Re: [MLS] confirming server assist way forward

Benjamin Beurdouche <benjamin.beurdouche@inria.fr> Fri, 07 February 2020 14:04 UTC

Return-Path: <benjamin.beurdouche@inria.fr>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF1CF120086 for <mls@ietfa.amsl.com>; Fri, 7 Feb 2020 06:04:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M2E-NnGS4sho for <mls@ietfa.amsl.com>; Fri, 7 Feb 2020 06:04:41 -0800 (PST)
Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 48C88120048 for <mls@ietf.org>; Fri, 7 Feb 2020 06:04:41 -0800 (PST)
X-IronPort-AV: E=Sophos;i="5.70,413,1574118000"; d="scan'208";a="434952452"
Received: from corp-nat.untrust.par2.mozilla.com (HELO [10.235.30.91]) ([185.155.183.198]) by mail2-relais-roc.national.inria.fr with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Feb 2020 15:04:39 +0100
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3608.60.0.2.5\))
From: Benjamin Beurdouche <benjamin.beurdouche@inria.fr>
In-Reply-To: <D167460F-FA34-402E-A06E-809130A70132@sn3rd.com>
Date: Fri, 7 Feb 2020 15:04:39 +0100
Cc: ML Messaging Layer Security <mls@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <7518041D-619D-47CC-8A17-DEBC1C5B9F02@inria.fr>
References: <D167460F-FA34-402E-A06E-809130A70132@sn3rd.com>
To: Sean Turner <sean@sn3rd.com>
X-Mailer: Apple Mail (2.3608.60.0.2.5)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/v-cCQe5-NSMMrGH1DupX3vecD9g>
Subject: Re: [MLS] confirming server assist way forward
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Feb 2020 14:04:44 -0000

Obviously I support this effort.

I just want to remind the WG that the intent of that document is to describe
what we think are the main constraints and establish where the
places where not only security but also privacy can be affected by a 
server-assist feature. We will illustrate these places and recommend
possible solutions. Again, the goal is not to mandate solutions.

If all goes well, this effort will confort the fact that the server-assist features
do not affect the core security guarantees we expect from the protocol.

B.

> On 6 Feb 2020, at 17:08, Sean Turner <sean@sn3rd.com> wrote:
> 
> Hi!
> 
> tl;dr: confirming new individual draft to describe server assist.
> 
> During the F2F Interim in January, the WG had a lengthy discussion about server assist. We wrestled with the tussle between privacy and the desire to support very large groups, which just about everybody, if not everybody, believes requires some type of server assist because adding a new member to a large group requires sending megabytes of data in the Welcome message and this can be too much for some devices. Normally, the AS and DS is split and maybe these functions are collapsed in IRL, but Benjamin suggested that we split the functionality up a bit more to talk more fine-grained about the guarantees we want. The functional split suggested was as follows [0]:
> 
> - AS: Authentication Service (Signature Keys)
> - DS: Delivery Service
> -- CS: Credential Retrieval Service (CIKs)
> -- IDS: Message Reception Service (Input)
> --- IDS is responsible for message ordering.
> -- ODS: Message Delivery Service (Output)
> --- IDS and ODS may be combined.
> - SDS: Storage Delivery Service (Welcome+Backup)
> -- SDS is optional.
> 
> Likewise, they suggested that we switch from a model where there is one queue per group, to one queue per recipient.
> 
> The consensus at the interim was that it is important to support server assist and that it was equally important to provide truth in advertising, i.e., those that implement the functionality need to understand the security guarantees that are available.
> 
> There was also consensus to produce an individual draft that describes server assist. After this draft is published, the WG can review it and decide whether it should be accepted as a workable starting point and potential WG item.
> 
> The chairs need to confirm the interim’s consensus on list, so please let the WG know by 2359 UTC 20 February whether you disagree with the way forward and why.
> 
> FYI: Benjamin and Raphael volunteered to write this draft.
> 
> Cheers,
> 
> Nick and Sean
> 
> [0] https://github.com/mlswg/wg-materials/blob/master/interim-2020-01/04-architecture.pdf
> [1] https://github.com/mlswg/wg-materials/blob/master/interim-2020-01/minutes.md
> _______________________________________________
> MLS mailing list
> MLS@ietf.org
> https://www.ietf.org/mailman/listinfo/mls