HTTPS for Local Networks #78
Comments
|
Thank you for proposing a session! You may update the session description as needed and at any time before the meeting, but please keep in mind that tooling relies on issue formatting: follow the instructions and leave all headings and other formatting intact in particular. Bots and W3C meeting organizers may also update the description, to fix formatting issues or add links and other relevant information. Please do not revert these changes. Feel free to use comments to raise questions. Do not expect formal approval; W3C meeting organizers endeavor to schedule all proposed sessions that are in scope for a breakout. Actual scheduling should take place shortly before the meeting. |
|
I'm interested in joining the session remotely. |
|
I made some slides on what we've been doing in this area as part of WICG/local-peer-to-peer and w3c/openscreenprotocol. The former even has a ticket for Local HTTPS. Happy to talk over this in the session if there is enough interest. |
|
Talking about previous efforts to do this sounds good to me, and regarding remote joining, I'll add the Zoom link once I figure out the logistics for that. |
|
Looks like the Zoom information is already up in the calendar link. I've also added a link to the pad we'll use for meeting notes. |
|
Thanks everyone for attending. I've attached the slides. |
|
RFC7250 (bare public keys) might also be an option, particularly when contemplating IoT or TOFU? (I had no idea this was happening, else I would have participated while it was going on.) |
Session description
It is not possible to get a publicly trusted CA to sign a certificate for a local domain (i.e. a non-publicly resolvable domain name such as router.local, printer.home, 192.168.1.1, etc), so currently router configuration pages, IoT devices, media servers, etc. have to either: not use TLS, rely on complicated workarounds, or use self-signed certificates and ask users to click through security warnings.
This session's goal is to explore potential solutions to this problem, such as PAKE (Password-authenticated key exchange) and TOFU (trust on first use).
There was previously a Community Group dedicated to this problem, but discussions seem to have stalled, and the group was closed in 2023.
Session goal
Discuss potential ways HTTPS can be supported in local networks
Additional session chairs (Optional)
No response
Who can attend
Anyone may attend (Default)
IRC channel (Optional)
#https-for-local-networks
Other sessions where we should avoid scheduling conflicts (Optional)
No response
Instructions for meeting planners (Optional)
No response
Agenda for the meeting.
No response
Links to calendar
Meeting materials
The text was updated successfully, but these errors were encountered: