* Peter Bowen:

> On Sat, Sep 10, 2016 at 10:40 PM, Han Yuwei <hanyuwe...@gmail.com> wrote:
>> So when I delegated the DNS service to Cloudflare, Cloudflare have
>> the privilege to issue the certificate by default? Can I understand
>> like that?
> I would guess that they have a clause in their terms of service or
> customer agreement that says they can update records in the DNS zone
> and/or calls out that the subscriber consents to them getting a
> certificate for any domain name hosted on CloudFlare DNS.

I find it difficult to believe that the policies permit Cloudflare's
behavior, but are expected to prevent the issue of interception
certificates.  Aren't they rather similar, structurally?
dev-security-policy mailing list

Reply via email to