Comment by lxgr

Comment by lxgr 2 days ago

0 replies

View on Hacker News

Ah, that’s good – it’s been a while since I last had to work around that.

And I generally agree on local networks being insecure. So how about making them more secure instead of marginalizing them even more?

TOFU for TLS certs on .local (for Zeroconf, and maybe something else/new for local DNS) would be a huge step forward from unencrypted and unauthenticated HTTP. Such sites could even still be displayed with a broken padlock or whatever HTTP gets these days to not create any false expectations by users.