The Backend Engineering Show with Hussein Nasser cover image

The Cloudflare mTLS vulnerability - A Deep Dive Analysis

The Backend Engineering Show with Hussein Nasser

00:00

TLS Session Resumption

The serial number is a tiny one, like 20 bytes. It's still way smaller than the minimum requirement for the elliptic curve digital signature public key. So they're using this for performance reasons, right? Understand this stuff. But what does this have to do with TLS session resumption? I'm trying to summarize all that and then I'll add my own thoughts on it.

Transcript
Play full episode

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner