Make SSL boring again
Cloudflare has migrated its edge SSL connection termination stack to use Google's crypto and SSL implementation, BoringSSL. The migration involved several months of work to ensure no negative impact on customer traffic. With this change, all of Cloudflare's edge SSL traffic is now handled by the same system without added complexity or increased latency. Additionally, new features such as X25519 for TLS 1.2 and RSA-PSS for TLS 1.2 have been implemented. The migration also brought improvements to internal features and allowed Cloudflare to contribute back to the open-source community.
Company
Cloudflare
Date published
Dec. 6, 2017
Author(s)
Alessandro Ghedini
Word count
1483
Language
English
Hacker News points
44