CloudFlare, a San francisco startup just revealed their latest tool that may affect the way companies secure information.
The tool is referred to as Keyless SSL, and it aids organizations to prevent “denial-of-service” attacks that hackers use to block legitimate consumers that use the system from accessing it. What is innovative about Keyless SSL, is it achieves this by permitting companies to have power over the master SSL keys.
SSL, which is short for “secure socket layer,” keys encrypt traffic between a web server and a internet browser. Even so, third party cloud solutions, such as CloudFlare, demand that companies turn over their SSL keys to use their services. This may naturally make many companies hesitant to trust these kinds of providers to safeguard their confidential details, especially in light of recent security concerns over cloud software.
Keyless SSL will allow organizations to utilize cloud services for SSL-encrypted HTTPS traffic without distributing their SSL keys.
The private key is utilized during the first connection, which produces a “session key” that is utilized to encrypt future traffic. This session key only protects one user’s actions and is not for long-term use like a private key, which will help keep communications secure inside the cloud.
Another feature that’s special to Keyless SSL is that session ticket keys are shared between all the servers and are replicated across all of CloudFlare’s data centers, according to Ars Technica. This means a client can return to a session hours or days after disconnecting from anywhere.
Another attribute that’s unique to Keyless SSL is the fact that session keys are distributed among all of the servers and are cloned across all of CloudFlare’s data centers, as outlined by Ars Technica. What this means is a client can go back to a session hours or days after disconnecting from anywhere.
At this time, Keyless SSL is accessible to CloudFlare’s enterprise customers, but we’re anticipating the service will soon be accessible to all customers.