The unintended privacy consequences of using CloudFlare’s HTTPS
CloudFlare has a fantastic feature where you can use their DNS and CDN service and get free HTTPS. This is great because having a domain people can access securely should not be costly or difficult to set up, and they should be commended for leading the way on something that will surely be the norm in years to come. However, there is a catch to CloudFlare’s implementation which opens up a potential privacy breach for its customers.
To make their implementation work, CloudFlare uses something called SNI. The way SNI works is that multiple domains can share the same SSL certificate. Therefore, if you are using CloudFlare’s free HTTPS, your domain’s SSL certificate is not unique and is shared with up to 100 other domains.
Sharing the SSL certificate with other domains and even being able to see those other domains is by itself not a privacy issue, and to me seems like a perfectly reasonable tradeoff for getting free HTTPS. However, in addition to grouping domains from different customers under one certificate, CloudFlare also groups all of a single customer’s domains under the same certificate. This means that if you use CloudFlare’s free HTTPS, anybody can see any other domain you have with CloudFlare. This way of grouping domains opens up a possible breach of a customer’s privacy and an unreasonable tradeoff, even if it is free.
The reason grouping all of a customer’s domains under one certificate could be a breach of privacy is because one domain might be private and another public. However, being able to see these domains side-by-side makes it trivial to link one domain to another. Therefore, any attempt to make one domain completely private and disassociated goes out the door.
An example of where this would be a problem: a Chinese dissident has a website on government corruption and is using a domain privacy service to protect his identity and CloudFlare to protect the origin of his server. If his identity is not sufficiently protected, he is in danger of being harmed by the Chinese authorities. This Chinese dissident also has his personal domain on CloudFlare, and since it is non-political, he does not bother to use any privacy protection. Since he sees that CloudFlare offers HTTPS, he unwittingly enables it for both domains. The Chinese authorities start to investigate this website and look at the SSL certificate. Alongside the website in question, they also see a personal domain for a Chinese citizen on the list of sites with the same certificate, making it pretty obvious who owns the website they are investigating. The dissident is subsequently arrested and executed by government.
The example above is not hyperbolic. This outcome is surely an unintended consequence of using CloudFlare’s HTTPS and a consequence they don’t warn you about. The real world consequences of this can be very real and very severe, and also unnecessary. There is no standards requirement that all domains by a single owner be grouped into the same certificate.
The way I propose that CloudFlare solves this issue is to randomize the certificate on which any domain falls into. Therefore, even if you can see other domains on the same certificate, there is no link between them. I believe this would sufficiently protect the privacy of its owners, and not jeopardize what seems to be a big technological achievement on the part of Cloudflare.
Discuss on Hacker News.