Session Date/Time: 04 Nov 2024 09:30

mls

Summary

The MLS working group meeting focused on extensions to the MLS protocol, aiming to prioritize and triage them effectively. Discussions covered various topics, including extension frameworks, post-quantum combiners, light clients, split commits, associated parties, semi-private messaging, and alternative AAD handling. Several proposals were presented, and feedback was solicited from the group regarding adoption and further development.

Key Discussion Points

Extension Prioritization: The main goal is to determine which extensions to focus on and how to prioritize them.
Extension Definitions: Clarifying the definition of "extension" in MLS to avoid ambiguity (IANA registry vs. any non-main spec draft vs. a component being extended).
Safe Extensions Framework: Concerns about the complexity and potential issues with the Safe Extensions framework, particularly regarding security boundaries and multiple extensions. Alternative approaches were discussed.
Post-Quantum Combiners (PQ Combiners): Discussion of a hybrid approach combining post-quantum and traditional cryptography, offering flexibility in ratcheting and trading off between confidentiality and authenticity.
Light Clients: Presenting the concept of light clients, which join MLS groups faster by downloading only a portion of the tree, with tradeoffs in authentication. Security concerns and potential misinterpretations were emphasized.
Split Commits: Presenting split commits to reduce commit sizes for individual clients, involving a third party that personalizes the commit message, removing the need to broadcast the entire update path.
Associated Parties: Extension for sharing key material with external parties. Concerns about complexity were raised and discussion of the possibility of simplification.
Semi-Private Messaging: Key discussion regarding the use of associated parties for semi-private messages.
Additional Authenticated Data (AAD): Discussing ways to authenticate data that is not part of the message, including stripping the AAD field.

Decisions and Action Items

Action Item (Richard Barnes): File an issue elaborating on concerns regarding the Safe Extensions framework and propose an alternative.
Action Item (Chairs): Schedule virtual interims to discuss extension frameworks and associated parties, and adoption consideration for semi-private messaging, ideally with a side-by-side comparison of associated parties use vs standalone.
Decision: Schedule a working group adoption call for PQ combiners.
Action Item (Joelle): Update terminology in the split commits draft to reflect "split commits" instead of earlier terms, and for Marta Mularchic and Joelle Alwen to re-read private messaging draft with associated parties, and update slides accordingly.
Action Item (Richard Barnes): Flesh out the security considerations section for the light clients draft, adding warning labels and examples of appropriate and inappropriate use cases, include this with a light MLS red light emoji to highlight its dangers
Action Item (Raphael): Look at the issue if need separate secret trees

Next Steps

Schedule virtual interims to discuss extension frameworks, light clients, associated parties, and semi-private messaging.
Review and refine the light clients draft based on feedback, focusing on security considerations and appropriate use cases.
Prepare for the working group adoption call for PQ combiners.
Working group adoption call for PQ combiners