this post was submitted on 24 Aug 2024
394 points (97.1% liked)

Asklemmy

43963 readers
1290 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

The simplicity of it is logic defying. It used to be that you had to find crosswalks or move puzzle pieces or type blurred letters and numbers, but NOW all the sudden I can just click a box and HEY!, I'm human?

That's hardly the Turing Test I'd expected.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] kahdbrixk@feddit.org 4 points 3 months ago (1 children)

I'd argue that the certificate authority does not have the ability to decrypt your communication because of the nature of private and public key mechanism during the whole TLS certificate procedure. You do not send your web servers private key to cloudflare when requesting a certificate.

That would actually be pretty wild...

Other then that you're probably right.

[โ€“] Magnetic_dud@discuss.tchncs.de 2 points 3 months ago (1 children)

There's a default setting that allows unencrypted communication between the server and cloudflare. So they receive unencrypted data, sign with their certificate. Or send with self signed certificate, they decrypt and reencrypt. Or for some reason can download and import on the server their own internal use certificate.

[โ€“] kahdbrixk@feddit.org 2 points 3 months ago

You're right, forgot that you can just not encrypt on your servers end and use cloudflare to do that for you, especially when used as CDN