Neighbour Awareness Networking, also known as Wi-Fi Aware, is a Wi-Fi specification that enables devices to discover and connect directly to each other without requiring any other type of connectivity between them.
Making this functionality available to websites would enable them to create fast and convenient connections between users who are physically close, opening up new ways of approaching the creation of Web solutions.
However, this can not be done lightly: a careless use of this technology would pose severe threats to privacy and security.
See here for more details, use cases, draft API and implementation notes:
This is an interesting proposal and I’ve also been looking for a solution in this space however I have a couple concerns,
- This seems specific to a new subset of the Wi-Fi standards, Wi-Fi Aware. Is it possible for this to be extended to work over any existing Ethernet network?
- Has there been any consideration of how to prevent malicious local devices from impersonating a peer? From an HTTP perspective this seems to allow arbitrary unauthenticated connections to any other local network host.
Thank you for the feedback, those are good questions.
The main focus of this proposal is to connect users that are physically close. This proximity lets you use technologies (Aware, NFC, Bluetooth) and user actions (e.g. tap phones together) that can make the connection process more convenient and secure. A solution that worked over any existing Ethernet network might end up using some of the same ideas and technologies, but I would consider it a separate line of work.
Regarding user authentication, it is true that the mechanism sketched in the proposal is still pretty naïve. I am still exploring how this proposal would fit with existing Web technologies. In particular, I wonder whether some of the ideas in the Web Authentication API might be translated to this scenario.