The Backend Engineering Show with Hussein Nasser artwork

The Cloudflare mTLS vulnerability - A Deep Dive Analysis

The Backend Engineering Show with Hussein Nasser

English - April 06, 2023 11:59 - 43 minutes - 39.6 MB - ★★★★★ - 5 ratings
Technology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: The Virgin Media ISP outage - What happened?
Next Episode: AWS Serverless Lambda Supports Response Streaming

Cloudflare released a blog detailing a vulnerability that has been in their system for nearly two years. it is related to mTLS or mutual TLS and specifically client certificate revocation. I explore this in details

0:00 Intro
3:00 The Vulnerability
7:00 What happened?
8:50 Certificate Revocation
12:30 Rejecting certain endpoints
17:00 Certificate Authentication
20:30 Certificate serial number
24:00 Session Resumption (PSK)
35:00 The bug
37:00 How they addressed the problem

Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon)
https://backend.husseinnasser.com