Skip to main content

Minutes interim-2024-ohai-02: Wed 20:00
minutes-interim-2024-ohai-02-202412112000-00

Meeting Minutes Oblivious HTTP Application Intermediation (ohai) WG
Date and time 2024-12-11 20:00
Title Minutes interim-2024-ohai-02: Wed 20:00
State Active
Other versions markdown
Last updated 2024-12-11

minutes-interim-2024-ohai-02-202412112000-00

OHAI December 2024 virtual interim

Agenda

  • Quick intros - chairs [5 mins]
  • Work through open issues with draft - Tommy Pauly (slides)
    [55 mins]

Notes

Tommy leading discussion.

Media type symmetry

No objections

Chunk size limit

16384 limit

Q: Should this be before or after AEAD expansion? i.e., 16384 + Nt
ciphertext or 16384 - Nt plaintext?

Martin: TLS does it with the ciphertext.

Resolution: No point in changing.

Last chunk in pseudocode

Just information about a fix.

Security and interactivity

Discussion about risks of interactivity. No explicit risk other than
revealing RTT and the potential for interactive reactions then being
exploited for replay.

Incremental work in HTTP

Discussed whether we wait for the work in HTTP to complete or try to
loosen the dependency. Concluded that waiting isn't that bad.

Formal analysis

Proposal to make WGLC not block on analysis. That seemed fine,
especially if we are waiting for Incremental to conclude. That might
give us slightly more time to develop analysis.

Last call and directorate reviews

Considered whether to ask for early review from directorates. Suggestion
to simply inform HTTP WG when WGLC is issued. Media types review at the
same time as well. In other words, no special treatment for this one.

Implementations

Several from Apple, not open sourced, but on iOS/MacOS and iCloud
servers. golang version has a pull request open. One rust in progress.

Test Vectors

Once we have these, we'll move to WGLC. Tommy and Martin will race.