Re: [MLS] recruiting reviewers: mls-architecture
Dave Cridland <dave@cridland.net> Wed, 19 September 2018 19:25 UTC
Return-Path: <dave@cridland.net>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29E0A128CE4 for <mls@ietfa.amsl.com>; Wed, 19 Sep 2018 12:25:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cridland.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 744vw9u7D1q9 for <mls@ietfa.amsl.com>; Wed, 19 Sep 2018 12:25:45 -0700 (PDT)
Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 482E2124BE5 for <mls@ietf.org>; Wed, 19 Sep 2018 12:25:45 -0700 (PDT)
Received: by mail-lf1-x129.google.com with SMTP id l26-v6so6154601lfc.8 for <mls@ietf.org>; Wed, 19 Sep 2018 12:25:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cridland.net; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=YP/eTZ13l4eH0aNekViRcT5AVsV1oZAaHBgOM1Q1OTU=; b=YYg7Wj7/5iKoKLs1rQdJZHLvmaCbqqK9kdhIiMxxYrJGBBEa5P/5yV9a59IvgTmp6l NztvQB6Xjexs06XY7sm87UdrMqmlKVL4J2GYRTtegnTabvny9cGax9PDfiDiNYK3ynWI TYy/5fPMxorT7TdHG+6d+kH56hEbM+nnV6ZX8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=YP/eTZ13l4eH0aNekViRcT5AVsV1oZAaHBgOM1Q1OTU=; b=Bpv5NgfF+/Qj3BcL3t0f9NQEFMKvfZJKo00MImW+8MVry4ukbjwm7SAAnjSDOFZhA9 8kl7+Focbhm0+WsCRMtVS2fFiF+8oOF5++1ZH/sVQRQpXoTDkmFy5gDrthOyYXN3EalN vct2FlnTnvi9soQQ8VPuCRKSuWcCpFodYIlDO+HDVblyjljsBCke9Jhwegn6ALgC34/P bswxgYfYApooyp+jzS75kVi2UDxZ3EOY6S85ZGhubD1ki/RvmcVILIs1CJw9mGeINM2L uWFVkFaUk1LA9akSjyfr1NjEnddez/njlRsZvKbHmf478Hb2E+vibgDPM2WGveBBLMrZ +22A==
X-Gm-Message-State: APzg51ASRs2oknNfnADbRhQpijerzrUfqmE5pz12G7exnVg9ZBup3LFY Mkn9gwu8lWJqG4GdUVdO5b+rv9mEGjCSvNnaWJqqwmKg63PCAg==
X-Google-Smtp-Source: ANB0VdbNhLSfJOO7AbH+tMts0IjrSjVkGzicU+hgM/75u0RKZG2/S6RYSfTEN6dI3coOlx/wHGsjPci5JDcqfJab4uM=
X-Received: by 2002:a19:a141:: with SMTP id k62-v6mr23312887lfe.18.1537385143306; Wed, 19 Sep 2018 12:25:43 -0700 (PDT)
MIME-Version: 1.0
References: <1EAEEB0F-F9FD-4271-B610-A9A4F45FEC7C@sn3rd.com>
In-Reply-To: <1EAEEB0F-F9FD-4271-B610-A9A4F45FEC7C@sn3rd.com>
From: Dave Cridland <dave@cridland.net>
Date: Wed, 19 Sep 2018 20:25:32 +0100
Message-ID: <CAKHUCzyHW21AOs-V4W98k66ucE-SsjxS-nGykcs2_-ybAqTT+w@mail.gmail.com>
To: Sean Turner <sean@sn3rd.com>
Cc: mls@ietf.org
Content-Type: multipart/alternative; boundary="00000000000059a1d905763e5fe5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/XFv2b3p7QGv5ImoJ8Y1U6C7vAwI>
Subject: Re: [MLS] recruiting reviewers: mls-architecture
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Sep 2018 19:25:47 -0000
On Wed, 19 Sep 2018 at 16:12, Sean Turner <sean@sn3rd.com> wrote: > mls-protocol: > https://github.com/mlswg/mls-protocol > > So let’s get this party started! > > Further partying: The third para of "Terminology" seems to have a truncated sentence, perhaps just a missing period after "head of the subtree" here: "A subtree of a tree is the tree given by the descendants of any node, the head of the subtree The size of a tree or subtree [...]" "Merkle Proofs" says that a proof is "the value of the leaf node, as well as the values of each node in its copath". The ASCII-art diagram shows the proof for A as being B and CD, yet I read the quoted portion as meaning it should include A as well. Either I am being daft (possible) or the ASCII-art diagram also mark A with an asterisk. "Ratchet Trees for ART" doesn't appear to have a definition of the DH() notation. I assume it's the DH operation as defined in the ciphersuites section. When discussing the ciphersuite "ART with P-256 and SHA-256", the document appears to suggest that the identity KDF is "non-trivial" - is that right? Or is it saying that the overall KDF is non-trivial? Or that it is trivial, but it doesn't matter? When discussing Blank Ratchet Tree Nodes, it's not clear (to me) whether nodes always remains blank, or if subsequent Adds might revive them into real values. So with a trivial tree: AB / \ A B Removing B leads to A / \ A _ Does adding C then lead to AC / \ A C ? I will try to find the time to knock out a toy implementation of (probably) ART, which might uncover other issues (but might simply remind everyone why I should never write cryptographic code). Dave.
- [MLS] recruiting reviewers: mls-architecture Sean Turner
- Re: [MLS] recruiting reviewers: mls-architecture Dave Cridland
- Re: [MLS] recruiting reviewers: mls-architecture Dave Cridland