this post was submitted on 26 Aug 2025
26 points (96.4% liked)

Privacy

2350 readers
163 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 2 years ago
MODERATORS
Ategon@programming.dev
danielintempesta@programming.dev
26
TIL something curious about Cloudflare (ani.social)
submitted 4 days ago by hisao@ani.social to c/privacy@programming.dev
4 comments fedilink hide all child comments
 

I've been reading this about Cloudflare and realized they require any site using their services to install their certificate to then proceed to fully sniff and analyze, and sometimes even modify https traffic. This is something I didn't realize before. Here are the relevant screenshots:

you are viewing a single comment's thread
view the rest of the comments
[–] probable_possum@leminal.space 2 points 3 days ago* (last edited 2 days ago)

TLS isn't really related to E2EE.

IMO it is. Is it not a solution which prevents everybody but the client's browser and the web-server from taking part in the communication? Why?

data can be delivered securely over http

On top of HTTP? Nice. Is there a RFC or a framework which implements such a solution?