Chrome extension + native app for TCP access.

[themighty1]

Problem:

Chrome does not allow raw TCP access to the extension. This is needed for TLSNotary to send raw TLS data to the webserver.

Solutions: A. implement a native app for Win/Mac/Linux or a python script which will forward TCP data B. allow the developer (who will be hosting the Notary server) to also indicate a proxy server address. This proxy will be hosted by the developer. C. partner up with the Brave browser to give the TLSNotary extension TCP access.

Downsides of A:

• additional User friction

Downsides of B:

• the proxy may be abused.
• the User's account may be suspended by the data provider due to an unusual IP address.

Downsides of C:

• additional User friction by having to use Brave instead of Chrome
• depends on Brave's decision

My personal feeling is that we should implement both A and B and let the developer decide what UX he wants his audience to have.

[sinui0]

I think a combination of all these solutions makes sense. Our browser extension can support configuration for any WS proxy server, which may be hosted by a Notary (which has privacy issues), a proxy service, or if the user is extra dedicated they can run a proxy locally. Fortunately for us, this isn't a new problem and solutions such as websockify exist already. We can provide tooling to make this very easy to setup.

Once our implementation has proven itself, then perhaps Brave would be interested in a native integration, but yeah we don't need to count on that.

[themighty1]

Great, websockify would be the optimal solution, The User may choose to run one himself or connect through the one provided by the app dev.