I like the idea of https://letsencrypt.org/ but I kinda worry - doesn't it just create a giant single point of failure?
... but even then, I'm not sure - because if you hack the bot, for example, you might be able to just do it locally.
-
-
So I feel like it's somewhat hard to think about how big an attack surface you add.
-
I don't believe that the central server gets the key, right? The server doesn't need it to generate the certificate.
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.