The simplicity of it is logic defying. It used to be that you had to find crosswalks or move puzzle pieces or type blurred letters and numbers, but NOW all the sudden I can just click a box and HEY!, I’m human?

That’s hardly the Turing Test I’d expected.

  • kahdbrixk
    link
    fedilink
    Deutsch
    arrow-up
    4
    ·
    3 months ago

    I’d argue that the certificate authority does not have the ability to decrypt your communication because of the nature of private and public key mechanism during the whole TLS certificate procedure. You do not send your web servers private key to cloudflare when requesting a certificate.

    That would actually be pretty wild…

    Other then that you’re probably right.

    • Magnetic_dud@discuss.tchncs.de
      link
      fedilink
      arrow-up
      2
      ·
      3 months ago

      There’s a default setting that allows unencrypted communication between the server and cloudflare. So they receive unencrypted data, sign with their certificate. Or send with self signed certificate, they decrypt and reencrypt. Or for some reason can download and import on the server their own internal use certificate.

      • kahdbrixk
        link
        fedilink
        Deutsch
        arrow-up
        2
        ·
        3 months ago

        You’re right, forgot that you can just not encrypt on your servers end and use cloudflare to do that for you, especially when used as CDN