For what it's worth, I think CloudFlare dropping the price of SSL is going to force other companies to follow suit, so hopefully their move creates competition that both reduces CloudFlare dependency and increases the amount of encrypted traffic on the web. For example, today I learned that Amazon CloudFront finally dropped the price of SSL in front of S3 for custom domains from $600/month(!!) to $0/month:[1]http://aws.amazon.com/cloudfront/custom-ssl-domains (As long as you're comfortable using SNI, which excludes users on Windows XP.) CloudFlare is hopefully just one part of the tip of the spear. On Mon, Apr 7, 2014 at 4:05 AM, ITechGeek <[2]itg@itechgeek.com> wrote: For the 3 co-founders, they appear to provide the exact same info as when the Wayback Machine first captured the people page in 2010. [3]http://web.archive.org/web/20101015060142/http://www.cloudflare.com/ people.html [4]http://www.linkedin.com/in/mprince [5]http://www.linkedin.com/pub/michelle-zatlyn/9/b19/17b?trk=pub-pbmap [6]http://www.linkedin.com/pub/lee-holloway/0/152/159 I don't see any indication of connections to the US Intel Community based on looking them up online. I see connections to Law Enforcement for Matthew Prince, but connections to law enforcement != connections to Intel community. I'm not debating the idea Cloudflare could receive an NSL which is true for any US company (although I think most countries have some equiv). You are telling us to do our homework. Since we don't seem to be seeing the same information that you are, can you point us at some sites? Maybe the search engine you are using is pointing you in a different direction than Google is pointing me or maybe you know better search terms. ----------------------------------------------------------------------- ------------------------ -ITG (ITechGeek) ITG@ITechGeek.Com [7]https://itg.nu/ GPG Keys: [8]https://itg.nu/contact/gpg-key Preferred GPG Key: Fingerprint: AB46B7E363DA7E04ABFA57852AA9910A DCB1191A Google Voice: [9]+1-703-493-0128 / Twitter: ITechGeek / Facebook: [10]http://fb.me/Jbwa.Net On Sun, Apr 6, 2014 at 5:28 PM, Ryan Carboni <[11]ryacko@gmail.com> wrote: oh dear. He helped the government combat crime and nuisance style offenses. Clearly in collusion. On Sun, Apr 6, 2014 at 12:20 PM, <[12]tpb-crypto@laposte.net> wrote: > Message du 06/04/14 17:41 > De : "staticsafe" > On 4/6/2014 10:40, [13]tpb-crypto@laposte.net wrote: > >> Message du 04/04/14 20:09 > >> De : "Eric Mill" > >> Along with Cloudflare's 2014 plan to offer SSL termination for free, and > >> their stated plan to double SSL on the Internet by end of year, the barrier > >> to HTTPS everywhere is dropping rapidly. > >> > > > > I agree that putting https everywhere is great, but Cloudflare's founders are tightly linked with the US-intelligence community. That fact alone kind of kills any claims they make about data security within their service. > > Source for this please? > Is it so painful to do your own homework? "Matthew Prince, Lee Holloway, and Michelle Zatlyn created CloudFlare in 2009.[1][2] They previously worked on Project Honey Pot." - [14]http://en.wikipedia.org/wiki/CloudFlare "[...] the project organizers also help various law enforcement agencies combat private and commercial unsolicited bulk mailing offenses and overall work to help reduce the amount of spam being sent [...]" - [15]http://en.wikipedia.org/wiki/Project_Honey_Pot That's just for starters, you can dig more and find more. It is interesting that the history of the founders themselves is no longer exhibited in [16]cloudflare.com website as it was years ago. As an American company, there is nothing preventing Cloudflare from receiving NSLs and having to shut up about them. What use is a system that you can't trust like this? You can say "oh, but they go after the bad guys, spammers". But that doesn't limit it to spammers neither do we know who are the so called bad guys, since that is decided by American secret laws, made by secret courts, that issue secret orders. No trust to American companies, less even trust to American companies that promise any kind of data security. Better no security than a false sense of it. Sorry. _______________________________________________ cryptography mailing list [17]cryptography@randombit.net [18]http://lists.randombit.net/mailman/listinfo/cryptography _______________________________________________ cryptography mailing list [19]cryptography@randombit.net [20]http://lists.randombit.net/mailman/listinfo/cryptography _______________________________________________ cryptography mailing list [21]cryptography@randombit.net [22]http://lists.randombit.net/mailman/listinfo/cryptography -- [23]konklone.com | [24]@konklone References 1. http://aws.amazon.com/cloudfront/custom-ssl-domains 2. mailto:itg@itechgeek.com 3. http://web.archive.org/web/20101015060142/http://www.cloudflare.com/people.html 4. http://www.linkedin.com/in/mprince 5. http://www.linkedin.com/pub/michelle-zatlyn/9/b19/17b?trk=pub-pbmap 6. http://www.linkedin.com/pub/lee-holloway/0/152/159 7. https://itg.nu/ 8. https://itg.nu/contact/gpg-key 9. tel:+1-703-493-0128 10. http://fb.me/Jbwa.Net 11. mailto:ryacko@gmail.com 12. mailto:tpb-crypto@laposte.net 13. mailto:tpb-crypto@laposte.net 14. http://en.wikipedia.org/wiki/CloudFlare 15. http://en.wikipedia.org/wiki/Project_Honey_Pot 16. http://cloudflare.com/ 17. mailto:cryptography@randombit.net 18. http://lists.randombit.net/mailman/listinfo/cryptography 19. mailto:cryptography@randombit.net 20. http://lists.randombit.net/mailman/listinfo/cryptography 21. mailto:cryptography@randombit.net 22. http://lists.randombit.net/mailman/listinfo/cryptography 23. https://konklone.com/ 24. https://twitter.com/konklone