[MLS] Weekly github digest (MLS Working Group summary)
Repository Activity Summary Bot <do_not_reply@mnot.net> Sun, 21 January 2024 07:46 UTC
Return-Path: <do_not_reply@mnot.net>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA9CBC14F68F for <mls@ietfa.amsl.com>; Sat, 20 Jan 2024 23:46:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.705
X-Spam-Level:
X-Spam-Status: No, score=-6.705 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=mnot.net header.b="E3RUtzc0"; dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=messagingengine.com header.b="qJTRfCz4"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sP1Lcljn0Fkq for <mls@ietfa.amsl.com>; Sat, 20 Jan 2024 23:46:03 -0800 (PST)
Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6571C14EB19 for <mls@ietf.org>; Sat, 20 Jan 2024 23:46:03 -0800 (PST)
Received: from compute7.internal (compute7.nyi.internal [10.202.2.48]) by mailout.nyi.internal (Postfix) with ESMTP id 65D165C00DF for <mls@ietf.org>; Sun, 21 Jan 2024 02:38:42 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162]) by compute7.internal (MEProxy); Sun, 21 Jan 2024 02:38:42 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :content-type:content-type:date:from:from:in-reply-to :mime-version:reply-to:subject:subject:to:to; s=fm1; t= 1705822722; x=1705909122; bh=dGxaFqGCDKWscuW8g11xlYVJlsydbfUOQMy 66yxmhzk=; b=E3RUtzc0sL1D/Osvugde7VnLAnjzbDhpWmHZx0+8hDeRh1Jx/6f v92+G82xwoSABfAbXh6XEveBW0bQs9GPbU7IwxbLLoPKHCGPiuIdBEzUX8O8MnQt SAqIivyVTXd0fqT3pEuVobmInH7Y9K3yeziJwutWRYL/Xa33VORunhg9krcWAG63 1zF8zIf9P1bu3NCngjdVsx04xz1ctF/77Zc2KKFhUL9fcvy9OK0hqzOXg5f7eEf2 i9ncVVqRoI3kMPbgnGTWJk8UgPOJF2IDHAwPYN5KUx9ZPJVpfNJQxxztie0kRUmu XkvVLJ2B+muheB9teCmqf/bsQ+6xuAjoo4w==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date :feedback-id:feedback-id:from:from:in-reply-to:mime-version :reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1705822722; x= 1705909122; bh=dGxaFqGCDKWscuW8g11xlYVJlsydbfUOQMy66yxmhzk=; b=q JTRfCz4oBAaUTzM7145mLO4fj6HxOwlyIwm7O42cXihwLiLJBLKmwTZYlEtTlQw/ yuHq4YxpRtwgS0iDyD+sPAlVKkteaV21pw0cESEaS8pPpKJnObeix5xGIWE9KuOH 60460YipGFUL/YmV6xOFDdRnRMV9P9H5evz+l6f2yy26K8/EO4fvW60ohyi4v7Rr LTWQizJbau6U7dsjwQLfMEKeq7bWEyBGkaNrje0Lr59D87Tit9nxrlU2y4vvhbB6 kJ86HFwov18bNFT+c88bpGArjZ5DXxAEvXj4CZPdnydWVdrFJAT1KDWQvZJ8ellu lHnkBxGWKdrGMlNiSjEVw==
X-ME-Sender: <xms:AsqsZexRq70UGCiELPCHjiSrq-DnIg_-O7Mw5l_XG3_R955pz76wwA> <xme:AsqsZaQFEiMGJJH7WiTW7Phkw0ATG5a1hYBd4jr05zjhL9FQKEq5mATQkz0OAR8-w 61bIJNvETUvaBVWfA>
X-ME-Received: <xmr:AsqsZQUXToI0amz-hLi320LoC6Esi-Zae-F-NRA6g36GfMQoKViM96LaCEsndvY>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrvdekfedguddtlecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecupfhoucgurghtvgcufhhivghlugculdegledmne cujfgurheptggghffvufesrgdttdertddtjeenucfhrhhomheptfgvphhoshhithhorhih ucettghtihhvihhthicuufhumhhmrghrhicuuehothcuoeguohgpnhhothgprhgvphhlhi esmhhnohhtrdhnvghtqeenucggtffrrghtthgvrhhnpeekfedvudetjedvfeekheeiveeu gfefhfetteevgeffkefffeetffdvleehudeiteenucffohhmrghinhepghhithhhuhgsrd gtohhmnecuvehluhhsthgvrhfuihiivgepudenucfrrghrrghmpehmrghilhhfrhhomhep ughopghnohhtpghrvghplhihsehmnhhothdrnhgvth
X-ME-Proxy: <xmx:AsqsZUi3bXf_MXRzxUJwHucI3VFVEE3vTEe0TrOMfoaND_QhxkjsDg> <xmx:AsqsZQB-BQ989A51CblQWtcVBA0YHBkBSRL2joP2rUSbPg1dxKgFKg> <xmx:AsqsZVJCcf3jd5vVukl2Auy40BSPL5LzqLaEzczwJl8sqoInHoSm8w> <xmx:AsqsZf_IS9Ow5a0exwexWFPsyMjgaR1IM41kCt26O7gThCAjgNPcSg>
Feedback-ID: i1c3946f2:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <mls@ietf.org>; Sun, 21 Jan 2024 02:38:42 -0500 (EST)
Content-Type: multipart/alternative; boundary="===============3671458337254734657=="
MIME-Version: 1.0
From: Repository Activity Summary Bot <do_not_reply@mnot.net>
To: mls@ietf.org
Message-Id: <20240121074603.A6571C14EB19@ietfa.amsl.com>
Date: Sat, 20 Jan 2024 23:46:03 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/WU7vMT2ppgrZkmbxFOPcOoYRi2U>
Subject: [MLS] Weekly github digest (MLS Working Group summary)
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Jan 2024 07:46:09 -0000
Issues
------
* mlswg/mls-architecture (+0/-23/💬27)
21 issues received 27 new comments:
- #234 ReInit on network partition (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/234
- #233 Recommendation about Lifetimes and LeafNodes and KeyPackages (4 by beurdouche, ekr)
https://github.com/mlswg/mls-architecture/issues/233 [discuss]
- #231 Cleanup the references (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/231 [editorial]
- #228 Service binding separation (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/228
- #227 Do not reuse signature keys (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/227
- #226 Encrypted at rest (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/226
- #222 Unidirectional transport (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/222
- #221 Attackers who can sign (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/221
- #220 Compartmentalized signing keys (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/220
- #219 PCS and compromised AS (2 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/219
- #210 Recommendation for encrypted group operations (3 by beurdouche, ekr)
https://github.com/mlswg/mls-architecture/issues/210 [discuss]
- #206 Double check if there is enough guidance on last resort key packages (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/206 [recommendation]
- #186 Review from Francesca Palombini (ART) (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/186 [resolved (verify then close)]
- #185 Review from Murray Kucherawy (ART) (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/185 [resolved (verify then close)]
- #184 Review from Zaheduzzaman Sarker (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/184 [resolved (verify then close)]
- #181 Review from Lars Eggert (GEN) (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/181 [resolved (verify then close)]
- #179 Review from Éric Vyncke (INT) (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/179 [resolved (verify then close)]
- #177 Review from Tatuya Jinmei (INT) (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/177 [resolved (verify then close)]
- #176 Review from Yoav Nir (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/176 [resolved (verify then close)]
- #175 Review from Valery Smyslov (ART) (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/175 [resolved (verify then close)]
- #174 Add recommendations on Key Packages (reuse and last resort) (1 by beurdouche)
https://github.com/mlswg/mls-architecture/issues/174 [recommendation]
23 issues closed:
- PCS and compromised AS https://github.com/mlswg/mls-architecture/issues/219
- Recommendation about Lifetimes and LeafNodes and KeyPackages https://github.com/mlswg/mls-architecture/issues/233 [discuss]
- Review from Francesca Palombini (ART) https://github.com/mlswg/mls-architecture/issues/186 [resolved (verify then close)]
- Review from Murray Kucherawy (ART) https://github.com/mlswg/mls-architecture/issues/185 [resolved (verify then close)]
- Review from Zaheduzzaman Sarker https://github.com/mlswg/mls-architecture/issues/184 [resolved (verify then close)]
- Review from Lars Eggert (GEN) https://github.com/mlswg/mls-architecture/issues/181 [resolved (verify then close)]
- Review from Éric Vyncke (INT) https://github.com/mlswg/mls-architecture/issues/179 [resolved (verify then close)]
- Review from Tatuya Jinmei (INT) https://github.com/mlswg/mls-architecture/issues/177 [resolved (verify then close)]
- Review from Yoav Nir https://github.com/mlswg/mls-architecture/issues/176 [resolved (verify then close)]
- Review from Valery Smyslov (ART) https://github.com/mlswg/mls-architecture/issues/175 [resolved (verify then close)]
- PCS and compromised AS https://github.com/mlswg/mls-architecture/issues/219
- Service binding separation https://github.com/mlswg/mls-architecture/issues/228
- Attackers who can sign https://github.com/mlswg/mls-architecture/issues/221
- Do not reuse signature keys https://github.com/mlswg/mls-architecture/issues/227
- ReInit on network partition https://github.com/mlswg/mls-architecture/issues/234
- Cleanup the references https://github.com/mlswg/mls-architecture/issues/231 [editorial]
- Compartmentalized signing keys https://github.com/mlswg/mls-architecture/issues/220
- Encrypted at rest https://github.com/mlswg/mls-architecture/issues/226
- Unidirectional transport https://github.com/mlswg/mls-architecture/issues/222
- Double check if there is enough guidance on last resort key packages https://github.com/mlswg/mls-architecture/issues/206 [recommendation]
- Add recommendations on Key Packages (reuse and last resort) https://github.com/mlswg/mls-architecture/issues/174 [recommendation]
- Strongest credential type https://github.com/mlswg/mls-architecture/issues/225
- Text around External Joins https://github.com/mlswg/mls-architecture/issues/209 [editorial]
* mlswg/mls-extensions (+1/-0/💬1)
1 issues created:
- Aren't we missing an extension to signal the strong/weak consistency chosen by the DS ? (by beurdouche)
https://github.com/mlswg/mls-extensions/issues/24
1 issues received 1 new comments:
- #24 Aren't we missing an extension to signal the strong/weak consistency chosen by the DS ? (1 by Bren2010)
https://github.com/mlswg/mls-extensions/issues/24
Pull requests
-------------
* mlswg/mls-architecture (+7/-12/💬3)
7 pull requests submitted:
- Remove unnecessary text around sig key compromise (#221) (by beurdouche)
https://github.com/mlswg/mls-architecture/pull/242
- Move sig key reuse outside of the privacy section (by beurdouche)
https://github.com/mlswg/mls-architecture/pull/241
- Remove confusing sentence on ReInit (by beurdouche)
https://github.com/mlswg/mls-architecture/pull/240
- Relocate encryption at rest recommendation (#226) (by beurdouche)
https://github.com/mlswg/mls-architecture/pull/239
- Remove the recommendation to use FEC (by beurdouche)
https://github.com/mlswg/mls-architecture/pull/238
- Minimal recommendation on handling last resort KeyPackages (by beurdouche)
https://github.com/mlswg/mls-architecture/pull/237
- Tighten formatting, no content change (by beurdouche)
https://github.com/mlswg/mls-architecture/pull/236
3 pull requests received 3 new comments:
- #240 Remove confusing sentence on ReInit (1 by beurdouche)
https://github.com/mlswg/mls-architecture/pull/240
- #229 Security considerations editorial (1 by beurdouche)
https://github.com/mlswg/mls-architecture/pull/229
- #224 Remove recommendation not to have the AS generated keys (1 by beurdouche)
https://github.com/mlswg/mls-architecture/pull/224
12 pull requests merged:
- Remove unnecessary text around sig key compromise (#221)
https://github.com/mlswg/mls-architecture/pull/242
- Move sig key reuse outside of the privacy section
https://github.com/mlswg/mls-architecture/pull/241
- Remove confusing sentence on ReInit
https://github.com/mlswg/mls-architecture/pull/240
- Relocate encryption at rest recommendation (#226)
https://github.com/mlswg/mls-architecture/pull/239
- Remove the recommendation to use FEC
https://github.com/mlswg/mls-architecture/pull/238
- Minimal recommendation on handling last resort KeyPackages
https://github.com/mlswg/mls-architecture/pull/237
- Tighten formatting, no content change
https://github.com/mlswg/mls-architecture/pull/236
- Clarify what 'available' means. Fixes #225
https://github.com/mlswg/mls-architecture/pull/235
- Aead key compromise cleanup
https://github.com/mlswg/mls-architecture/pull/230
- Security considerations editorial
https://github.com/mlswg/mls-architecture/pull/229
- Remove recommendation not to have the AS generated keys
https://github.com/mlswg/mls-architecture/pull/224
- Clarify that groupinfos are also subject to access control. Fixes #209
https://github.com/mlswg/mls-architecture/pull/218 [ready to merge]
Repositories tracked by this digest:
-----------------------------------
* https://github.com/mlswg/mls-architecture
* https://github.com/mlswg/mls-protocol
* https://github.com/mlswg/mls-federation
* https://github.com/mlswg/mls-extensions
* https://github.com/mlswg/mls-implementations
- [MLS] Weekly github digest (MLS Working Group sum… Repository Activity Summary Bot