Out of the box, you will get a lot more resistance for using a self signed certificate than bare HTTP. At the very least, self signed certificates should be in the same security context as HTTP.
Our devices should opportunistically use encryption, even if validation is not available.
I had a client that wanted to use an Android tablet to monitor IP cameras on his local network, and it was virtually impossible to use the TLS on zeroconf .local domains.
The official solution is to rely on the underlying network for security. Even though the webservers on devices and our browsers have TLS support.
Out of the box, you will get a lot more resistance for using a self signed certificate than bare HTTP. At the very least, self signed certificates should be in the same security context as HTTP.
Our devices should opportunistically use encryption, even if validation is not available.
I had a client that wanted to use an Android tablet to monitor IP cameras on his local network, and it was virtually impossible to use the TLS on zeroconf .local domains.
The official solution is to rely on the underlying network for security. Even though the webservers on devices and our browsers have TLS support.