![The Backend Engineering Show with Hussein Nasser artwork](https://is1-ssl.mzstatic.com/image/thumb/Podcasts113/v4/cd/d5/bb/cdd5bbe4-0e12-9615-1bd5-6f578f2e6875/mza_5436295260688338257.jpg/100x100bb.jpg)
The Cloudflare mTLS vulnerability - A Deep Dive Analysis
The Backend Engineering Show with Hussein Nasser
English - April 06, 2023 11:59 - 43 minutes - 39.6 MB - ★★★★★ - 5 ratingsTechnology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: The Virgin Media ISP outage - What happened?
Next Episode: AWS Serverless Lambda Supports Response Streaming
Cloudflare released a blog detailing a vulnerability that has been in their system for nearly two years. it is related to mTLS or mutual TLS and specifically client certificate revocation. I explore this in details
0:00 Intro
3:00 The Vulnerability
7:00 What happened?
8:50 Certificate Revocation
12:30 Rejecting certain endpoints
17:00 Certificate Authentication
20:30 Certificate serial number
24:00 Session Resumption (PSK)
35:00 The bug
37:00 How they addressed the problem
Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon)
https://backend.husseinnasser.com