Related use cases:, ,, ,, ,, Īll approaches proposed in this document are based on either one or both of the access patterns. With a browser API (e.g., ) and receives the contents. On a UA from the internet (hereafter, simply called ‘web service’) accesses the APIs Normal access pattern: the device has web contents and a user types the address of the device (e.g., ) on the UA directly and receives the contents.Ĭross-origin access pattern: the device has API endpoints and a web frontend loaded In general, we can categorize the use cases listed in into two device access patterns principle for local HTTPS. IPv6 unique local address prefix defined in. That use following address spaces or prefixes: In aspect of IP address spaces, local networks in this document can be defined as the networks Intra-machine(intra- UA) network (uses loopback addresses, etc.) Intra-company network (includes factory network, building network, etc.) Target Local Networksīased on, we regard following types of network as local network: Therefore, this documentĭoes not contain the approaches for the publicly accessible devices as §5 Technical Approaches but as §4 Existing Solutions. Implementations and related standardization activities. To get Web PKI certificates so there are few technical challenges on browser Actually, it is easy for such kind of devices To focus on the problem on using HTTPS in local network, approaches for publiclyĪccessbile devices are out of scope. The approaches proposed in §5 Technical Approaches are based on the use casesĪnd the requirements defined in. Up to a root CA, or a self-signed certificate.Ī public CA is a CA responsible for issuing the Web PKI certificates.Ī private CA is a CA responsible for issuing the non-Web PKI certificates. Loaded on the UA, which accesses to the device with HTTPS on the local network.Ī Web PKI certificate is a TLS server certificate that can chain up toĪ root CA (Certificate Authority) trusted by the UA (preinstalled on the UA).Ī non-Web PKI certificate is a TLS server certificate that cannot chain In addtion, this document uses the following terms as defined here:Ī local network is a network defined in §3.2 Target Local NetworksĪ UA (User Agent) is a browser on a user’s PC, smartphone, tabletĪnd so on, which is connected to a local network.Ī device is in the same local network as the UA, capable of HTTPS server.Ī web service is a service hosted on the internet and whose frontend is Specifies the scheme only, the document will indicate so. Whenever there is a need to disambiguate so that the term Is not limited to the scheme but also includes WebSocket over TLS ( wss://) and other This means, the scope of the term HTTPS in this document In this document, we refer to HTTPS as a scheme of communication allowed by the UA which uses TLS as a method for ensuring confidentiality of its content and identification/authentication The need for new emerging markets, such as Internet of Things (IoT).
BITNAMI OWNCLOUD ENABLE HTTPS ON LOCAL NETWORK UPDATE
On the current design and security policies of the browser implementationsīut certainly hope that the community will update these policies to cater The purpose of this document is to initiate discussions and receive feedbacksįrom the W3C members especially from the browser vendors and web developers.Īuthors of this document are aware that the proposed approaches might not be based Of each approach itself but also related requirements for the browser,Īnd required standardization activities on the communication protocols and systems. Therefore, this document describes not only the explanation Not feasible on existing web standards for the browser and/or related communication
All of the approaches in this document are In this document, we propose comprehensive technical approaches to address the problem The local devices have been marginalized in the current secure web.
Powerful features ( ) on their web-based UIs. Browsers also prevent web applications in secure contextsįrom accessing and collaborating with the devices. Īs the result, browsers came to show negative security indicators when the devices areĪccessed by their users. įollowing the trend, browsers' security policies have been enhanced gradually to deprecate insecure HTTP.įor example, new features on browsers are supposed to be restricted only to. On the other hand, recently, using HTTPS is getting popular rapidly on the internetĭue to various efforts to make the internet secure, such as. Since such kind of devices in local networkĬannot easily get valid server certificates, most of the devices have to use non-secure HTTP. To provide their users with web-based UIs. 5.2.3 APPROACH-4: Using Device Authority-Issued Certificateīy tradition, diverse kinds of connected devices have HTTP server functionality.5.2.2 APPROACH-3: Using Application Layer Access Token.5.1.1 APPROACH-1: Using technically Constrained Certificates.
0 kommentar(er)
