Hacker News new | past | comments | ask | show | jobs | submit login

This is a possible work-around, but it adds a lot of complexity to get HTTPS and stuff worked-around. Either the third-party must handle HTTPS for their partners who setup CNAMEs, or the first-party must handle HTTPS and proxy the requests back to the third-party. It’s doable but it will significantly slow things down to the point where even shitty websites would consider it unacceptable.

The third-party can handle HTTPS just for that particular subdomain, using a separate certificate.

Yes, but this would significantly increase complexity.

It it really that bad, with automated certificate issuing via Let's Encrypt?

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact