Minutes interim-2024-ohai-02: Wed 20:00
minutes-interim-2024-ohai-02-202412112000-00
Meeting Minutes | Oblivious HTTP Application Intermediation (ohai) WG | |
---|---|---|
Date and time | 2024-12-11 20:00 | |
Title | Minutes interim-2024-ohai-02: Wed 20:00 | |
State | Active | |
Other versions | markdown | |
Last updated | 2024-12-11 |
OHAI December 2024 virtual interim
Agenda
Notes
Tommy leading discussion.
Media type symmetry
No objections
Chunk size limit
16384 limit
Q: Should this be before or after AEAD expansion? i.e., 16384 + Nt
ciphertext or 16384 - Nt plaintext?
Martin: TLS does it with the ciphertext.
Resolution: No point in changing.
Last chunk in pseudocode
Just information about a fix.
Security and interactivity
Discussion about risks of interactivity. No explicit risk other than
revealing RTT and the potential for interactive reactions then being
exploited for replay.
Incremental work in HTTP
Discussed whether we wait for the work in HTTP to complete or try to
loosen the dependency. Concluded that waiting isn't that bad.
Formal analysis
Proposal to make WGLC not block on analysis. That seemed fine,
especially if we are waiting for Incremental to conclude. That might
give us slightly more time to develop analysis.
Last call and directorate reviews
Considered whether to ask for early review from directorates. Suggestion
to simply inform HTTP WG when WGLC is issued. Media types review at the
same time as well. In other words, no special treatment for this one.
Implementations
Several from Apple, not open sourced, but on iOS/MacOS and iCloud
servers. golang version has a pull request open. One rust in progress.
Test Vectors
Once we have these, we'll move to WGLC. Tommy and Martin will race.