Minutes interim-2022-mls-05: Thu 10:00
minutes-interim-2022-mls-05-202205261000-00

# Pull Requests

#686: Recommend that group ids are generated randomly
* Concerns around making the group_id totally random
    * Malicious group creator can choose it malicious
    * Federated systems get worse randomness
* Using AEAD.Nk depends on ciphersuite, could be awkward
* @Bren2010 will revise to say:
    * Here are the requirements that group ID must satisfy
    * If you don’t have an alternative plan, do it randomly

#687: Add a marker byte to tree hash input structs
* Nicer with an enum
* @Bren2010 to update to enum, then merge

#688: Use a hash function for hash identifiers
* Merge

#691: Clean up PSK provisions
* Ready to go once merge conflicts are resolved.

#692: Use new tree for context in path secret encryption
* Merge

#694: Always use a full tree
* This will require some optimized implementations
* Have people done performance evaulations?
    * @bifurcation and @TWal did evaluation on parent hash, this should be
    easier
* How does this affect the secret tree?
    * Would change the structure to be a full tree
    * Always log(N) derivations to get to a leaf, instead of sometimes less
* TODO: Hold this for next week, @bifurcation and @TWal to do performance
evaluation

#697: More thorough discussion of sequencing solutions
* General feeling that the details here should go in the architecture document
* @Bren2010 to make a new PR stripping the sequencing section down to minimal
requirements, arch PR to add these details.

#698: Editorial
* @Bren2010 to revert the change that @raphaelrobert notes
* Other changes to be handled as editorial.

#699: Clarify some parts of Application Messages section
* Intended to be mostly editorial
* Leaving open for now
* Clear to merge in between meetings if folks are comfortable

#701: Change KeyPackage identifier to be LeafNode identifier
* Agreement to merge
* external is getting used a lot, so maybe application_id or client_id?
* @Bren2010 to change to application_id

# Issues

#690: Commit secret is ambiguous when root is blank
* @mulmarta supports doing "end of UpdatePath plus one"
* @bifurcation to write up a PR

#693: External Add proposals revisited
* A few comparisons:
    * new_member Add vs. external Add ~ new_member Add includes client's intent
    to join * new_member Add vs. directed KeyPackage ~ main difference is epoch
    vs. lifetime
* @rohan-wire to make a PR implementing the "new sender type" approach
* @bifurcation to make a PR implementing the "directed KeyPackage" approach
* Aim to decide on next call

#700: Not allowing the same member to join the group multiple times?
* We want to:
    * Avoid having multiple appearances of the same device
    * Allow a device to resync itself
* Text at issue here is "An Add proposal is invalid if ... The Credential in
the KeyPackage represents a client already in the group according to the
application" * It sounds like changing to "... The KeyPackage represents a
client already in the group according to the application" would address the
immediate concern * @Bren2010 to write a PR