Re: [MLS] John Scudder's No Objection on charter-ietf-mls-01-00: (with COMMENT)
Sean Turner <sean@sn3rd.com> Thu, 25 January 2024 17:24 UTC
Return-Path: <sean@sn3rd.com>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18BA0C14F68E for <mls@ietfa.amsl.com>; Thu, 25 Jan 2024 09:24:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Level:
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8gpUx8Zo_D-Y for <mls@ietfa.amsl.com>; Thu, 25 Jan 2024 09:23:56 -0800 (PST)
Received: from mail-il1-x12b.google.com (mail-il1-x12b.google.com [IPv6:2607:f8b0:4864:20::12b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DDDCCC14F61B for <mls@ietf.org>; Thu, 25 Jan 2024 09:23:56 -0800 (PST)
Received: by mail-il1-x12b.google.com with SMTP id e9e14a558f8ab-361ae51a4c6so25925085ab.1 for <mls@ietf.org>; Thu, 25 Jan 2024 09:23:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; t=1706203435; x=1706808235; darn=ietf.org; h=message-id:in-reply-to:to:references:date:subject:mime-version :content-transfer-encoding:from:from:to:cc:subject:date:message-id :reply-to; bh=wK4vOgckRwvRAkL9xSFqz1p2jJb+t9onXrp9hHxVVEM=; b=A/qCn3rbempbS1uu7ontZVNWFW1b0o6lxLehuck5dySgKqjFqXmXkft98A9Cqu97OW cbUeDT3jKX+1h/qsoVZcpci0qSgoEPSBN5+Ofg8HQRrq0/iSlxPNX7JkZhIEI+e1ysNY SY6RkhBTqsLpf2CCmKQ/PJmjYzYYFOp7rH0fI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706203435; x=1706808235; h=message-id:in-reply-to:to:references:date:subject:mime-version :content-transfer-encoding:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=wK4vOgckRwvRAkL9xSFqz1p2jJb+t9onXrp9hHxVVEM=; b=IdUE1wBSnLB99D6pCguh4Y0IVV4Z3KNxT14z2oRUC8YE6XdaVMlXQ9fZN4Aicoh3lj YRlBaWEO+vYd9gBqkKcnBavPmh2WiimAmfdbpKCX7JyeqHv/fCglzPQJIfW2kLnlG1Ak MFxCVjyDtvhNQM6QMVGcpBVti3sZpoDvOU7EeiVEP65YzWbGxJhJugefVpQP7R/GZUc4 lcUAe6LbpsMErobzAjTZ4tbHVWI09HcaTAUH2vtxQCgigl5qhXFmCkYg49zrCNE0UbH7 yud/TTWFBlj4pfqyArN5+72vn8MmZSs/5OK+4ARvMi7ErNREIR5y+MPUkskRZEb8wV3w 0Dpw==
X-Gm-Message-State: AOJu0Ywtbevs/5Wc1Qii7R9RzJQ4k6uuvfClHCjcd9qoyFX0+yBkFm+H 4F06bCLpBMfoKrwvu57N6vj9Ld5YOPV4uBsShVpVtrJNWc66CLJ9eqw2egHTYU4ta+g5ogbmKLX V
X-Google-Smtp-Source: AGHT+IG15lC7fQaKpTAKtbHu6+FMzzU76gqaOkFjqGebadPADzBSImPq6uurVQ2D86S6kZYEC8R4qw==
X-Received: by 2002:a92:dc45:0:b0:362:ab27:33f8 with SMTP id x5-20020a92dc45000000b00362ab2733f8mr50435ilq.18.1706203435432; Thu, 25 Jan 2024 09:23:55 -0800 (PST)
Received: from smtpclient.apple (pool-68-238-162-47.washdc.fios.verizon.net. [68.238.162.47]) by smtp.gmail.com with ESMTPSA id w17-20020a0cc251000000b00682ac28c187sm5606917qvh.59.2024.01.25.09.23.54 for <mls@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 25 Jan 2024 09:23:54 -0800 (PST)
From: Sean Turner <sean@sn3rd.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.15\))
Date: Thu, 25 Jan 2024 12:23:54 -0500
References: <170438543171.34367.8299596703790005615@ietfa.amsl.com> <87FBE764-AF15-4140-9ACC-F9A1FA2F6A6A@sn3rd.com> <2645FD67-E03C-45F5-932B-196D9153CDD8@sn3rd.com>
To: MLS List <mls@ietf.org>
In-Reply-To: <2645FD67-E03C-45F5-932B-196D9153CDD8@sn3rd.com>
Message-Id: <517D6B00-E67A-461B-9C13-3F92307AB593@sn3rd.com>
X-Mailer: Apple Mail (2.3654.120.0.1.15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/byoCVcemVwQdX_kHcyhSbwlrgJQ>
Subject: Re: [MLS] John Scudder's No Objection on charter-ietf-mls-01-00: (with COMMENT)
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jan 2024 17:24:01 -0000
Richard suggested we put back the 1st para. I incorporated that change into the PR: https://github.com/mlswg/wg-materials/pull/16/files spt > On Jan 24, 2024, at 21:59, Sean Turner <sean@sn3rd.com> wrote: > > I took a stab at removing the intro. We can review tomorrow: > https://github.com/mlswg/wg-materials/pull/16 > > spt > >> On Jan 24, 2024, at 11:36, Sean Turner <sean@sn3rd.com> wrote: >> >> HI! I will take a stab at addressing these changes in the GH repo and we can discuss tomorrow. >> >> spt >> >>> On Jan 4, 2024, at 11:23, John Scudder via Datatracker <noreply@ietf.org> wrote: >>> >>> John Scudder has entered the following ballot position for >>> charter-ietf-mls-01-00: No Objection >>> >>> When responding, please keep the subject line intact and reply to all >>> email addresses included in the To and CC lines. (Feel free to cut this >>> introductory paragraph, however.) >>> >>> >>> >>> The document, along with other ballot positions, can be found here: >>> https://datatracker.ietf.org/doc/charter-ietf-mls/ >>> >>> >>> >>> ---------------------------------------------------------------------- >>> COMMENT: >>> ---------------------------------------------------------------------- >>> >>> My comments can be summed up as agreement with Éric’s "May I also suggest >>> to reduce the leading part of the charter about the history and achievements >>> of the MLS WG?”. If the history is to be kept (which I don't prefer, >>> even after reading Sean's reply, but wouldn't block on) then there are >>> a bunch of errors that need to be fixed, noted below. The easiest fix though, >>> would be to just remove the historical parts. >>> >>>> The Messaging Layer Security (MLS) protocol, RFC 9420, specifies a key >>>> establishment protocol that provides efficient asynchronous group key >>>> establishment with forward secrecy (FS) and post-compromise security (PCS) >>>> for groups in size ranging from two to thousands. >>> >>> Fine. But I think you could remove the bullet list of properties. Anyone >>> curious can go read the RFC, can't they? >>> >>> But if the bullet list is retained, it needs a fix, noted below. >>> >>>> >>>> MLS has the following properties: >>>> >>>> o Message Confidentiality - Messages can only be read >>>> by members of the group >>>> o Message Integrity and Authentication - Each message >>>> has been sent by an authenticated sender, and has >>>> not been tampered with >>>> o Membership Authentication - Each participant can verify >>>> the set of members in the group >>>> o Asynchronicity - Keys can be established without any >>>> two participants being online at the same time >>>> o Forward secrecy - Full compromise of a node at a point >>>> in time does not reveal past messages sent within the group >>>> o Post-compromise security - Full compromise of a node at a >>>> point in time does not reveal future messages sent within the group >>>> o Scalability - Resource requirements have good scaling in the >>>> size of the group (preferably sub-linear) >>> >>> The parenthetical comment "(preferably sub-linear)" made sense in the >>> previous charter, but doesn't make any sense in describing the properties >>> of an approved protocol specification. Either delete the parenthetical, >>> or fix it. >>> >>>> >>>> It is not a goal of this group to enable interoperability/federation >>>> between messaging applications beyond the key establishment, >>>> authentication, and confidentiality services. Full interoperability >>>> would require alignment at many different layers beyond security, >>>> e.g., standard message transport and application semantics. The >>>> focus of this work is to develop a messaging security layer that >>>> different applications can adapt to their own needs. >>>> >>>> While authentication is a key goal of this working group, it is not >>>> the objective of this working group to develop new authentication >>>> technologies. Rather, the MLS protocol provides a way to leverage >>>> existing authentication technologies to associate identities with >>>> keys used in the protocol, just as TLS does with X.509. >>> >>> Again, I think the history lesson below seems surplus to requirements: >>> >>>> >>>> While developing the MLS protocol, the group drew on lessons learned >>>> from several prior message-oriented security protocols, in addition >>>> to the proprietary messaging security protocols deployed within >>>> existing applications: >>>> >>>> o S/MIME - https://tools.ietf.org/html/rfc5751 >>>> o OpenPGP - https://tools.ietf.org/html/rfc4880 >>>> o Off the Record - https://otr.cypherpunks.ca/Protocol-v3-4.1.1.html >>>> o Double Ratchet - https://en.wikipedia.org/wiki/Double_Ratchet_Algorithm >>>> >>>> The working group followed the pattern of TLS 1.3, with specification, >>>> implementation, and verification proceeding in parallel. When we arrived >>>> at RFC, we had several interoperable implementations as well as a thorough >>>> security analysis. >>> >>> If you think it's important to say "this is how the WG wants to work" then >>> I suggest re-wording it in terms like that instead of "this is what we did >>> before" which doesn't say anything about expectations going forward. >>> >>> The next paragraph doesn't make any sense because its context is material >>> from the old charter, that was deleted for this one: >>> >>>> >>>> Note that consensus is required both for changes to the protocol mechanisms >>>> from these documents and retention of the mechanisms from them. In particular, >>>> because something is in the initial document set does not imply that there is >>>> consensus around the feature or around how it is specified. >>> >>> I think the above paragraph can be deleted, or if you think it has >>> a nugget in it that needs to be retained, it needs a rewrite. >>> >>>> >>>> Now that MLS has been published, the group will work on the following MLS >>>> protocol extensions: >>> >>> You could drop "Now that MLS has been published" but whatever. >>> >>>> >>>> Support for use of MLS in protocols developed by the MIMI working group >>>> Support for new credential types >>>> Support for common operational patterns in messaging applications >>>> Support for quantum resistance >>>> Framework for safe extensibility >>>> Detection of lost application messages >>>> Support for sending messages to individual members of a group >>>> Many of extensions to support these features will be included in >>>> draft-ietf-mls-extensions, but some of the extensions will be published in >>>> seperate Internet-Drafts. >>>> >>> >>> The sentence above, parsed closely, seems to indicate you don't intend to >>> publish RFCs, just Internet Drafts. Probably s/Internet-Drafts/specifications/ >>> I guess. >>> >>> >>> >> >
- [MLS] John Scudder's No Objection on charter-ietf… John Scudder via Datatracker
- Re: [MLS] John Scudder's No Objection on charter-… Sean Turner
- Re: [MLS] John Scudder's No Objection on charter-… Sean Turner
- Re: [MLS] John Scudder's No Objection on charter-… Sean Turner
- Re: [MLS] John Scudder's No Objection on charter-… Sean Turner