Re: [httpslocal/proposals] Extended origins for non-unique names (#1) from Tatsuya Igarashi on 2018-06-28 (public-httpslocal@w3.org from June 2018)

From: Tatsuya Igarashi <notifications@github.com>
Date: Wed, 27 Jun 2018 23:44:43 -0700
To: httpslocal/proposals <proposals@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <httpslocal/proposals/issues/1/400929846@github.com>

@martinthomson your proposal of  "extended origin for local domain" is interesting.

The proposal seems to work well in the case that there is no rogue device in the home network. But there is a concern of the "secure-origin".  One of the issues is how a user can trust a non-owned device in public local network such as office and hotel.  I am a proponent of  using a genuine Web PKI certificate for local server as [my idea](https://www.w3.org/wiki/images/6/6c/TPAC2016_Local_Discovery_and_HTTPS.pdf). Does it make sense that FireFox shows "green  padlock" as like below if a device has a genuine Web PKI certificate?

![secure_local_device](https://user-images.githubusercontent.com/28719248/42016428-72c8e5fc-7ae6-11e8-81f2-81f901f5696f.png)








-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/httpslocal/proposals/issues/1#issuecomment-400929846

Received on Thursday, 28 June 2018 06:45:16 UTC