Minutes interim-2020-mls-14: Tue 12:00
minutes-interim-2020-mls-14-202006021200-00
| Meeting Minutes | Messaging Layer Security (mls) WG | |
|---|---|---|
| Title | Minutes interim-2020-mls-14: Tue 12:00 | |
| State | Active | |
| Other versions | plain text | |
| Last updated | 2020-07-14 |
minutes-interim-2020-mls-14-202006021200-00
# Issues/PRs
- #336: PSK Injection, Group recovery, Re-Init, Sub-group Branching
- Britta: Confidentiality heals because of PCS, but authentication doesn't.
This can let us keep some state separate from confidentiality, that can be
used to detect man-in-the-middle at any time in the past.
- Richard: I don't see a lot of people using this, but I think it gives a
completeness to the story around PCS, even if not everybody uses it.
- #337: Replace DKDF by n-PRF in key schedule
- Richard: I think this is good, it solves awkwardness around the order in
which things are included.
- #342: Allow external proposals to be signed.
- Raphael: We need to spell out explicitly that all that can be sent with
`new_member` SenderType are Adds.
- Richard: This PR should keep the property that MLSPlaintextTBS is the same
as MLSPlaintext with some prefix.
- Brendan: It's not clear to me how external parties know the right
ciphersuite to use.
- Sean: It's something the application needs to keep track of. So, the correct
ciphersuite would be distributed along with the group's id. We should add a
section to the architecture document about what things the application needs
to keep track of, and if different types of deployments have different
feature sets. Assign to Benjamin.
- #343: Upper bound for Commit
- Not controversial.
- #298: Varints
- Brendan: This is specifying the wire encoding which we said we wouldn't do.
- Richard: We have to specify the wire encoding, otherwise signatures won't
verify / MLS won't be interoperable.