Local HTTPS

index.bs

@@ -224,6 +224,17 @@ Note: The WebTransport-over-QUIC protocol is yet to be defined. Potentially cons
 
 <section algorithm="LP2PReceiver">
 
+Local HTTPS {#local-https}
+==========================
+
+Authentication establishes a mutual trust anchor between peers on the local network. This trust anchor can also be used to validate certificates used by HTTP servers on the local network. An Open Screen Protocol agent certificate can be identified by the common name of its subject ending in "._openscreen._udp". When a user agent loads a webpage and finds an agent certificate in the certificate chain, it can use it as a trust anchor for authentication of the server. If the corresponding agent is not [=authenticated=], the user agent should prompt the user to authenticate the agent before proceeding with certificate validation.
+
+Endpoint discovery {#local-https-discovery}
+-------------------------------------------
+If a peer is [=authenticated=], it may advertize one or more HTTPS endpoints it provides. A user agent may display these to the user to connect to servers on the local network without knowledge of the corresponding hostname and/or IP address.
+
+Issue: define endpoint-info messages
+
 LP2PReceiver Interface {#lp2p-receiver}
 ================================================