Re: [MLS] New Version Notification for draft-knodel-e2ee-definition-01.txt

Raphael Robert <ietf@raphaelrobert.com> Fri, 07 May 2021 21:06 UTC

Return-Path: <ietf@raphaelrobert.com>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AABB53A32FD for <mls@ietfa.amsl.com>; Fri, 7 May 2021 14:06:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=raphaelrobert.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xfYy84fO36Ts for <mls@ietfa.amsl.com>; Fri, 7 May 2021 14:06:13 -0700 (PDT)
Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 14E453A32F6 for <mls@ietf.org>; Fri, 7 May 2021 14:06:12 -0700 (PDT)
Received: by mail-ej1-x631.google.com with SMTP id n2so15553333ejy.7 for <mls@ietf.org>; Fri, 07 May 2021 14:06:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raphaelrobert.com; s=rr; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=we2npicSKMnhoQ6BUQufVgTWojlTUqzV5oJcXmRO+Ws=; b=ClL+1impK0syLURDrAxQZk24T5ShAp3Su2jfVMfHfyiM0rt0WfGRacZL877oo0Y0uX kLLzZwijAqL+FGEXaZKP3fAlPZ4pgn9R9lDBDmRmsQvM/FpLRvfdpuoHFqZsLyyIuEZb Bu4r8tstS/pjjuY+BruhWTSvH6blkWGRm8xOk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=we2npicSKMnhoQ6BUQufVgTWojlTUqzV5oJcXmRO+Ws=; b=GEInXt7DvIkXcRx+VxBGntnPa0M8AF5OjlWlQTGBnGKZk4E1LKfKjaSMH+8qEpKwf9 Kw6lJs59Pxp19Zjf871ICIitB8O8SnOz4Bs3DRi0kwr2fhTwOs7LW+7zAtpIUuE7RIXX ap04fmCgFBrJ7qOO/pp4Kza9FjfalzT5XkVVEfEqPj3zl26J6N4Ec8YY45KklOCxQzd/ wsqBilHh9Wcct4T4J25QbHCH5A6XNXWHR+T+YlLkNXpt8L+jXbiHuFOZYSAJMRqKEe5N T1lNRm1jZ9+JkDVN9T0xCV1JbAtBawanMCa+lo19wu6xKtqSGreCUdgqXA84ky1aWihz zpdA==
X-Gm-Message-State: AOAM532s2keOxYXTQT88bFsR0qmaJ1cTZzdSx7rn/y5/m3EUwfIipOoV gLsiPOCTQKsWfOEEvZyq0m5JAohc97IjaISBcog=
X-Google-Smtp-Source: ABdhPJwx5GmjaI7QDdHI2eJs63hr1X8JeTyytVpMEYwYTuLnrOHzB5TeHhppBtFZIEp7UaLrakNSpw==
X-Received: by 2002:a17:906:1d4c:: with SMTP id o12mr12176505ejh.203.1620421570067; Fri, 07 May 2021 14:06:10 -0700 (PDT)
Received: from smtpclient.apple ([37.49.18.137]) by smtp.gmail.com with ESMTPSA id z4sm4122277ejw.54.2021.05.07.14.06.09 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 07 May 2021 14:06:09 -0700 (PDT)
From: Raphael Robert <ietf@raphaelrobert.com>
Message-Id: <F7A54CCF-D3C1-48C7-8AC6-9E865029A61D@raphaelrobert.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_FCBAA723-468E-4EDE-B0E2-B5A8990D1EC4"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.80.0.2.43\))
Date: Fri, 7 May 2021 23:06:08 +0200
In-Reply-To: <818a638a-a687-5fb2-0f93-9654f4a1d9e9@cdt.org>
Cc: Messaging Layer Security WG <mls@ietf.org>
To: Mallory Knodel <mknodel@cdt.org>
References: <162039893366.31953.3182470506238059389@ietfa.amsl.com> <818a638a-a687-5fb2-0f93-9654f4a1d9e9@cdt.org>
X-Mailer: Apple Mail (2.3654.80.0.2.43)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/KitRVhhbx82NL-A_S3LlLgCj1YE>
Subject: Re: [MLS] New Version Notification for draft-knodel-e2ee-definition-01.txt
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 May 2021 21:06:19 -0000

Thanks for sharing Mallory!

I like that it has a wholistic approach and that it is based on prior research.
I need to think a bit more about it in general, what comes to mind right now in no particular order:

 - What are the possible synergies between your draft and the MLS architecture draft (https://tools.ietf.org/html/draft-ietf-mls-architecture-06 <https://tools.ietf.org/html/draft-ietf-mls-architecture-06>)?
 - Topics that could possibly be expanded: authentication, metadata (e.g. persisted metadata vs. observable metadata)
 - End user expectations: As mentioned for Alec’s draft as well, I think end user expectations are the center piece. Bridging the gap between academic definitions and the UX of secure messengers would provide some real value in my mind.

In essence, it’s great to have this draft and it is relevant for MLS in my mind. Thanks again for sharing!

Raphael

> On 7. May 2021, at 16:59, Mallory Knodel <mknodel@cdt.org> wrote:
> 
> Hi all,
> 
> There's been oblique discussion of this draft, thanks to Alec's citation in his recent effort.
> 
> My co-authors and I thought we should go ahead and share a -01 version with the group. Most of our feedback so far has been around better definition of an end, so we broke that into its own sub-section.
> 
> The goal is to clearly define e2ee in three different ways: constituent formal definition, functionalities, and user expectations. This assumes a technology is defined by its properties. Conversely, we are not trying to define properties by the technology in use, eg "this app is secure because it's e2ee", which is totally valid. But without our effort, it's becomes circular.
> 
> Lastly I'll just mention that while we aim to define e2ee, we also end up defining a few other terms as well. It's perhaps worth considering this a terminology draft for the mls working group, as Raphael just suggested. We are certainly open to that, so please help us by opening issues or sending pull requests to help solidify those terms: https://github.com/mallory/e2ee/edit/main/draft-e2ee.md <https://github.com/mallory/e2ee/edit/main/draft-e2ee.md>.
> 
> Any and all reviews welcome,
> 
> -Mallory
> 
> 
> 
> -------- Forwarded Message --------
> Subject:	New Version Notification for draft-knodel-e2ee-definition-01.txt
> Date:	Fri, 07 May 2021 07:48:53 -0700
> From:	internet-drafts@ietf.org <mailto:internet-drafts@ietf.org>
> To:	Sofía Celi <cherenkov@riseup.net> <mailto:cherenkov@riseup.net>, Fred Baker <fredbaker.IETF@gmail.com> <mailto:fredbaker.IETF@gmail.com>, Fred Baker <fredbaker.ietf@gmail.com> <mailto:fredbaker.ietf@gmail.com>, Gurshabad Grover<gurshabad@cis-india.org> <mailto:gurshabad@cis-india.org>, Mallory Knodel <mknodel@cdt.org> <mailto:mknodel@cdt.org>, Olaf Kolkman <kolkman@isoc.org> <mailto:kolkman@isoc.org>, Sofia Celi <cherenkov@riseup.net> <mailto:cherenkov@riseup.net>
> 
> 
> A new version of I-D, draft-knodel-e2ee-definition-01.txt
> has been successfully submitted by Mallory Knodel and posted to the
> IETF repository.
> 
> Name: draft-knodel-e2ee-definition
> Revision: 01
> Title: Definition of End-to-end Encryption
> Document date: 2021-05-07
> Group: Individual Submission
> Pages: 12
> URL: https://www.ietf.org/archive/id/draft-knodel-e2ee-definition-01.txt <https://www.ietf.org/archive/id/draft-knodel-e2ee-definition-01.txt>
> Status: https://datatracker.ietf.org/doc/draft-knodel-e2ee-definition/ <https://datatracker.ietf.org/doc/draft-knodel-e2ee-definition/>
> Htmlized: https://datatracker.ietf.org/doc/html/draft-knodel-e2ee-definition <https://datatracker.ietf.org/doc/html/draft-knodel-e2ee-definition>
> Htmlized: https://tools.ietf.org/html/draft-knodel-e2ee-definition-01 <https://tools.ietf.org/html/draft-knodel-e2ee-definition-01>
> Diff: https://www.ietf.org/rfcdiff?url2=draft-knodel-e2ee-definition-01 <https://www.ietf.org/rfcdiff?url2=draft-knodel-e2ee-definition-01>
> 
> Abstract:
> End-to-end encryption (E2EE) is an application of cryptography in
> communications systems between endpoints. E2EE systems are unique in
> providing features of confidentiality, integrity and authenticity for
> users. Improvements to E2EE strive to maximise the system's security
> while balancing usability and availability. Users of E2EE
> communications expect trustworthy providers of secure implementations
> to respect and protect their right to whisper.
> 
> 
> 
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
> 
> The IETF Secretariat
> 
> 
> _______________________________________________
> MLS mailing list
> MLS@ietf.org
> https://www.ietf.org/mailman/listinfo/mls