Is the cure worse than the initial problem?CloudfFlare now offers a solution to the so-called mixed content problem:
http://forums.theregister.co.uk/forum/1/2016/09/20/cloudflare_offers_encryption_up_the_wazoo/Re-writing every link as HTTPS Everywhere where they could, and where they cannot the green padlock is misleading.
They hope soon all of the internet has turned HTTPS Everywhere.
For the record the El Reg is also on American CloudFlare,
and they also dealt an additional little smear to tor-developers, in their article.
By the way CloudFlare implemented their own certificate incorrectly: Would you trust them with half-baked e2e encryption?
From the crypto-report:
Certificate is not installed correctly
cloudflare.com
This is not a Symantec certificate.
Please contact the Certificate Authority for further verification.
You have 2 errors
RSA wrong certificate installed.
The domain name does not match the certificate common name or SAN.
ECC wrong certificate installed.
The domain name does not match the certificate common name or SAN.
Info
BEAST
This server is vulnerable to a BEAST attack. More information.
Chain installation:
2 certificates found: RSA and ECC.
To view each certificate chain, click a tab below.
RSA
ECC
Certificate information
This server uses an Extended Validation (EV) certificate. Information about the site owner has been fully validated by COMODO CA Limited to help secure personal and financial information.
Common name:
SAN:
cloudflare.com,
www.cloudflare.comValid from:
2015-Dec-01 00:00:00 GMT
Valid to:
2016-Nov-30 23:59:59 GMT
Certificate status:
Valid
Revocation check method:
OCSP
Organization:
CloudFlare, Inc.
Organizational unit:
COMODO EV Multi-Domain SSL
City/locality:
San Francisco
State/province:
California
Country:
US
Certificate Transparency:
Embedded in certificate
Serial number:
e3bb289893780deab01913b0a1400d77
Algorithm type:
SHA256withRSA
Key size:
2048
polonus