[Sframe] charter feedback

Franziskus Kiefer <franziskuskiefer@gmail.com> Fri, 04 September 2020 10:23 UTC

Return-Path: <franziskuskiefer@gmail.com>
X-Original-To: sframe@ietfa.amsl.com
Delivered-To: sframe@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 007753A0965 for <sframe@ietfa.amsl.com>; Fri, 4 Sep 2020 03:23:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.199
X-Spam-Level:
X-Spam-Status: No, score=-0.199 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NYTW6iBKC0c8 for <sframe@ietfa.amsl.com>; Fri, 4 Sep 2020 03:23:21 -0700 (PDT)
Received: from mail-ej1-x634.google.com (mail-ej1-x634.google.com [IPv6:2a00:1450:4864:20::634]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63C753A098B for <sframe@ietf.org>; Fri, 4 Sep 2020 03:23:21 -0700 (PDT)
Received: by mail-ej1-x634.google.com with SMTP id gr14so6765486ejb.1 for <sframe@ietf.org>; Fri, 04 Sep 2020 03:23:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=FAAcM01ZKbg5n8nUMlRo3yT1A58MKRycs1dwTuLed6A=; b=tOdJdpa/oImG8ZI/q+HKaKRWha1r1vtt+a4Nw7IN3UD7UZbkiwDdKrreZcpik/qJJf dNo/2Uebfb9ML2Ag6tnj69Fx7GO8cCQMRGi1dgyfhA1zmfxlYyLMMVzmpHaYqg6QifBB 8sNgQMWiBHnT2GwkYk33xq9mjj6B87uZ4+Gowhu4bmoslNC9cyYsfEm+Ijo+Vdop9Krq ZNXdHqHpxyRwr71AmZDWKBPDtiVxzEFe/zbeC8G91miN5lM3HMspIiHSaXqNbwPvuqpV Q8mFjVcljcFOg9CpEpJSaiN2fTb4RQMbF04tVQ9WWnr3waqBK38D9aaSQrt4+HJsZQa2 K3iQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=FAAcM01ZKbg5n8nUMlRo3yT1A58MKRycs1dwTuLed6A=; b=W88oky5Q8XdJfREw4YGmXsjzO7H0Ecg7g3pWUeH+99Sqlol7eAxRp0LY3RVV08oMmt mGijjO7bxjE50oge74u2VEY2/JjnlE4ftBFlDDwQMevMJbFbnYa1pClFiBYSRNUCSow+ 2qCLEvEYEaTCOraq7nSUKVKCXUVCllaZJuglhIyrvNTfJkOSiwMa8OE249S7sOpWw99c d5Dgu07aEVL3TfPsUAKD1QtIVt7E5rjByJV34eSAcJbEigZrZ1MoWAAebOmekbpwnauX 7sh2R9BGoa1FgrqThxaohh1TAlfZJuAP6wQr3YwTSvB1lAaTefb6jga16SGkma9/9VpY BpTA==
X-Gm-Message-State: AOAM533ppWm302E5rrUVvleKAlyaU9IG5tYUibxTDKYL/E96jTusyDmi wuUaKy/vQKvkr/D40s62hzp8jyoPfTlzl+c6BaUaeEZV
X-Google-Smtp-Source: ABdhPJwlfduYhORumSNOaZNr4erZCM8pJwgO+YR/btccYOI1RB2dvhLpocke6Ug2wVW1ORKnTpPilN4KtxMIjIifw/k=
X-Received: by 2002:a17:907:7090:: with SMTP id yj16mr6486221ejb.73.1599214999567; Fri, 04 Sep 2020 03:23:19 -0700 (PDT)
MIME-Version: 1.0
From: Franziskus Kiefer <franziskuskiefer@gmail.com>
Date: Fri, 4 Sep 2020 12:23:08 +0200
Message-ID: <CAJowLmN+FMSuOhQgzqO18DoKj4ZCkp3FPzO9C5jLit8Tq=4t-w@mail.gmail.com>
To: sframe@ietf.org
Content-Type: multipart/alternative; boundary="000000000000f800e005ae7a41a1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sframe/j68uKYyrUteMlk4x-rdrLEBCiug>
Subject: [Sframe] charter feedback
X-BeenThere: sframe@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <sframe.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sframe>, <mailto:sframe-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sframe/>
List-Post: <mailto:sframe@ietf.org>
List-Help: <mailto:sframe-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sframe>, <mailto:sframe-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Sep 2020 10:23:23 -0000

Hi all,

First, thanks for working on this.
Wire is currently considering sframe for some use cases.

Looking at the charter I noticed two things:

The charter currently doesn't talk about authentication and to which extent
the WG wants to look at it. While authenticity might be implicit through
the used keys the sframe draft currently also uses signatures.

I'm missing a statement about the process followed by the WG. End-to-end
encrypted conferencing is a relatively new topic without much research
around threat models. I therefore think that a process that validates the
threat model and the proposed solution is warranted. This might not have
the same extent as for TLS or MLS, but would still be good to have.

Cheers,
Franziskus