I presume that customer private keys need to be stored on Cloudflare servers to ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		junto on Aug 7, 2014 \| parent \| context \| favorite \| on: CloudFlare enabling free SSL by mid-October I presume that customer private keys need to be stored on Cloudflare servers to implement this. Has that just made Cloudflare servers a legitimate prime NSA target? I.e. all your keys belong to us

rdl on Aug 7, 2014 [–]

We have a product, "keyless ssl", which is used by some customers to retain on premise custody of their asymmetric key material, actually.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact