Re: [MLS] New Version Notification for draft-knodel-e2ee-definition-01.txt

Mallory Knodel <mknodel@cdt.org> Mon, 10 May 2021 16:30 UTC

Return-Path: <mknodel@cdt.org>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 372D33A22DE for <mls@ietfa.amsl.com>; Mon, 10 May 2021 09:30:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cdt.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ivcOgBx5jY6x for <mls@ietfa.amsl.com>; Mon, 10 May 2021 09:30:03 -0700 (PDT)
Received: from mail-qt1-x836.google.com (mail-qt1-x836.google.com [IPv6:2607:f8b0:4864:20::836]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1769C3A22B7 for <mls@ietf.org>; Mon, 10 May 2021 09:30:02 -0700 (PDT)
Received: by mail-qt1-x836.google.com with SMTP id t20so8078084qtx.8 for <mls@ietf.org>; Mon, 10 May 2021 09:30:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cdt.org; s=google; h=message-id:date:mime-version:user-agent:subject:content-language:to :cc:references:from:in-reply-to; bh=WxwucD0KPO8I5lbVAykVUBTH0YCpw6MXsKFT1lZj2uo=; b=ctWTYZ14dWv0oZoRSWASj+JL10EoTJ0NkI8LSxcaudlVE5LCwA95a/C7/phOS1kd87 FaEew7FUdlu+RrJjNM3exQKg5l4foHLPoHr2F/fbix2wO3wG6FLmVYJFHZCwiVhpFwx8 qr9mst5RSjpiAswXiySp/BAKpOSyOIVlBgHEM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to; bh=WxwucD0KPO8I5lbVAykVUBTH0YCpw6MXsKFT1lZj2uo=; b=ZSlNRe3hLRZ/A4dvCXPs0wtKPgAouQZu1qDf+DfAMAdcnCAKH+g9VXXE1EhkdwX4is zRSiYcyofk6ngbB5vLndJJPQZCvbXIqOx6xIoI3n1/PAgCfrAynKlfKvZEd6cJEt+nwW NS0PsdvcyflsAqixLTeyTovMfQDfGV7RXo7Jnor9vf2L5TMSntcSAcj2TOF4JPfvvRLI 5H1k9/qIjDYi54RnqMO4odOdkPzlVu1cwQ1JubKCAEszfODE3h6zVZyKHes0SgLOH7X7 UDap8pNKRqwi6rXxKcUI+7yZgVyxFxpCKbEYXdxmNumjh2JltXrxsXTdQik0ro0jBJr2 mk3A==
X-Gm-Message-State: AOAM532N1HveDmvyel9KcNyQT7GaKAROhxpXXTrQi/S7TBO2Se3UVS3M NosikYOQBuv3082gsG4be7eVNw==
X-Google-Smtp-Source: ABdhPJxvff66d0EyjTgsr8lAM49YFFUcqsfnGcuHZGoRVCN1bmYTf/KY01FaDIVE8omJrYtvfLwPEQ==
X-Received: by 2002:ac8:5649:: with SMTP id 9mr23399199qtt.148.1620664201514; Mon, 10 May 2021 09:30:01 -0700 (PDT)
Received: from ?IPV6:2601:140:8680:4c40:3161:a834:2760:43ad? ([2601:140:8680:4c40:3161:a834:2760:43ad]) by smtp.gmail.com with UTF8SMTPSA id b8sm12036115qtj.37.2021.05.10.09.30.00 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 10 May 2021 09:30:01 -0700 (PDT)
Content-Type: multipart/alternative; boundary="------------k1Md3frh1vb79yb8uHtBNhP0"
Message-ID: <722c95d5-43c9-880a-3765-3d2be65d8210@cdt.org>
Date: Mon, 10 May 2021 12:30:00 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:89.0) Gecko/20100101 Thunderbird/89.0
Content-Language: en-US
To: Raphael Robert <ietf@raphaelrobert.com>
Cc: Messaging Layer Security WG <mls@ietf.org>
References: <162039893366.31953.3182470506238059389@ietfa.amsl.com> <818a638a-a687-5fb2-0f93-9654f4a1d9e9@cdt.org> <F7A54CCF-D3C1-48C7-8AC6-9E865029A61D@raphaelrobert.com>
From: Mallory Knodel <mknodel@cdt.org>
In-Reply-To: <F7A54CCF-D3C1-48C7-8AC6-9E865029A61D@raphaelrobert.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/NKZuagO6XzdhhKuCc89YZnNJ9Bo>
Subject: Re: [MLS] New Version Notification for draft-knodel-e2ee-definition-01.txt
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 May 2021 16:30:10 -0000

Thanks Raphael, those are all excellent suggestions. I think Gurshabad 
and I have a grip on their essence, so will make an attempt at -02 for 
the second points and I'll re-review draft-architecture with your first 
question in mind. Perhaps at the next MLS meeting we can as a group 
spend some time together to think about scope wrt other wg drafts.

-Mallory

On 5/7/21 5:06 PM, Raphael Robert wrote:
> Thanks for sharing Mallory!
>
> I like that it has a wholistic approach and that it is based on prior 
> research.
> I need to think a bit more about it in general, what comes to mind 
> right now in no particular order:
>
>  - What are the possible synergies between your draft and the MLS 
> architecture draft 
> (https://tools.ietf.org/html/draft-ietf-mls-architecture-06)?
>  - Topics that could possibly be expanded: authentication, metadata 
> (e.g. persisted metadata vs. observable metadata)
>  - End user expectations: As mentioned for Alec’s draft as well, I 
> think end user expectations are the center piece. Bridging the gap 
> between academic definitions and the UX of secure messengers would 
> provide some real value in my mind.
>
> In essence, it’s great to have this draft and it is relevant for MLS 
> in my mind. Thanks again for sharing!
>
> Raphael
>
>> On 7. May 2021, at 16:59, Mallory Knodel <mknodel@cdt.org> wrote:
>>
>> Hi all,
>>
>> There's been oblique discussion of this draft, thanks to Alec's 
>> citation in his recent effort.
>>
>> My co-authors and I thought we should go ahead and share a -01 
>> version with the group. Most of our feedback so far has been around 
>> better definition of an end, so we broke that into its own sub-section.
>>
>> The goal is to clearly define e2ee in three different ways: 
>> constituent formal definition, functionalities, and user 
>> expectations. This assumes a technology is defined by its properties. 
>> Conversely, we are not trying to define properties by the technology 
>> in use, eg "this app is secure because it's e2ee", which is totally 
>> valid. But without our effort, it's becomes circular.
>>
>> Lastly I'll just mention that while we aim to define e2ee, we also 
>> end up defining a few other terms as well. It's perhaps worth 
>> considering this a terminology draft for the mls working group, as 
>> Raphael just suggested. We are certainly open to that, so please help 
>> us by opening issues or sending pull requests to help solidify those 
>> terms: https://github.com/mallory/e2ee/edit/main/draft-e2ee.md.
>>
>> Any and all reviews welcome,
>>
>> -Mallory
>>
>>
>>
>> -------- Forwarded Message --------
>> Subject: 	New Version Notification for 
>> draft-knodel-e2ee-definition-01.txt
>> Date: 	Fri, 07 May 2021 07:48:53 -0700
>> From: 	internet-drafts@ietf.org
>> To: 	Sofía Celi <cherenkov@riseup.net>et>, Fred Baker 
>> <fredbaker.IETF@gmail.com>om>, Fred Baker <fredbaker.ietf@gmail.com>om>, 
>> Gurshabad Grover <gurshabad@cis-india.org>rg>, Mallory Knodel 
>> <mknodel@cdt.org>rg>, Olaf Kolkman <kolkman@isoc.org>rg>, Sofia Celi 
>> <cherenkov@riseup.net>
>>
>>
>>
>>
>> A new version of I-D, draft-knodel-e2ee-definition-01.txt
>> has been successfully submitted by Mallory Knodel and posted to the
>> IETF repository.
>>
>> Name: draft-knodel-e2ee-definition
>> Revision: 01
>> Title: Definition of End-to-end Encryption
>> Document date: 2021-05-07
>> Group: Individual Submission
>> Pages: 12
>> URL: https://www.ietf.org/archive/id/draft-knodel-e2ee-definition-01.txt
>> Status: https://datatracker.ietf.org/doc/draft-knodel-e2ee-definition/
>> Htmlized: 
>> https://datatracker.ietf.org/doc/html/draft-knodel-e2ee-definition
>> Htmlized: https://tools.ietf.org/html/draft-knodel-e2ee-definition-01
>> Diff: https://www.ietf.org/rfcdiff?url2=draft-knodel-e2ee-definition-01
>>
>> Abstract:
>> End-to-end encryption (E2EE) is an application of cryptography in
>> communications systems between endpoints. E2EE systems are unique in
>> providing features of confidentiality, integrity and authenticity for
>> users. Improvements to E2EE strive to maximise the system's security
>> while balancing usability and availability. Users of E2EE
>> communications expect trustworthy providers of secure implementations
>> to respect and protect their right to whisper.
>>
>>
>>
>> Please note that it may take a couple of minutes from the time of 
>> submission
>> until the htmlized version and diff are available at tools.ietf.org 
>> <http://tools.ietf.org>.
>>
>> The IETF Secretariat
>>
>>
>> _______________________________________________
>> MLS mailing list
>> MLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/mls
>
-- 
Mallory Knodel
CTO, Center for Democracy and Technology
gpg fingerprint :: E3EB 63E0 65A3 B240 BCD9 B071 0C32 A271 BD3C C780