The Cloudflare mTLS vulnerability - A Deep Dive Analysis
The Backend Engineering Show with Hussein Nasser
00:00
Introduction
Cloudfair has just fixed a vulnerability in their mutual TLS offering. Customers of Cloudfair can create client-side certificates and configure them for certain clients, such that only those clients can even connect or send particular requests to this backend. Usually with MTLS, if the certification is revoked, you can't even connect. But we're going to learn after reading this article that Cloudfair doesn't actually differently. They want a more customized role.
Transcript
Play full episode
