On 09/12/2016 03:42 PM, Peter Kurrasch wrote: > Hi Erwann, > > I was thinking of more the server (cloud) side of things. I'm not > familiar enough with Cloudflare's service, but I imagine that if I > have a server set up I will also have access to my private key. If > so, I now have access to the private key of the other domains. > Perhaps there are protections set up?
It would be on the load balancer /CDN side of things, so the individual entities would not have access to the private key for it. -- ---------------------------- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk ---------------------------- Public OpenPGP certificate at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 ---------------------------- "History repeats itself; historians repeat each other" (Philip Guedalla)
signature.asc
Description: OpenPGP digital signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy