CloudFlare gives Internet a present: free, no-hassle “Universal” SSL

In a bid to secure even more of the Internet’s websites through the use of secure connections, San Francisco-based content delivery network and Internet security provider CloudFlare has launched a new free service for both its paying and free customers: automatic Secure Socket Layer (SSL) encryption for any site, without the need to pay for or configure an encryption certificate.

Called Universal SSL, the service eliminates the need for organizations to deal with a Certificate Authority or configure their own server’s crypto. Instead, if a website is connected through CloudFlare, its owner can set up a certificate through a Web interface in 5 minutes, and it will be automatically deployed within 24 hours—providing the site’s traffic with Transaction Layer Security (TLS) encryption based on an elliptic curve digital signature algorithm (ECDSA).

In a release, CloudFlare security engineering lead Nick Sullivan said, “The cryptographic systems we’re rolling out as part of Universal SSL are a generation ahead of what is used by even the top Internet giants. These certificates use elliptic curve digital signature algorithm (ECDSA) keys, ensuring all connections with CloudFlare sites have Perfect Forward Secrecy, and they are signed with ECDSA and the highly secure SHA-256 hash function. This is a level of cryptographic security most web administrators literally couldn’t buy.”

Read 4 remaining paragraphs | Comments