Introducing the Cloudflare Geo Key Manager
Cloudflare has introduced a new feature called Geo Key Manager that allows customers to control the distribution of their private SSL keys based on an assessment of physical controls. This comes as a response to increasing geopolitical concerns and regulatory frameworks, especially for multinational companies. The Geo Key Manager provides options such as "Everywhere", "U.S. Only" or "E.U. Only", and "Highest Security Data Centers". While the first HTTPS request made to a data center that does not hold your private key requires a bit of overhead, all subsequent requests after the initial one will be just as fast as if the key were local thanks to SSL/TLS session resumption. Cloudflare plans to extend Geo Key Manager to work with Dedicated Certificates and allow Enterprise users to specify a precise list of data centers for their keys.
Company
Cloudflare
Date published
Sept. 26, 2017
Author(s)
Patrick R. Donahue
Word count
1720
Hacker News points
None found.
Language
English