{"id":6,"date":"2017-03-02T05:48:14","date_gmt":"2017-03-02T05:48:14","guid":{"rendered":"https:\/\/www.w3.org\/community\/httpslocal\/?p=6"},"modified":"2017-03-02T05:48:14","modified_gmt":"2017-03-02T05:48:14","slug":"welcome-to-https-in-local-network-community-group","status":"publish","type":"post","link":"https:\/\/www.w3.org\/community\/httpslocal\/2017\/03\/02\/welcome-to-https-in-local-network-community-group\/","title":{"rendered":"Welcome to HTTPS in Local Network Community Group"},"content":{"rendered":"<p>We have launched the HTTPS in Local Network Community Group. Our goal is\u00a0to find out the manner\u00a0of secure communication between browsers and server-capable devices in local network.<\/p>\n<h2>Background<\/h2>\n<p>Today, many developers and manufacturers of devices working in local network are being faced\u00a0with security restrictions, as follows:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.w3.org\/TR\/mixed-content\/\">Mixed Content<\/a>:\u00a0When a web application\u00a0is in Secure Contexts (e.g. cloud services), the web application cannot connect to local network device&#8217;s URL such as\u00a0<code>http:\/\/<\/code>\u00a0and\u00a0<code>ws:\/\/<\/code>.<\/li>\n<li><a href=\"https:\/\/www.w3.org\/TR\/secure-contexts\/\">Secure Contexts<\/a>:\u00a0When web apps is in local network device&#8217;s origin (not in Secure Contexts), powerful features like getUserMedia, WebBluetooth, etc. become unavailable.<\/li>\n<\/ul>\n<p>Of course, these specifications are intended to mitigate risk of\u00a0security and privacy and prevent browsers from feature abuse on the web. While these specifications mandate even server-capable devices to use HTTP and WebSocket communications over TLS to collaborate with web applications in Secure Contexts, server certificates cannot be issued to such a device due to lack of possible validation (e.g. domain validation (DV)).<\/p>\n<h2>Discussion in TPAC 2016 Breakout Session<\/h2>\n<p>In order to share the motivation mentioned above and\u00a0explore further understanding, several sponsors proposed a session for discussion in W3C TPAC 2016 breakouts. As a result, approximately 50 participants joined the session, and succeed to acquire a lot of valuable comments.<\/p>\n<p>If you have an interest, please refer to\u00a0<a href=\"https:\/\/www.w3.org\/wiki\/TPAC2016\/session-https-local-summary\">the session summary<\/a>.<\/p>\n<h2>Join us<\/h2>\n<p>We have just started exploring the manner of secure\u00a0browser-to-device\u00a0communication which mitigates restrictions without exposing browsers and devices to risk of\u00a0security and privacy. We\u00a0hope that developers and engineers in various technical areas would participate in our discussion.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We have launched the HTTPS in Local Network Community Group. Our goal is\u00a0to find out the manner\u00a0of secure communication between browsers and server-capable devices in local network. Background Today, many developers and manufacturers of devices working in local network are &hellip; <a href=\"https:\/\/www.w3.org\/community\/httpslocal\/2017\/03\/02\/welcome-to-https-in-local-network-community-group\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1527,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_s2mail":"yes","footnotes":""},"categories":[1],"tags":[],"class_list":["post-6","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.w3.org\/community\/httpslocal\/wp-json\/wp\/v2\/posts\/6","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.w3.org\/community\/httpslocal\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.w3.org\/community\/httpslocal\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.w3.org\/community\/httpslocal\/wp-json\/wp\/v2\/users\/1527"}],"replies":[{"embeddable":true,"href":"https:\/\/www.w3.org\/community\/httpslocal\/wp-json\/wp\/v2\/comments?post=6"}],"version-history":[{"count":1,"href":"https:\/\/www.w3.org\/community\/httpslocal\/wp-json\/wp\/v2\/posts\/6\/revisions"}],"predecessor-version":[{"id":7,"href":"https:\/\/www.w3.org\/community\/httpslocal\/wp-json\/wp\/v2\/posts\/6\/revisions\/7"}],"wp:attachment":[{"href":"https:\/\/www.w3.org\/community\/httpslocal\/wp-json\/wp\/v2\/media?parent=6"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.w3.org\/community\/httpslocal\/wp-json\/wp\/v2\/categories?post=6"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.w3.org\/community\/httpslocal\/wp-json\/wp\/v2\/tags?post=6"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}