IETF Logo Mail Archive

Re: [MLS] Stupidest possible message protection

Raphael Robert <raphael@wire.com> Mon, 03 December 2018 21:36 UTC

Return-Path: <raphael@wire.com>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED677129BBF for <mls@ietfa.amsl.com>; Mon, 3 Dec 2018 13:36:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.359
X-Spam-Level:
X-Spam-Status: No, score=-3.359 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-1.459, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=wire-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0IELAwgStQhq for <mls@ietfa.amsl.com>; Mon, 3 Dec 2018 13:36:48 -0800 (PST)
Received: from mail-wr1-x430.google.com (mail-wr1-x430.google.com [IPv6:2a00:1450:4864:20::430]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4CA54126CC7 for <mls@ietf.org>; Mon, 3 Dec 2018 13:36:48 -0800 (PST)
Received: by mail-wr1-x430.google.com with SMTP id q18so13744939wrx.9 for <mls@ietf.org>; Mon, 03 Dec 2018 13:36:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wire-com.20150623.gappssmtp.com; s=20150623; h=from:mime-version:subject:date:references:to:in-reply-to:message-id; bh=oqvsdKAr6gDmcr0Gf7bBpJz38FCCorNq+C+UJWG+wRc=; b=adqmAspRT24XBNW+Kvwwskd0lzWCkYS1fUSMbMD4jRgH4BPvWadnuLHIupUsL5ofqS bfqkLIhYrsLufn+3pOMEXUFsYP8Njc9K61IPg5rDXl9eP0HMbqTLC35U9+MatRNmOLua XYGgUGTTjTmrz6x55hXAtcyrz/nKkJreVnYKKzeOtlICHe8bC99MiHFhLxfKr4hqh7Y6 qyYszpXnY8mm60lJQ1Nj3ngnooDWWQuEbFcSdScmLELqgukUuyb8QQ04L/CvO107esQU MnHxvsgWyvgG36osdvi6dPhzS/vHB9CeFLHVm64iiNhNIgHN2JwG0lEwlMGsowBTtb8u ou4A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:date:references:to :in-reply-to:message-id; bh=oqvsdKAr6gDmcr0Gf7bBpJz38FCCorNq+C+UJWG+wRc=; b=RZP51Gk/kMO3wjgpcmli6ChfaWo8P3NJ8aRir4HGJvWLHfU6PwKbmkWPoMCONOd3NB jm+Hrb/2hD9zcmhtRaxc+9mdQ7aeNK4ufmVuAl5GNKS+lX+6WmsZ00jNI6/vvKHbXMhJ hytHgCeyeUQHFnSp8zRJ/7M1TMvdyIi9Om3aGzq9pxen8KNavuoQ2khgk9juwrXVOUAz uUhhrEKETST0NlqQgaRCC2F8hPniEPQXDrNmIPaDl7yd+vGUbc7ycgBpZCvEBaHblra0 MkFwAmSxLmrLbRxjpCfRxDLNGLxzmg0mVG2GhMgSm01gFWADujfG7B4R4BYrpqNXAWHd AG9A==
X-Gm-Message-State: AA+aEWZvmMIZfaeMQI0OTs6KPx1cmQXQriXhBBAZj3k46mc1uKIzAgh9 WPcvmirUQfIEcPvBk8BMm0ecAl2pv///SQ==
X-Google-Smtp-Source: AFSGD/X1bnPtg9rawqsZEMm+NBqp5JJ9hzFLZH+cPEIj5stU+APuI2GqSQdaFpXLOpe7eBJP8HJGEQ==
X-Received: by 2002:adf:f848:: with SMTP id d8mr16787753wrq.178.1543873005855; Mon, 03 Dec 2018 13:36:45 -0800 (PST)
Received: from rmbp.fritz.box (HSI-KBW-095-208-247-123.hsi5.kabel-badenwuerttemberg.de. [95.208.247.123]) by smtp.gmail.com with ESMTPSA id t5sm8457702wmd.15.2018.12.03.13.36.44 for <mls@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 03 Dec 2018 13:36:44 -0800 (PST)
From: Raphael Robert <raphael@wire.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_7D83235D-9D4B-425F-8EB4-6EE450EEAD7F"
Mime-Version: 1.0 (Mac OS X Mail 12.1 \(3445.101.1\))
Date: Mon, 03 Dec 2018 22:36:43 +0100
References: <CAL02cgTjD==YgS848sBWEGrBBkNMAtbUXJuV6RrDmak_+Mu6fw@mail.gmail.com> <6369845D-4139-4043-90F8-08AFAD4EE47B@gmail.com> <CAL02cgQFUNYVQHFni9JkwRn7Zo9kL52KyazAuL+YQVFBQT1RHg@mail.gmail.com> <D43F3ED4-E2FF-46C1-B10A-0C6169137738@wire.com> <B2437354-B775-4EEE-999D-E7BC5CA5EBEA@vigilsec.com> <1543872420.903300.1597612856.02D2AD0D@webmail.messagingengine.com>
To: mls@ietf.org
In-Reply-To: <1543872420.903300.1597612856.02D2AD0D@webmail.messagingengine.com>
Message-Id: <97BD7610-40BF-4D45-935D-A24D258D31E1@wire.com>
X-Mailer: Apple Mail (2.3445.101.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/835y76KNxql3lO-mzh9IjCFA0Gc>
Subject: Re: [MLS] Stupidest possible message protection
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Dec 2018 21:36:51 -0000


> On 3 Dec 2018, at 22:27, Katriel Cohn-Gordon <me@katriel.co.uk> wrote:
> 
> I think "clients choose" != "users choose" --- rather, whoever builds this into their application makes the choice for their users in the client code.

That’s what I meant. It will be up to the application vendor to decide on the UX.

> 
> 
> On Mon, 3 Dec 2018, at 9:10 PM, Russ Housley wrote:
>> 
>> 
>>> On Dec 3, 2018, at 10:46 AM, Raphael Robert <raphael=40wire.com@dmarc.ietf.org <mailto:raphael=40wire.com@dmarc.ietf.org>> wrote:
>>> 
>>> I agree with Richard that letting clients choose is a good idea. I think that for the sake of simplicity clients should choose whether to encrypt HS messages or not right at group creation
>> 
>> 
>> It is not clear to me how a user would make that choice.  They do not really have much visibility into the consequences of the choice.  So, it would be good for this group to make to choice or provide a concise description of those consequences in language a user might find helpful.
>> 
>> Russ
>> 
>> _______________________________________________
>> MLS mailing list
>> MLS@ietf.org <mailto:MLS@ietf.org>
>> https://www.ietf.org/mailman/listinfo/mls <https://www.ietf.org/mailman/listinfo/mls>
> 
> _______________________________________________
> MLS mailing list
> MLS@ietf.org <mailto:MLS@ietf.org>
> https://www.ietf.org/mailman/listinfo/mls <https://www.ietf.org/mailman/listinfo/mls>

v2.35.0 | Report a Bug | By Email | System Status