/plushcap/analysis/cloudflare/universal-ssl-how-it-scales

Universal SSL: How It Scales

What's this blog post about?

CloudFlare's Universal SSL enables HTTPS for all websites using its Free plan, increasing the number of sites served over HTTPS from tens of thousands to millions. The company achieved this by leveraging modern hardware and software configurations that significantly reduce the cost of SSL on web servers. By utilizing Intel CPUs with specialized cryptographic instructions, prioritizing AES-based ciphers, and implementing elliptic curve cryptography for private key operations and key establishment, CloudFlare minimized the computational burden of TLS handshakes. Additionally, session sharing techniques and lazy loading of certificates further optimized server resources. This approach demonstrates that SSL can be deployed on a large scale with minimal impact on web server performance.

Company
Cloudflare

Date published
Oct. 1, 2014

Author(s)
Nick Sullivan

Word count
1104

Language
English

Hacker News points
18


By Matt Makai. 2021-2024.