Hacker News new | ask | show | jobs
by LethargicStud 2973 days ago
Please don't do this. It gives the user the illusion that their connection is secure, but the connection between Cloudflare and the site is not secure. Arguably it's better to encrypt some of the route rather than none of it, but also giving people a false sense of security comes with its own drawbacks.
2 comments
nodesocket 2973 days ago
Actually "flexible" might not be needed, "full" without strict should work. Traffic is still over TLS, but a valid named certificate is not required.
link
jhasse 2973 days ago
I think the user mostly cares about his connection to anything outside his network (e.g. for public WiFis).
link