I feel like I'm missing something. How is this different than AWS providing a wildcard certificate for every S3 bucket via https://<bucket>.s3.amazonaws.com. Is it the same thing?
Yes, you are missing something: S3 bucket resolves to Amazon's servers. <ipv6>.has-a.name resolves to the ip address specified in <ipv6>. You will have to install the certificate on the actual server that serves the webpage. For S3 bucket this is Amazon, so they can put their certificate. For your own IP, you need to install the certificate yourself, so they would have to hand you their private key as well, which is not allowed.
Yup. This is one thing I hate about AWS. Oh sure make it nice and easy to use the wildcard cert on any AWS infrastructure. But what if you want to use that wild card cert somewhere else? Too bad. AWS holds the private key for your wildcard cert, and they don't give it to you. They hold it hostage on their server.
Considering the domain is amazonaws.com, it is only fair they keep it with themselves. They can't be in the business of providing arbitrary subdomains under their parent domain just to have it point to some other external IP.
I'm talking about custom domains. You can setup AWS to manage certs for mycompany.com (for example). When you do that they ought to give you a copy of the private key to *.mycompany.com. I am not talking about the amazonaws.com certs.
>Uhhh, I am really glad they don’t share it with me or anyone else
It's your domain, you ought to own it. Obviously no one else should. If you buy a wildcard cert from say Comodo (or a number of other cert houses) you can use that cert on any provider you wish, or use it on your locally own infrastructure. You get the private and public key, as you should.
Because that DNS entry resolves to an Amazon owned servers which have the certificate and key. This service resolves the DNS entries to your own server, meaning requests would hit your server which would require your server respond with the signed certificate and have control of the accompanying private key.
It's good to remember that things end up on HN because random people post them here, not because their original authors want them here. HN is not, as a rule, good at keeping this in mind, and tends to treat anything that lands on HN as if it was part of a discussion they are (1) a part of and (2) welcome to participate directly in.
I think it's in fact super healthy for people to set clear boundaries about how they engage with this place, and "this Twitter thread was not posted as a solicitation for an HN thread, or for HN people to jump onto my TL" is a very sane boundary indeed.
That people read this kind of boundary drawing as "hatred" is itself a good illustration of the issue!
Having made (what I thought were polite) comments on Reddit only to get down-voted into oblivion, I agree that HN has one of the most thoughtful and respectful communities I've participated in.
In my experience, it's pretty easy to misjudge the expected overall level and style of politeness in a given social space. Many people were raised with the idea of politeness being a safe default, but in some spaces being too polite can come off as aloof or condescending.
There have been a number of HN threads that have become quite, er, hostile or toxic in the past. The most recent example of this would the comment thread for this article: "Richard M. Stallman resigns" (https://news.ycombinator.com/item?id=20990583)
HN has a lot of smart people. People don't like being fact checked, especially when they believe they discovered something significant until experts show it was a basic misunderstanding.
This is the cannonical example of why HN gets it wrong. You really are not an expert in 99.99% of the topics on HN, so having this kind of holier than thou attitude is just really obnoxious.
And this is the canonical example of why Twitter gets it wrong :)
I'm not talking about myself. Never even remotely implied it.
HN is filled with the 0.1% that truly are experts on individual topics. You'll find people that wrote papers on quantum mechanics chiming in on QM discussions, people with decades of RF HW experience correcting those 5Ghz conspiracies, start-up founders jumping in on discussions, and (in this case) people that can read spec sheets and understand how systems like these are built and programmed.
No one's an expert on much, but plenty are experts on something. Twitter's often too shallow to even entertain the possibility of being wrong.
It may help if you go to the extension's settings and enable user input simulation and install the client app.
Though Google may block your access to the audio challenge regardless of the browser or extensions you use, see more details here: https://github.com/w3c/apa/issues/25
I also get this sometimes, not even using buster. Once I was not able to access package tracking information, because Google blocked me completely via recaptcha from that.
I actually do a lot of automated queries from my computer.
I like to scrape and save content that may disappear. Just recently one psychology website I liked years ago where I put a lot of effort to comment on, silently deleted all 60k user comments, including 100s I wrote, and started putting old articles behind a paywall. My activity is perfectly legal, as I'm doing all this for my own personal use.
Thankfully I have all the content locally in the database.
Does it mean I should be prevented from accessing third party services that use recaptcha?
