Hacker News new | past | comments | ask | show | jobs | submit login

They could always farm out the new site and point a subdomain to it.

Something like https://breach.equifax.com




That would require ssl certs to be shared to the agency.

Agreeing with everyone though, it's a wrong reason, but I can fathom why someone would do it.


No, the outside agency can obtain a new cert for just that subdomain. They can even use letsencrypt! (Although they really should use EV for this type of site.)




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: