I'm honestly curious what podcasts you listen to? Everyone I know relies on in-show advertising (often promo codes) or a donation model. I've never even heard of a podcast that requires authentication.
-
-
Replying to @lcamtuf @BRIAN_____ and
Cool, an example. But... uh... you don't actually listen to this, do you?
0 replies 0 retweets 2 likes -
Replying to @lcamtuf @justinschuh and
I have a dumb thought, allow me to burden you with it! So the issue is "publicness", right? How do we know this fetch won't hit an internal system. How about we force public DNS lookup + TLS? We have a DOH resolver, why not use it here?
2 replies 0 retweets 2 likes -
Work with me here: why is it wrong in the suggested configuration? TLS as backstop gets you real "publicness", no? What am I missing?
2 replies 0 retweets 0 likes -
Replying to @slightlylate @sleevi_ and
why can internal services not have TLS certs?
1 reply 0 retweets 0 likes -
Oh, they can, it's just that their signatures wouldn't match what public resolver reflected
1 reply 0 retweets 0 likes
you mean you'd rely on the public certificate of the internal service being secret? I guess that kinda works...
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.