Keeping the Internet fast and secure: introducing Merkle Tree Certificates

Posted by tatersolid 23 hours ago

Keeping the Internet fast and secure: introducing Merkle Tree Certificates(blog.cloudflare.com)

144 points | 41 commentspage 2

cryptonector 19 hours ago|

I think MTC is best described as a new signature algorithm for signing certificates where the value is a Merkle tree inclusion proof. This is quite clever. I like it.

dur-randir 16 hours ago||

Keeping internet locked, you mean?

megous 20 hours ago||

Ah cloudflare. But who will protect us against cloudflare???

It's a privacy violating proxy after all.

thhoooowww0101 20 hours ago|

What's so special about cloudflare? Everyone from AWS to Akamai offers the same "reverse proxy" service.

layer8 7 hours ago|||

Their market share: https://w3techs.com/technologies/details/cn-cloudflare

megous 1 hour ago|||

Did I say there's something special about them?

thhoooowww0101 1 hour ago||

Maybe I misunderstood your comment. Traffic wise, I'm not sure if they're ahead of other "privacy violating" proxy services, so I was wondering if there's something special about Cloudflare. They're all MITM traffic after all.

rvz 23 hours ago||

[flagged]

tomrod 22 hours ago|

... Why is this the first place to go?

oasisbob 17 hours ago|

Regardless of the strengths of this, I can't read this slop. A third of the way in, and:

> Instead of expecting the client to know the server's public key in advance, the server might just send its public key during the TLS handshake. But how does the client know that the public key actually belongs to the server? This is the job of a certificate.

Are you kidding me? You don't know your audience on an article at the nexus of certificate transparency and post-quantum cryptography well-enough to understand that this introduction to PKI isn't required?

Know your audience. Turning over your voice to an AI doesn't do that for you. It will waste everyone's time on thousands of words of vapid nonsense.

jgrahamc 9 hours ago||

When I was the editor in chief of the Cloudflare blog we had a very, very strong mission to "educate, educate, educate" our readers. That often meant including details that someone versed in the field would skip over or find too basic. After all, we were writing for a general technical audience interested in learning about a topic.

So, its natural that some readers would find parts over-explanatory but the hope was that they could read past those bits and the less educated reader would come away having learnt something new.

flufluflufluffy 8 hours ago||

I for one welcomed the refresher as I don’t often deal with the intricacies of the public key infrastructure, even though yes I am a programmer and make websites.