[MLS] AEAD data in messages
Peter Slatala <psla+mls@google.com> Mon, 12 August 2019 23:15 UTC
Return-Path: <psla@google.com>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE06A120047 for <mls@ietfa.amsl.com>; Mon, 12 Aug 2019 16:15:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17
X-Spam-Level:
X-Spam-Status: No, score=-17 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oQkvEnbwebIS for <mls@ietfa.amsl.com>; Mon, 12 Aug 2019 16:15:29 -0700 (PDT)
Received: from mail-qk1-x735.google.com (mail-qk1-x735.google.com [IPv6:2607:f8b0:4864:20::735]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFBD812000E for <mls@ietf.org>; Mon, 12 Aug 2019 16:15:28 -0700 (PDT)
Received: by mail-qk1-x735.google.com with SMTP id r6so78358473qkc.0 for <mls@ietf.org>; Mon, 12 Aug 2019 16:15:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=Qn/lkJCnXG3DyduVw91wg3yKEkGVDf6n3nmMtY623yM=; b=TeWrPjFxuaFeF9sXlo9oDenSO2KCM4120uLpdopL9ceWmc2GQPkaE5hPgacCzrEIFa rF1zniKt+zYl12tulrXSB6pFAIBxbZmxFF2xMpE9Q9QyIeZZL+fTAHJjOd9Fp/i74PP8 9HQKoZ4HKhx+ioqBEcLfilOZODt3jHwQ/eHoDOadFAHWjgel2QUzGqzG1vU+sBQ5lORB 7hV0Nh9XlrKMsj+LFERSHQmF34o3Yv/BmR5WtPFsDCVpmLnvOfhSLrGha3BMZTug8+VU ddkqw/qTrMAGw3oO8Y/xUiKX0+F9BE0nyXOFe04C3Y/63QhqixPBCNQSVCCW7KI8NXkl yDFw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=Qn/lkJCnXG3DyduVw91wg3yKEkGVDf6n3nmMtY623yM=; b=jl/kUyyQmp3J3mtCF6sQOHGCvR0840mCqrWAglFRy3z6EKzzjr0+Nax2Ovl1MmOzYp EGeEDN+vH1WEsbk0SkAHTbkLtip0sVPW81Tw7uLPfbYmHXmiv5BxfMEmV4AuWWRIMVgE avELNgatQbacXXAqiGjNRO36bkL4rtnMrPfylIvN1mJ19LZHWzog1Aj9wzMHg2lx35/q HsAO+5YlokZKfclgVB96Y5OOJlzRK90/4NBI8Mk8wRz5Ut8JeE3LPMHh/PHe/4B4kppB vv5TqZGz4q8mOW3dTjSPG73EGgXSR3wA0Ly73/IG5z4gh7l65EdbEl0amzsStXUVATAv voxg==
X-Gm-Message-State: APjAAAUpAHwIlTUJghLlY2hyZSeFvu0cMjla8gpi1fqxNNyQuIkhwPg3 kUukRmXO3Jz4XTUsRRr6NTXAsSv1MQktpsk31XrMPvzBFApKvA==
X-Google-Smtp-Source: APXvYqwDr7GYTuO30WKk0+E9tSNSp0mHC/RYiBYU/5wGIiRJIXFSbYIRHFCHZtykbe05DO8Ud4ID/BsWujKM1c6T2Vw=
X-Received: by 2002:a37:7c46:: with SMTP id x67mr5920563qkc.78.1565651727431; Mon, 12 Aug 2019 16:15:27 -0700 (PDT)
MIME-Version: 1.0
From: Peter Slatala <psla+mls@google.com>
Date: Mon, 12 Aug 2019 16:15:01 -0700
Message-ID: <CAJ1bmRnw3WmQZstaHi2+gmA1jrQKy_A2vAk6AYVEG3QwGke7MQ@mail.gmail.com>
To: mls@ietf.org, Benjamin Beurdouche <benjamin.beurdouche@inria.fr>
Content-Type: multipart/alternative; boundary="0000000000000ec623058ff3b3f5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/jB5ygAJs3P8TLkduj6Q9vFWmSJI>
Subject: [MLS] AEAD data in messages
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Aug 2019 23:15:35 -0000
Hello! I was wondering if you considered allowing additional plaintext but authenticated data in MLS messages. While I can't think of immediate, compelling use cases right now, I am wondering if such extensibility wouldn't be desired. For example, in encrypted video calls, resolution, framerate, or audio volume can be put in plaintext so that the selective forwarding unit can decide which streams to forward to the group members (and the recipient also uses this data). Here are some use-cases for MLS that I can think of: * sending a 'sending device identifier' in case if delivery service can't differentiate different user devices from each other. * sending 'message type' that server can act upon. For example, delivery report sent by the recipient to the sender, which also acts as an ACK to the server that the message was persisted. * authenticating message id (but make it visible to server to avoid redelivery), * other use cases that I can't think of right now. Have you considered supporting AEAD, or is it already supported and I missed it? Thanks, Peter
- [MLS] AEAD data in messages Peter Slatala
- Re: [MLS] AEAD data in messages Jeff Burdges
- Re: [MLS] AEAD data in messages Peter Slatala
- Re: [MLS] AEAD data in messages Richard Barnes
- Re: [MLS] AEAD data in messages Benjamin Beurdouche
- Re: [MLS] AEAD data in messages Benjamin Beurdouche
- Re: [MLS] AEAD data in messages Peter Slatala
- Re: [MLS] AEAD data in messages Jon Callas
- Re: [MLS] AEAD data in messages Peter Slatala
- Re: [MLS] AEAD data in messages Jon Callas
- Re: [MLS] AEAD data in messages Peter Slatala
- Re: [MLS] AEAD data in messages Peter Slatala
- Re: [MLS] AEAD data in messages Richard Barnes