[Cryptography] CloudFlare reinvents crypto offload
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Fri Sep 19 19:28:02 EDT 2014
Alan Braggins <alan.braggins at gmail.com> writes:
>Their proof of concept story seems even more trivial -
They've posted an update:
https://blog.cloudflare.com/keyless-ssl-the-nitty-gritty-technical-details/
which looks like it's taken straight from Rescorla's SSL and TLS from fifteen
years ago (or perhaps an nCipher brochure from nearly twenty years ago :-).
I'm sure they think they've invented something wonderful, but from everything
they've published there's nothing new there. The odd thing is that they go
into all sorts of details about session tickets and other TLS technicalities,
and yet at the same time they're describing a mechanism that's not novel at
all.
(Maybe it's just a clever marketing campaign, "CloudFlare invents new security
mechanism" sounds a lot better than "CloudFlare buys someone's SSL-offload
product").
Peter.
More information about the cryptography
mailing list