[MLS] Question regarding DS rejecting (commit) messages with duplicate counter

Daniel Gultsch <daniel@gultsch.de> Thu, 05 March 2020 09:58 UTC

Return-Path: <daniel@gultsch.de>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29C153A117F for <mls@ietfa.amsl.com>; Thu, 5 Mar 2020 01:58:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gultsch-de.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Mpyq-l2zmUwi for <mls@ietfa.amsl.com>; Thu, 5 Mar 2020 01:58:38 -0800 (PST)
Received: from mail-io1-xd2d.google.com (mail-io1-xd2d.google.com [IPv6:2607:f8b0:4864:20::d2d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57D943A1169 for <mls@ietf.org>; Thu, 5 Mar 2020 01:58:38 -0800 (PST)
Received: by mail-io1-xd2d.google.com with SMTP id u17so5771206iog.11 for <mls@ietf.org>; Thu, 05 Mar 2020 01:58:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gultsch-de.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to :content-transfer-encoding; bh=/5dRTOdQ9zhlgYAc24Z5tAyiq/waM2/32IFyhmCd2nY=; b=j9I0UVM0ZzLKaq5/2cY9iinzsqBQDrFHnx5hlWSAuDR8xcjTmAWK9PvxqhmlbmL1mH fWRnsli1U/dokEC/HEkF0O0kazp+3lmGBKdXU4fmDFRE2KeG56neITr0qRPi8vhljg1n I+1cTtaloNLja75w5mkE6cc7at3Ofsdr5hT7HYdXw2Q77UAXbxlRgt3aT5uH1S+vDlst rDNVgGCwkQ/+OAap3TPe09FH7fhyRMHXhFOWIIR6DhACctIwd5mT4D+icrsNde6mYs3N 7cGGWyNqTxTYkfVq+oFjASYT/iCojlp4+7T6XvE+O4UH3wLHabu3/T49u6oAkn2/kFME s9+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-transfer-encoding; bh=/5dRTOdQ9zhlgYAc24Z5tAyiq/waM2/32IFyhmCd2nY=; b=gree4N0QHAt5ViN+Mv+gtEDyNIuzFTN4m6d0LIhsnSza5mz6U5szCnco55/lkG1D1o 5N2ANRd6pkS+h+dhHsbSNVNgCFSG51rZ2ZXW0njU82NB1axwflESh/nGFWFyjAAgtOG7 YLa9Kd1TyR6ItuM5JknWgjw4V4KUS4d9U4JHRhmdns+BHkSQBgenWg4HHoxZMA9SYf7L hvWjfNSg1kT15uWuhDaw44DvOJnkRUVOIUvCrExetO1kN62BB+3engHQQzfvM4YgS4/x CsA4eLLjZ1zJGvpW8m3i2WB1Brr9+iO5mfbuk7Vz2KP0sz/UoTBDLNPbQkbg+r9hDcrg exQw==
X-Gm-Message-State: ANhLgQ33aEBM0RINIjdgp/Mrr+MdLsRDsa9NcEv7wOGdiRrnVVwQTfed uQNLcLfWCnJV333jyjJmbXkESoZ2FbJD4+BDK13sxNjcCOTvdw==
X-Google-Smtp-Source: =?utf-8?q?ADFU+vuD7M3Ez5q8aViasXjhJnZsFKkFnimZS92YVdt+?= =?utf-8?q?7fL1Z4buMEPQGUg5kYlSxXYMY51vwAjcKzyYPTtcXxmvS/g=3D?=
X-Received: by 2002:a5d:8790:: with SMTP id f16mr5557117ion.246.1583402317281; Thu, 05 Mar 2020 01:58:37 -0800 (PST)
MIME-Version: 1.0
From: Daniel Gultsch <daniel@gultsch.de>
Date: Thu, 5 Mar 2020 09:58:26 +0000
Message-ID: <CAN-aAr_XL9Le+fueuhYh6Z2OcLjiivBVfa_iEfdUTT9odWR0xg@mail.gmail.com>
To: mls@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/felXrye1gjU_5CLHK8mM2L8s3aY>
Subject: [MLS] Question regarding DS rejecting (commit) messages with duplicate counter
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Mar 2020 09:58:48 -0000

Hi,

this is my first post on this mailing list so let me quickly introduce
myself. I work on XMPP within the XMPP Standards Foundation. I’m the
developer of an Android client called Conversations and I’m among the
people who brought OMEMO into the XMPP world. I am not a
cryptographer; I can use a library and that's it. I’m coming to MLS
from a pure implementation perspective.

So here is my question:

I understand that commit messages have to arrive in order to be able
to discard subsequent commit messages that try to commit on the same
state. (See Section 11). So assuming that my DS can ensure a unique
order of messages is it still necessary for the DS to reject messages
with the same counter (As described in 11.1)? Wouldn’t the individual
implementations be able to just take the first commit message and
reject subsequent ones. (And then I guess the sender of the rejected
commit message would have to learn that by applying the first commit
message and resend their own commit message.)

If keeping track counters (and rejecting duplicates) is something a DS
needs to ensure (even though I don’t yet understand why) I think this
is something that needs to be mentioned in the architecture document
(as this seems like a slightly unusual feature for a messaging
service).


cheers
Daniel