Cloudflare kicking off "Keyless SSL".
-
Alright, not to spam the water-cooler today, but this is pretty neat!
Quote: Tomorrow, we'll publish a full post on the nitty, gritty techical details of how, what has come to be called Keyless SSL™, works. (Update: The post with the technical details is now online.) For now, I'll just tell you about what Sebastien had built. It was a dramatic demo. A simple agent ran on a Raspberry Pi. A web server, running on a remote server on CloudFlare's network, received HTTPS connections. When the Raspberry Pi was plugged in, the connections went through from a browser as they would normally. The lock appeared and the connection was secured, end-to-end. The minute the Raspberry Pi's power was disconnected, HTTPS access terminated.
NOTE: There are still SSL keys involved, it's an interesting take on the "problem" though.
-
Very interesting.
-
That's awesome, yet another reason why I love CloudClare!
-
Well, this is troublesome.
To be fair, their entire site is "offline" at the time of this posting.
-
Whole site is offline? Maybe they are on AWS, which is having rolling blackouts.
-
@Reid-Cooper, perhaps. They seem to be back up and running now, however.
-
Just read all of the details. This is an awesome service
Out of the SMB price point at $5,000 per month, but the point of it all is awesome.
-
-
@Reid-Cooper Cool
-
We'll probably see a new vulnerability in SSL like we did with shellshock as more and more NSA leaks happen, then we'll just end up all moving to new multi-handshake encryptions in the future.
Security just always seems to be out of reach these days...
-
There is never such a thing as true security with anything online. Its just logging and more levels to break through. nothing isn't breakable.
-
@thecreativeone91 said:
There is never such a thing as true security with anything online. Its just logging and more levels to break through. nothing isn't breakable.
Even offline. There is no security. I'll take online security over offline security any day.
