IETF Logo Mail Archive

Re: [Mimi] Gatekeeper comparison Re: Recap of June 7 virtual interim

Alissa Cooper <alissa@cooperw.in> Thu, 26 October 2023 01:57 UTC

Return-Path: <alissa@cooperw.in>
X-Original-To: mimi@ietfa.amsl.com
Delivered-To: mimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A0A9C151099 for <mimi@ietfa.amsl.com>; Wed, 25 Oct 2023 18:57:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Level:
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cooperw.in header.b="HCP+7Wxx"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="WzKhfui/"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n0xIUxDALMfd for <mimi@ietfa.amsl.com>; Wed, 25 Oct 2023 18:57:45 -0700 (PDT)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E8A3C14CE47 for <mimi@ietf.org>; Wed, 25 Oct 2023 18:57:44 -0700 (PDT)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 470E45C023D; Wed, 25 Oct 2023 21:57:44 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Wed, 25 Oct 2023 21:57:44 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cooperw.in; h=cc :cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm2; t=1698285464; x=1698371864; bh=Mi oYiOk7D1naxx4oxOaW3hTW++Vu3IOe7+NXjYdS+Dg=; b=HCP+7Wxx/aJD308oHz 4sjigVl9VWMEnN5PlK8M57EaIjTwiK4WGp0ge4SdJdHmRZNPKxZEf6FA//KP897l dEAsREdOIvRWP1hcT3eVp97Z1ER04uYdWivcyL6CcH37dlCRBzZ13ojEbmh+rh0Z UfnRaJUI+a77L531oKYo1GaVEx2n/mui4JYDnZ2Pn2V9GBsHZtI+Ht52LOW1dBCQ 2CpeVDZwkspo56MOR9C2geYDLLgI9ykSSCkhGxAEev7+TdPQ7lRk8dltzR7dOEoa dsULs4zmEeIuvyGxVi4TqjHyJP9ZuHdUugCalInVoebyclwosBuC8UbKB7fHIJN5 Thkg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; t=1698285464; x=1698371864; bh=MioYiOk7D1nax x4oxOaW3hTW++Vu3IOe7+NXjYdS+Dg=; b=WzKhfui/ctStLkH0ObyYB65JAZ2tk WaZ+inQ93+J7THNkqqJjacDMDkJrq4huXQTOBLIXEQJder/Ds5q7XxTJR+96fTcP vZp8EP91dnftLoHy0FBjlX7Q4oas0CmWxn0VJgEOREvr+AEsTfBT2yt9szJJ76fZ mMbahVhKqUCuW0B71/JfHPbYZBE2OAwjJU7203oxwiJgBVcQO7+NmQC8czJpzeav Z69b3b0besUKdrhSEu8ycpnMMby+Y1ghGC3RZ9MKWntAJ+9OdGSXoVGwqO8mtfJy LIBlWcHQEnJrq855o8ghLVPjdlFeqR1qWRn8Kb60y5l/mnDR+Y/Eo/FHA==
X-ME-Sender: <xms:l8c5ZQ_1gnDCTWPwIpnDnHiFMWIL9-X4ROCfUpCjQ9mIcjEztuY6WQ> <xme:l8c5ZYvtt8M7hD_oMEI7R6KeU_0ESfYW5UZcb1Y9iNsymx7jEKf98nhXTPWMumImm ajpYBwir0VGS85-tQ>
X-ME-Received: <xmr:l8c5ZWBePxLGX8vMfxQ0uf8hBjGJNE5BUEQjfGv9--7DV9pYpqc5lquosa2CwxgkRTLyTg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrledugdehvdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenog fuuhhsphgvtghtffhomhgrihhnucdlgeelmdenucfjughrpefhkfgtggfuffgjvefvfhfo segrtdhmrehhtdejnecuhfhrohhmpeetlhhishhsrgcuvehoohhpvghruceorghlihhssh grsegtohhophgvrhifrdhinheqnecuggftrfgrthhtvghrnhepjeehjeeltdeuhfegjedv veeuffehudejhfeliedugeefvddufedvffdvgfdugfeinecuffhomhgrihhnpehgihhthh husgdrtghomhdpmhhimhhiqdhtrhgrnhhsphhorhhtqdhrvghquhhirhgvmhgvnhhtshdr mhgupdihohhuthhusggvrdgtohhmpdhivghtfhdrohhrghdpghhoohhglhgvrdgtohhmpd gvgigthhgrnhhgvghpohhinhhtrdhtvggthhenucevlhhushhtvghrufhiiigvpedtnecu rfgrrhgrmhepmhgrihhlfhhrohhmpegrlhhishhsrgestghoohhpvghrfidrihhn
X-ME-Proxy: <xmx:l8c5ZQfbKDkCx_d7TIJrY1LDDYnC3HNNB-HcxWqWkDBhLbwQxObYxQ> <xmx:l8c5ZVNQ5UMdDQQz5d51dm6cvHw71TtplGZgd07Cg7FvaEVsoSA8GA> <xmx:l8c5ZalhOHZpgES8S6teJTYfdQSoZwgwXpTMxOKkfVzmMBFdIlpfTQ> <xmx:mMc5Zeb0PBMajE4EBD6vzG5lYrSYlho3BQKsEkVnUUSmKxGYcnnZDg>
Feedback-ID: i1214409c:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 25 Oct 2023 21:57:43 -0400 (EDT)
From: Alissa Cooper <alissa@cooperw.in>
Message-Id: <78890ABF-38F6-4063-A533-157579962C00@cooperw.in>
Content-Type: multipart/alternative; boundary="Apple-Mail=_D3E8BE0F-C75A-42EA-B66E-1F9DD8D414E4"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.100.2.1.4\))
Date: Wed, 25 Oct 2023 21:57:32 -0400
In-Reply-To: <CAGVFjMKLqzsDUwinnbEwrtqjb46mS+MYmK3VOADM7RBbL1U16A@mail.gmail.com>
Cc: Eric Rescorla <ekr@rtfm.com>, Raphael Robert <ietf@raphaelrobert.com>, mimi@ietf.org
To: Mallory Knodel <mknodel@cdt.org>
References: <70612B52-1921-4943-856C-F748BC8C9593@cooperw.in> <d5f817dd-cd7f-48fe-9514-ced3f2ba8bc0@cdt.org> <89B66DF8-86F7-4869-9D53-DAD7DB2EA483@raphaelrobert.com> <CAGVFjMKsO7BstZLObtcOcWZRaNGjzp+Mgu0zABgXxqHSZyCnEQ@mail.gmail.com> <CABcZeBOCeRHCDx+MypZOpSN48-a+UYz5TREUvoTR2PZ9VwK8AA@mail.gmail.com> <CAGVFjML-s7TnveNgc_07TTdiFJaiqpdm-JSDHhbets35mdue+w@mail.gmail.com> <CABcZeBPzaL2BTRs4XsJARuizNEUv6Fb9RrFGW771P0wNcuG5Qg@mail.gmail.com> <CAGVFjM+M3+Cq4sEVz1yBco5S_sGYc7t=j=Oa0L+1yBAarcmSbg@mail.gmail.com> <CABcZeBOchwcpxndWwQNy0C_6CzuN6kB24k+Vz5q-FkKKMwzSXQ@mail.gmail.com> <CAGVFjMKvOwtXQFP4UjiSXuz1qkXX1O3AQK-iCz_W=4sKVidckQ@mail.gmail.com> <8D5C519F-69A7-48BE-854E-90AA30E10972@cooperw.in> <CAGVFjMKLqzsDUwinnbEwrtqjb46mS+MYmK3VOADM7RBbL1U16A@mail.gmail.com>
X-Mailer: Apple Mail (2.3774.100.2.1.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mimi/_u8U1lFl_emQ_W9oW9zfA8U8Sbk>
Subject: Re: [Mimi] Gatekeeper comparison Re: Recap of June 7 virtual interim
X-BeenThere: mimi@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: More Instant Messaging Interoperability <mimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mimi>, <mailto:mimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mimi/>
List-Post: <mailto:mimi@ietf.org>
List-Help: <mailto:mimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mimi>, <mailto:mimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Oct 2023 01:57:50 -0000

Hi Mallory,

> On Oct 25, 2023, at 7:55 PM, Mallory Knodel <mknodel@cdt.org> wrote:
> 

<snip>

>>>> 
>>> The point is to approximate the status quo-- right now closed systems have control over client integrity. Interop of any degree reduces that control. So no, I wouldn't think those cases would be central to the document. Probably a security considerations section mention that this specification doesn't cover that case or other active attacks (future work?).
>> 
>> I’m not quite following this. Since the WG is specifying server-to-server protocols, what protocol work do you view as being in scope related to clients and their integrity?
> 
> The design team is doing server to server protocols, of course. But MIMI is about end-to-end, so clients matter. 
> 
> But just to be sure, I checked the charter and among a bunch of other things there is “The working group will specify a solution to the introduction problem, together with best practice recommendations for functionality, configuration options, and other aspects.” Those other aspects probably have a thing or two to do with clients, not to mention the various other in-scope items in the charter that go beyond protocol. 
> 
> MLS has client aspects and MIMI is based on clients.
> 
> It’s certainly an important problem to be solved.

I’m trying to understand what you mean by “it.” What functionality related to clients and their integrity are you interested in standardizing?

Thanks,
Alissa

> Does MIMI want to work on it or should we leave it to the gatekeepers to write up their solution in individual white papers?
> 
> -Mallory
> 
>>>>  
>>>>>> 
>>>>>> On the end point problem, this is mostly very contentious territory but I would gently suggest it be worth wading in if not to keep intermediary interops (think of a 3p service that is not messaging but that provides automation or feature integration or ads!) from being within scope for interoperability. So, in MIMI do we consider only end points that are individual people with accounts or do you also allow the protocol to work for bots and such? How does that get defined?
>>>>>> 
>>>>>> I think the latter might stir some imagination around 3p-client-to-host protocol specifications (and what does a minimum set of features entail), but I'm not proposing that as work given the group has made the decision not to do that.
>>>>>> 
>>>>>> -Mallory
>>>>>>  
>>>>>>> 
>>>>>>> Thanks,
>>>>>>> -Ekr
>>>>>>> 
>>>>>>>>>> I wonder if anyone else finds these two areas of work interesting? What's nice is that this work can happen totally in parallel to the design team as well as potentially have some real shape before the upcoming May deadline for gatekeepers for 1-1, where MIMI's DT deliverables are aiming for the following year. It might be useful to engage with policy makers before then with some concrete deliverable-- or at least informed discussion.
>>>>>>>>>> 
>>>>>>>>>> Since it's focussed on nudging gatekeeper status quo, another place this work would support ongoing efforts is filling in Alissa's draft on transport service requirements: https://github.com/coopdanger/ietf-wg-mimi/blob/main/mimi-transport-requirements.md.
>>>>>>>>>> 
>>>>>>>>> There have been additional discussions about architecture questions in interims and the DT. That particular document doesn’t reflect the current state anymore.
>>>>>>>>>> 
>>>>>>>>>> I'd be happy to share more about why I think these are gaps in gatekeeper compliance-- I've even got a slide deck. But I'm keen to hear others' thoughts about these parallel directions.
>>>>>>>>>> 
>>>>>>>>> I'd say this is something for an interim. Some coordination ahead of time would be good in order to make sure you are up to speed with the current status of discussion and there’s no overlap.
>>>>>>>> 
>>>>>>>> On the process:
>>>>>>>> 
>>>>>>>> I’d say the MIMI WG folks who are not in the DT all need to be caught up to speed as a general matter. 
>>>>>>>> 
>>>>>>>> But the point of this work would be that it shouldn’t matter so much on the DT work. They would run in parallel. 
>>>>>>>> 
>>>>>>>> Since it would be new-ish work, and in-person meetings tend to cast a wider net than interims, it might be strategic to talk about this in Prague so contributors might get engaged enough to make some progress as a WG?
>>>>>>>> 
>>>>>>>> -M
>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> Raphael
>>>>>>>>>> 
>>>>>>>>>> -Mallory
>>>>>>>>>> 
>>>>>>>>>> On 6/8/23 11:00 AM, Alissa Cooper wrote:
>>>>>>>>>>> Recording: https://www.youtube.com/watch?v=FE0Zr-82XAU
>>>>>>>>>>> 
>>>>>>>>>>> Raw notes: https://notes.ietf.org/notes-ietf-interim-2023-mimi-05-mimi#
>>>>>>>>>>> 
>>>>>>>>>>> DMA gatekeeper comparison shared by Matthew/Element: https://docs.google.com/spreadsheets/d/1FiR4yhU5BpLtoeFFda5ORr86qwT33fYZowY_bWDlPas/edit#gid=1722388534
>>>>>>>>>>> 
>>>>>>>>>>> Homework assignments for the WG:
>>>>>>>>>>> Review latest linearized Matrix I-D and have discussion on the list <https://www.ietf.org/archive/id/draft-ralston-mimi-linearized-matrix-01.html> <https://www.ietf.org/archive/id/draft-ralston-mimi-linearized-matrix-01.html>
>>>>>>>>>>> Review gatekeeper comparison and raise questions/comments on the list
>>>>>>>>>>> Get interop testing doing for LM, for those interested
>>>>>>>>>>> Alissa to take an initial stab at synthesizing requirements discussed from IETF 116 going forward
>>>>>>>>>>> Thanks,
>>>>>>>>>>> Alissa
>>>>>>>>>>> 
>>>>>>>>>>> 
>>>>>>>>>>> 
>>>>>>>>>> -- 
>>>>>>>>>> Mallory Knodel
>>>>>>>>>> CTO :: Center for Democracy and Technology
>>>>>>>>>> newsletter :: https://internet.exchangepoint.tech <https://internet.exchangepoint.tech/>-- 
>>>>>>>>>> Mimi mailing list
>>>>>>>>>> Mimi@ietf.org <mailto:Mimi@ietf.org>
>>>>>>>>>> https://www.ietf.org/mailman/listinfo/mimi
>>>>>>>>> 
>>>>>>>> -- 
>>>>>>>> Mimi mailing list
>>>>>>>> Mimi@ietf.org <mailto:Mimi@ietf.org>
>>>>>>>> https://www.ietf.org/mailman/listinfo/mimi
>>>>>> 
>>>>>> 
>>>>>> --
>>>>>> Mallory Knodel
>>>>>> CTO, Center for Democracy and Technology
>>>>>> gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271 BD3C C780
>>>>>> 
>>>>> 
>>>>> 
>>>>> --
>>>>> Mallory Knodel
>>>>> CTO, Center for Democracy and Technology
>>>>> gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271 BD3C C780
>>>>> 
>>> 
>>> 
>>> --
>>> Mallory Knodel
>>> CTO, Center for Democracy and Technology
>>> gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271 BD3C C780
>>> 
>>

v2.23.0 | Report a Bug | By Email