←back to thread

Just want simple TLS for your .internal network?

(github.com)
246 points nh2 | 1 comments | 18 Oct 24 06:10 UTC | HN request time: 0s | source
Show context
Wowfunhappy ◴[22 Oct 24 12:52 UTC] No.41913728[source]
Is there really any benefit of this over just using HTTP?

What is the threat model in which an attacker could MitM your internal network?

replies(5): >>41913783 #>>41913784 #>>41915125 #>>41915370 #>>41915882 #
1. NotPractical ◴[22 Oct 24 15:37 UTC] No.41915370[source]
* Some functionality is off-limits for sites loaded via HTTP. (Another commenter mentioned clipboard access.)

* Browsers will display annoying warning symbols whenever you try to access sites via HTTP.

* If you live in a shared living space such as an apartment you probably don't have control over your home network.

* Even if you have control over your network, a single compromised IoT device is enough to sniff your internal network traffic, assuming WPA2. (Probably not super likely tbh.)