W3C home > Mailing lists > Public > public-httpslocal@w3.org > June 2017

Re: [httpslocal/usecases] Add a draft proposal of requirements. (#5)

From: Daisuke Ajitomi <notifications@github.com>
Date: Wed, 07 Jun 2017 06:15:48 -0700
To: httpslocal/usecases <usecases@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <httpslocal/usecases/pull/5/review/42598110@github.com>
dajiaji commented on this pull request.

> +
+- #T.B.D.
+    - Network environment: a local network and/or a global network
+    - Certificate issuer: public CA / corporate or organizational CA / private CA
+    - Privacy scope: public / per service or device manufacturer / private
+# Requirements for HTTPS/WSS in Local Network
+This section collects requirements derived from use cases listed above.
+## <a name="req-01"></a>REQ-01: Device Discovery
+- The UA (the web browser mentioned in the use cases above) shall be able to securely discover the presence of HTTPS/WSS server capable devices (hereinafter just called 'device') that are connected to the local network. 
+- A secure context loaded from the internet to the UA (hereinafter just called 'secure context') should also be able to discover target device capabilities that are actively (e.g., turned on) connected to the local network (e.g., device type, identity of a set of Web APIs, and so on).
+- A secure context shall be able to get access to the locally discovered device based on the user consent.
+- If there are multiple devices in local network, the UA shall be able to provide the user with a way to select one device at a time which she intends to use on the secure context.

> Should we limit network scope of devices to the same local network?

I'd like to focus on the case to simplify our discussion if  there isn't anyone who wants to consider more complicated local network environment.

> Should the UA provide a way to limit devices to ones which has capabilities requested by the users?

I'm not sure but yes, I think so. We need more discussion but  you can add the requirement. 

> Should the UA avoid exposing the device list to web apps?

Yes. Please add the requirement.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
Received on Wednesday, 7 June 2017 13:16:53 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 June 2017 13:16:54 UTC