Session Date/Time: 24 Jul 2025 12:30

mimi

Summary

The MIMI working group held a productive session covering three main topics: content format, protocol updates, and room policy. Key presentations included updates to the MIMI content format (with a proposal to split message status into a separate document), significant protocol changes including download proxy functionality and franking improvements, and room policy enhancements. Additional presentations covered malicious hub detection mechanisms and AV metadata handling. The session emphasized the need for more implementation experience before advancing documents to working group last call.

Key Discussion Points

MIMI Content Format

Document Split: Proposal to separate message status (read receipts, delivery notifications) from core MIMI content into two documents received rough consensus
Open Issues: Six issues remain, including registry of dispositions, timestamp inconsistencies, and message ID calculation security concerns
Message ID Security: Extensive discussion on potential hash collision attacks when concatenating variable-length URIs. Options considered include warning documentation, URI validation, separator characters, or CBOR framing
Nested Content Complexity: Timo presented concerns about content nesting complexity, proposing simpler approaches with clear separation between messages and attachments. Rowan defended current approach citing real-world use cases like V-cards with embedded images
Implementation Status: Multiple implementers reported progress, with requests for interoperability testing before working group last call

MIMI Protocol Updates

Download Proxy Service: Major addition providing three client options for asset downloads:
- Direct HTTP download (leaks IP to asset provider)
- Simple download proxy via hub (prevents IP leakage to asset provider)
- Oblivious HTTP (OHTTP) for maximum privacy protection
Security Improvements: Added signature wrapping for key package requests to prevent provider tampering
Franking Changes: Moved from HMAC to signature-based franking integrity to prevent bogus message attacks
Pending Proposals: New mechanism for hub to staple invalidated proposal replacements

Room Policy Enhancements

Role Management: Discussion of asymmetric role change capabilities (e.g., admins demoting themselves but not other admins)
Capability System: Questions raised about necessity of capability checks beyond authorized role changes
Ban Management: Need identified for encoding ban duration and expiration information

Additional Topics

Malicious Hub Detection: Eric presented audit layer proposal using client-driven Merkle tree proofs to detect hub misbehavior without requiring hub modifications
AV Metadata: Brief presentation of draft for audio/video metadata including dimensions, alt text, preview images, and duration information

Decisions and Action Items

Approved: Split of MIMI content and message status into separate documents
Rowan: Will create new IANA registry for MIMI dispositions
Rowan: Will collaborate with Deirdre on message ID hash algorithm encoding alternatives
Rowan: Will add text clarifying message ID behavior for edited messages
Implementation Testing: Call for organized interoperability testing before working group last call
Room Policy: Further discussion needed on asymmetric role change capabilities

Next Steps

Rowan to submit updated MIMI content draft addressing resolved issues
Working group last call consideration pending implementation experience and interoperability testing
Continued development of download proxy specifications with implementer feedback
Further discussion on room policy enhancements through mailing list
Eric to revise malicious hub detection draft incorporating MLS state mechanisms
AV metadata draft to receive community feedback before potential adoption