Skip to main content

Key Transparency (KEYTRANS)
bofreq-danyliw-key-transparency-keytrans-00

Document Type Approved BOF request
Title Key Transparency (KEYTRANS)
Last updated 2023-06-21
State Approved
Editor Roman Danyliw
Responsible leadership Roman Danyliw
Send notices to (None)
bofreq-danyliw-key-transparency-keytrans-00

Name: Key Transparency (KEYTRANS)

Description

Current status: Discussion is underway on a proposed charter based on the IETF 116 BoF: https://mailarchive.ietf.org/arch/msg/keytrans/6VIEM87-TNe1OYXZRUyAwJX_1vo/. This mailing list charter discussion may result in a consensus call to initiate a WG before to IETF 117. This BoF request is a placeholder to ensure KEYTRANS convenes in some way at IETF 117.

Public keys used to provide end-to-end encrypted communication services are often authenticated solely by the assertion of the communications service provider. As a result, the underlying encryption protocols are left vulnerable to eavesdropping and impersonation by active attackers, in particular the service provider itself, which can distribute malicious public keys to selectively gain access to communication. Similarly, a malicious service provider could take advantage of its privileged network position to launch a number of other attacks, such as silently partitioning a group or falsifying information about the state of a group.

To prevent these attacks, an end-to-end encrypted communication service providers and their end users need authenticate a user’s long-term identity key, the state/membership of a group, and related meta-data (collectively referred to as artifacts).

A proposed KEYTRANS WG would standardize an authentication scheme for these artifacts in an end-to-end encrypted system for human-to-human(s) communication with the above properties. Integration with MLS is also being proposed.

Required Details

  • Status: WG Forming
  • Responsible AD: Roman Danyliw
  • BOF proponents: Brendan McMillion <brendanmcmillion@gmail.com>, Antonio Marcedone, Zoom <antonio.marcedone@zoom.us>, Kevin Lewi, Meta <klewi@meta.com>, Esha Ghosh, Microsoft <Esha.Ghosh@microsoft.com>
  • BOF chairs: TBD
  • Number of people expected to attend: 100
  • Length of session (1 or 2 hours): 2 hours
  • Conflicts (whole Areas and/or WGs)
  • Chair Conflicts: TBD
  • Technology Overlap: entire SEC area, MIMI
  • Key Participant Conflict: TBD

Information for IAB/IESG

Agenda

TBD