See also: IRC log
<inserted> scribenick: kaorumaeda
Tomoyuki: Gives intros
... Smart TVs, set-top boxes have HTTP services in home
networks.
... HTTP and WebSockets without TLS are considered non-secure
and have some problems.
... How can we access these in-home servers in HTTPS?
... Goals in this session: Clarify motivation, share
difficulties, collect ideas, provision a community group
Junichi presents HTTPS Migration in Local Network
<Tomoyuki> https://www.w3.org/wiki/images/4/43/Http-migration-in-local-network.pdf
Junichi: related sessions 2014
WoT devices, 2015 ??
... Use case: vehicle API exposes car signals (speeds, rpm,
etc.)
... Introducing local server to provide APIs. Easier
implementation and access control
... Use case 2: Local video storage. A web page from a cloud
service wants to access local video storage. This is a cross
origin access. Problems with TLS and DNS lookup arise
... PLEX's solution: Local server announces it's local IP
address to cloud application server. Application server tells
the local server URL (with embedded IP address) to the browser.
Browser looks up DNS that in turn returns local IP
address
... Local server has a cert whose CN is *.id.example.com
... CA/Browser forum guidance deprecates local IP like
192.168.*.* as Common Name.
... PLEX's solution has a public DNS that returns local IP
address.
Brad: This would be acceptable by
the guidance. Common Name looks like a public address.
... The point of the guide is when looking up 'mail' that
returns different certs in different environment.
Joe: Think which of public PKI and private CA case?
Junichi: both, but for this
session public.
... So far we don't have enough support for local device
certificates.
... We want better solution than PLEX's. For privacy,
discovery, and management purposes.
... Different stakeholders take care of different subsets of
the participants in Internet to private network picture.
Giridhar: You can have trusted association between local devices and private certs can work
Junichi: I don't reject that. We want simpler solution.
Tatsuya: We introduced the problem and want as many solutions.
Tatsuya: Addresses problem of discovery of local device
<Tomoyuki> https://www.w3.org/wiki/images/6/6c/TPAC2016_Local_Discovery_and_HTTPS.pdf
Tatsuya: UA can have local CA's
certificates (or self-signed) if well-managed locally.
... However W3C standards like CORS doesn't like Mixed Contents
or self-signed certs.
<annevk> (FWIW, CORS doesn't require HTTPS, but the point he made stands.)
Tatsuya: Local network traffic
should be encrypted as well.
... Straw Man solution. Use TLS server certs with FQDN and
public DNS for LAN devices.
... The idea as that the local device registers LAN address
FQDN to a dynamic DNS server
... local mDNS respond CNAME to the (public) dynamic DNS
server
... Use case local media server page can be displayed in
WebView. EME in Secure Context is possible.
... Use case 2: Presentation API discovery is possible.
Brad: CNAME approach could be problematic because trust between DNS servers is not enough
Cullen: mDNS in public Wifi can be easily spoofed
<Tomoyuki> https://www.w3.org/wiki/images/3/37/2016.w3c.breakout_session.dot-local-server-cert.p.pdf
Daisuke presents ".local" server certificate
Daisuke: Use case: local media
cache server. VoD service offers local media cache for the
browser.
... Problem: it's mixed content. Can't issue valid server
certificates to local devices.
... User cannot have an opportunity to authorize local server
access to the origin. User cannot judge whether the origin is
evil or not.
... Candidate solution: ".local" server certs allowed only on
user+UA grants.
... UA provides a new API that allows secure origin to access
local devices by issuing .local server certificates.
... IoT devices' CSR with attestation key is sent to CA via
UA's API.
... PoC impl on Web Bluetooth API. BLE can be a promising
proximity transport. But we lack certs installation API.
... Does ".local server certificates" sound practical?
Anne: Focus with user consent is good. Tap on the device could approve establishing secure connections.
mkwst: Host name + hash of public key might be one way to achieve this.
Cullen: If we assume dynamic DNS, nothing stops that the device decides it's unique host name.
Anne: Local IP address disclosure is different between these solutions.
Tatsuya: Randomized DNS name
could be a similar approach in IPv6 local link address.
... When mDNS cannot be trusted, HTTPS neither. There is no
additional risk.
Joe: Privacy problem exists in Mitsubishi cars' identities that can be tracked location
Tatsuya: Domain name can be rotated.
Cullen: Hardest part is to decide what privacy properties you want to protect.
Giri: ???
Tomoyuki: Next steps: continue discussions but where?
<kaz> kaz: please continue the discussion about how to proceed :)
<kaz> [ adjourned ]
This is scribe.perl Revision: 1.144 of Date: 2015/11/17 08:39:34 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Succeeded: i/Tomoyuki:/scribenick: kaorumaeda Succeeded: s/@@:/Brad:/ Succeeded: s/@@/Giridhar/ Succeeded: s/@@/Cullen/ Succeeded: s/@@@:/Giri:/ Found ScribeNick: kaorumaeda Inferring Scribes: kaorumaeda Present: Tomoyuki_Shimizu Kaoru_Maeda Kaz_Ashimura(W3C) Kaoru_Maeda(Lepidum) Junichi_Ajitomi(Toshiba) Tomoyuki_Shimizu(KDDI) Giri_Mandyam(Qualcomm) Tatsuya_Igarashi(Sony) Tomohiro_Yamada(NTT) Kiyoshi_Tanaka(NTT) Matsuo_Suzuki(SoftBank) YounJae_Shin(SoftBank) Hamid_Amir_Alikhani(Panasonic) Licheng_Yin(Qihoo360) Francois_Daoust(W3C) Yves_Lafon(W3C) Mike_West(Google) Mike_Smith(W3C) Brad_Hill(Facebook) Jiajia_Li(Alibaba) Rouslan_Solomakhin(Google) Joe_Hall(Center_for_Democracy_and_Technology) Mohammed_Dadas(Orange) Jin_Peng(China_Mobile) Yingying_Chen(W3C) Olive_Xu(W3C) Kazuhiro_Hoya(J-BA) Claes_Nilsson(Sony) Jatinder_Mann(Microsoft) Yoshiaki_Ohsumi(Panasonic) Kazuo_Kajimoto(Panasonic) Takeshi_Kanai(Sony) Cullen_Jennings(Cisco) Ari_Keranen(Ericsson) Carsten_Bormann(TZI) Toshihiko_Yamakami(ACCESS) Natashi_Rooney(GSMA) Vivien_Lacourba(W3C) Osamu_Nakamura(W3C) Adam_Roach(Mozilla) Koichi_Takagi(KDDI) J.C._Jones(Mozilla) Rik_Cabanier(Adobe) Mark_Foltz(Google) Hyojin_Song(LGE) Kenichi_Nunokawa(Keio) Satoshi_Nishimura(NHK) Anne_van_Kesteren(Mozilla) James_Graham(Mozilla) Wonsuk_Lee(ETRI) Agenda: https://www.w3.org/wiki/TPAC2016/SessionIdeas#HTTPS_Migration_in_Local_Network Got date from IRC log name: 21 Sep 2016 Guessing minutes URL: http://www.w3.org/2016/09/21-https-local-minutes.html People with action items:[End of scribe.perl diagnostic output]