**Session Date/Time:** 22 Jul 2024 20:00 # mls ## Summary The MLS Working Group meeting focused on addressing outstanding issues in the MLS architecture draft and discussing various extensions, including those related to instant messaging (Mimi) and post-quantum cryptography. A significant portion of the meeting was dedicated to a detailed examination of an attack involving invalid commits and external rejoins, and potential mitigations. The group also discussed several extensions, including AppSync, semi-private messages, and different credential types. ## Key Discussion Points * **Invalid Commits and External Rejoins:** * Brendan presented a PR addressing vulnerabilities related to invalid commits and the external rejoin mechanism. * The discussion revolved around a "forced rejoin attack" where a malicious delivery service (DS) can manipulate group state by choosing invalid commits. * Concerns were raised about post-compromised security (PCS) being compromised by the ability to revert to compromised epochs. * Various mitigations were proposed, including epoch checking, transcript verification, and public key bookkeeping. * The debate centered on whether the PR should only flag the risks of automated rejoin behaviors, or also include potential solutions. * Richard suggested focusing the architectural discussion on the risks of automated re-syncs. * **Extensions Framework:** * Rowan raised an issue regarding safe extensions and AAD and a PR was submitted. * **AppSync Extension:** * Rowan presented the AppSync extension, aimed at ensuring agreement on application state within the group. * There was discussion around the level of MLS's involvement in defining common representations of state. * Raphael noted potential overlap with other extensions related to group context and extension state updates. * **Semi-Private Message Extension:** * Rowan introduced the semi-private message extension, allowing selective sharing of private message content with external receivers known to the group. * Raphael raised concerns about the lack of protection for the group ID. * Conrad and Britta supported the inclusion of this feature to the toolbox. * **Other Extensions:** * Richard presented the `Different Credentials` draft. * Richard presented the `Replaced Proposal` draft, allowing re-origination of updates. Concerns about potential rollbacks were raised. * Richard presented `Tree Free` draft, which allows client to operate with hard login guarantees instead of using the Ratchet Tree * **Post-Quantum MLS:** * Britta provided an overview of a proposed approach for post-quantum MLS, involving two sessions (post-quantum and standard) and using exporter keys to inject post-quantum guarantees into the standard ratchet. ## Decisions and Action Items * **PR 261 (Invalid Commits/External Rejoins):** * It was decided to adopt a PR to address the issues of invalid commits and external rejoins. * A vote was held on including approaches within the PR, 4 for yes and 8 for no, and 5 for no opinions * Richard, Britta, Brendan, and Rowan agreed to further discuss the PR to determine appropriate text. * The goal is for the document to be completed during the current week. * **Different Credentials Extension:** * It was decided that Richard should proceed with putting this directly into the current extension draft. ## Next Steps * Richard, Britta, Brendan, and Rowan to collaborate and edit the PR. * Richard to create a PR to include the different credential drafts into the extension draft. * The WG to review edited PR and hopefully accept it.