Hacker News new | past | comments | ask | show | jobs | submit login

If the http server is compromised you're screwed either way.

If the SSL key is on the http server when it get compromised, you've just lost your SSL key. Very bad!

If it's not, the http server could DDOS the key server. Less bad! Just change the key server address and point a new http server at it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: