Building A More Trusted Web: Meet Cloudflare SXG (Automatic Signed eXchanGes)
If you don’t know about Cloudflare, then you should, as they provide a range of services which make the Web a more secure and trusted place. One of the great things about the company is that they have a great passion for cryptography and continually shares its knowledge with others. Also, Cloudflare has a passion for creating a more trusted Web, and SXG (Automated Signed eXchanges) is one of its newest services for increasing trust in Web content. As code inject still ranks highly in the OWASP Top 10, it is important that we try and address issues related to the modification of content in order to address cybersecurity issues.
So, how can we check that the content we receive from a Web page is the content that was created by the originator and that it has not been modified by a proxy (Eve)? Well, we need to add a digital signature to the content provided, and which verifies both the content and the originator. Normally this is done by the originator signing with their private key, and then the receiver checking the signature against their public key. This public key will be signed by a trusted entity.
An untrusted Internet
The Internet is built mostly on protocols that care little about trust and privacy. When these protocols were being defined…
