We’re not there yet, but if everyone had their own domain name, devices could have “real” addresses (eg. toasty-mctoastface.edentshome.ninja) which CAs would have no problem issuing certificates for. DHCP is quite happy to hand out domain names to clients and properly integrated with your home router’s DNS service, you would end up not visitingn a private IP address, but https://toasty-mctoastface.edentshome.ninja That address could easily be a subdomain off something you already own – https://toasty-mctoastface.home.shkspr.mobi for instance.