CloudFlare, the San Francisco-based service that makes websites faster and helps to keep them secure, just announced a new partnership with trust service provider GlobalSign that will make GlobalSign the fastest SSL provider in the world. While more companies than ever use SSL to keep their sites secure, there is typically a significant performance penalty involved as most of these services don’t pay as much attention to performance as they could. Starting today, GlobalSign’s SSL customers will see up to six times faster load times for their secure websites.
As CloudFlare’s CEO and co-founder Matthew Prince told me earlier this week, whenever you visit a site using HTTPS, your browser does a so-called OCSP check to ensure that the site’s SSL certificate is still valid. Your browser won’t start downloading any content until all of these checks are complete, which typically takes about half a second. The Certificate Authorities that sell SSL certificates have put very little emphasis on OCSP performance, and website owners typically just pick the cheapest SSL vendor.
As CloudFlare announced earlier this week, the company’s work to speed up the OCSP checks (using a technique called OCSP stapling) can speed the process up by around 30 percent. Unlike most Certificate Authorities, CloudFlare also has 23 points of presence around the world, which helps reduce geographical delay. Using CloudFlare, GlobalSign can bring the latency of these OCSP checks down from half a second to 100ms. In total, CloudFlare says, “this partnership will save the web about a year and a half worth of time every day that web visitors would have otherwise spent waiting for web pages to load.”
CloudFlare, it is worth noting, already worked with GlobalSign to provide its users with the (paid) option of adding SSL Certificates to their sites.
“We are focused on helping websites operate with peak efficiency, fast performance and strong security,” said Prince in a canned statement today. “The combination of our advanced web optimization technology with GlobalSign’s forward-thinking approach to SSL will allow both GlobalSign and CloudFlare customers to stay ahead of their competition when it comes to providing a secure, outstanding and fast user experience.”
If you are interested in more details about how exactly this works, take a look at GlobalSign’s explanation and CloudFlare’s blog post.
As Prince also told me, GlobalSign’s initiative is just another example of a large organization coming on board with CloudFlare. Several banks, governments and Fortune 500 companies already rely on the service’s infrastructure to speed up their sites and keep them safe. Month-over-month, he said, growth is still in the double digits and the average size of the sites using CloudFlare also continues to grow.
CloudFlare is a service that does one thing: make websites better. With a single change to DNS, sites are instantly protected from a wide range of online threats, see an increase in page load speeds, and have their content dynamically optimized across the Internet. CloudFlare’s core service is free.
GMO GlobalSign is one of the longest established Certificate Authorities (CA) and thought leaders in Cloud PKI identity credentialing and automated SSL Certificate management. GlobalSign x.509 Digital Certificates are trusted by all browsers and mobile devices and include: Multi-Domain & Extended Validation SSL, Code Signing, Adobe PDF Signing, Microsoft Office Digital Signatures, S/MIME Secure Email, Strong Authentication for networks and mobile access, and root signing for enterprise Certificate Authorities.