Cloudflare have any plans for Edge servers to speak and communicate with origin backends via TLS 1.3 ? And
If so, will we one day be able to speak TLS 1.3 0-RTT between Cloudflare Edge and origin backends ?
If TLS 1.3 0-RTT between Edge and origin is planned, would it be enough for origin backends to implement Cloudflare Authenticated Origin Pulls and CF Full SLL, to protect against 0-RTT replay attacks on the origin backend servers ?
We have supported TLS 1.3 to the origin since draft 22. However, there have been several revisions since then (including the subsequent RFC) and not all drafts are compatible nor do all current versions of crypto libraries support all drafts. If your origin supports draft 22, you’ll be able to use TLS 1.3 between Cloudflare and your origin today. Otherwise, now that BoringSSL has recently added support for the RFC version of TLS 1.3, it’s on our roadmap to update to this version as well.
We don’t currently have 0-RTT enabled between Cloudflare and the origin for two reasons. First, to mitigate any potential for replay attacks and second, the benefits of 0-RTT are less impactful between servers communicating over a high-bandwidth connection. We may revisit this decision in the future.
No, mutually-authenticated TLS connections won’t be enough to mitigate any replay attacks with 0-RTT. The server still needs to guarantee that a ClientHello message with 0-RTT data is only accepted exactly once and the client needs to limit how it retries initiating 0-RTT connections.
As yes CF edge server’s would be much closer to origins (with maybe exception of free plan CF users and Sydney/Australia origins where CF doesn’t necessarily use CF Edge from Sydney but Singapore instead ? IIRC CF Sydney edge reserved for higher plan CF plans ?). But 0-RTT would still benefit slow 3G speed connections ? edit: nevermind that question, CF to origin will never have those speeds heh
On nginx origin, would limiting early data 0-RTT to just GET requests be good workaround on nginx origin side ? I guess this would be something a write up at Cloudflare in more detail for what to do to secure origins using TLS 1.3 0-RTT when used with Cloudflare when TLS 1.3 becomes more prevalent on CF customer’s origin servers as well. Of course that is provided if/when CF would enable 0-RTT for communication with origins
We’re working with affected customers and server providers to build or install versions that work correctly with RFC TLS 1.3 connections. Unfortunately, this means we’re unable to support RFC TLS 1.3 to the origin until these known issues are resolved. This process may take several months, depending on the urgency with these providers to update their software.
Thank you for your patience while we we work at making the internet a faster and safer place.