IETF Logo Mail Archive

Re: [Mimi] Gatekeeper comparison Re: Recap of June 7 virtual interim

Watson Ladd <watsonbladd@gmail.com> Wed, 25 October 2023 23:59 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: mimi@ietfa.amsl.com
Delivered-To: mimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7AFC3C13736A for <mimi@ietfa.amsl.com>; Wed, 25 Oct 2023 16:59:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5BeBCh9Z4bLd for <mimi@ietfa.amsl.com>; Wed, 25 Oct 2023 16:59:36 -0700 (PDT)
Received: from mail-pg1-x536.google.com (mail-pg1-x536.google.com [IPv6:2607:f8b0:4864:20::536]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA0A9C151068 for <mimi@ietf.org>; Wed, 25 Oct 2023 16:59:36 -0700 (PDT)
Received: by mail-pg1-x536.google.com with SMTP id 41be03b00d2f7-5892832f8daso1153637a12.0 for <mimi@ietf.org>; Wed, 25 Oct 2023 16:59:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1698278376; x=1698883176; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=kxRddPFzO8xa+6pnARji4IqRa0LdZGLNI2DVkpz2XBg=; b=cImPdaaiyUVQOt5yHa9d6JRwLiVC33ZMaCFVYbw74cy/cpPB6tw2NqzaLWMCoPX59a XK4kwozgos6Zy6/y5ozWrlHIAcs00EZeyy6tf5Dau7kouT/6oO5Sj3hrZF+cqeQlZSsL LENPGXaDmmlz5QzEa8ob8QUiuX9jpryecIOp6E7vj4ec2c+p+jUlemgbXDMzX2hzJoZM 4y6XLPuJScd8w9EjwiCF6wpSQ0MOW+YLvNoz/R6EgYpt2YkVfsbNeA50d1nlF+OWTHhW pxtDd3VeAhmms+STOjpiYcXy/YcXw48OaUUm8JB2Kr3r3XCb8ThhV3/hBWhN4gLVKzcd 0eQA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1698278376; x=1698883176; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kxRddPFzO8xa+6pnARji4IqRa0LdZGLNI2DVkpz2XBg=; b=EAbOeqHfJwoACYX+TpuMYyCHNC6HYFZeXmLAgTLQCyvZ5IoH3iD0ydTZ/aqm+rusH0 rZ1aPo1SWUGG5C57cJpAT8SedeB7Y4NsxVEJAE39wGk5cDPx+a9guqurW6x828OIkAaQ uQjMK8cABPYUrW6xXe/ao3sM42ApqyXmnCVcHwbZB50gYYAvcfD+9btQ9kNsvHRHWSAd 7QfAU3MEtn2nnJb81BTA1kwj/wmRzACBjSiIWxvG78wFWNaByy2yTl/pCSAxJD60Q7gd AHpKO+Cp7DVZEw4PYvt3yThRPp3mG8O9S5xqb/ehWwC/aGMq0RAZRUCzPQHuLNnKbGTe 4M2g==
X-Gm-Message-State: AOJu0YxLWkQi3oE5+fSuU6n+3vSbhGfwFe+dlzVBUHhlP/J6kg72MwtQ i5PS7BsZC26sjwUPvuplfRP735g2Yq7dcOmy804=
X-Google-Smtp-Source: AGHT+IFYyLj8QOYivbQkGsWsKcIHzQiFzx5upDTcz4MCSuh+70jQ6pZ4u2lm1bCWvJE71j3cDi7/pFYEwqFeMDjNa60=
X-Received: by 2002:a17:90a:b396:b0:27c:ecec:8854 with SMTP id e22-20020a17090ab39600b0027cecec8854mr1440096pjr.7.1698278375863; Wed, 25 Oct 2023 16:59:35 -0700 (PDT)
MIME-Version: 1.0
References: <70612B52-1921-4943-856C-F748BC8C9593@cooperw.in> <d5f817dd-cd7f-48fe-9514-ced3f2ba8bc0@cdt.org> <89B66DF8-86F7-4869-9D53-DAD7DB2EA483@raphaelrobert.com> <CAGVFjMKsO7BstZLObtcOcWZRaNGjzp+Mgu0zABgXxqHSZyCnEQ@mail.gmail.com> <CABcZeBOCeRHCDx+MypZOpSN48-a+UYz5TREUvoTR2PZ9VwK8AA@mail.gmail.com> <CAGVFjML-s7TnveNgc_07TTdiFJaiqpdm-JSDHhbets35mdue+w@mail.gmail.com> <CABcZeBPzaL2BTRs4XsJARuizNEUv6Fb9RrFGW771P0wNcuG5Qg@mail.gmail.com> <CAGVFjM+M3+Cq4sEVz1yBco5S_sGYc7t=j=Oa0L+1yBAarcmSbg@mail.gmail.com> <CABcZeBOchwcpxndWwQNy0C_6CzuN6kB24k+Vz5q-FkKKMwzSXQ@mail.gmail.com> <CAGVFjMKvOwtXQFP4UjiSXuz1qkXX1O3AQK-iCz_W=4sKVidckQ@mail.gmail.com> <8D5C519F-69A7-48BE-854E-90AA30E10972@cooperw.in> <CAGVFjMKLqzsDUwinnbEwrtqjb46mS+MYmK3VOADM7RBbL1U16A@mail.gmail.com>
In-Reply-To: <CAGVFjMKLqzsDUwinnbEwrtqjb46mS+MYmK3VOADM7RBbL1U16A@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
Date: Wed, 25 Oct 2023 16:59:24 -0700
Message-ID: <CACsn0cnEowHY=QnOt5SwP-3eefc_am8wZV0d94aj_MR_LNytBA@mail.gmail.com>
To: Mallory Knodel <mknodel=40cdt.org@dmarc.ietf.org>
Cc: Alissa Cooper <alissa@cooperw.in>, Eric Rescorla <ekr@rtfm.com>, Raphael Robert <ietf@raphaelrobert.com>, mimi@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/mimi/UIL34sT1WcalQWMgUat72er-bsI>
Subject: Re: [Mimi] Gatekeeper comparison Re: Recap of June 7 virtual interim
X-BeenThere: mimi@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: More Instant Messaging Interoperability <mimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mimi>, <mailto:mimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mimi/>
List-Post: <mailto:mimi@ietf.org>
List-Help: <mailto:mimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mimi>, <mailto:mimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Oct 2023 23:59:40 -0000

Even leaving that aside I think there's a question about
authentication and message passing: do the messages have to pass from
the provider of A to the provider of B to A and B and vice versa, or
can they be connected directly/how does authentication work?

On Wed, Oct 25, 2023 at 4:55 PM Mallory Knodel
<mknodel=40cdt.org@dmarc.ietf.org> wrote:
>
> Hey Alissa,
>
> On Wed, 25 Oct 2023 at 16:53, Alissa Cooper <alissa@cooperw.in> wrote:
>>
>> Hi Mallory,
>>
>> On Oct 25, 2023, at 3:10 PM, Mallory Knodel <mknodel@cdt.org> wrote:
>>
>> On Wed, Oct 25, 2023 at 2:59 PM Eric Rescorla <ekr@rtfm.com> wrote:
>>>
>>>
>>> On Wed, Oct 25, 2023 at 11:45 AM Mallory Knodel <mknodel@cdt.org> wrote:
>>>>
>>>> On Wed, Oct 25, 2023 at 2:39 PM Eric Rescorla <ekr@rtfm.com> wrote:
>>>>>
>>>>>
>>>>> On Wed, Oct 25, 2023 at 11:20 AM Mallory Knodel <mknodel@cdt.org> wrote:
>>>>>>
>>>>>> Hi Eric and Raphael,
>>>>>>
>>>>>> On Tue, Oct 24, 2023 at 2:29 PM Eric Rescorla <ekr@rtfm.com> wrote:
>>>>>>>
>>>>>>>
>>>>>>> On Tue, Oct 24, 2023 at 10:22 AM Mallory Knodel <mknodel=40cdt.org@dmarc.ietf.org> wrote:
>>>>>>>>
>>>>>>>> Hi Raphael,
>>>>>>>>
>>>>>>>> On Tue, 24 Oct 2023 at 12:56, Raphael Robert <ietf=40raphaelrobert.com@dmarc.ietf.org> wrote:
>>>>>>>>>
>>>>>>>>> Hi Mallory,
>>>>>>>>>
>>>>>>>>> See comments inline.
>>>>>>>>>
>>>>>>>>> On 23. Oct 2023, at 21:47, Mallory Knodel <mknodel=40cdt.org@dmarc.ietf.org> wrote:
>>>>>>>>>
>>>>>>>>> Hi all,
>>>>>>>>>
>>>>>>>>> I've been gleaning some insights into what I think are generalisations about how messaging/video/voice gatekeepers are likely to (minimally) comply with the DMA, either for 1-1 or group messaging.
>>>>>>>>>
>>>>>>>>> If MIMI's work were along a spectrum, this minimal compliance sits at the opposite pole from what the design team is heroically working towards: a suite of documents that describes ideal interoperable group messaging.
>>>>>>>>>
>>>>>>>>> I think the scope is a bit smaller here: we are trying to find an mvp, the scope has already been reduced to what folks think is necessary. The current points of contention are around the viability of it all.
>>>>>>>>>
>>>>>>>>> And to not at all detract from that important work, I aimed to look for gaps or "modular" specifications that would be helpful in addition to the core specifications ("arch", "transport", "signaling" and "ds") if one approaches the architecture from the opposite direction, eg status quo.
>>>>>>>>>
>>>>>>>>> The modularity is also something that is being discussed currently. There might be fewer documents in the end.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> After some digging I see two concrete specifications that would support both minimum compliance for 1-1 messaging: client integrity and end-point definition. I had actually stumbled on a third, a mvp 3p-client-to-host-server protocol feature set, but it was rightly pointed out that MIMI has already taken the decision to not deal with the 3p-client-to-host protocol, which is fair enough.
>>>>>>>>
>>>>>>>> On the content: Can you comment on your interest in seeing these two areas of work progressed, more substantively?
>>>>>>>
>>>>>>>
>>>>>>> Can you say a few more words on what those areas of work entail?
>>>>>>
>>>>>>
>>>>>> Certainly and thanks for asking.
>>>>>>
>>>>>> I took the Julia Len / Paul Grubbs approach to evaluating the status quo versus ideal across three elements: Identity; Protocol; Abuse mitigation.
>>>>>>
>>>>>> Within various combinations of those problem spaces, you'll find client integrity begins to matter quite a lot not just for authentication (implicated across all three), but for how changes to any one system must now start to evolve the entire ecosystem (see Moxie's ever-quoted piece on standards and ossification). So, how is client integrity handled, even in the absolute bare-minimum case of inerop where the gatekeeper basically controls everything but 3p messages still make it through.
>>>>>
>>>>>
>>>>> Sorry for asking a basic question, but can you explain what you mean by "client integrity"?
>>>>>
>>>> What a very in-scope question for an exercise in specification.
>>>>
>>>> I mean client software integrity.
>>>
>>>
>>> I see. So specifically you're talking about cases in which the client demonstrates/attests that it is running a specific piece of software? Are you including in this cases where the operator of the software wishes to represent that they are running one piece of software when actually they are running another?
>>>
>> The point is to approximate the status quo-- right now closed systems have control over client integrity. Interop of any degree reduces that control. So no, I wouldn't think those cases would be central to the document. Probably a security considerations section mention that this specification doesn't cover that case or other active attacks (future work?).
>>
>>
>> I’m not quite following this. Since the WG is specifying server-to-server protocols, what protocol work do you view as being in scope related to clients and their integrity?
>
>
> The design team is doing server to server protocols, of course. But MIMI is about end-to-end, so clients matter.
>
> But just to be sure, I checked the charter and among a bunch of other things there is “The working group will specify a solution to the introduction problem, together with best practice recommendations for functionality, configuration options, and other aspects.” Those other aspects probably have a thing or two to do with clients, not to mention the various other in-scope items in the charter that go beyond protocol.
>
> MLS has client aspects and MIMI is based on clients.
>
> It’s certainly an important problem to be solved. Does MIMI want to work on it or should we leave it to the gatekeepers to write up their solution in individual white papers?
>
> -Mallory
>
>>>
>>>>>
>>>>>
>>>>> On the end point problem, this is mostly very contentious territory but I would gently suggest it be worth wading in if not to keep intermediary interops (think of a 3p service that is not messaging but that provides automation or feature integration or ads!) from being within scope for interoperability. So, in MIMI do we consider only end points that are individual people with accounts or do you also allow the protocol to work for bots and such? How does that get defined?
>>>>>
>>>>> I think the latter might stir some imagination around 3p-client-to-host protocol specifications (and what does a minimum set of features entail), but I'm not proposing that as work given the group has made the decision not to do that.
>>>>>
>>>>> -Mallory
>>>>>
>>>>>>
>>>>>>
>>>>>> Thanks,
>>>>>> -Ekr
>>>>>>
>>>>>>>> I wonder if anyone else finds these two areas of work interesting? What's nice is that this work can happen totally in parallel to the design team as well as potentially have some real shape before the upcoming May deadline for gatekeepers for 1-1, where MIMI's DT deliverables are aiming for the following year. It might be useful to engage with policy makers before then with some concrete deliverable-- or at least informed discussion.
>>>>>>>>
>>>>>>>> Since it's focussed on nudging gatekeeper status quo, another place this work would support ongoing efforts is filling in Alissa's draft on transport service requirements: https://github.com/coopdanger/ietf-wg-mimi/blob/main/mimi-transport-requirements.md.
>>>>>>>>
>>>>>>>> There have been additional discussions about architecture questions in interims and the DT. That particular document doesn’t reflect the current state anymore.
>>>>>>>>
>>>>>>>>
>>>>>>>> I'd be happy to share more about why I think these are gaps in gatekeeper compliance-- I've even got a slide deck. But I'm keen to hear others' thoughts about these parallel directions.
>>>>>>>>
>>>>>>>> I'd say this is something for an interim. Some coordination ahead of time would be good in order to make sure you are up to speed with the current status of discussion and there’s no overlap.
>>>>>>>
>>>>>>>
>>>>>>> On the process:
>>>>>>>
>>>>>>> I’d say the MIMI WG folks who are not in the DT all need to be caught up to speed as a general matter.
>>>>>>>
>>>>>>> But the point of this work would be that it shouldn’t matter so much on the DT work. They would run in parallel.
>>>>>>>
>>>>>>> Since it would be new-ish work, and in-person meetings tend to cast a wider net than interims, it might be strategic to talk about this in Prague so contributors might get engaged enough to make some progress as a WG?
>>>>>>>
>>>>>>> -M
>>>>>>>
>>>>>>>>
>>>>>>>> Raphael
>>>>>>>>
>>>>>>>>
>>>>>>>> -Mallory
>>>>>>>>
>>>>>>>> On 6/8/23 11:00 AM, Alissa Cooper wrote:
>>>>>>>>
>>>>>>>> Recording: https://www.youtube.com/watch?v=FE0Zr-82XAU
>>>>>>>>
>>>>>>>> Raw notes: https://notes.ietf.org/notes-ietf-interim-2023-mimi-05-mimi#
>>>>>>>>
>>>>>>>> DMA gatekeeper comparison shared by Matthew/Element: https://docs.google.com/spreadsheets/d/1FiR4yhU5BpLtoeFFda5ORr86qwT33fYZowY_bWDlPas/edit#gid=1722388534
>>>>>>>>
>>>>>>>> Homework assignments for the WG:
>>>>>>>>
>>>>>>>> Review latest linearized Matrix I-D and have discussion on the list <https://www.ietf.org/archive/id/draft-ralston-mimi-linearized-matrix-01.html>
>>>>>>>> Review gatekeeper comparison and raise questions/comments on the list
>>>>>>>> Get interop testing doing for LM, for those interested
>>>>>>>> Alissa to take an initial stab at synthesizing requirements discussed from IETF 116 going forward
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>> Alissa
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Mallory Knodel
>>>>>>>> CTO :: Center for Democracy and Technology
>>>>>>>> newsletter :: https://internet.exchangepoint.tech
>>>>>>>>
>>>>>>>> --
>>>>>>>> Mimi mailing list
>>>>>>>> Mimi@ietf.org
>>>>>>>> https://www.ietf.org/mailman/listinfo/mimi
>>>>>>>>
>>>>>>>>
>>>>>>> --
>>>>>>> Mimi mailing list
>>>>>>> Mimi@ietf.org
>>>>>>> https://www.ietf.org/mailman/listinfo/mimi
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Mallory Knodel
>>>>> CTO, Center for Democracy and Technology
>>>>> gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271 BD3C C780
>>>>>
>>>>
>>>>
>>>> --
>>>> Mallory Knodel
>>>> CTO, Center for Democracy and Technology
>>>> gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271 BD3C C780
>>>>
>>
>>
>> --
>> Mallory Knodel
>> CTO, Center for Democracy and Technology
>> gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271 BD3C C780
>>
>>
> --
> Mimi mailing list
> Mimi@ietf.org
> https://www.ietf.org/mailman/listinfo/mimi



-- 
Astra mortemque praestare gradatim

v2.23.0 | Report a Bug | By Email