alt Hacker NewsI do have a question, is it even possible to have a CDN set up where they don't MITM and strip your TLS and re-encrypt or are we just picking which jurisdiction gets to inspect your traffic?
edit: I'm thinking of the use case where the CDN as a proxy for APIs and uncachable content as well, where it used as a reverse proxy for transit/ddos protection.
Replies
yjftsjthsd-h • today at 2:57 PM
Much of the point of a CDN is that they can cache responses, and likely also make other changes. I don't see how that could be done without seeing what's inside the request.
➕ show 1 reply
Probably not. That’d look a lot like a bunch of load balancers around the world hitting your own backend. There’s generally not a way to cache web data without decrypting it inside the cache.