[toast0]

> guarantee that no resolver will ever go beyond its own LAN to return an address.

How do you define that boundary, when it's not the broadcast domain. Even if it is the broadcast domain, I'm not sure that makes a reasonable boundary for people at a coffeehouse, etc.

If there's consensus that for some domain, certificates don't actually mean anything, because anyone can get a CA to issue it, there should also be consensus to accept self-signed certificates for that domain.

[nybble41]

> If there's consensus that for some domain, certificates don't actually mean anything, because anyone can get a CA to issue it, there should also be consensus to accept self-signed certificates for that domain.

Or my preferred hybrid approach: use a self-signed certificate and include the fingerprint (base32-encoded) in the domain name. The browser would recognize this pattern and accept the certificate, for that one domain, because it already meets all the requirements for domain validation. Discovery remains an issue–we need browsers to list the local mDNS services—but once you have the URL you can bookmark it and know that no other device can impersonate that domain/certificate combination.