course wouldn't be useful to any
authorities. But after thinking about it for a bit, I'm concerned about their
ability to impersonate users of a CloudFlare-hosted website. Do users' cookies
ever get sent to CloudFlare servers? (E.g. my cookies for HN.) That would mean
anyone who can obtain those cookies could impersonate any user. Therefore if a
government were targeting a specific user and has obtained CloudFlare's SSL
cert, then they can wait for that user to log in to the website, steal their
cookies, then impersonate the user and download all information from the
target website. (CloudFlare itself could do this if it wanted to.) Hence the
government wouldn't need to inform individual companies that they're targeting
a particular user.

Therefore it can't be true that any user cookies are ever transmitted to
CloudFlare's servers, since that would be such a big security risk, right? But
then I don't understand how CloudFlare would offer any benefit to a website
where the majority of users are logged in. And I'd assume that lack of cookies
would cause problems for targeted advertising.

So, is it correct that if CloudFlare receives users' cookies, then anyone who
has CloudFlare's cert can obtain those cookies (via passive monitoring) and
hence can impersonate any user on any website that uses CloudFlare?

It's entirely possible I'm making a fool of myself with this post, but it's
unclear to me how it'd be possible for CloudFlare to serve a website's content
without also receiving requests (which contain user cookies) for that website.
So it seems like origin SSL certs wouldn't even offer any security if
CloudFlare ever receives any user cookies.

~~~
jgrahamc
There is no single CloudFlare certificate/private key, that's not how
CloudFlare works. The certificate for Hacker News is unique to Hacker News. We
deal with thousands and thousands of certificates.

Since HTTP/HTTPS requests for sites on CloudFlare pass through CloudFlare so
do all parts of the HTTP header (including the Cookies). But since the
certificate is unique to HN there's no more danger of a government compelling
access to the certificate/key than there is if HN wasn't on CloudFlare (since
the government could compel HN to give up the certificate/key).

Additionally, we would fight vigorously against an order to give up a private
key. The foundation of our business is trust.

But it's interesting that you bring this up because we are shortly going to
announce a new offering where even if the government tried to compel us to
give up a private key we would literally be unable to do so. Stay tuned. And,
by the way, that product will be open source.

~~~
sillysaurus2
Still, does CloudFlare ever receive user cookies, e.g. my Hacker News cookies?
A single weak spot in your cert management security practices (or a demand
from a government) would compromise all of those thousands of certificates.
And if you receive user cookies, then it seems true that anyone who has those
certificates can obtain all user data from any of those websites.

I'm confused how it's possible to let anyone sign up for CloudFlare for free
within minutes, while also generating a certificate unique to their website,
signed by a CA, because a signed CA SSL cert always costs money. For a website
like CloudFlare, that would be a significant cost, wouldn't it?

EDIT: I wrote my reply before your edit that gave the answer (yes, CloudFlare
has all user cookies from all websites). Sorry.

However:

 _it 's interesting that you bring this up because we are shortly going to
announce a new offering where even if the government tried to compel us to
give up a private key we would literally be unable to do so._

This would be illegal. The US government has already asserted multiple times
that it has the authority to compel any US website to give up any keys it
demands. You will suffer the same fate as Lavabit: to be fined >$1k per day
until you comply, with penalties increasing until you're unable to cover the
cost. So what's your plan?

~~~
jgrahamc
We don't offer SSL on the free plan. SSL certificates are only available on
our paid plans
([https://www.cloudflare.com/plans](https://www.cloudflare.com/plans)).

Yes, cookies enter CloudFlare's network. They have to, but they are not stored
or logged in any way. In fact, the entire HTTP/HTTPS request is processed in
RAM without any permanent storage and only for the life of the request (i.e.
for the time it takes to forward it).

[http://blog.cloudflare.com/what-cloudflare-
logs](http://blog.cloudflare.com/what-cloudflare-logs)

