IETF Logo Mail Archive

Re: [MLS] Federation and MLS

Emad Omara <emadomara@google.com> Mon, 25 March 2019 16:36 UTC

Return-Path: <emadomara@google.com>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C0ED1204A6 for <mls@ietfa.amsl.com>; Mon, 25 Mar 2019 09:36:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.501
X-Spam-Level:
X-Spam-Status: No, score=-17.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TEZ7qkwB9Rub for <mls@ietfa.amsl.com>; Mon, 25 Mar 2019 09:36:19 -0700 (PDT)
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 787F81204FC for <mls@ietf.org>; Mon, 25 Mar 2019 09:36:19 -0700 (PDT)
Received: by mail-wr1-x431.google.com with SMTP id y13so10982053wrd.3 for <mls@ietf.org>; Mon, 25 Mar 2019 09:36:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=yJuj55xgDIYq6RiErWk2etAIn9uVDAQsP56E6vswOCQ=; b=PL8T6LI3yJmHmV/vC5AqnurjtBrT23k97r+zc7HhrXpCpCpKlaIKudguTYJ/jwm3GN b7UKeBzN86Tzb/Pm3sBs8IktgNEj5wsFVCNpPc9Uy4r52qfBbFGSgpgaROJSQUTq4VDi VDRvRsWzWb9gWElVprc5cnx+znCPeoYXOMplS7BAEXleDDBhqGrYb24vs1haKBp9MFeu PJjODbhs3BwJzH9esNwslzXk8W9rBJHo8NUEAF4bX7h1n/seBXh15FsjvPfH5B2Wjpyo 6+Wcvrz7phY0aU8KQ41Sui3cYKsfbT039RGgpMVIFu30styTz1/1jn6G/vlOD3vyoZn4 SIuQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=yJuj55xgDIYq6RiErWk2etAIn9uVDAQsP56E6vswOCQ=; b=jSzmU7EiTfLASHj3UqOkb8xKXYc79DfH/8UooKYSSurUjvPIcGV3vky2cteudl950p cGqpVjeG3r8S9/6ULASW7TTiZ26x7mBe2GSYyDHPWnOuEyGoMxJCVh5X7a49HT27neqg 154UuY1MNSaBuTgrVYKIhtQAjwE8di40h38eHNKi+vQPDsB20Zj5u6+pY/D0P8/biXDd IgEayyBvNtkMv8a0IoJYWDug72WLQDjiHEA5u3rDq9nwPpHXYFTBSeOPXrWarnt5BoP5 F/3xb2Ehb3wJvVhAc+sE3i5oQvP44IfIeRTO7biQYvom/lkV+Z1V+vLCZa7oqad/1Pf2 nu5A==
X-Gm-Message-State: APjAAAUcWizFF/VKahsfrwa5/maT+1Wsy2SS/sXO4AR4Z3/vmW2LYIFM xBp5c8LWyWmffeeni/c/xhPne4uukf8uZTX7vnAw
X-Google-Smtp-Source: APXvYqy+G0D9MtO2F8OAwbtPhx0/HarqRylEA1+t9+OUQVJs6rkCca6ACDVKnjYLXAG110jgBRZFTYSf7WoLrS5av9I=
X-Received: by 2002:adf:fe4d:: with SMTP id m13mr12566979wrs.267.1553531777664; Mon, 25 Mar 2019 09:36:17 -0700 (PDT)
MIME-Version: 1.0
References: <817649924.1176598.1553527876075.JavaMail.zimbra@inria.fr>
In-Reply-To: <817649924.1176598.1553527876075.JavaMail.zimbra@inria.fr>
From: Emad Omara <emadomara@google.com>
Date: Mon, 25 Mar 2019 09:36:06 -0700
Message-ID: <CAHo7dC913xSx-5ZaFkJ7_ZRQJyV31NO3OBSFJ2FNJ42mFdy1hQ@mail.gmail.com>
To: Harry Halpin <harry.halpin@inria.fr>
Cc: mls <mls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000c1aebb0584edcd0e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/8zWHSPX4yvl6uHzYxEmX4OIRakg>
Subject: Re: [MLS] Federation and MLS
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2019 16:36:29 -0000

Thanks Harry for the thoughts. Just to be clear, the federation effort is
mainly focused on the crypto layer, other application specific details are
left out of the scope of the draft.

On Mon, Mar 25, 2019 at 8:33 AM Harry Halpin <harry.halpin@inria.fr> wrote:

> Glad to see federation being discussed on Thursday as well - here's some
> thoughts:
>
> There are basically four issues that need to be solved, and the general
> philosophy should be one of minimalism.
>
> 1) Identity: How to identify members with different AS/DS?
>
> There have been large debates over this, ranging from "user@domain" to
> key-based identifiers to other odd new schemes. To keep it simple, this
> should be delegated to the Authentication Service to provide long-term
> identity (or per group) keys, but some minimal set of calls between the AS
> may need to standardized to retrieve a user key given an identifier.
> Attempting to standardize the identifier is probably a bad idea, just
> assume there is a string you can send the AS that returns a key. Thus, the
> "domain" is by default the "domain" of the AS you call, and all that is
> needed is a user identifier. This would work well for systems that may not
> have a clear user@domain architecture.
>
 Yes this completely out of the scope of the draft. UserID could be email,
phone number, etc depends on the application

>
> 2) Discovery: How to determine which capabilities a given MLS-compliant
> AS/DS supports?
>
> The typical IETF path is via .well-known [1] or related 'host-meta' [2]
> and the former seems to be having some usage. From a cryptographic
> perspective, this is also the 'versioning' issue - how to detect which MLS
> version is being used, for example, with what ciphersuite (as already we
> are discussing using non-25519 ciphers). However, the .well-known RFC is
> tied to the domain name system and so TLS etc, which may not fit all
> systems. Something even more minimalistic, in a 'federation handshake' to
> establish connections between AS and DS services and then cryptographically
> merge their respective sub-trees is a better way to go, although MLS could
> register a .well-known if needed.
>
Yes this one of the challenges,  how to trust the version number provided
by a different DS? Should we make it implicit from the cipher-suite
negotiation?

>
>
> 3) Metadata:
>
> In general, some sort of metadata will need to be shared, i.e. icons,
> human readable user-names, group names. I would suggest that as this may be
> an application message that is simply be considered a non-cryptographic
> update. Any attempt to proscibe too much on this layer leads to endless
> bike-shedding and so should be avoided :) However, some minimal optional
> subset of metadata commonly used for chat could be useful, but rather than
> whiteboard it, it would be better to have each major MLS vendor that plans
> to support federation see what their common subset is with everyone else,
> and then just make a call that delivers just that as an MLS update.
>
I think this will be up to the application  layer, MLS shouldn't care about
this.

>
> 4) Transport:
>
> In general, it seems some minimal transport syntax would have to be agreed
> upon. A simple JSON syntax would match the rest of the Web, without any
> exotic additions.
>
>  All previous work that is non-minimalistic (and it seems my suggestions
> could become even more minimized) will lead to failure. For example, OAuth
> was a success insofar as it did not, unlike OpenID, specify too much. A
> large summary document I wrote over the last decade of failure of
> standardization in this space suggests this is the case, with OAuth being
> the only real victory, everything else from W3C Social Web effort to
> OpenSocial to a pleathora of 'identity' efforts all more or less failing to
> reach deployment, see:
> https://hal.inria.fr/hal-01966561/document
>
> Happy to see MLS focus on the crypto and not repeat the mistakes of
> previous standards efforts in federation - happy to help on federation
> topic, although I can't make Prague in person likely.
>
>   yours,
>     harry
>
>
> [1] https://tools.ietf.org/html/rfc5785
> [2] https://tools.ietf.org/html/rfc6415
> _______________________________________________
> MLS mailing list
> MLS@ietf.org
> https://www.ietf.org/mailman/listinfo/mls
>

v2.23.0 | Report a Bug | By Email