How do you discover devices through your web-browser, without a third-party / centralised relay?

If devices have a known host name, a XMLHttpRequest / fetch enumeration could be performed, similar to http://find.synology.com/. The HTTPS version of this site doesn’t actually work because of the mixed content security policies blocking access to http:// sites.

The setup page must also be “insecure-d” (HTTP), in order to communicate with non-HTTPS devices.

Alternatively, have each device host a HTTPS server (with a untrusted self-signed certificate) during its uninitialised state.

When performing the XHR / fetch enumeration, valid servers should instantly respond with some sort of untrusted certificate error. Non-existent servers on the other hand will take a few seconds to timeout.

We could determine the presence of a hostname / server via the time it takes to produce an error