Open backkem opened 5 months ago
User research Again, thanks for taking the time to provide feedback. Showing real-world demand for this functionality is an important area that needs more work. Additional viewpoints help shape the spec and illustrate its merit.
Local HTTPS It's clear this needs to be written/fleshed out more. Let me give some more insight: The OpenScreen Protocol provides us with a way to establish mutual TLS certificates using an authentication mechanism (a PAKE by default). In essence, this is a secure way to upgrade a connection on a LAN to a TLS tunnel. For the purposes of 'local HTTPS' the idea is to use the resulting certificates as a 'trust anchor' or 'root certificate'. A local HTTPS server can use the certificate to sign a certificate for the host address it's serving on. Ideally, this avoids impact on the URL the page is hosted at. Note that the security characteristics of the later still need to be studied in detail.
This shouldn't have to be limited to Fetch
, any functionality running over TLS could do the same.
Video The current specification has a DataChannel and WebTransport based API. They're mostly focused on data communication. I'm certainly open to considering a media variant. Alternatively, it seems like the Media over QUIC effort is doing Media over WebTransport. I'll reach out to see if we need anything to accommodate their work.
Authentication methods (reducing user input) Naturally, I agree that constant re-authentication would be frustrating. #18 explores ways to reduce the reliance on user input. Ideas include:
This issue is to capture and address the feedback of @rcombs in this comment. Original feedback: