Sure. The point is, don't bother letting the apps themselves do TLS termination.... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		xienze 12 months ago \| parent \| context \| favorite \| on: TLS certificate lifetimes will officially reduce t... Sure. The point is, don't bother letting the apps themselves do TLS termination. Too much work that's better handled by something else.

hedora 12 months ago [–]

Also, moving termination off the endpoint server makes it much easier for three letter agencies to intercept + log.

qmarchi 12 months ago | [–]

Most responsible orgs do TLS termination on the public side of a connection, but will still make a backend connection protected by TLS, just with a internal CA.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact