top | item 32623771 (no title) dgivney | 3 years ago I agree, in a 90s system design meeting - security through obscurity is reasonably secure. discuss order hn newest zhfliz|3 years ago without referring to this particular case, how is `/.well-known/LsyrYyZGDMMPwS1lAUS7qXo7c81XLaxPeRrSZdSReFk5zPaJaD` less secure than `/.well-known/key` requiring an `Authorization: LsyrYyZGDMMPwS1lAUS7qXo7c81XLaxPeRrSZdSReFk5zPaJaD` header? JimDabell|3 years ago URLs are logged in all kinds of places, they end up everywhere. Authorization headers are not. load replies (1)
zhfliz|3 years ago without referring to this particular case, how is `/.well-known/LsyrYyZGDMMPwS1lAUS7qXo7c81XLaxPeRrSZdSReFk5zPaJaD` less secure than `/.well-known/key` requiring an `Authorization: LsyrYyZGDMMPwS1lAUS7qXo7c81XLaxPeRrSZdSReFk5zPaJaD` header? JimDabell|3 years ago URLs are logged in all kinds of places, they end up everywhere. Authorization headers are not. load replies (1)
JimDabell|3 years ago URLs are logged in all kinds of places, they end up everywhere. Authorization headers are not. load replies (1)
zhfliz|3 years ago
JimDabell|3 years ago