You can't. Most data transmitted between cities in Canada goes through the US. T... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

a-priori on Dec 8, 2016 | parent | context | favorite | on: AWS announces new region in Canada

You can't. Most data transmitted between cities in Canada goes through the US.

The only mitigation is to make sure you encrypt everything in transit and ensure that the private keys never leave Canada.

toomuchtodo on Dec 8, 2016 [–]

And please please please make sure your server is configured to support Perfect Forward Secrecy.

https://www.ssllabs.com/projects/best-practices/

luhn on Dec 8, 2016 | [–]

A good source for the recommended SSL configuration for Apache, nginx, et al.: https://mozilla.github.io/server-side-tls/ssl-config-generat...

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact