Encrypting SNI: Fixing One of the Core Internet Bugs

Cloudflare launched on September 27, 2010. Since then, we’ve considered September 27th our birthday. This Thursday we’ll be turning 8 years old. Ever since our first birthday, we’ve used the occasion to launch new products or services. Over the years we came to the conclusion…

Cloudflare Turns 8 — here’s what we mean by a “better Internet”

I have always loved birthdays. It is a chance to get together with loved ones, a chance to have fun and a chance to reflect on anything you want to keep doing or change in the upcoming year. At Cloudflare, we’ve embraced celebrating our birthday…

Roughtime: Securing Time with Digital Signatures

When you visit a secure website, it offers you a TLS certificate that asserts its identity. Every certificate has an expiration date, and when it’s passed due, it is no longer valid. The idea is almost as old as the web itself: limiting the lifetime…

Introducing the Cloudflare Onion Service

When: a cold San Francisco summer afternoon Where: Room 305, Cloudflare Who: 2 from Cloudflare + 9 from Tor Project What could go wrong? Bit of Background Two years ago this week Cloudflare introduced Opportunistic Encryption, a feature that provided additional security and performance benefits…

RPKI and BGP: our path to securing Internet Routing

This article will talk about our approach to network security using technologies like RPKI to sign Internet routes and protect our users and customers from route hijacks and misconfigurations. We are proud to announce we have started deploying active filtering by using RPKI for routing…

RPKI – The required cryptographic upgrade to BGP routing

We have talked about the BGP Internet routing protocol before. We have talked about how we build a more resilient network and how we can see outages at a country-level via BGP. We have even talked about the network community that is vital to the…

Expanding DNSSEC Adoption

Cloudflare first started talking about DNSSEC in 2014 and at the time, Nick Sullivan wrote: “DNSSEC is a valuable tool for improving the trust and integrity of DNS, the backbone of the modern Internet.” Over the past four years, it has become an even more…

Welcome to Crypto Week

The Internet is an amazing invention. We marvel at how it connects people, connects ideas, and makes the world smaller. But the Internet isn’t perfect. It was put together piecemeal through publicly funded research, private investment, and organic growth that has left us with an…

End-to-End Integrity with IPFS

This post describes how to use Cloudflare’s IPFS gateway to set up a website which is end-to-end secure, while maintaining the performance and reliability benefits of being served from Cloudflare’s edge network. If you’d rather read an introduction to the concepts behind IPFS first, you…

Cloudflare goes InterPlanetary – Introducing Cloudflare’s IPFS Gateway

Today we’re excited to introduce Cloudflare’s IPFS Gateway, an easy way to access content from the the InterPlanetary File System (IPFS) that doesn’t require installing and running any special software on your computer. We hope that our gateway, hosted at cloudflare-ipfs.com, will serve as the…