[MLS] MLS@IETF102 Agenda Request (was Re: WG Action: Formed Messaging Layer Security (mls))
Sean Turner <sean@sn3rd.com> Wed, 30 May 2018 14:04 UTC
Return-Path: <sean@sn3rd.com>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C1F912E6D7 for <mls@ietfa.amsl.com>; Wed, 30 May 2018 07:04:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L21O6YU-Ry20 for <mls@ietfa.amsl.com>; Wed, 30 May 2018 07:04:50 -0700 (PDT)
Received: from mail-qt0-x232.google.com (mail-qt0-x232.google.com [IPv6:2607:f8b0:400d:c0d::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63F9512DB71 for <mls@ietf.org>; Wed, 30 May 2018 07:04:50 -0700 (PDT)
Received: by mail-qt0-x232.google.com with SMTP id m5-v6so23366028qti.1 for <mls@ietf.org>; Wed, 30 May 2018 07:04:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=from:content-transfer-encoding:mime-version:subject:date:references :to:in-reply-to:message-id; bh=+cEbLsFDsUV+I/mK5V6POvowlA+v1iaTSYR15XO+KPU=; b=ZMCoM9W1ncWX69M1g0novWMWhGsNsPOac3zu/9gt9z8cXBpsCLY0nwHjXKTakvzT6R 2UFwtb3zcTo2/TXwHNM9dgJxfd3GZfeFZqdx7RI2w3u1+jQ4kcOd9JJ2boQuuy6cT0rN LP+QdOiSB2tztbK7WX9vjIU0jDGnQuhABlIK4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:date:references:to:in-reply-to:message-id; bh=+cEbLsFDsUV+I/mK5V6POvowlA+v1iaTSYR15XO+KPU=; b=SzYCoWcUytGeZ/eudgnkULinh6Dh62iy7joFBT7GB4PBpldIL/IuJU/Rg5yGDjsujl vi6grP9qJehJbWfTWzhW9cGlXiriAU9BdC8z7vVUcNTxpyfxuxJgRKLgWXEbLFXmZogr duL4MOjhfYuHpPB9CR4FxLsd9tVPv9H72zXmVbZVcheusPL2S7rdU2ET3LKMieeQrG5X q/HMw5dqL1HLvPq9JcVeUM4ByBrilkCZ1ScV38D1fI2w0jCH+qP9x/CiVPjlrXE+1l/p LEmG13fMyGY4WztmKQ+i8UVQJvflWsS24QhyWIeU29kfANHjR0/wpvCZlRnFy8/5r9yL akzw==
X-Gm-Message-State: APt69E2vTzJadAcIHYSzxla5MG5cZYJX/+k9fpTs59sb4pj82R7k6p4K ELd9HzSHucq1wjqSzv4hEmaP277Q4Jo=
X-Google-Smtp-Source: ADUXVKIvRF8oMpspYTfai6nGGrfQxP0XWhGDF051b+srSaDnQkIbKbMN34GXxNXPl8md/fdnJeG3QA==
X-Received: by 2002:a0c:b4a2:: with SMTP id c34-v6mr2605767qve.70.1527689089330; Wed, 30 May 2018 07:04:49 -0700 (PDT)
Received: from [172.16.0.18] ([96.231.224.71]) by smtp.gmail.com with ESMTPSA id q8-v6sm27058754qtb.13.2018.05.30.07.04.48 for <mls@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 30 May 2018 07:04:48 -0700 (PDT)
From: Sean Turner <sean@sn3rd.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 11.3 \(3445.6.18\))
Date: Wed, 30 May 2018 10:04:47 -0400
References: <152762411608.29656.6932478848985178103.idtracker@ietfa.amsl.com>
To: mls@ietf.org
In-Reply-To: <152762411608.29656.6932478848985178103.idtracker@ietfa.amsl.com>
Message-Id: <65BCD6FA-C686-443A-8497-5D633BAB4027@sn3rd.com>
X-Mailer: Apple Mail (2.3445.6.18)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/8cisr5YIZxppkhqudBcUHB742Sg>
Subject: [MLS] MLS@IETF102 Agenda Request (was Re: WG Action: Formed Messaging Layer Security (mls))
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 May 2018 14:04:54 -0000
We've been chartered! Let the MLS@IETF102 agenda bashing begin! To that end, Nick and I need to put together an agenda and request a time slot before 2359 UTC on June 1st (~2.5 days from now). As far as putting together an agenda: it seems reasonable that we review the WG’s goals as well as the architecture document: draft-omara-mls-architecture; after that it seems like some kind protocol discussion around ART or TreeKEM discussion as the basis of the protocol is going to happen. spt > On May 29, 2018, at 16:01, The IESG <iesg-secretary@ietf.org> wrote: > > A new IETF WG has been formed in the Security Area. For additional > information, please contact the Area Directors or the WG Chairs. > > Messaging Layer Security (mls) > ----------------------------------------------------------------------- > Current status: Proposed WG > > Chairs: > Nick Sullivan <nick@cloudflare.com> > Sean Turner <sean+ietf@sn3rd.com> > > Assigned Area Director: > Benjamin Kaduk <kaduk@mit.edu> > > Security Area Directors: > Eric Rescorla <ekr@rtfm.com> > Benjamin Kaduk <kaduk@mit.edu> > > Mailing list: > Address: mls@ietf.org > To subscribe: https://www.ietf.org/mailman/listinfo/mls > Archive: https://mailarchive.ietf.org/arch/browse/mls/ > > Group page: https://datatracker.ietf.org/group/mls/ > > Charter: https://datatracker.ietf.org/doc/charter-ietf-mls/ > > Several Internet applications have a need for group key establishment > and message protection protocols with the following properties: > > o Message Confidentiality - Messages can only be read > by members of the group > o Message Integrity and Authentication - Each message > has been sent by an authenticated sender, and has > not been tampered with > o Membership Authentication - Each participant can verify > the set of members in the group > o Asynchronicity - Keys can be established without any > two participants being online at the same time > o Forward secrecy - Full compromise of a node at a point > in time does not reveal past messages sent within the group > o Post-compromise security - Full compromise of a node at a > point in time does not reveal future messages sent within the group > o Scalability - Resource requirements have good scaling in the > size of the group (preferably sub-linear) > > Several widely-deployed applications have developed their own > protocols to meet these needs. While these protocols are similar, > no two are close enough to interoperate. As a result, each application > vendor has had to maintain their own protocol stack and independently > build trust in the quality of the protocol. The primary goal of this > working group is to develop a standard messaging security protocol for > human-to-human(s) communication with the above security and deployment > properties so that applications can share code, and so that there can be > shared validation of the protocol (as there has been with TLS 1.3). > Humans are assumed to have access to one or more general-purpose > computers. > > It is not a goal of this group to enable interoperability/federation > between messaging applications beyond the key establishment, > authentication, and confidentiality services. Full interoperability > would require alignment at many different layers beyond security, > e.g., standard message transport and application semantics. The > focus of this work is to develop a messaging security layer that > different applications can adapt to their own needs. > > While authentication is a key goal of this working group, it is not > the objective of this working group to develop new authentication > technologies. Rather, the security protocol developed by this > group will provide a way to leverage existing authentication > technologies to associate identities with keys used in the protocol, > just as TLS does with X.509. > > In developing this protocol, we will draw on lessons learned from > several prior message-oriented security protocols, in addition to > the proprietary messaging security protocols deployed within > existing applications: > > o S/MIME - https://tools.ietf.org/html/rfc5751 > o OpenPGP - https://tools.ietf.org/html/rfc4880 > o Off the Record - https://otr.cypherpunks.ca/Protocol-v3-4.1.1.html > o Double Ratchet - https://en.wikipedia.org/wiki/Double_Ratchet_Algorithm > > The intent of this working group is to follow the pattern of > TLS 1.3, with specification, implementation, and verification > proceeding in parallel. By the time we arrive at RFC, we > hope to have several interoperable implementations as well > as a thorough security analysis. > > The specifications developed by this working group will be > based on pre-standardization implementation and deployment > experience, and generalizing the design described in: > > o draft-omara-mls-architecture > o draft-barnes-mls-protocol > > Note that consensus is required both for changes to the protocol mechanisms > from these documents and retention of the mechanisms from them. In particular, > because something is in the initial document set does not imply that there is > consensus around the feature or around how it is specified. > > Milestones: > > May 2018 - Initial working group documents for architecture and key > management > > Sep 2018 - Initial working group document adopted for message protection > > Jan 2019 - Submit architecture document to IESG as Informational > > Jun 2019 - Submit key management protocol to IESG as Proposed Standard > > Sep 2019 - Submit message protection protocol to IESG as Proposed Standard > >