(github.com)

188 points jcbhmr | 2 comments | 14 Nov 24 03:04 UTC | HN request time: 0s | source

Show context

pushupentry1219 ◴[14 Nov 24 04:54 UTC] No.42133267[source]▶

Not sure how I feel about the HTTPS/TLS related bits. These days anything I write in Go uses plain HTTP, and the TLS is done by a reverse proxy of some variety that does some other stuff with the traffic too including security headers, routing for different paths to different services, etc. I never run a go web application "bare", public facing, and manually supplying cert files.

replies(6): >>42133422 #>>42133588 #>>42133628 #>>42134049 #>>42134283 #>>42135953 #

effdee ◴[14 Nov 24 06:32 UTC] No.42133628[source]▶

>>42133267 #

The phrase "SSL added and removed here" from an NSA slide comes to mind.

replies(1): >>42135090 #

1. pushupentry1219 ◴[14 Nov 24 11:10 UTC] No.42135090[source]▶

>>42133628 #

To be clear I meant something like Caddy, or nginx not a solution like cloudflare or GCP doing my TLS

replies(1): >>42135498 #

2. arccy ◴[14 Nov 24 12:17 UTC] No.42135498[source]▶

>>42135090 (TP) #

once you outgrow a single machine, unsecured network connections become an issue again

↑

Go-Safeweb