Re: [Mimi] Review of draft-ralston-mimi-protocol-02
Rohan Mahy <rohan.mahy@gmail.com> Fri, 12 April 2024 18:11 UTC
Return-Path: <rohan.mahy@gmail.com>
X-Original-To: mimi@ietfa.amsl.com
Delivered-To: mimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F52CC14F6A8 for <mimi@ietfa.amsl.com>; Fri, 12 Apr 2024 11:11:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dWm6XJEpo_cb for <mimi@ietfa.amsl.com>; Fri, 12 Apr 2024 11:11:03 -0700 (PDT)
Received: from mail-ej1-x630.google.com (mail-ej1-x630.google.com [IPv6:2a00:1450:4864:20::630]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C77B0C14F693 for <mimi@ietf.org>; Fri, 12 Apr 2024 11:11:03 -0700 (PDT)
Received: by mail-ej1-x630.google.com with SMTP id a640c23a62f3a-a52176b2cb6so150824466b.2 for <mimi@ietf.org>; Fri, 12 Apr 2024 11:11:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712945461; x=1713550261; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=F5w5kHnprRa/Nj2TOsJHFoY68ujQamWOXuEGRA9Hy6M=; b=ihD0l1tW92V8QuL8UEPgqBAyNpLY4u2bfTTgDb5mXK8NjdZObjvtuSSfEkVLHto2sJ 44eoHNoee8y0M98V/BBFpo9MB03XLmjeILwQdYElnc4xWLaL17DZVuRJNpiRx8J6J4B+ QM42vPxbcTQlmHjr8dFyCHiaHuKmO1YX/xEEWd7ZcqR43Duzx5kow4gKT2wSpZ/Td3hg qs2luFZOkrosF6IxnW44l6eFXV1Cc7w54UkGy0cgyG4zeA53zN/fPn398fo3y+4xK8Q8 2S/QMwMmJx3V4DqLK8lwiyniBD9/21uIOCIs00VJEIxv7F2FjLUhUv+6XvSjp3fy95kG yO9A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712945461; x=1713550261; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=F5w5kHnprRa/Nj2TOsJHFoY68ujQamWOXuEGRA9Hy6M=; b=HywAoIg41LVXCWoBrqiV7MFUYsYdQ5Qesl9BvfD5IFqpKS2ZfaJml0S5OBDhS7TZ2L GG7M7O+ToGWD+8tI1rsVk9GbeP6LrBhnX4w62JxHwd8npOP9vEOmykOWLB8QsJ5IMaPC c6DaHG6uppiWHLEClNfznGH/15aCDEnlmhcANGhXVOfIZrmbR/a4DrTL6Q2T5mbOVd5u t2QM2Hsi63Dm9zy7TSMYerJJvsAOrVzgkwSk/T2F9vmjbkR72qme0kO2Y5D8qKwD5lT+ GzVUEpgfOYWHwUim3pfcEOJm475rrAXsmH3HAu3q2aVIOVfbUjnlC2gkKE1lk8itW4Bt C2Jw==
X-Gm-Message-State: AOJu0Yw4RnKWV7EkjAGHbzSbHf5jw/dxQmW83EA8Av3D/R5P825uRsOL MEG/nuss7xGXsesqH92jHDD4PYEQUN2gSeTR4OrwoeNXO+wJa1vIEugrCgqmMckD4O63FBERHKH MOuk4ByBqBZ8JdzMneOte1/Jhl6rrqA==
X-Google-Smtp-Source: AGHT+IH0l+oFVBIOWcDXTEKQ5SKeycizkQ3spLr83zml3+OVz6ErS1ldR/5SgJRzoz2lMAHUPTlccqWludsuGCTynIE=
X-Received: by 2002:a17:907:6ea6:b0:a52:3d1:6715 with SMTP id sh38-20020a1709076ea600b00a5203d16715mr2706375ejc.68.1712945461350; Fri, 12 Apr 2024 11:11:01 -0700 (PDT)
MIME-Version: 1.0
References: <CABcZeBPoi0Vp=GPaNAwg8YXVfizZLqF2ARnR-PwD1PWzbaaPeA@mail.gmail.com> <CAKoiRubo9OGMzeO_JLoUaiOCUxXY28Ges1Te2yj4mrxYdtijnA@mail.gmail.com> <CABcZeBMqW6UsLSCbDdj4y5LYR_7DgOVXUsrS5rFVNSaZ4Td1XA@mail.gmail.com> <CAKoiRubS1-e-pV0tde=KP5pH65CgVY4ThY4jfWgz0BE44m3V6g@mail.gmail.com> <CABcZeBOG0Hxzz3MNTiMphvTFBtO9xprGUnEZ5J8eGzg83aCw8w@mail.gmail.com>
In-Reply-To: <CABcZeBOG0Hxzz3MNTiMphvTFBtO9xprGUnEZ5J8eGzg83aCw8w@mail.gmail.com>
From: Rohan Mahy <rohan.mahy@gmail.com>
Date: Fri, 12 Apr 2024 11:10:49 -0700
Message-ID: <CAKoiRuZVWyTREfh9nd2OEub_Jwfytmiugq1pGpnvUnfZnz_kVw@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: mimi@ietf.org
Content-Type: multipart/alternative; boundary="000000000000be56cd0615ea31dc"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mimi/miX2iJHXgJyMuwsjZsPb6IL-hWU>
Subject: Re: [Mimi] Review of draft-ralston-mimi-protocol-02
X-BeenThere: mimi@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: More Instant Messaging Interoperability <mimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mimi>, <mailto:mimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mimi/>
List-Post: <mailto:mimi@ietf.org>
List-Help: <mailto:mimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mimi>, <mailto:mimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Apr 2024 18:11:08 -0000
On Fri, Apr 12, 2024 at 10:00 AM Eric Rescorla <ekr@rtfm.com> wrote: > > On Fri, Apr 12, 2024 at 9:17 AM Rohan Mahy <rohan.mahy@gmail.com> wrote: > >> >> On Wed, Mar 20, 2024 at 3:56 PM Eric Rescorla <ekr@rtfm.com> wrote: >> >>> >>> On Wed, Mar 20, 2024 at 3:34 PM Rohan Mahy <rohan.mahy@gmail.com> wrote: >>> >>> >>>> If you get a message adding 3 new clients belonging to Cathy, how long >>>> do you wait for the MIMI message which adds her to the participant list so >>>> you can compare the hash you received? >>>> >>> >>> You don't compare the hash. The purpose of the hash is merely to ensure >>> that everyone has the same MIMI state, but the MIMI layer is responsible >>> for looking into the MIMI state and the MLS layer is responsible for >>> looking into the MLS state. >>> >> >> The MIMI protocol is among providers. How would clients Alice, Bob, and >> Cathy get the hash of a MIMI message sent between Alice's provider and >> Bob's provider to add Bob as an authorized participant of a room in order >> (to incorporate it into the MLS state or corroborate it)? How would that >> hash be meaningful to clients Alice, Bob, and Cathy? >> > > I think we're both agreed that there has to be some PDU that specifies the > new state of the room that ends up at the endpoints. This is what allows > them to decide whether a given MLS operation is permissible. MIMI will have > to define that PDU and the endpoints will need to understand it. Please let > me know if you disagree with that. > If you are saying that we need to define the exact syntax of some data which is signed by the client and needs to get distributed to the other clients that conveys room state changes, then I agree. > The disagreement we seem to be having is if that PDU should be carried > outside MLS (most likely wrapping an MLS message) or inside MLS (in this > draft as an MLS extension). I don't think there's anything in our charter > which precludes the former design. > Let's say we have data structure D that says that Alice added Bob to the room "clubhouse", and some data structure D' that includes D and a signature over D. So you would be OK with Alice sending: - D' stapled to an MLS Commit with an embedded AppSync Proposal (or its moral equivalent) with the hash of the resulting participation list after D is applied but not ok with Alice sending: - an MLS Commit which includes D in an AppSync proposal directly? If I understood you correctly, please explain why the latter is so objectionable. If I didn't, please explain how the contents of D gets to each of the clients and how/when the clients verify their participation lists. I will also point out that the former approach requires a lot of additional protocol complexity and interaction with key material in the MLS domain or derived from key material in the MLS domain in order to generate and verify the signature on D'. thanks, -rohan
- [Mimi] Review of draft-ralston-mimi-protocol-02 Eric Rescorla
- Re: [Mimi] Review of draft-ralston-mimi-protocol-… Eric Rescorla
- Re: [Mimi] Review of draft-ralston-mimi-protocol-… Rohan Mahy
- Re: [Mimi] Review of draft-ralston-mimi-protocol-… Rohan Mahy
- Re: [Mimi] Review of draft-ralston-mimi-protocol-… Eric Rescorla
- Re: [Mimi] Review of draft-ralston-mimi-protocol-… Rohan Mahy