CloudFlare Doubles the Size of the Encrypted Web with Universal SSL
Did you know that just 0.4 percent of websites (approximately 2 million) are encrypted today?
Content delivery network and Internet security provider CloudFlare aims to change that, launching a free service for both its customers - an automatic SSL (Secure Socket Layer) encryption solution dubbed Universal SSL. And the best part? There's no need to pay for or configure your own encryption certificate.
The service provisions an SSL certificate on CloudFlare's network that will accept HTTPS connections for a customers domain and subdomains (the certificates include an entry for the root domain as well as a wildcard entry for all first-level subdomains).
By rolling out free SSL to its nearly 2 million free customers, CloudFlare is effectively doubling the size of the encrypted Web.
For the unfamiliar, SSL is a protocol that keeps traffic (through encryption) from being monitored or altered. As Google recently indicated that encrypted sites (those using SSL) will rank higher in the search results than those that do not use it (although there has yet to be any firm evidence this is the case currently) there will likely be a surge of interest in its use. Solutions like CloudFlare are obviously very well positioned to take advantage of this development.
"We didn't just enable basic SSL for free, we enabled cutting-edge cryptography and made it free and easy for anyone," said Nick Sullivan, Security Engineering Lead at CloudFlare. "The cryptographic systems we're rolling out as part of Universal SSL are a generation ahead of what is used by even the top Internet giants. These certificates use elliptic curve digital signature algorithm (ECDSA) keys, ensuring all connections with CloudFlare sites have Perfect Forward Secrecy, and they are signed with ECDSA and the highly secure SHA-256 hash function. This is a level of cryptographic security most web administrators literally couldn't buy."
To enable CloudFlare's Universal SSL on your own website, just sign up for the free service. CloudFlare will then automatically issue and deploy the Universal SSL certificate within 24 hours. Once deployed, encrypted connections, as well as modern web protocols such as SPDY, are automatically supported to any modern web browser.
"The importance of Universal SSL isn't just the protection of these 2 million sites, but the fact that it moves the Internet one step closer to an encrypted-by-default standard,"explained Matthew Prince, co-founder and CEO of CloudFlare. "While small sites may think they don't need SSL, every encrypted byte exchanged online makes it more difficult for organizations that aim to throttle, censor, or otherwise restrict the Internet. We're hopeful that, now that we've shown it's possible at our scale, other organizations will follow and make SSL at no cost the default for all their customers."