Re: [MLS] Deniability -> "recording"?
Dave Cridland <dave@cridland.net> Thu, 23 January 2020 14:30 UTC
Return-Path: <dave@cridland.net>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id B3245120801
for <mls@ietfa.amsl.com>; Thu, 23 Jan 2020 06:30:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001,
SPF_HELO_NONE=0.001, SPF_PASS=-0.001]
autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
header.d=cridland.net
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id ZPRjznacqZJu for <mls@ietfa.amsl.com>;
Thu, 23 Jan 2020 06:30:23 -0800 (PST)
Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com
[IPv6:2a00:1450:4864:20::12d])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 694CE120133
for <mls@ietf.org>; Thu, 23 Jan 2020 06:30:23 -0800 (PST)
Received: by mail-lf1-x12d.google.com with SMTP id z26so2412936lfg.13
for <mls@ietf.org>; Thu, 23 Jan 2020 06:30:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cridland.net; s=google;
h=mime-version:references:in-reply-to:from:date:message-id:subject:to
:cc; bh=YTZuZoyVNtZ/RqoU8JBleYTipq3+8KqODW4JFMdC2dM=;
b=ZM2aDinE5S1PfverChah5uuthXsjdAJRxU+nZtDA+a6zCPTdo4vx27p5NowFMfP8hr
JHHysvRhd2BfsNo0VQRQOxrokWumKP7V1yoj6ykCA1Nihb6HCQIG1tWAb9eWL9C+bftl
R0RW9vTtabpBKaGc5JmnTVuytYMSUVb855oXE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:references:in-reply-to:from:date
:message-id:subject:to:cc;
bh=YTZuZoyVNtZ/RqoU8JBleYTipq3+8KqODW4JFMdC2dM=;
b=fzQAN89V65U9CV7YHf31SMTlZz3xa1FCh1bIl+fW1qaO4e/ruC1AN1PxjyEkeij8Yq
tpAKwGlS4F0Z8sFHCi1IjTKeHwP+2PofKzMOeyTVTwa7fHdC3qnTjbXpgIeDubq3IAC/
JYRpktSYPdLFUJdeSYQidyE/7eE2lkpSsQkt5eNSO4a1qrQ0DCgQzgGSCIL/oaOlEp4F
kC4vmbc9VNcdzv4X3nKKW+VOOQ4I5Ynobtm/ZewP4jr5hm4ALuyUAxRF20K/mjN2zStk
zkAVDQ3TpPBwnvYhyGFOYanZDHD1Rg5O9kptjPoFfo+TkUxNrOhwigye/q9ciAEAbwGL
nz/w==
X-Gm-Message-State: APjAAAUXCl6Eu6XPK3BuoJYTBwl96gTw6DYzCQnm1nDovOdlebEjgQkH
QHxjtM21HkBs3RO3UQtixV2uR/s+vAM1eCR9MI1G9w==
X-Google-Smtp-Source: APXvYqwNcYa9xod3s3yvCVwuY94CZylAfjlmZR5cEbuoptvwBNEIYYExlKc/T806cKlXI3BZ6vnwXBhTkvXfPQqnbXo=
X-Received: by 2002:ac2:5467:: with SMTP id e7mr4448166lfn.74.1579789821634;
Thu, 23 Jan 2020 06:30:21 -0800 (PST)
MIME-Version: 1.0
References: <2060195243.218290.1579787145340.ref@mail.yahoo.com>
<2060195243.218290.1579787145340@mail.yahoo.com>
<eefe9673-37e0-d244-14c5-dd34e4256cf7@gmail.com>
In-Reply-To: <eefe9673-37e0-d244-14c5-dd34e4256cf7@gmail.com>
From: Dave Cridland <dave@cridland.net>
Date: Thu, 23 Jan 2020 14:30:10 +0000
Message-ID: <CAKHUCzzV1Rs+iVUYpXt7kjn+ockynCpw72Erwp3FE391Rt6VMQ@mail.gmail.com>
To: Cas Cremers <cas.cremers@gmail.com>
Cc: "nalini.elkins@insidethestack.com" <nalini.elkins@insidethestack.com>,
"jon@callas.org" <jon@callas.org>,
"raphael=40wire.com@dmarc.ietf.org" <raphael=40wire.com@dmarc.ietf.org>,
"mls@ietf.org" <mls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000237e7c059ccf7bc8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/Pa4lStbSDjpTeqTkabBkpVcSI0E>
Subject: Re: [MLS] Deniability -> "recording"?
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>,
<mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>,
<mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jan 2020 14:30:26 -0000
On Thu, 23 Jan 2020 at 13:59, Cas Cremers <cas.cremers@gmail.com> wrote: > We're aiming for security first, I think. If we mandate deniability and mandate PFS, then the risk is that the threat model ends up less applicable. We can work around the PFS by (in effect) using MLS as a groupwise key exchange protocol and exporting a longer term key for message encryption, but if we destroy cryptographic integrity post-facto, as I assume we mean by deniability, then that makes life increasingly unpleasant for the cases where people actually want different properties. In short, preventing various groups making use of MLS is not security first. Dave.
- [MLS] Deniability without pairwise channels. Mathias Hall-Andersen
- Re: [MLS] Deniability without pairwise channels. Raphael Robert
- Re: [MLS] Deniability without pairwise channels. Jeff Burdges
- Re: [MLS] Deniability without pairwise channels. Jon Callas
- Re: [MLS] Deniability without pairwise channels. Raphael Robert
- Re: [MLS] Deniability without pairwise channels. nalini.elkins@insidethestack.com
- Re: [MLS] Deniability -> "recording"? Cas Cremers
- Re: [MLS] Deniability -> "recording"? Dave Cridland
- Re: [MLS] Deniability -> "recording"? nalini.elkins@insidethestack.com
- Re: [MLS] Deniability -> "recording"? Benjamin Beurdouche
- Re: [MLS] Deniability -> "recording"? Konrad Kohbrok
- Re: [MLS] Deniability -> "recording"? Dave Cridland
- Re: [MLS] Deniability -> "recording"? Konrad Kohbrok
- Re: [MLS] Deniability -> "recording"? Raphael Robert
- Re: [MLS] Deniability -> "recording"? Raphael Robert
- Re: [MLS] Deniability -> "recording"? Nalini J Elkins
- Re: [MLS] Deniability without pairwise channels. Sofía Celi
- Re: [MLS] Deniability without pairwise channels. Sofía Celi
- Re: [MLS] Deniability without pairwise channels. Natanael