[Mimi] Re: draft describing flows with pseudonyms

Rohan Mahy <rohan.mahy@gmail.com> Wed, 21 August 2024 12:39 UTC

Return-Path: <rohan.mahy@gmail.com>
X-Original-To: mimi@ietfa.amsl.com
Delivered-To: mimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6DB0AC14F5EB for <mimi@ietfa.amsl.com>; Wed, 21 Aug 2024 05:39:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S9nOLBVADlXN for <mimi@ietfa.amsl.com>; Wed, 21 Aug 2024 05:39:54 -0700 (PDT)
Received: from mail-ed1-x533.google.com (mail-ed1-x533.google.com [IPv6:2a00:1450:4864:20::533]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8BD79C14F61B for <mimi@ietf.org>; Wed, 21 Aug 2024 05:39:54 -0700 (PDT)
Received: by mail-ed1-x533.google.com with SMTP id 4fb4d7f45d1cf-5bec4fc82b0so1308517a12.1 for <mimi@ietf.org>; Wed, 21 Aug 2024 05:39:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1724243993; x=1724848793; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=+bLis8JMtVpXnxoLfGAkQI5nR/yO2M58GvLMA8uHXYM=; b=dVdEUo1V5BmSA8r+UzR70zErI3HrCOEG0CCP7I2NQ7kEQQzp2ViibAw7L5MM54rk6c OmavPrltrzbyZl+7l79Eb39PJq9giy0oomFQ9N5ZPRjjrkdsiogjKYg4pZRiOrYB1aUQ P2spIuA5w9uWWokOGCBVa9czz9henv5pVT6f8m7ncOtwxX2uDi7EfLNPrcqw98zgxRYP Ig1qC38fgYZI0JdMHu/5VmY9cryslIL/eud70PwjBxhc1hJwk50GaQrfBeR3ey67nB89 GVJhUna40ogyYNbQNeV+Fbg1568X4XcY27yvm3KnOGNCXcHt3fQtqlbpwwtxFDbGMKDa g53A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1724243993; x=1724848793; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=+bLis8JMtVpXnxoLfGAkQI5nR/yO2M58GvLMA8uHXYM=; b=rOIJGgEdoCLwT0s/Ydj08HsyeFh4+wAbFRwjy8rDKD4U9908qhGad5wx1lB+6QPi8J LxU+kLD6EQuavsrALsABgMXOiuOGx+Axw1ADt0YVMaJkfzaM7s9K+u53oBsK0K6UzLkr 1oVoPrO6dzpQX5DI7QhtRbEoxAMbsKIlOP3tM/tobwqBDALild+O8r/r1PTxXC/03ZdL D9naJu4tg7n7vHrjpImX8Y/5nnfLJDAmBo4+9X3nB+oDFs11RHV6cdNPgoMUbqOWDxuW T5aTntlthZGHWaQ5Kyhxw/QU2y+FbhBmCSx4JTmZmyDO+4+h8o0LgEJEHZqDSlhuWSko i4eg==
X-Forwarded-Encrypted: i=1; AJvYcCXj76q3AwFVsMA7vkgypRJR5bfs0IDTQ8X2CdcjvtzW6deYrK4xRXXvVw25Kw42BUKHDNbs@ietf.org
X-Gm-Message-State: AOJu0YwJkMJ261nNY8xenBnjfy9rS5YhkX4LwRyvGhYle9eC4iM1z4SL V8xShMjFyKgy9ZO4HXdKgx+P/0RnHGjb1rNqajlo/Uiqv7m1yRa2Ih6yQZ5Uv7ek2YqfE1q6FFY RWkaP5yz4GTFx7blyP5TRKBnlANkoXWYaBLFccQ==
X-Google-Smtp-Source: AGHT+IEuNDFcIARQB46/ibiQyam5BHLroJVqT0Wwh+/P7DFtDYl00jt3FuHQH8+0PHi9UQ6BDUZO0XxDi9q6RSXyUDQ=
X-Received: by 2002:a17:906:f593:b0:a6f:996f:23ea with SMTP id a640c23a62f3a-a867003889cmr229724666b.15.1724243992298; Wed, 21 Aug 2024 05:39:52 -0700 (PDT)
MIME-Version: 1.0
References: <CAKoiRubw4Ghbb_vV3BiirmZiaevg7iGcWiJ5+Fks_KgYqD585Q@mail.gmail.com> <D668D5C0-CAFD-4D0C-B76D-9F7BB0322F9F@raphaelrobert.com> <CAKoiRubZ+MKuODY1wj4=q9dACz2H7VfSspMgAVH15dG3ezQJ2w@mail.gmail.com> <98324133-B675-470E-994F-4B9215F10F7E@datashrine.de>
In-Reply-To: <98324133-B675-470E-994F-4B9215F10F7E@datashrine.de>
From: Rohan Mahy <rohan.mahy@gmail.com>
Date: Wed, 21 Aug 2024 05:39:41 -0700
Message-ID: <CAKoiRuaNKNjUFSgz6YcGxp2zfM9xVNtrjkpEYuMw5Ba8VmP-0w@mail.gmail.com>
To: Konrad Kohbrok <konrad.kohbrok@datashrine.de>
Content-Type: multipart/alternative; boundary="000000000000aad406062030d61a"
Message-ID-Hash: R4DHXVHQ2M7JDKVHCMIMCUJDZSV4I33W
X-Message-ID-Hash: R4DHXVHQ2M7JDKVHCMIMCUJDZSV4I33W
X-MailFrom: rohan.mahy@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Raphael Robert <ietf@raphaelrobert.com>, mimi@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Mimi] Re: draft describing flows with pseudonyms
List-Id: More Instant Messaging Interoperability <mimi.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/mimi/mxJBNxhN54rMxUPA1F6nq3FfGn8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mimi>
List-Help: <mailto:mimi-request@ietf.org?subject=help>
List-Owner: <mailto:mimi-owner@ietf.org>
List-Post: <mailto:mimi@ietf.org>
List-Subscribe: <mailto:mimi-join@ietf.org>
List-Unsubscribe: <mailto:mimi-leave@ietf.org>

These are great questions Konrad. I would be happy to start our pseudonym
privacy discussion with them.

I also asked for agenda time on abuse reporting. As this is a concrete PR
on mimi-protocol, and had some discussion at IETF 120, I'd like to discuss
this first.

Thanks,
-rohan

On Wed, Aug 21, 2024, 05:28 Konrad Kohbrok <konrad.kohbrok@datashrine.de>
wrote:

> Hi Rohan,
>
> Thanks for pushing the discussion forward! I’ve read your draft and I
> think you’re broaching some important topics that we should talk about
> before we go into specifics such as concrete flows and cryptographic
> mechanisms.
>
> I would propose the following (somewhat intertwined) topics/questions for
> today’s interim:
>
> - What are the requirements for our pseudonym-based protocol? What
> features and UX do we want to enable while using pseudonyms? To what degree
> should/must abuse reporting be possible?
> - What assumptions do we want to make about the provider-local protocol?
> Can the provider connect pseudonyms to real identities and to what degree?
> Does it have to know which groups each of its users is a member of?
> - What is our threat model? Should pseudonyms be per-group? To what degree
> do we want to consider traffic analysis?
>
> Once we have some agreement on all of those questions, I think we’re in a
> good place to discuss how to concretely implement the pseudonym-based
> approach.
>
> Cheers,
> Konrad
>
>
> > On 19. Aug 2024, at 15:54, Rohan Mahy <rohan.mahy@gmail.com> wrote:
> >
> > Discussion Wednesday on any of these topics is good with me.
> >
> > I mention MIMIMI in the pseudonyms draft but didn't have time to compile
> the similarities and differences.
> >
> > thanks,
> > -rohan
> >
> > On Mon, Aug 19, 2024, 02:04 Raphael Robert <ietf@raphaelrobert.com>
> wrote:
> > Hi Rohan,
> >
> > Thanks for the write-up. Happy to discuss this at the next interim.
> There’s definitely some overlap with
> https://www.ietf.org/archive/id/draft-kohbrok-mimi-metadata-minimalization-00.html.
> Our next move was to provide more details as to how MIMIMI works internally.
> >
> > As an alternative or additional agenda item we could also discuss
> https://www.ietf.org/archive/id/draft-robert-mimi-attachments-02.html.
> There was some discussion recently about how attachments should be
> accessed/proxied that is not covered in-depth on that draft. The draft
> however covers how attachments should be encrypted.
> >
> > Thanks
> >
> > Raphael
> >
> >> On 19. Aug 2024, at 04:04, Rohan Mahy <rohan.mahy@gmail.com> wrote:
> >>
> >> Hi,
> >> I wrote a draft describing some possible flows which improve privacy
> using pseudonyms but also permit selective disclosure of elements of the
> user's "real" identity to the other participants of a room.
> >>
> >> If enough people have looked at the draft, I am happy to discuss it at
> the interim on Wednesday (time permitting of course).
> >>
> >> https://www.ietf.org/archive/id/draft-mahy-mimi-pseudonyms-00.html
> >>
> >> Many thanks,
> >> -rohan
> >> --
> >> Mimi mailing list -- mimi@ietf.org
> >> To unsubscribe send an email to mimi-leave@ietf.org
> >
> > --
> > Mimi mailing list -- mimi@ietf.org
> > To unsubscribe send an email to mimi-leave@ietf.org
>
>