[MLS] Comments on Leaf Operation Intents
Rohan Mahy <rohan.mahy@gmail.com> Mon, 03 November 2025 09:23 UTC
Return-Path: <rohan.mahy@gmail.com>
X-Original-To: mls@mail2.ietf.org
Delivered-To: mls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 0ECDF81415D6 for <mls@mail2.ietf.org>; Mon, 3 Nov 2025 01:23:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n2B7EsEOvJKV for <mls@mail2.ietf.org>; Mon, 3 Nov 2025 01:23:58 -0800 (PST)
Received: from mail-ed1-x530.google.com (mail-ed1-x530.google.com [IPv6:2a00:1450:4864:20::530]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id B8EA581415CF for <mls@ietf.org>; Mon, 3 Nov 2025 01:23:58 -0800 (PST)
Received: by mail-ed1-x530.google.com with SMTP id 4fb4d7f45d1cf-640a0812658so2647619a12.0 for <mls@ietf.org>; Mon, 03 Nov 2025 01:23:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1762161837; x=1762766637; darn=ietf.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=3ncaCnzkfRM4mC7SdWieJ36oFVyPjZt578NER7vz0Ho=; b=IdQnZF3iZOpLARjB4KtzuQNHBg2SOIbcS9zLVvpgfqNIni2B0HMUxLe8rWYVhq/MU5 Azgppvzep9x3DyvqUgTkBQqE39GtXJJeLEwUk+8fBqziqRBHByJV5Ql/chXm4zO7wTmL xAjpmBAVUBTLPHqDMEMApNhWoPDAG1FSYeb9Vh0lZKxuZ7FInCTZFZn5yQGvdYeekdgO jkZE/BvAouVp5KSK/TG1kh3FFQU0b9f3Gn3tPwLsMdImWTpAfg2hqFzINfsvDsV7tyYG Ml4J25VEB/8U5hd/GDUWYMCLUZn+2c1UHEDtwPsWnZd5yJvPFpOAitFx6gkNE/YmUE4L dN4A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1762161837; x=1762766637; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=3ncaCnzkfRM4mC7SdWieJ36oFVyPjZt578NER7vz0Ho=; b=ABx9IWkTTCiZyhXPHiUM39Ry5YlPIleTfHZCZiiuiQKmh4kZd1AolvIYpoDyTklzPF J5JopPeEwY8Or/TwPKZchowH+cSXMm1JJsWkXMhF0QrrNNJ1v1HGITqgyFHlXgkLon+2 1Jq+wk0PuPK6d5A9ToOOI55f9TOLQcCbiyd8PUx1ppcfhaAaimRElTVIr/En7A3lFlfK IMhLW9lseCKmFTuTSA5iWOBKaV2f1bmy95tzOv5oQEQvfJWzcHzb91FTO7PXuxDz7XJq /GFppgG2heV2LKIe30/a6v6LPB03n3QY31nG5hCUyYo1vAy3FeJ31VS7pZXrAw1P+XS5 HzvA==
X-Gm-Message-State: AOJu0YyFUUZBZBE5TKC0twnZrzzooNrkGA+TpMliwZXpARt7AtLkPRLM 9diAcT4RekyKCQR/g78UpPwOGJGEGnftpDKzzDzJn1zPdI6fDl0jmMv4cbA1gZ9bmrzPrnNKJGy yRIijhJ4zw+mn/DVV3BCbNmzt9hBibvRu6Ezoc+s=
X-Gm-Gg: ASbGncvNHBRUCMAM3C2E57NmBBSu+9u4jlA/HxqkUS+uPXdRV+ENFK1LLKpeZ6gHkM9 BIpkpHdXuHedZ3+1gYcI/YbP+iFj6qdOO0gXwgGWsRefNo90jygj36pzfRtA6SFI0bfXh2THHAj k8ZLzc1fUKbczmJmENdEawswUQp6T3fRkYIoaOvneP3T28k7csMzRnkwIG8HOMWi4A6vXkmKgCI F0I/xuLMIV0jPAsFRMMEQH34RuDRafboPLhoYapuFCh4Ku7J2qWNatuHj4MOtTKi9GD7saEtANi d4nTZNYuQ4+/nyzSOxxsCLHdHfY=
X-Google-Smtp-Source: AGHT+IGhGQsu/F06+m6pFPtGgjAWGgWDZociKLOXCW/UiTdRUBTbQpSjCNFjtVMqJ+8lDNbZzLCNmn9a4lIGuR2S8qM=
X-Received: by 2002:a05:6402:d0e:b0:640:a50b:609 with SMTP id 4fb4d7f45d1cf-640a50b0bd3mr5011349a12.16.1762161837281; Mon, 03 Nov 2025 01:23:57 -0800 (PST)
MIME-Version: 1.0
From: Rohan Mahy <rohan.mahy@gmail.com>
Date: Mon, 03 Nov 2025 04:23:46 -0500
X-Gm-Features: AWmQ_bknydkEENkaBe8DgieZU9b7114_Ig1Q9EZiyywnWR6vXuWROa7ngHKgs4E
Message-ID: <CAKoiRuagUE45Jn4WaJRFAMRjExyjU5f1rend2t7G__2tTMiVyw@mail.gmail.com>
To: MLS List <mls@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000005914650642ad4611"
Message-ID-Hash: YO427P6HP4ECFNOCKCPXOH5IZZWEWIJD
X-Message-ID-Hash: YO427P6HP4ECFNOCKCPXOH5IZZWEWIJD
X-MailFrom: rohan.mahy@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-mls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [MLS] Comments on Leaf Operation Intents
List-Id: Messaging Layer Security <mls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/yhOAsEOfbhTEE8eJsUlteP0_lUY>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Owner: <mailto:mls-owner@ietf.org>
List-Post: <mailto:mls@ietf.org>
List-Subscribe: <mailto:mls-join@ietf.org>
List-Unsubscribe: <mailto:mls-leave@ietf.org>
Hi, First, this document was easy to understand. While addressing the problem of clients having to manage state for their own removal, this seems to just sweeps under the rug the problem that under some circumstances†, a client could have valid keying information for several future epochs after another of its clients sent an intent for all the user's clients to leave. Why not just make external committers get all pending proposals and be done with it? That would assure deletion during the next epoch transition. Is there a benefit I am overlooking? Next, I think we are overusing WireFormats. I think if we implement intents, we really want a new content type that reuses PrivateMessage, SemiPrivateMessage, or PublicMessage, but has an `intents` ContentType which shares the handshake ratchet with commit and proposal. Thanks, -rohan †in the face of a bunch of external commits coming quickly (ex: a burst of join activity)
- [MLS] Comments on Leaf Operation Intents Rohan Mahy
- [MLS] Re: Comments on Leaf Operation Intents Konrad Kohbrok
- [MLS] Re: Comments on Leaf Operation Intents Rohan Mahy
- [MLS] Re: Comments on Leaf Operation Intents Konrad Kohbrok