That particular customer had set up their configuration in
such a way that the connection from Cloudflare back to the
customers origin was not passed over an encrypted link.
Is it just me, or this is Google/NSA's "SSL added and removed here! (grinny face)" all over again?
What they describe is simply one of Cloudflare's SSL options, called "Flexible SSL", which is often used because it lets sites offer an HTTPS address without having to purchase a certificate themselves (or even setup a self-signed one): https://www.cloudflare.com/ssl/
> This is completely baseless and incorrect. ... Only in the case of instructions/orders from the Government or the Courts, specified URLs are blocked.
Wow, they must have some other definition of "baseless and incorrect" over in LaLa Land.
4 comments
[ 2.0 ms ] story [ 20.3 ms ] threadhttp://i.imgur.com/4p9oMTp.jpg
What they describe is simply one of Cloudflare's SSL options, called "Flexible SSL", which is often used because it lets sites offer an HTTPS address without having to purchase a certificate themselves (or even setup a self-signed one): https://www.cloudflare.com/ssl/
> This is completely baseless and incorrect. ... Only in the case of instructions/orders from the Government or the Courts, specified URLs are blocked.
Wow, they must have some other definition of "baseless and incorrect" over in LaLa Land.