TLS when used with a CDN doesn't provide any privacy, data integrity or authentication.

← back to the blog

TLS when used with a CDN doesn't provide any privacy, data integrity or authentication.
27th February 2017

Content Delivery Networks and DDOS protection services that require TLS traffic be terminated within their cloud are creating new problem: CLIENT DATA EXPOSURE.

To be fair, CDN's terminate the TLS sessions so that they can do TCP and TLS protocol break, content inspection and traffic analysis. These networks also add TLS to TCP sessions as well. But, unfortunately both these types of services breaks three core features of TLS end-to-end protections: data privacy, data integrity and how its most often used server side authentication. The only solution is for apps to implement their own end-to-end, at the process level, protocol that can put these key protections back in place.

theverge.com

 

arstechnica.com/security/2017/02/

https://www.linkedin.com/pulse/tls-when-used-cdn-doesnt-provide-any-privacy-data-integrity-levine

Locations
7 World Trade Center
250 Greenwich St
New York, NY 10007
466 Southern Blvd
Chatham Township, NJ 07928
3 Shalem St.
Ramat Gan, Israel
5221550
Teerth Technospace
S. No. 103
Mumbai Banglore Highway
Baner, Pune
Maharashtra 411045, India
Phone Numbers
US:
+1 212 520 2557
+1 844 33-RELID
+1 844 337-3543
Israel:
+972 (72) 2433000
+972 (72) 2733379 (f)
info@uniken.co.il
Hong Kong:
+852 6417 4790
Pune:
+91 20 6725 3900