
Universal SSL - benjojo12
https://blog.cloudflare.com/introducing-universal-ssl/
======
vader1
I have very mixed feelings about this. Yes, on the one hand this is great news
because a lot of websites who otherwise never would have bothered with SSL can
now be protected from snooping or traffic manipulation on your local (possibly
very insecure: your neighborhood Starbucks' wifi) network.

On the other hand, this completely destroys the premise of HTTPS that you have
an encrypted connection _to the website you are visiting_. If this catches on
big time, seeing the padlock will only tell you that you have _an encrypted
connection to Cloudflare 's network_, and no way of knowing if the traffic is
still encrypted beyond that, or that it's flowing in plaintext between
Cloudflare and the actual target server. Worse, you will have absolutely no
way of knowing if the content you're seeing is what the target server
originally sent, or that it has been manipulated (or wiretapped) by Cloudflare
itself or any of the other hops while en route.

If you are going to use this, just keep in mind that you're giving Cloudflare
- a US company subject to the Patriot Act and the whole shebang of 3-letter
agencies - the ability to collect, intercept, store, and manipulate every
single byte of traffic sent between your users and your servers.

~~~
buro9
> this completely destroys the premise of HTTPS that you have an encrypted
> connection to the website you are visiting

It does nothing of the kind, it has _always_ been the case that seeing the SSL
padlock only informed you that the connection to whichever server you are
communicating with is encrypted and nothing more.

Do you not recall the age of customer feedback pages hosted behind SSL that
actually just sent plain text emails over the internet to the customer service
email? SSL was never a guarantee that end-to-end communication was encrypted,
and usually it was barely that.

What CF have done is to say that the jump to their servers can now be secured
by SSL and that this works even for those who would not configure SSL (for
either cost or complexity reasons). It's nothing more than that, it remains
the case with SSL that you are trusting the site to support end-to-end
encryption for sensitive data.

But what it does allow CF to do is partner with companies like Linode, Digital
Ocean and so on, so that in effect when a user connects to CF via an SSL
connection the entirety of the communication could occur within the trusted
CF+Partner network and none of the traffic would be plain text over the
internet. It's a foundation to build upon.

~~~
scintill76
The centralization argument still has merit. If this catches on big time,
there's only one company to coerce/compromise, to backdoor a bunch of services
at once.

Arguably the CA/ISP structure is like this already, but this may be worse.

~~~
MCRed
Totally true, but on the other hand, the first mile will be encrypted for a
lot more connections:

"Yesterday, there were about 2 million sites active on the Internet that
supported encrypted connections. By the end of the day today, we'll have
doubled that."

That's kind of spectacular.

I think the first mile is one of the key places where data gets stolen. OF
course the final millimeters-on the server- is another.

~~~
sarciszewski
Yes, but this (free SSL everywhere) can (and should!) become the bandwagon
that all other service/hosting providers and CAs should adopt.

------
daveasdf
This was indeed a pleasant surprise when I logged into my CloudFlare account.

What intrigues me is that CloudFlare missed an opportunity to allow secure
self-signed certificates.

The new CloudFlare SSL setup allows the origin server to present to
CloudFlare's servers either (i) an unverified self-signed certificates; or
(ii) a certificate signed by a CA. Neither provides great security. In the
former case, a MITM can trivially generate a new self-signed certificate.
History has shown the latter case is also problematic, as there have been
several events where CAs have generated invalid keys [1].

What would be nice is if I could generate a self-signed certificate and upload
the fingerprint(s) to CloudFlare. CloudFlare would could then verify the
fingerprint when connecting to my origin server, without needing to trust a
CA.

Am I missing anything obvious as to why this wouldn't be as secure (or more
secure) than the two options CloudFlare has introduced?

[1]: For instance:
[http://googleonlinesecurity.blogspot.com.au/2013/12/further-...](http://googleonlinesecurity.blogspot.com.au/2013/12/further-
improving-digital-certificate.html)

~~~
jgrahamc
Expect a further announcement down the line. We are working on solutions
similar to those that you propose.

------
edent
Interestingly, I just tried to visit one of my CloudFlare protected sites.
Shoving https in front of the URL results in this error in Firefox & Chrome.

dabr.eu uses an invalid security certificate. The certificate is only valid
for the following names: ssl2000.cloudflare.com, _.redpitt.mobi, redpitt.mobi,
cloudflare.com,_.cloudflare.com

So I assume it isn't quite as seamless / automated as it makes out?

 _edit_ ah - a little further reading says it will roll out over the next few
days.

~~~
jgrahamc
Your cert hasn't been issued yet. We are in the processing of issuing 2
million certs. You got a default cert that's sort of a 'catch all'. When that
goes away your domain will have been issued a real cert.

~~~
psykovsky
Not trying to diminish the value of what you're doing, but, who gave
you(Cloudflare) permission to issue SSL certificates for my domains,
hypothetically speaking ofcourse? Shouldn't that be an opt-in process?

~~~
krallja
You did, when you delegated your domain to Cloudflare.

~~~
psykovsky
No, I didn't. I only gave them permission to act as nameservers for my
domain(s). I don't even route my traffic trough cloudflare.

------
0x0
How can they automatically provision a certificate? Do they run or partner
with a CA that doesn't require validation by the actual domain owner?

Edit: If so, then what little trust still existed in the HTTPS PKI CA space
just went out the window.

~~~
nknighthb
Domain validation has been available from multiple CAs by placing a root-level
file on your webserver for years. If your domain points to a server controlled
by a third party, they have always been able to pass domain validation.

~~~
0x0
Does cloudflare require A records or NS records to point to them before
issuing the cert? I guess maybe that could work. I'm still a little skeptical
about the whole no-interaction-required part.

Is there no way this is open to abuse? Could a third party sign up to
cloudflare for a domain they do not own and somehow spoof the checks? Maybe
it's no different than regular automatic domain validation though.

Hopefully the backend that requests and retrieves new SSL certificates from
the CA cannot be compromised.

~~~
innocenat
> Could a third party sign up to cloudflare for a domain they do not own and
> somehow spoof the checks?

You need to point the your domain to CloudFlare nameserver. I don't think you
can do that unless you actually control the domain.

~~~
0x0
I guess you're right about that, but it still feels a bit weird that a third
party can just allocate a private key and a valid certificate without the
actual owner of the domain requesting it.

~~~
grey-area
If you've given up control of the DNS on your domain to a third party, they
can do whatever they want with that domain - they ultimately control email,
web, and any other services on that domain. so if you use cloudflare, you've
already given up that control and trust them completely with your domain.

This is what makes me hesitant about using cloudflare or recommending it to
clients; you give up a lot of control over your data and domains.

~~~
organsnyder
That's always going to be true at some level—even if you're hosting DNS
yourself. I self-host the DNS for many of my domains on a Linode VPS. If
Linode decides that they don't like me (or they just make a mistake) and re-
allocates my IP addresses to someone else, they could set up their own DNS
server to direct my domains however they please. However, I trust Linode to
not do this, based on their track record and reputation.

You're always at the mercy of at least one vendor, unless you own your own
block of IP addresses and advertise it via BGP (and even then, someone could
make their own malicious advertisement of your IP block).

You can't eliminate the risk. At some point, you have to set the threshold for
what risk you consider acceptable. For many organizations, using Cloudflare
provides enough benefit to outweigh the slightly higher risk of something
going wrong.

------
dsr_
CloudFlare now has the most sophisticated MITM attack in the world, where they
tell you what they are doing and make you sign up for it.

Does CloudFlare have a direct pipe to the NSA already, or is that only going
to happen next week?

~~~
corobo
Your tinfoil's got a hole in it there buddy! But also
[https://www.cloudflare.com/transparency](https://www.cloudflare.com/transparency)

Could probs do with being a bit closer to realtime but it's more transparent
than most hosts/ISPs

~~~
dsr_
CloudFlare has never installed any law enforcement software or equipment
anywhere on our network.

CloudFlare has never provided any law enforcement organization a feed of our
customers' content transiting our network.

which is all great, except that the NSA is not a law-enforcement organization.
It's an intelligence agency.

~~~
eastdakota
I'll state for the records that we've never done any of the above for any
intelligence agency either.

And, putting my lawyer hat on for a second, if the NSA (or CIA) wanted to
compel us to do something they'd send the FBI. On their own, they'd have no
authority to compel anything of any US-based organization.

------
sarciszewski
As I've said on Twitter, I'm excited to see this happen. Not because I think
this will help against the NSA, FBI, et al. who are armed with NSLs and FISA
letters, but because I believe (hope?) it will set a trend towards making
security free for defenders and prohibitively expensive for attackers.

------
pdkl95
First, let me say that the aggressive approach to _actually making encryption
happen_ that CloudFlare has been pushing recently is _very_ commendable. The
hard part about finally retiring the old plaintext protocols we currently are
stuck with is critical mass - nobody sees the point when plaintext seems to
"work just fine". The various steps CloudFlare has taken to encourage SSL will
go a long way towards reversing that attitude.

That said, I worry about the future we are creating by entrusting so much
security and traffic to a _single point of failure_.[1]

It seems to me that CloudFlare is positioning themselves as another Google or
Facebook, where a key feature of their business is that they get to track the
web history of a large portion of internet users. Much like Google gets to
have a lot of my email when other party is @gmail.com, CloudFlare gets click
histories by people using their CDN and caching/filtering servers.

While I don't _really_ know anything about the motives and personalities
behind the company, I can give them the benefit of the doubt for now.
Unfortunately, their motives don't matter - in a world where "national
security letters" Prism, XKeyscore, and the like exist, CloudFlare's motives
may not matter.

Even more concerning is that while it my hard to avoid Google's tracking, it
is at least theoretically possible. With CloudFlare (or any similar service)
we are stuck with a situation similar to tinyurl/t.co/bit.ly [2] where content
is hidden behind serves from which you have to request the real URL (or in
this case, the content itself).

Don't get me wrong - SSL becoming significantly more common is good regardless
of what else is going on, and CloudFlare still deserves a _lot_ of praise for
advancing a problem that has been so resistant to progress in the past. I
would even agree that CloudFlare's caching services and security protections
are (very) good engineering techniques that we _should_ be using. It just
seems like everybody is (yet again) setting up a single point of failure that
will suddenly have very significant consequences the minute somebody with real
power decides they want those very-revealing server logs.

[1] I'd be the first to admit I don't have the best understanding of how
CloudFlare works; corrections to any misunderstandings I may have about their
business or tech would be greatly appreciated.

[2] [http://preview.tinyurl.com/feckless-
imbroglio](http://preview.tinyurl.com/feckless-imbroglio)

~~~
jgrahamc
_It seems to me that CloudFlare is positioning themselves as another Google or
Facebook, where a key feature of their business is that they get to track the
web history of a large portion of internet users._

CloudFlare's business model is _not_ offering a free service and figure out
how to make money. It's getting people to pay us money and those people are
our actual customers who run web sites:
[https://www.cloudflare.com/plans](https://www.cloudflare.com/plans)

 _Unfortunately, their motives don 't matter - in a world where "national
security letters" Prism, XKeyscore, and the like exist, CloudFlare's motives
may not matter._

[https://www.cloudflare.com/transparency](https://www.cloudflare.com/transparency)

~~~
higherpurpose
Do they have a Zero Knowledge policy or anything close to it, though? It
doesn't matter if they don't make money from it, if they still collect all the
data.

I don't know how a service that's meant to _cache_ data is supposed to be
"zero knowledge", but hopefully they can do something about that - until it's
too late and authorities already have a 1,000 requests lined up for their
data.

~~~
proggR
There was an article[1] from a few years ago about Cloudflare's infrastructure
and from the sounds of it they can't link customers to data. Data does exists
because that's the nature of a cache, but its defined with an undefined
timestamp and is purged regularly in order to have enough disk space.

>Unlike most database applications, the cache stored at each CloudFlare
facility has an undefined expiration date—and because of the nature of those
facilities, it isn't a simple matter to add more storage. To keep the
utilization level of installed storage high, the cache system simply purges
older cache data when it needs to store new content.

>The downside of the hash-based cache's simplicity is that it has no built-in
logging system to track content. CloudFlare can't tell customers which data
centers have copies of which content they've posted. "A customer will ask me,
'Tell me all of the files you have in cache,'" Prince said. "For us, all we
know is there are a whole bunch of hashes sitting on a disk somewhere—we don't
keep track of which object belongs to what site."

[1] - [http://arstechnica.com/information-technology/2012/10/one-
bi...](http://arstechnica.com/information-technology/2012/10/one-big-cluster-
how-cloudflare-launched-10-data-centers-in-30-days/)

------
spacefight
Great initiative, minor drawbacks such as up to 20% of the traffic wouldn't
apply due to their use of SNI:

"Globally, more than 80% of requests come from modern browsers, and that
percentage is growing quickly."

EDIT: Mixed content on that page (within the embedded map at
[https://cloudflare.github.io/sni-
visualization/](https://cloudflare.github.io/sni-visualization/))

~~~
nknighthb
If your target audience is in the west, it's more like 5-10%, and the problem
there is going away. XP and Android 2.x are dropping off pretty quickly.

~~~
nirvdrum
The larger problem I had was with non-interactive browsers. E.g., GitHub
changed their downloads server to use SNI and overnight a bunch of scripts I
had using wget on Ubuntu 12.04 (a distribution supported until 2017) stopped
working. Java 6 doesn't support SNI, so you need to watch your API stats. And
I seem to recall using versions of Python and Ruby that also didn't support
it.

~~~
nknighthb
I wonder if Canonical could be talked into getting an SNI-enabled wget into
12.04. Though if it were me, my response would probably just be "use curl"
(which does work in 12.04.

I don't know what the status is in Ruby. Python 3 supports SNI natively.
Python 2.x does not with the included libraries, but can be made to. (You're
shooting yourself in the foot by using Python 2.x's included libraries with
HTTPS anyway -- it doesn't verify certificates. Oops.)

~~~
nirvdrum
Yeah, curl is an option. It just kinda sucks when things that have worked for
years break overnight because of an otherwise transparent upstream SSL change.
My guess is since introducing an SNI-compatible version is outside the scope
of a security release, it won't end up happening.

~~~
nknighthb
I think there's a strong argument to be made that not supporting SNI is a
security problem, and will become quite a serious one over the next few years.

SNI is fait accompli. It will be adopted. It is being adopted. Without support
for it, a rapidly growing number of sites will not be securely accessible, and
effective regressions like the one you experienced will be encountered more
and more frequently.

And in an age where interconnected systems are the default assumption and
those systems change fast, I don't think it's realistic to adhere to an overly
strict policy about what updates can be brought in during extended support
cycles. I think Red Hat recognized this a while back. Canonical probably needs
to.

------
tomkwok
Thank you guys for free TLS/SSL, but if I have a website/blog hosted on free
services offered by PaaS providers, like Heroku or RedHat's OpenShift, to
which I've CNAME'd a custom .com domain which is the only domain I want public
access on, and I don't want "Full SSL" (Non-strict) which makes MITM attacks
between CF and the PaaS provider viable (although very unlikely).

Can I pin the certificate from PaaS providers for _.herokuapp.com
or_.rhcloud.com to enable "Full SSL" (Strict) on CF?

Although the SSL support for custom domains is a paid feature for most PaaS
providers, this won't be true now if this is possible.

------
deanclatworthy
I just got the popup, clicked "okay" and when I go to "Cloudflare settings",
it's still only available to select SSL options for the paid plans.

For those who haven't yet seen the popup there's a bit more info here:
[https://www.cloudflare.com/ssl#universal_ssl](https://www.cloudflare.com/ssl#universal_ssl)

It's a pity that I got the message saying it was available on my account, when
the setting is not yet activated :)

~~~
jgrahamc
Yes, sorry about that. We're rushing to set up certificates for everyone who
uses CloudFlare.

~~~
deanclatworthy
Understandable. I've waited months since you first teased about this. I can
wait a few more hours ;-)

------
LordIllidan
This is excellent news - one question though - what would a user on XP see
when he accesses one of these sites?

~~~
buro9
Just tested using the WinXP+IE6 virtual machine from
[https://www.modern.ie/en-gb/virtualization-tools](https://www.modern.ie/en-
gb/virtualization-tools)

Tested against: [https://www.buro9.com/](https://www.buro9.com/) , which is my
own domain running behind CloudFlare using their SSL cert (it's a Pro account
- my free accounts have not yet been enabled with the free SSL).

IE6 on WinXP accesses this without warning providing CloudFlare Apps are
disabled.

If CloudFlare Apps are enabled, then IE6 gives a mixed-content warning but is
fine with the SSL cert.

Caveat: This WinXP+IE6 version might not be precisely the same as whatever is
in the wild and has never been updated. For reference WinXP is Service Pack 3,
and IE6 is 6.0.2900.5512

~~~
iancarroll
Pro accounts don't use SNI.

~~~
buro9
Right you are.

So a pure SNI test using [https://sni.velox.ch/](https://sni.velox.ch/) on IE6
on WinXP does produce a warning dialog, "The name on the security certificate
is invalid or does not match the name of the site".

Clicking OK clears it for the remainder of the browser session.

------
diafygi
Will users be able to download their private keys for the provisioned cert?

If not, would CloudFlare ever consider provisioning free SSL certs for non-
CloudFlare customers (i.e. let us uploade our crt file and you have your CAs
sign it)? We desperately need an alternative to StartCom, since many devs
don't trust them[1]. I've suggested AOL in another thread[2], but so far I
can't find anyone who works there to talk to.

EDIT: To be clear, I'm very happy for this release and thanks to CloudFlare
for stepping up.

[1] -
[https://bugzilla.mozilla.org/show_bug.cgi?id=1041087#c13](https://bugzilla.mozilla.org/show_bug.cgi?id=1041087#c13)

[2] -
[https://news.ycombinator.com/item?id=8374685](https://news.ycombinator.com/item?id=8374685)

~~~
andreasvc
A private key should never be given to a third party (preferably not even a
trusted one), and downloading the private key generated by CloudFlare would
also negate the "private" feature. Furthermore, you don't upload a crt
(certficate) file for a CA to sign, because that is the result of a CA's
signature. You upload a certificate signing request (csr) after having
generated a private key on the same machine where the key/certficate will be
used; this way you are sure you have never lost control over the private key.

With respect to StartCom I don't really see the problem or why anyone would
step up to offer something better for free. Certificates are a money making
business and with StartCom you get the security you pay for ...

------
higherpurpose
> These challenges required that, for free customers, we limit Universal SSL
> support to modern browsers. Modern browsers include support for ECDSA, where
> many legacy browsers do not.

I hope in the (near) future, they'll enforce not using unsafe NIST curves for
that, too. I don't think Internet Explorer supports Curve25519 or other safer
curves right now, but it might in the future, and I hope they will make their
move then.

Also, I hope Cloudflare has _tripled_ its security team along with this,
because they're going to be #1 on NSA's "to-break" list now.

~~~
AlyssaRowan
There's a draft for X25519 (as the key exchange algorithm is named now)
already. Future use for new curves has been referred to CFRG by the TLS
working group for recommendations; Curve25519 is one of the lead contenders.
Discussion is lively, that's about all I feel comfortable saying right now. :)

------
ancarda
Once IPv6 is a bit more popular, will CloudFlare use a unique IP per customer
to get around SNI or will it still be used on IPv6? It seems a bit like NAT;
something that can safely die once IPv4 is gone.

~~~
psykovsky
So, you want NAT to die, but apparently you forget that NAT is what protects
most domestic computers from intrusion, not anti-virus or software firewalls.
It will be fun...

~~~
JoshTriplett
That use of NAT can trivially be replaced by an everything-out nothing-in
firewall.

~~~
psykovsky
You expect technologically illiterate people to magically be able to protect
themselves when they couldn't before?

------
zaroth
This is great, but just two concerns. CloudFlare just generated itself certs
for how many domains? And you don't really have a secure connection but the
browser will report that you do.

~~~
josephwegner
They do actually give you the ability to make this totally secure. They
mentioned in the post that they will provide instructions on how to install a
CloudFlare certificate on your server - this will allow CloudFlare to
communicate securely with your server as it attempts to cache your content.

Then when the user makes the request to CloudFlare, they return the content
that they received over SSL, on an SSL connection. It's like magic.

CloudFlare just made a HGUE impact on the internet, IMO.

~~~
pbreit
Since the vast majority of their customers will not implement the full loop,
it seems the huge impact will be further confusing the implications of seeing
"https" in the browser.

------
rietta
This is very welcome news from my point of view as a developer and security
consultant, enough that I blogged about it first thing this morning at
[http://rietta.com/blog/2014/09/29/universal-ssl-with-
cloudfl...](http://rietta.com/blog/2014/09/29/universal-ssl-with-cloudflare/).

There are industries where off-premises key management is not appropriate and
certainly not a trusted man-in-the-middle by a third-party vendor. For these
organizations, having any party be in the position to be able to intercept
communications is a total no-go.

But for a lot of the internet community that is not the primary threat to
model. Rather its inertia that prevents SSL from being set up in the first
place because it is seen as either expensive, hard, or somehow unnecessary.
For these circumstances, protecting users from criminal surveillance at the
local coffee shop and from content manipulation by unscrupulous, unaccountable
cable internet service providers is a very good thing.

I have clients who I will advise to pass on this based upon their threat model
and others for whom this is a great option. For my own blog, this is perfect
too. It's about knowing your threat model and choosing the appropriate
countermeasures accordingly.

------
dividuum
EDIT: Won't work: You need to verify that you own the domain by pointing your
NS records to cloudflares nameservers.

What prevents me from doing this MITM attack in (for example) a public wifi: I
add a domain I don't own (example.com) to my cloudflare account. Then I point
a hostname (www.example.com) to an IP address I own (1.2.3.4).

From what I understand, cloudflare now serves HTTPS for this domain through
their proxies. I can easily find out the IP of one of those by querying the
nameserver they assiged me by doing "dig www.example.com
@gene.ns.cloudflare.com".

Now when I spoof DNS responses, I can return one of those IPs. The traffic
will go to cloudflare. They have a signed certificate for that domain and the
traffic gets forwarded to my IP (1.2.3.4).

Maybe I'm missing something, but I tried the http part of this and proxying
seems to work before cloudflare comfirmed that the (in the example)
example.com domains nameserver actually points to cloudflares nameservers.

~~~
iancarroll
That wouldn't work. CloudFlare isn't acting as the RA (the person verifying
you own example.com). They serve a verification file at example.com, but the
bot cannot see this file as example.com isn't pointing to CloudFlare.

~~~
dividuum
Not sure I'm following you. Probably because I didn't use SSL on cloudflare
before, so I don't know about any verification file. How does that work? I
guess before serving SSL traffic for a domain they verify both that the
nameserver for a domain is actually one of cloudflares nameservers AND they
test for the presence of some kind of signed file that has to be reachable on
the domain you added?

~~~
innocenat
The verification file are needed by CA issueing cert. I don't think said CA
are on your spoofed wifi.

------
unwind
I just wonder how many actual physical human users those "99.44%" of the
traffic from Antarctica represent. It's not exactly a population density
hotspot, is it? :)

Juggling the number around a bit it seems to correspond to 1/179th, but
Wikipedia says that the population of Antarctica varies with the season
between 1,000 and 5,000.

------
ck2
Becoming a single point of massive exploit, they need a warrant canary asap.

Not only for US Government but other governments that heavily monitor their
citizens on the internet and want to see what is going on so they can imprison
or execute their people for what they say.

~~~
jgrahamc
[https://www.cloudflare.com/transparency](https://www.cloudflare.com/transparency)

------
damonpace
Congrats to CF on this. The day has come where all domains & subdomains should
automatically be SSL encrypted for free. CF is building the Internet as it
should have been built in the first place. I love that they are doing this.

------
escapologybb
My website that is behind Cloudflare on the free plan, has suddenly started
giving me an error in Google Chrome. The error is as follows:

    
    
         You cannot visit mysite.com right now because the website uses HSTS.  Network errors and attacks are usually temporary, so this page will probably work later.
    

The website has been running for over a year with no problems behind
Cloudflare, so I'm assuming this new rollout is the cause. Anybody got any
idea how long this will last?

Edit: Chrome 38.0.2125.77 on OS X 10.9.4

~~~
eastdakota
Nope, that's not something anything we did would cause. We're not adding HSTS
(yet).

~~~
escapologybb
Strange, I went to bed last night and everything was working and it was just a
plain HTTP site sitting behind Cloudflare. Then I get up this morning and I'm
getting SSL errors, I'm not sure where to go from here then.

~~~
jamesog
Are you using the HTTPS Everywhere extension, by any chance?

~~~
escapologybb
I am. After seeing your comment, I tried loading the site with and without the
extension enabled but still the error persists.

Edit: formatting

------
endijs
Enabled this, but when visiting website over https have error. "You attempted
to reach YYYY, but instead you actually reached a server identifying itself as
ssl2000.cloudflare.com. This may be caused by a misconfiguration on the server
or by something more serious. An attacker on your network could be trying to
get you to visit a fake (and potentially harmful) version of YYYY." Looks like
things are still in progress and does not work out of the box. Will see what
will be in a day or couple.

~~~
jgrahamc
We are in the process of issuing 2 million certs. Your cert hasn't been issued
yet so you are hitting a sort of 'default cert'. Once that error goes away you
are set.

~~~
endijs
If i choose to ignore SSL warning I get ERROR 522. But I guess its better now
to sit and relax while CF catches up with all this migration.

------
arikrak
This is a major (and long-planned) move on CloudFlare's part. They're going to
lose money in the short-term, since the primary reason many small-to-medium-
sized sites upgrade to CloudFlare Pro is to get SSL support.

Many other sites will now switch to CloudFlare to get instant (partial) SSL.
CloudFlare isn't a charity so they'll need to introduce new features or limits
to get people to upgrade to pro. Though they may get enough enough revenue
from their partner one-click apps to offset their costs.

------
WatchDog
Does cloudflare have the ability to issue certificates that are trusted by
major browsers?

Or will the cloudflare issued certificates simply give users an untrusted CA
warning?

~~~
eastdakota
Yes, we've partnered with multiple CAs that allow us to issue certs trusted by
virtually every browser.

------
WatchDog
What sort of time period are the certificates issued for?

------
danielsju6
So they put a lot of effort into promoting SNI. A potential gotcha to
consider, especially for peeps on HN; SNI isn't supported by a lot of Android,
including the default download manager and parts of the networking stack—that
bit me recently in development. At least as far back as 4.4.0.

------
voidlogic
I'm sure small ISP's that run transparent caches are really excited about
this...

------
akama
One of the little things here is the use of SPDY. I'm not sure how feel about
this change. On one hand it will save a great deal of resources, but it will
make the protocol more unapproachable. Is this a change that the web needs to
make?

------
brokentone
One possibly negative outcome of this could be SEO related. In my research
thus far, Google has suggested that HTTPS _could_ increase your ranking to a
very small degree, but the question is whether they consider this duplicate
content.

------
cynix
The majority of CloudFlare's IP addresses are blocked by China's great
firewall, which means CloudFlare is out of the question if you expect that
your website will be visited by Chinese users.

~~~
eastdakota
1) That's not actually accurate; and 2) Just wait for the next trick we have
up our sleeve ([https://blog.cloudflare.com/one-more-thing-keyless-ssl-
and-c...](https://blog.cloudflare.com/one-more-thing-keyless-ssl-and-
cloudflares-growing-network/))

~~~
cynix
It may not be entirely accurate; I can only go by the complaints I hear from
my Chinese friends, and my limited experience with CloudFlare-enabled websites
when I'm in China for short stays. However it definitely has significant
impact for Chinese users.

I see you have big plans for China :) Looking forward to seeing your new data
centers coming online. How do you plan to solve the mandatory ICP Registration
problem for your customers?

~~~
korzun
> my limited experience with CloudFlare-enabled websites

Sums it up nicely.

------
prefork
I wonder what happens to certificates if a customer leaves Cloudflare?

What keeps revocation lists from ballooning as customers "try out" the
service?

~~~
cmircea
OCSP?

------
igouss
Can somebody explain to me 1) why SSL certificats are so expensive 2) Why do
they have to expire?

~~~
mike_hearn
1) They are not, really. You can get free DV certs from StartSSL. Other types
of certs do cost money because issuing them involves real work. I don't know
how else to explain it. Go look at the list of things a CA has to do to be
considered trustable by the major root store operators (operating system
vendors, browser makers). It's not trivial.

2) The original reason was because it was assumed (correctly) that due to
hardware improvements keys that were previously strong would become weak. So
it was supposed to encode a length of time after which the cert owner would be
forced to re-evaluate key strength. Nowadays the browser makers are tending to
lean on CAs to push expiry times downwards so they expire quicker, the reason
being that updating the SSL ecosystem often requires new features or changes
in certificates, and if certs can last 5 years then it means a full upgrade
takes 5 years, whereas if certs expire after one year then one year after
deployment begins everyone is updated. Pretty big difference. It's for this
reason that EV certs are specced to expire after a year: it means standards
can be revved quicker.

------
Xdes
There's a nice red and green map that colorblind people cannot see.

------
notastartup
so how does this differ from the paid plan? I mean the only reason I am paying
is because of SSL and now it's free?

~~~
kijin
The SSL on free plans is only compatible with newer clients.

The SSL on paid plans is compatible with all clients, such as IE on XP,
Android 2.x, and slightly outdated HTTP wrappers for most programming
languages.

~~~
notastartup
will the ssl be available on Chrome 37? by newer clients what versions of
browser exactly?

~~~
kijin
[https://www.cloudflare.com/ssl#browsers](https://www.cloudflare.com/ssl#browsers)

------
rang
Good job cloudflare for finally keeping up with the industry. Cloudfront, for
example, already supports universal ssl and SNI

~~~
LewisJEllis
Cloudflare has offered SSL & SNI for paid customers for ages. You're missing
the point.

------
general_failure
This is silly. SSL is supposed to be a secure conversation between the website
and the end user. No one else is between. Encouraging these things is
detrimental to internet.

In fact, I would go ahead and say: * Make browser self-signed certs less
scarier * Make users more accustomed and knowledgable of self-signed certs.

Browser vendors and corporations need to work together to make the above
happen.

~~~
RadioactiveMan
Consider the discussion taking place in other comments - SSL has never
guaranteed a conversation between client and a server at the "end". The
concept of one server at the end of your connection is wrong. Often, you'll be
connected to a load balancer that terminates SSL and communicates with other
servers over plain text. Or, you might reach an HTTP server that communicates
with other services ( perhaps a database ) and you have no guarantee that
those connections are over SSL or take place on internal networks ( as if
internal would make it more secure ). Besides SSL itself and the serving of
your particular request, what else is being done with the information you've
sent? Perhaps they're storing data or sharing it in ways you would not approve
of. Trusting the services you connect to is the real tough problem and it has
little to do with SSL.

------
artursapek
This is a very impressive achievement by CloudFront, but I wonder how many
"this page includes other resources which are not secure" warnings I will
notice today from websites that weren't prepared for this.

------
vertex-four
This'll be amazing for phishers and spear phishers - just use CloudFlare, and
every user you're targeting will have the green padlock.

~~~
LordIllidan
Given that ssl certificates are free nowadays (e.g.
[https://www.startssl.com/](https://www.startssl.com/)), how was this not an
issue before?

~~~
feld
startssl is convenient but they force you to pay to revoke your certificates.
I've heard rumors of startssl being close to getting on blacklists due to this
behavior -- tons of certs were never revoked after heartbleed, for example.

~~~
nknighthb
Why would a phisher want to revoke their certificate?

