Re: [MLS] multiple devices per user?

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 27 March 2018 21:01 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8CEC127867 for <mls@ietfa.amsl.com>; Tue, 27 Mar 2018 14:01:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4-_2V-A4q_55 for <mls@ietfa.amsl.com>; Tue, 27 Mar 2018 14:01:02 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8552B12D940 for <mls@ietf.org>; Tue, 27 Mar 2018 14:01:01 -0700 (PDT)
Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id 6C824F99A; Tue, 27 Mar 2018 17:01:00 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id EA08E20A0B; Tue, 27 Mar 2018 16:56:57 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Justin Uberti <juberti@google.com>, Eric Rescorla <ekr@rtfm.com>
Cc: mls@ietf.org
In-Reply-To: <CAOJ7v-3Px-ieyda9+jS3Sju44hbJXDj-32k71NqBaXA41K3EPQ@mail.gmail.com>
References: <87efk9m7e9.fsf@fifthhorseman.net> <CABcZeBOAaA2_SRSimo2-x-jCw=YjvDsU7h0kPzU9WroTBBHoKA@mail.gmail.com> <CAOJ7v-3Px-ieyda9+jS3Sju44hbJXDj-32k71NqBaXA41K3EPQ@mail.gmail.com>
Date: Tue, 27 Mar 2018 16:56:57 -0400
Message-ID: <87zi2tjkyu.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/W9o70LLGQ1Yx0wi7BnSH19eHh_M>
Subject: Re: [MLS] multiple devices per user?
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Mar 2018 21:01:04 -0000

On Sat 2018-03-24 22:52:48 +0000, Justin Uberti wrote:
> Also, allowing exfiltration of keys in order to allow cross-device sharing
> seems to introduce its own set of problems.

it's not clear that any protocol can prevent key exfiltration from an
endpoint that wants to exfiltrate keys outside of that protocol.  so i
don't think it's a question of "allowing" here.

         --dkg