Session Date/Time: 08 Nov 2023 08:30

mls

Summary

The MLS working group meeting at IETF 118 focused on charter revision, updates on the architecture draft, extensions including safe extensions and Mimi related extensions, post-quantum cipher suites, and future directions. The charter revision discussion aimed to reflect the publication of MLS version 1.0 and outline future work on extensions. There were presentations and discussions on several individual draft specifications.

Key Discussion Points

Charter Revision: Discussion on updating the charter to accurately reflect the publication of MLS v1 and future extension work. The ISG’s expectations for listing extensions were discussed, with a preference for defining criteria rather than specific extensions. The deadline of December was set for charter revisions.
Architecture Draft: Benjamin gave an update on the architecture draft, noting that it is nearly complete. Eckert raised concerns about overly optimistic recommendations and suggested attenuating them to notes. Discussion around issue 210 and the encryption of group operations was deferred to the Mimi meeting.
Safe Extensions: Rafael and Conrad presented on safe extensions and the safe extensions API. The API aims to allow extensions to interact with MLS without breaking security guarantees. Discussion covered domain separation using extension IDs and concerns about the extensibility of APIs in different platforms.
Self Remove Proposal: Rowan discussed an issue with the self remove proposal in the context of external commits, proposing solutions to ensure atomic removal of all a user's clients.
Key Package Context Restriction: Rowan presented a draft on restricting key package usage to specific contexts. The discussion covered potential use cases, enforcement models, and metadata leakage concerns.
Mimi Related Extensions: Rowan outlined Mimi's need for MLS extensions to manage room policy and participation lists. This requires new proposal types that don't require an update path.
Post-Quantum Cipher Suites: Rowan presented an update on post-quantum cipher suites based on the NIST-standardized Kyber algorithm. The discussion covered NIST ML-KEM 3, coordination with CFRG, and the potential need for post-quantum signatures. Concerns were raised about changes in Kyber.
Group Trust Anchors: Rowan is planning on abandoning this draft.

Decisions and Action Items

Action Item: Sean to update the charter draft based on the discussion, incorporating criteria for extensions and input on security analysis. A GitHub pull request is available for contributions.
Action Item: Benjamin and Eckert to review and address the open issues in the architecture draft, attenuating recommendations as appropriate.
Action Item: Rowan to add additional comments about the stapling option to GitHub issue on the Self Remove proposal
Action Item: The working group to consider potential changes to enforcement models for Key Package Context Restriction.
Action Item: Ginger and Benji to discuss the change in key commit with HPKE
Action Item: Rowan to write a note on different solution to draft on group trust anchors.

Next Steps

Finalize charter revision and submit to the ISG.
Continue review and address open issues in the architecture draft.
Further discussion and refinement of the extensions drafts.
Coordinate with Mimi on extension requirements.
Monitor the progress of post-quantum standardization efforts.