PXE/HTTP boot just sound like bad ideas with worse implementations.

My own smell test just screams "security nightmare."