Re: [MLS] I-D Action: draft-ietf-mls-protocol-06.txt

Richard Barnes <rlb@ipv.sx> Thu, 30 May 2019 15:48 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D348E12026E for <mls@ietfa.amsl.com>; Thu, 30 May 2019 08:48:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ge0meiJK1kpp for <mls@ietfa.amsl.com>; Thu, 30 May 2019 08:48:51 -0700 (PDT)
Received: from mail-ot1-x343.google.com (mail-ot1-x343.google.com [IPv6:2607:f8b0:4864:20::343]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D1D1120277 for <mls@ietf.org>; Thu, 30 May 2019 08:48:51 -0700 (PDT)
Received: by mail-ot1-x343.google.com with SMTP id n14so6090920otk.2 for <mls@ietf.org>; Thu, 30 May 2019 08:48:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=jfPpdYAnwMBtrlA8SFe7UffY7o6c3YY2xwBtGMdJpZw=; b=R1QjgApzBKbdyFr3RIhAJBlxKRrU47Fcs3iA+v3a315DKqdN8IQGHdRvLjn2nL8TFQ KO3pdNiFxM6o1GvBDi/q2TPbSYOJ+9fLid7VtWWYD5yfg75H2tZ3HJmPHRaKkJNYNVEr Fu3JPIepSGKDmBHvYiC4jyuyouROq9x2qZCCrwqRpipvePQxbaZU9tZjnBy6XIBwoeHa 2fFHbsPNUgiK6Rm/GV9IkQgOGNOsfhdrWEOmAjijkR9obs8CnJzfGVcGsHyAUdXERBHC BFy912rleMIgxHSs20pkeoilD+qn+mWWSrZ96CdMKLbpnqGHJ+6+Pl/r8klN6hSEM1tx kD1w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=jfPpdYAnwMBtrlA8SFe7UffY7o6c3YY2xwBtGMdJpZw=; b=XYQHgFEaQ6Hv449+HB3M/gn0fZQ4DEOSIEJllKczO8rsxskx0Iwnh/JhsT16txlwZj ApAyu3AbipUjGkB1305v0GKyYDD9rIFPya/RupK673BaVp8H6HynFcXAkSyPqDtK+lFY k/cgYF+BOg4UuC8fnO3sdTc0uWbIr1m0/H7pT5evr+g8e0b8cmWYcaDb/Yt+FaTDDM9r d/EjU2khiZ7Q5bvJYDcweFl+O5KdnP1IGXnQQ9LiPju/a3EfDNbYp9lz++FTAFRMGWNI MxI36JudBTCbvJ9DbDFexYL4zx8qxnVwhRd68wLdARDr7yNgp3Q5X5hKMM0DR25u9tj1 A1GA==
X-Gm-Message-State: APjAAAVzyEgPeTCRZKJ1PkDuxSO1akJi9yUnrnEg/Bz6jFsUFMVFW6yT VE5H3Z+r69ph3yqPbSigxBs3AtKy1N6Dzs+UBArywyWj0LU=
X-Google-Smtp-Source: APXvYqwYO0acA6IFp5VXZ353r9hGlx+a0jX95z8RMzcdD5Xs9PWKZHjUh4JhP/VYk3bsMz9dnUBl5iZ7vHEB9ap4KE0=
X-Received: by 2002:a9d:6189:: with SMTP id g9mr3167389otk.241.1559231330029; Thu, 30 May 2019 08:48:50 -0700 (PDT)
MIME-Version: 1.0
References: <155923105380.22167.3295367450049593642@ietfa.amsl.com>
In-Reply-To: <155923105380.22167.3295367450049593642@ietfa.amsl.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Thu, 30 May 2019 11:48:35 -0400
Message-ID: <CAL02cgSE111W9=AYrLm0hE7C9UJj-0TyEjNX-VYtK5Xuje=AhQ@mail.gmail.com>
To: Messaging Layer Security WG <mls@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008ca395058a1cd5c2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/_dqmJ2P_kk8ijv6h9L8KjKizIsg>
Subject: Re: [MLS] I-D Action: draft-ietf-mls-protocol-06.txt
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 May 2019 15:49:00 -0000

Hi all,

As discussed at the interim, the authors have produced a version that has a
bunch of typo and bugfixes on -05.  This should be a good target for
implementation and analysis.  We plan to focus draft-07 (in the IETF 105
time frame) on more performance-related changes that have less impact on
the analysis.

One particular note / call for ideas: The interaction between the common
framing and the confirmation MAC has led to a rather awkward dance to keep
the transcript hash up to date.  If folks have ideas for how we could more
elegantyl provide the authentication function that the confirmation MAC
provides, they would be very welcome.  Mr. Beurdouche made some suggestive
comments at the interim, but has yet to make a concrete proposal, so the
field is open :)

--Richard


On Thu, May 30, 2019 at 11:45 AM <internet-drafts@ietf.org>; wrote:

>
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> This draft is a work item of the Messaging Layer Security WG of the IETF.
>
>         Title           : The Messaging Layer Security (MLS) Protocol
>         Authors         : Richard Barnes
>                           Jon Millican
>                           Emad Omara
>                           Katriel Cohn-Gordon
>                           Raphael Robert
>         Filename        : draft-ietf-mls-protocol-06.txt
>         Pages           : 52
>         Date            : 2019-05-30
>
> Abstract:
>    Messaging applications are increasingly making use of end-to-end
>    security mechanisms to ensure that messages are only accessible to
>    the communicating endpoints, and not to any servers involved in
>    delivering messages.  Establishing keys to provide such protections
>    is challenging for group chat settings, in which more than two
>    clients need to agree on a key but may not be online at the same
>    time.  In this document, we specify a key establishment protocol that
>    provides efficient asynchronous group key establishment with forward
>    secrecy and post-compromise security for groups in size ranging from
>    two to thousands.
>
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-mls-protocol/
>
> There are also htmlized versions available at:
> https://tools.ietf.org/html/draft-ietf-mls-protocol-06
> https://datatracker.ietf.org/doc/html/draft-ietf-mls-protocol-06
>
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-mls-protocol-06
>
>
> Please note that it may take a couple of minutes from the time of
> submission
> until the htmlized version and diff are available at tools.ietf.org.
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
>
> _______________________________________________
> MLS mailing list
> MLS@ietf.org
> https://www.ietf.org/mailman/listinfo/mls
>