Sure. The point is, don't bother letting the apps themselves do TLS termination.... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		xienze 9 months ago \| parent \| context \| favorite \| on: TLS certificate lifetimes will officially reduce t... Sure. The point is, don't bother letting the apps themselves do TLS termination. Too much work that's better handled by something else.

hedora 9 months ago [–]

Also, moving termination off the endpoint server makes it much easier for three letter agencies to intercept + log.

qmarchi 9 months ago | [–]

Most responsible orgs do TLS termination on the public side of a connection, but will still make a backend connection protected by TLS, just with a internal CA.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact