CloudFlare, We Have a Problem

[true_religion]

I don't do this, but I believe you can use Cloudflare with self-signed certificates on your server.

Cloudflare essentially gives you free SAN certs at the edge nodes, which is something you typically have to pay for (to the tune of $$$$s) with other CDNs. Most CDNs give you the more typical SNI certs.

Also, as an aside, isn't it more likely for an end-user to get MtM'd than for that to happen to data centers?

[pfg]

There's no such thing as a SNI certificate. SNI is a TLS extension allowing clients to send the hostname as part of the Client Hello, which allows the server to pick the right certificate for the hostname being requested. Without SNI, you're essentially limited to one certificate per IP address (which is what makes things expensive for CDNs if you need to support clients without SNI).

CloudFlare's free plan uses SNI.

[true_religion]

Their $20/month plan appears to offer SAN, so you can support clients without SNI.

[pfg]

Their free plan uses SAN certificates too. The difference is that they do "one (shared) SAN certificate per IP" for paid plans, as opposed to "multiple (shared) SAN certificates per IP" on the free plan, which requires SNI to work.

[mr_potato_face]

To your aside, MITM seems more likely to happen to the end-user, but it is possible to happen at the Cloudflare-->Website side. We already know that the NSA logs all traffic going over certain backbone routers[1], and that some ISPs are modifying non-HTTPS connections[2]. So if your traffic bounces through certain "bad" networks between Cloudflare and your site, who knows what happens.

Relatedly, Tor recommends all users use HTTPS[3], as otherwise the connection from the exit node to the target site is vulnerable to MITM. Given that there are malicious exit nodes[4], seems like a good idea. But, as the article brings to light, that still doesn't make any guarantees of safety.

[1] https://en.wikipedia.org/wiki/Room_641A [2] e.g. http://www.infoworld.com/article/2925839/net-neutrality/code... [3] https://www.torproject.org/docs/faq.html.en#CanExitNodesEave... [4] e.g. http://www.cs.kau.se/philwint/spoiled_onions/ but plenty of other sources

[true_religion]

When it comes to security, the question of "whom is my attacker?" really determines how much invenstment you make in securing your service.

Many online providers don't care if the NSA is slurping up their data. For example, do you think that Macy's online is going to stick out their necks to protect clothing transactions from the government?

Nope.

Personally, I've seen end-users more worried about MtM close to their endpoint, such as their employers or schools scanning their traffic. They're not trying to evade governments here.