> (1) this isn't an issue for HNCP or babel. It's an issue for browsers.
It's an issue *with* browsers. > (2) the issue with browser warnings isn't that they are annoying. It's that if > we train users to click through them when managing the homenet, we are also > training them to click through them at other times. This creates an attack > surface in the user that we'd rather not create. Agreed. The problem, of course, is not Homenet-specific -- I've got exactly the same problem with my printer, or with Babelweb. The problem, in short, is that HTTP doesn't allow either BTN or TOFU security -- it's either creartext of CA-based (or big red warning). I think that Barbara expressed very clearly why the CA model is simply not adapted to the Homenet. I don't think we should be complicating the Homenet protocol stack in order to work around the limitations of the browser stack. -- Juliusz _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
