Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I can open the `https` link above on firefox. Have to open:

http://ducklang.org/designing-a-programming-language-i



In Chrome you can just type "thisisunsafe" on your keyboard to open the page anyways.


Apparently "the certificate is only valid for the following names: *.github.com, github.com" so this is likely a "github pages" page hiding behind a proper domain name.


Fortunately the authors of the website didn't turn off plain HTTP.


I wonder if it would be practical for any web server that receives a TLS request for any domain it doesn't know about (but has nonetheless arrived on the server) to make a Let's-Encrypt request for that domain and respond to the original request in time.


https://doc.traefik.io/traefik/https/acme/

I don't believe it can respond to a request live, but it can dynamically request a cert for any new domain and have it presumably in seconds, so I don't think it's out of the realm of possibility. This would only be for a subdomain of a parent domain you already own and can prove via an ACME challenge.


Well, 8 hours later, I just see my typo. s/can/can't/


It does make you wonder, how can they possibly design a new language when they can't even get https working right?


Because they are two separate skillsets.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: