Re: [Sframe] charter feedback

Alexandre GOUAILLARD <> Fri, 04 September 2020 11:23 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 24C963A0D51 for <>; Fri, 4 Sep 2020 04:23:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id u-sIJrHXF2cB for <>; Fri, 4 Sep 2020 04:23:33 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::336]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 69E7B3A0D6C for <>; Fri, 4 Sep 2020 04:23:33 -0700 (PDT)
Received: by with SMTP id m12so2564984otr.0 for <>; Fri, 04 Sep 2020 04:23:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=WOXmXzlOXyivL3JK0ImGZ/5DkGzFRkrORefKmBcfQYo=; b=UFd0FkswbqGWwYZcuhYgX/ptwmT8eKXsPyE73Sme7rY9tcZjMwhWDK+rwQhUrzzoy+ tU3GtfigkSiSX9u4N2GGxkfx3koYfaTmuAYlSWlpffPU+k/nQK4z9GGemMbo5pT0iWHq NfaG7dIr02SCeUEcPEnLFUc+WLBJHtXpkPtRBuFgcLIpY4sSECYJLitiOnJW3bFNl/xs ylLw+LWEHsqe0kn94MJi+1p7HBL7wXn3zZ7tYXzQHidmXFsr/sBABF5gxUuW5LPbOkER Qu0ndSapCihgVHXQ/hS975p+FkOHqI20rDvljhnJmh885+HH9RHw6eehUymu1A2XqUx4 HHIg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WOXmXzlOXyivL3JK0ImGZ/5DkGzFRkrORefKmBcfQYo=; b=n+X7yvG7sSa3y+Yc0bYaAjwUIovuLhVDGYiwz307kBGgcsOl4bDCWmkvbVp0W9R6mf JSnTjweeP9dOiAyvPddyk42S8Qy1Yd/Eh3JSEThmyt6Tq/ktzwyHomR0YvHDp5nvIjmM 5t2zkAzeWhg3wTYCdnYEJEbvfXAVRp4Tfp/SHnSH3wZtoiao+HWzJb3+haRQVYyA38+v zj24LE5xoKlr0Xi3oci/m81HXEtyW9+xs3ijpOEN2pL5ODDkRuibU00P6tEYGE2iXOLb 5kItBmuQaxQ5eIIIJbOfnzkGGPnThFOFJ+XygfpyIr+ExUXsRuyrJ+IK89GoJK829dmk AmOQ==
X-Gm-Message-State: AOAM531K+r0w0sdqUVuBgt37LQD/yMV1lWHoGG59+o3n9hR6bB6gaR+n 7WLpT5puudbE5xbOvqu4VjO+UaXgM5DptmIDIqJnnQ==
X-Google-Smtp-Source: ABdhPJw/SJWQqwVoGaI/DmRFBAHwyf9gvTmmBpRgNBfyMJmfVzBRqYUCUvkgXshfpYnXrW9FCWWOdxvZ/K6BmjNMHKA=
X-Received: by 2002:a9d:621a:: with SMTP id g26mr5309749otj.209.1599218612579; Fri, 04 Sep 2020 04:23:32 -0700 (PDT)
MIME-Version: 1.0
References: <>
In-Reply-To: <>
From: Alexandre GOUAILLARD <>
Date: Fri, 4 Sep 2020 19:23:21 +0800
Message-ID: <>
To: Franziskus Kiefer <>
Content-Type: multipart/alternative; boundary="00000000000052457305ae7b199b"
Archived-At: <>
Subject: Re: [Sframe] charter feedback
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 04 Sep 2020 11:23:35 -0000

Hi franz.,

Thank you for your interest and the kind words.

"Conferencing" is certainly a topic of interest, and i understand the focus
of wire. SFrame can certainly be used in that context.

However, there are other use cases than conferencing where media encryption
is of interest, including but not limited to streaming/broadcasting and
then of course all the hybrid use cases we start seeing emerging (watch
parties, webinars, ....).

We designed SFrame itself to refer ONLY to the media encryption part, and
be as much as possible media transport agnostic, and use case/threat
model/trust model agnostic, where the precedent attempt was extremely
focussed on RTP-based conferencing.

Eventually, each use case (e.g. conferencing) should have
additional documents to come up to a full system whose properties could be
verified, but we did not want to restrict the charter to a single use case.

Right now, emad is working on the conferencing use case with sergio, and
you might want to liaise with them on that specific topic. One document
about how SFrame can be used with RTP, and, seprately, with MLS including
the corresponding threat model is in progress. I think this is what you are
looking for.

In parallel, work is being done on application to SFrame for
streaming/broadcasting and how it relates/overlaps with existing DRM
solutions today in the bigger context. This will also hopefully have its
own set of document. EVentually all would have the media encryption,
SFrame, in common.

Hope this helps.

On Fri, Sep 4, 2020 at 6:23 PM Franziskus Kiefer <>

> Hi all,
> First, thanks for working on this.
> Wire is currently considering sframe for some use cases.
> Looking at the charter I noticed two things:
> The charter currently doesn't talk about authentication and to which
> extent the WG wants to look at it. While authenticity might be implicit
> through the used keys the sframe draft currently also uses signatures.
> I'm missing a statement about the process followed by the WG. End-to-end
> encrypted conferencing is a relatively new topic without much research
> around threat models. I therefore think that a process that validates the
> threat model and the proposed solution is warranted. This might not have
> the same extent as for TLS or MLS, but would still be good to have.
> Cheers,
> Franziskus
> --
> Sframe mailing list