Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
kevincox
on Aug 10, 2024
|
parent
|
context
|
favorite
| on:
.INTERNAL is now reserved for private-use applicat...
Yes, but then you are putting more information into the publically logged certificate. So it is a tradeoff between scope of certificate and data leak.
I guess you can use a pattern like {human name}.{random}.internal but then you lose memoribility.
8organicbits
on Aug 10, 2024
|
next
[–]
I've considered building tools to manage decoy certificates, like it would register mail.example.com if you didn't have a mail server, but I couldn't justify polluting the cert transparency logs.
lacerrr
on Aug 10, 2024
|
prev
[–]
Made up problem, that approach is fine.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
I guess you can use a pattern like {human name}.{random}.internal but then you lose memoribility.