[secdir] Secdir last call review of draft-ietf-mls-architecture-14

Yoav Nir via Datatracker <noreply@ietf.org> Mon, 22 July 2024 16:23 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from [10.244.2.81] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id 752CEC1D621E; Mon, 22 Jul 2024 09:23:19 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Yoav Nir via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.19.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <172166539912.284938.4361340688954529025@dt-datatracker-659f84ff76-9wqgv>
Date: Mon, 22 Jul 2024 09:23:19 -0700
Message-ID-Hash: 4ST2CV24FRPDTDGQ7EXYVSNUWNUJWDOO
X-Message-ID-Hash: 4ST2CV24FRPDTDGQ7EXYVSNUWNUJWDOO
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-secdir.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-mls-architecture.all@ietf.org, last-call@ietf.org, mls@ietf.org
X-Mailman-Version: 3.3.9rc4
Reply-To: Yoav Nir <ynir.ietf@gmail.com>
Subject: [secdir] Secdir last call review of draft-ietf-mls-architecture-14
List-Id: Security Area Directorate <secdir.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/aT87ZnhTdLjC6zot3JzxjDIj2J4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Owner: <mailto:secdir-owner@ietf.org>
List-Post: <mailto:secdir@ietf.org>
List-Subscribe: <mailto:secdir-join@ietf.org>
List-Unsubscribe: <mailto:secdir-leave@ietf.org>

Reviewer: Yoav Nir
Review result: Has Nits

I have previously done an early secdir review on this draft:
https://datatracker.ietf.org/doc/review-ietf-mls-architecture-09-secdir-early-nir-2022-10-08/

For the most part, I stand by what I wrote then.  The document is very well
written and provides a thorough analysis of security and privacy. It is now
section 8 rather than 7.

As for the nits:
* "MLSCiphertext" has been renamed to "PrivateMessage".  It is still used
without having previously been defined within the document. Still only a nit
because it is defined in RFC 9420. * Section 7.2.3 (now 8.2.3) still defines
"deniability" only to assert that MLS "does not make any claims with regard to
deniability", which is still strange. * The superlative language ("extremely",
"very") has been toned down. Thanks, although I still think that "clients have
the extremely important role" is a strange way of saying SHOULD.