Skip to content
Better HN
Top
New
Best
Ask
Show
Jobs
Search
⌘K
undefined | Better HN
0 points
kevincox
1y ago
0 comments
Share
Yes, but then you are putting more information into the publically logged certificate. So it is a tradeoff between scope of certificate and data leak.
I guess you can use a pattern like {human name}.{random}.internal but then you lose memoribility.
0 comments
default
newest
oldest
8organicbits
1y ago
I've considered building tools to manage decoy certificates, like it would register mail.example.com if you didn't have a mail server, but I couldn't justify polluting the cert transparency logs.
lacerrr
1y ago
Made up problem, that approach is fine.
j
/
k
navigate · click thread line to collapse
