18 Oct
2015
18 Oct
'15
4:34 p.m.
It is behind Cloudflare's MiTM service which adds web services names to their existing certs as alternative Names.
So your SSL/TLS connection is terminated on Cloudflare's web application firewalls and NOT the web servers that you think is terminating it.
Given CF handle over 4% of web traffic it is a great place to collect and collate what was encrypted traffic for monitoring and anti-privacy purposes.
Cheers, Oshwm.
Given that it was revealed that ISPs were subsidized in exchange for giving the NSA full take, it makes cloudflare mildly suspicious. Although I personally don't care. It's a free CDN and I suppose one expects some freedom to be lost somewhere.