Re: [MLS] Charter for KEYTRANS
Eric Rescorla <ekr@rtfm.com> Wed, 07 June 2023 22:42 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F4D1C1516E1 for <mls@ietfa.amsl.com>; Wed, 7 Jun 2023 15:42:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.893
X-Spam-Level:
X-Spam-Status: No, score=-6.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20221208.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NCDuS8kzsWst for <mls@ietfa.amsl.com>; Wed, 7 Jun 2023 15:42:50 -0700 (PDT)
Received: from mail-yw1-x112a.google.com (mail-yw1-x112a.google.com [IPv6:2607:f8b0:4864:20::112a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 727DAC151520 for <mls@ietf.org>; Wed, 7 Jun 2023 15:42:50 -0700 (PDT)
Received: by mail-yw1-x112a.google.com with SMTP id 00721157ae682-565f1145dc8so87454687b3.1 for <mls@ietf.org>; Wed, 07 Jun 2023 15:42:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20221208.gappssmtp.com; s=20221208; t=1686177769; x=1688769769; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=cn42io9j+i4mglVuYsZ6vIAbg5klSb3q61m1jOq89NY=; b=sDTyprD2ojGtFAI/CDT82sD45rShXGw3RHFj9Ela00XYV9ZICqx/mXilUDu5FuAbrB l+BTmDLO/hDDc4yPAoYFJsTEtKoiVJeXrIM/gaPV8CXkOY/H/AZMpsNPxG9dbaZ6XZj2 r8b6EXT+yXbNJoAlDWVv63nz0rHjAEVAyfUEImhGGHmQ69nw4QO5OB/n79EKbtUHUr3Z RxNMJg84hOnEhXXXU/3KKvSGExc5uPhKHCMWW+Vv8y0gtv0zBxOWLyN4Z1qsCdF8ifzk +zsfSDc2U60+4XU1tubbxmg6CtrDwVxtFVkrOzqwdGP9YCLXMoPRvlDm17r1GlRLiF8e C8/g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686177769; x=1688769769; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=cn42io9j+i4mglVuYsZ6vIAbg5klSb3q61m1jOq89NY=; b=Z9YFY31mye4hKHqSkz3wKFuLuK0w75aArWMwVyPwrDwHRCsDAxHsd+Sno6pWcoFPpi vNe6GKUFnXNJ1IJpp3GmEl0oFfM2O4VomFwMx7PSKniwlS65gN7mtAQOUWwn+yF8nKL+ cllqb96P4rZ2ZVqa9AXo2UjuUFF/3qjKZd+rZvvJN7MBxAWCyf3dkVQgASslsOs/49AI /ooqkg9MMVKZBHCPFGiqqh3JkR8ma3hUcQTrREmej2Ba3c69/T3LbTsodT+sHbBjZXoo /iVVpc51j2/UmJkUohfM2H5C9W0gYDTAC6KN4JHuL4doO7nJhLXu7kJZevBpKe4u5ckx Pcag==
X-Gm-Message-State: AC+VfDzNY4PP9BekH+MhbYQznH59lg1TZBVo9DVPgiwYtRRi8gGPh/W+ M+Z9FS/IheeHv+pBTdLvSe/MtAMROTEmKCQEPgDL6Ix0owrfZMUT
X-Google-Smtp-Source: ACHHUZ5PBAtN3qyqDZebX/0w5C/Yk5BHDnplailwrdk3qmAZNaRwtZpWtpKLTgBYROHnHfItAxz/+KO0WiU6ANKOhb4=
X-Received: by 2002:a0d:eb97:0:b0:562:152e:4476 with SMTP id u145-20020a0deb97000000b00562152e4476mr8651313ywe.43.1686177769328; Wed, 07 Jun 2023 15:42:49 -0700 (PDT)
MIME-Version: 1.0
References: <960d9858aa334c51a1392644a2059699@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <CABcZeBNbvezx5hP39+APhrRJqdCSwvhPO3nUF_ThpdD81y2Arw@mail.gmail.com>
In-Reply-To: <CABcZeBNbvezx5hP39+APhrRJqdCSwvhPO3nUF_ThpdD81y2Arw@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 07 Jun 2023 15:42:13 -0700
Message-ID: <CABcZeBORBu54+rqBsQXptc56dtk1cV_702-64nPZ=PbF_GecZQ@mail.gmail.com>
To: Roman Danyliw <rdd@cert.org>, keytrans@ietf.org
Cc: "mls@ietf.org" <mls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f82ec305fd91dadf"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/Amjk7e4Q7XzvKHNUNozav-OG6HU>
Subject: Re: [MLS] Charter for KEYTRANS
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jun 2023 22:42:52 -0000
Replying with keytrans in the CC list On Wed, Jun 7, 2023 at 3:39 PM Eric Rescorla <ekr@rtfm.com> wrote: > Document: charter-ietf-keytrans-00-01.txt > > I share a number of Richard's concerns about the level of > generality of this proposed charter. > > I'm not sure that "authentication mechanism" is the term that I would > use here. Specifically, it seems likely that people will want to > deploy CT-like models in which there is a separate directory which > actually provides authentication and then a transparency mechanism > that is provided separately. I recognize that some ways of deploying > KT also are usable as authentication, but that's not the only way to > do things. The word I would use here is "public verifiability" > of the consensus data. > > I concur with Richard that going from transparency about key > bindings to transparency about bindings and group state > is a huge scope expansion, and I think an unwise one. MLS already > provides a measure of consistency for group state and I think > This group should confine itself to providing transparency > for the identity->key bindings. You can always recharter later > once that's done. > > The KEYTRANS working group will develop a standard for > authenticating information about artifacts in an end-to-end > encrypted messaging system with the above properties. > > As above, I don't think the right word here is "authenticating > information" but rather "public verifiability". > > I would also strike the language here about end-to-end > encrypted messaging systems. While it's true that that's > the motivating case, if the system is cognizant of that > then something has gone wrong. > > These comments would also entail some changes later in the charter, > but it's probably more helpful to discuss them in only one place, > so I'll stop here. > > -Ekr > > > > On Tue, May 23, 2023 at 12:18 PM Roman Danyliw <rdd@cert.org> wrote: > >> Hi! >> >> Since the KEYTRANS BoF at IETF 116 ( >> https://datatracker.ietf.org/meeting/116/session/keytrans), there has >> been follow-up discussion on crafting a charter. Since KEYTRANS is >> targeting a similar audience as MLS and is proposing an artifact to >> integrate with MLS, I'm sharing it here for visibility and review here. >> >> Current version of the KEYTRANS charter text >> >> https://docs.google.com/document/d/12NMFA0P1OYtE6_QoqP3J80tDr0z2-FEm2ZdiWeauAHE/edit >> >> Multiple threads of discussion >> -- initial charter >> >> https://mailarchive.ietf.org/arch/msg/keytrans/6VIEM87-TNe1OYXZRUyAwJX_1vo/ >> >> -- AD review of charter >> >> https://mailarchive.ietf.org/arch/msg/keytrans/GfDMvADn5ZgdR7ZfTZt2y296Nuo/ >> >> While posting here, please bring any feedback to the keytrans@ietf >> mailing list. >> >> Regards, >> Roman >> >> _______________________________________________ >> MLS mailing list >> MLS@ietf.org >> https://www.ietf.org/mailman/listinfo/mls >> >
- [MLS] Charter for KEYTRANS Roman Danyliw
- Re: [MLS] Charter for KEYTRANS Eric Rescorla
- Re: [MLS] Charter for KEYTRANS Eric Rescorla
- Re: [MLS] [Keytrans] Charter for KEYTRANS Kevin Lewi