Minutes interim-2022-mls-06: Thu 10:00
minutes-interim-2022-mls-06-202206021000-00

# Pull Requests

#694 Always use a full tree
* @bifurcation presented performance data showing +/- ~20% on join
* @Bren2010 asked about removing leaf index from LeafNodeHashInput in order to
allow for precomputing blank subtree hashes
    * Even with leaf indices, can pre-generate, they just have to be in-place
    * No action
* Clear to merge once editorial comments from @Bren2010 are addressed

#699 Clarify some parts of Application Messages section
* Still clear from last week

#703 Be more precise about credential validation
* Merge

#704 Minimize sequencing section
* Probably too tight. E.g., client could send Commit+Welcome to DS, then DS
could decide whether to send Welcome based on whether Commit is accepted.
Proposed text:
        The Welcome message corresponding to a Commit MUST NOT be delivered to
        a new joiner until it's clear that the Commit has been accepted.
* Otherwise clear to merge

#705 Clarify rules around Add proposals
* Merge

#706 Clean up struct names and references to them
* @rohan-wire has found names with MLS in them useful in distinguishing from
others
    * TODO: Re-add MLS to MessageContent, ContentAuthData, AuthenticatedContent
* TODO: Address Brendan's comments
* Otherwise, clear to merge

#707 Derive the commit secret from the end of the UpdatePath, not the root
* As @TWal notes in his comments, tree malleability is not worth blocking this
for because you won't block the tree-extension attack anyway * @mulmarta notes
the exception case where the UpdatePath has no nodes in it
    * @bifurcation suggests we should just forbid that case
    * @bifurcation will file a new PR to forbid that case

#708 Describe requests to join and directed KeyPackages
* Closing in favor of Add new new_proposal_member SenderType #716

#709 Add a subsection on applying a proposal list
* @bifurcation to resolve comments, then merge

#710 Clarify validation rules for ReInit
* Merge

#712 Clarify description of UpdatePath generation and processing
* @kkohbrok to review, then clear to merge

#713 Improve parent hash guarantees
* @mulmarta concerned about implementability of any changes like this
* Postponed until next week.

#714 Require that unmerged_leaves be ordered
* Postponed until next week.

# Authentication Question
What’s the easiest way to MITM the protocol. For one-to-one protocol you need
to only act on one peer. For the group, it’s different. How do clients deal
with user identities across. Worth writing something up about checking client
identities? Yes.