IETF Logo Mail Archive

Re: [MLS] John Scudder's No Objection on charter-ietf-mls-01-00: (with COMMENT)

Sean Turner <sean@sn3rd.com> Mon, 05 February 2024 15:16 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 15BA7C14F5EF for <mls@ietfa.amsl.com>; Mon, 5 Feb 2024 07:16:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zLyOZ1yCYain for <mls@ietfa.amsl.com>; Mon, 5 Feb 2024 07:16:28 -0800 (PST)
Received: from mail-qv1-xf2e.google.com (mail-qv1-xf2e.google.com [IPv6:2607:f8b0:4864:20::f2e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC0B2C151520 for <mls@ietf.org>; Mon, 5 Feb 2024 07:16:28 -0800 (PST)
Received: by mail-qv1-xf2e.google.com with SMTP id 6a1803df08f44-68c53ed6c56so21661706d6.3 for <mls@ietf.org>; Mon, 05 Feb 2024 07:16:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; t=1707146187; x=1707750987; darn=ietf.org; h=message-id:in-reply-to:to:references:date:subject:mime-version :content-transfer-encoding:from:from:to:cc:subject:date:message-id :reply-to; bh=KsY18/3FMdycj+LvPz053TK7+tuWM2huze+r6HWLC5g=; b=QV8282HIbOxXgOMHp/aRi59zdhW5MGuWRgFe7lBUZoE/bIgopNIyfXycVgWGwy2yJz UKkJJwYyBL6e9HnDulxE6RgE6G9HhgL1bR0W/h1stIuZL20h5DdqiungdCVsOT8r2Kv+ uNRNpLX1THysFj8T6sgR8jpLFV0DFwVqSDZz0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707146187; x=1707750987; h=message-id:in-reply-to:to:references:date:subject:mime-version :content-transfer-encoding:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=KsY18/3FMdycj+LvPz053TK7+tuWM2huze+r6HWLC5g=; b=VMgw0tsqu0jDnJNubkFqY7buaKf/iLtHgCPkjxQBpXwLixbbVwjNXdd9U61yvDXQaW n8bCLr4iX1wjb+Nv84mdW3uYmuNzCfBriShdNewJINGpbL+sOyET3txwOsykD3+k+Ywi kgLWAnVO55ymep1SnhYlK8eKC3yzm5HD8AnYZtGY9iTsOFpkAU5Gyn1ozDALOZkyuqT2 2X14X9zXNJmK6LCn4fOcPWrdT0ilUOL0hH1QyFz3WL2hMczTwjgEB5A89edEdcR/9S6M u0wLRxzfXOafYUtr5iIoM4HpdHEIsrsQPLVW64HxMeLadDIauwkPerjKVD/Xjj0Mvi0a BNew==
X-Gm-Message-State: AOJu0YzPW7SWsYiADRBt2TZ+eZssNXzXvZtt8ZQmwrL+tPKJRxb6c3Ub 7vpbh4F55I1UUizh/svcboTULrIJ2cWqZ7+qGTSEtgo+CYt8RUS0+idXvaiBf9hnYiBfvB+fkQ4 t
X-Google-Smtp-Source: AGHT+IGnNW6IAdJt+U3q/ljbIJPfYoAYwT2im8BwA9bOf9iJnIVdVajHeYA6nWGJQ1a3IDtM+tvaYA==
X-Received: by 2002:a0c:cc03:0:b0:68c:46df:69b9 with SMTP id r3-20020a0ccc03000000b0068c46df69b9mr5584638qvk.48.1707146186833; Mon, 05 Feb 2024 07:16:26 -0800 (PST)
Received: from smtpclient.apple (pool-68-238-162-47.washdc.fios.verizon.net. [68.238.162.47]) by smtp.gmail.com with ESMTPSA id lf19-20020a0562142cd300b00685c59413b3sm56114qvb.42.2024.02.05.07.16.26 for <mls@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Feb 2024 07:16:26 -0800 (PST)
From: Sean Turner <sean@sn3rd.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.15\))
Date: Mon, 05 Feb 2024 10:16:25 -0500
References: <170438543171.34367.8299596703790005615@ietfa.amsl.com> <87FBE764-AF15-4140-9ACC-F9A1FA2F6A6A@sn3rd.com> <2645FD67-E03C-45F5-932B-196D9153CDD8@sn3rd.com> <517D6B00-E67A-461B-9C13-3F92307AB593@sn3rd.com>
To: MLS List <mls@ietf.org>
In-Reply-To: <517D6B00-E67A-461B-9C13-3F92307AB593@sn3rd.com>
Message-Id: <96C43B59-25EF-42AB-BF69-FF1599F5F80E@sn3rd.com>
X-Mailer: Apple Mail (2.3654.120.0.1.15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/RQYrUQCSE0JT4B3sCoSFf0NtnX4>
Subject: Re: [MLS] John Scudder's No Objection on charter-ietf-mls-01-00: (with COMMENT)
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Feb 2024 15:16:33 -0000

Hi! Brendan had another grammar fix that I incorporated. Squashed and merged the recharter text. Will forward it on to Paul.

spt

> On Jan 25, 2024, at 12:23, Sean Turner <sean@sn3rd.com> wrote:
> 
> Richard suggested we put back the 1st para.  I incorporated that change into the PR:
> https://github.com/mlswg/wg-materials/pull/16/files
> 
> spt
> 
>> On Jan 24, 2024, at 21:59, Sean Turner <sean@sn3rd.com> wrote:
>> 
>> I took a stab at removing the intro.  We can review tomorrow:
>> https://github.com/mlswg/wg-materials/pull/16
>> 
>> spt
>> 
>>> On Jan 24, 2024, at 11:36, Sean Turner <sean@sn3rd.com> wrote:
>>> 
>>> HI! I will take a stab at addressing these changes in the GH repo and we can discuss tomorrow.
>>> 
>>> spt
>>> 
>>>> On Jan 4, 2024, at 11:23, John Scudder via Datatracker <noreply@ietf.org> wrote:
>>>> 
>>>> John Scudder has entered the following ballot position for
>>>> charter-ietf-mls-01-00: No Objection
>>>> 
>>>> When responding, please keep the subject line intact and reply to all
>>>> email addresses included in the To and CC lines. (Feel free to cut this
>>>> introductory paragraph, however.)
>>>> 
>>>> 
>>>> 
>>>> The document, along with other ballot positions, can be found here:
>>>> https://datatracker.ietf.org/doc/charter-ietf-mls/
>>>> 
>>>> 
>>>> 
>>>> ----------------------------------------------------------------------
>>>> COMMENT:
>>>> ----------------------------------------------------------------------
>>>> 
>>>> My comments can be summed up as agreement with Éric’s "May I also suggest
>>>> to reduce the leading part of the charter about the history and achievements
>>>> of the MLS WG?”. If the history is to be kept (which I don't prefer,
>>>> even after reading Sean's reply, but wouldn't block on) then there are
>>>> a bunch of errors that need to be fixed, noted below. The easiest fix though,
>>>> would be to just remove the historical parts.
>>>> 
>>>>> The Messaging Layer Security (MLS) protocol, RFC 9420, specifies a key
>>>>> establishment protocol that provides efficient asynchronous group key
>>>>> establishment with forward secrecy (FS) and post-compromise security (PCS)
>>>>> for groups in size ranging from two to thousands.
>>>> 
>>>> Fine. But I think you could remove the bullet list of properties. Anyone
>>>> curious can go read the RFC, can't they?
>>>> 
>>>> But if the bullet list is retained, it needs a fix, noted below.
>>>> 
>>>>> 
>>>>> MLS has the following properties:
>>>>> 
>>>>> o Message Confidentiality - Messages can only be read
>>>>> by members of the group
>>>>> o Message Integrity and Authentication - Each message
>>>>> has been sent by an authenticated sender, and has
>>>>> not been tampered with
>>>>> o Membership Authentication - Each participant can verify
>>>>> the set of members in the group
>>>>> o Asynchronicity - Keys can be established without any
>>>>> two participants being online at the same time
>>>>> o Forward secrecy - Full compromise of a node at a point
>>>>> in time does not reveal past messages sent within the group
>>>>> o Post-compromise security - Full compromise of a node at a
>>>>> point in time does not reveal future messages sent within the group
>>>>> o Scalability - Resource requirements have good scaling in the
>>>>> size of the group (preferably sub-linear)
>>>> 
>>>> The parenthetical comment "(preferably sub-linear)" made sense in the
>>>> previous charter, but doesn't make any sense in describing the properties
>>>> of an approved protocol specification. Either delete the parenthetical,
>>>> or fix it.
>>>> 
>>>>> 
>>>>> It is not a goal of this group to enable interoperability/federation
>>>>> between messaging applications beyond the key establishment,
>>>>> authentication, and confidentiality services. Full interoperability
>>>>> would require alignment at many different layers beyond security,
>>>>> e.g., standard message transport and application semantics. The
>>>>> focus of this work is to develop a messaging security layer that
>>>>> different applications can adapt to their own needs.
>>>>> 
>>>>> While authentication is a key goal of this working group, it is not
>>>>> the objective of this working group to develop new authentication
>>>>> technologies. Rather, the MLS protocol provides a way to leverage
>>>>> existing authentication technologies to associate identities with
>>>>> keys used in the protocol, just as TLS does with X.509.
>>>> 
>>>> Again, I think the history lesson below seems surplus to requirements:
>>>> 
>>>>> 
>>>>> While developing the MLS protocol, the group drew on lessons learned
>>>>> from several prior message-oriented security protocols, in addition
>>>>> to the proprietary messaging security protocols deployed within
>>>>> existing applications:
>>>>> 
>>>>> o S/MIME - https://tools.ietf.org/html/rfc5751
>>>>> o OpenPGP - https://tools.ietf.org/html/rfc4880
>>>>> o Off the Record - https://otr.cypherpunks.ca/Protocol-v3-4.1.1.html
>>>>> o Double Ratchet - https://en.wikipedia.org/wiki/Double_Ratchet_Algorithm
>>>>> 
>>>>> The working group followed the pattern of TLS 1.3, with specification,
>>>>> implementation, and verification proceeding in parallel. When we arrived
>>>>> at RFC, we had several interoperable implementations as well as a thorough
>>>>> security analysis.
>>>> 
>>>> If you think it's important to say "this is how the WG wants to work" then
>>>> I suggest re-wording it in terms like that instead of "this is what we did
>>>> before" which doesn't say anything about expectations going forward.
>>>> 
>>>> The next paragraph doesn't make any sense because its context is material
>>>> from the old charter, that was deleted for this one:
>>>> 
>>>>> 
>>>>> Note that consensus is required both for changes to the protocol mechanisms
>>>>> from these documents and retention of the mechanisms from them. In particular,
>>>>> because something is in the initial document set does not imply that there is
>>>>> consensus around the feature or around how it is specified.
>>>> 
>>>> I think the above paragraph can be deleted, or if you think it has
>>>> a nugget in it that needs to be retained, it needs a rewrite.
>>>> 
>>>>> 
>>>>> Now that MLS has been published, the group will work on the following MLS
>>>>> protocol extensions:
>>>> 
>>>> You could drop "Now that MLS has been published" but whatever.
>>>> 
>>>>> 
>>>>> Support for use of MLS in protocols developed by the MIMI working group
>>>>> Support for new credential types
>>>>> Support for common operational patterns in messaging applications
>>>>> Support for quantum resistance
>>>>> Framework for safe extensibility
>>>>> Detection of lost application messages
>>>>> Support for sending messages to individual members of a group
>>>>> Many of extensions to support these features will be included in
>>>>> draft-ietf-mls-extensions, but some of the extensions will be published in
>>>>> seperate Internet-Drafts.
>>>>> 
>>>> 
>>>> The sentence above, parsed closely, seems to indicate you don't intend to
>>>> publish RFCs, just Internet Drafts. Probably s/Internet-Drafts/specifications/
>>>> I guess.
>>>> 
>>>> 
>>>> 
>>> 
>> 
>

v2.23.0 | Report a Bug | By Email