Minutes interim-2022-mls-05: Thu 10:00
minutes-interim-2022-mls-05-202205261000-00
Meeting Minutes | Messaging Layer Security (mls) WG | |
---|---|---|
Date and time | 2022-05-26 14:00 | |
Title | Minutes interim-2022-mls-05: Thu 10:00 | |
State | Active | |
Other versions | plain text | |
Last updated | 2022-06-02 |
minutes-interim-2022-mls-05-202205261000-00
# Pull Requests #686: Recommend that group ids are generated randomly * Concerns around making the group_id totally random * Malicious group creator can choose it malicious * Federated systems get worse randomness * Using AEAD.Nk depends on ciphersuite, could be awkward * @Bren2010 will revise to say: * Here are the requirements that group ID must satisfy * If you don’t have an alternative plan, do it randomly #687: Add a marker byte to tree hash input structs * Nicer with an enum * @Bren2010 to update to enum, then merge #688: Use a hash function for hash identifiers * Merge #691: Clean up PSK provisions * Ready to go once merge conflicts are resolved. #692: Use new tree for context in path secret encryption * Merge #694: Always use a full tree * This will require some optimized implementations * Have people done performance evaulations? * @bifurcation and @TWal did evaluation on parent hash, this should be easier * How does this affect the secret tree? * Would change the structure to be a full tree * Always log(N) derivations to get to a leaf, instead of sometimes less * TODO: Hold this for next week, @bifurcation and @TWal to do performance evaluation #697: More thorough discussion of sequencing solutions * General feeling that the details here should go in the architecture document * @Bren2010 to make a new PR stripping the sequencing section down to minimal requirements, arch PR to add these details. #698: Editorial * @Bren2010 to revert the change that @raphaelrobert notes * Other changes to be handled as editorial. #699: Clarify some parts of Application Messages section * Intended to be mostly editorial * Leaving open for now * Clear to merge in between meetings if folks are comfortable #701: Change KeyPackage identifier to be LeafNode identifier * Agreement to merge * external is getting used a lot, so maybe application_id or client_id? * @Bren2010 to change to application_id # Issues #690: Commit secret is ambiguous when root is blank * @mulmarta supports doing "end of UpdatePath plus one" * @bifurcation to write up a PR #693: External Add proposals revisited * A few comparisons: * new_member Add vs. external Add ~ new_member Add includes client's intent to join * new_member Add vs. directed KeyPackage ~ main difference is epoch vs. lifetime * @rohan-wire to make a PR implementing the "new sender type" approach * @bifurcation to make a PR implementing the "directed KeyPackage" approach * Aim to decide on next call #700: Not allowing the same member to join the group multiple times? * We want to: * Avoid having multiple appearances of the same device * Allow a device to resync itself * Text at issue here is "An Add proposal is invalid if ... The Credential in the KeyPackage represents a client already in the group according to the application" * It sounds like changing to "... The KeyPackage represents a client already in the group according to the application" would address the immediate concern * @Bren2010 to write a PR