Skip to main content

Early Review of draft-ietf-mls-protocol-16
review-ietf-mls-protocol-16-opsdir-early-wu-2022-09-29-00

Request Review of draft-ietf-mls-protocol
Requested revision No specific revision (document currently at 20)
Type Early Review
Team Ops Directorate (opsdir)
Deadline 2022-09-28
Requested 2022-09-21
Requested by Paul Wouters
Authors Richard Barnes , Benjamin Beurdouche , Raphael Robert , Jon Millican , Emad Omara , Katriel Cohn-Gordon
I-D last updated 2022-09-29
Completed reviews Opsdir Early review of -16 by Bo Wu (diff)
Tsvart Early review of -16 by Gorry Fairhurst (diff)
Artart Early review of -16 by Rich Salz (diff)
Intdir Telechat review of -17 by Suresh Krishnan (diff)
Comments
It would be nice if we could get a few early reviews in time for the MLS interim meeting on the 29th
Assignment Reviewer Bo Wu
State Completed
Request Early review on draft-ietf-mls-protocol by Ops Directorate Assigned
Posted at https://mailarchive.ietf.org/arch/msg/ops-dir/bv4ZqUyGTa2W7CARQeIQhOe86zg
Reviewed revision 16 (document currently at 20)
Result Has nits
Completed 2022-09-29
review-ietf-mls-protocol-16-opsdir-early-wu-2022-09-29-00
I have been assigned to review this document on behalf of the OPS DIR.

This draft defines a key establishment protocol for the messaging application
to protect group chat. Overall, the document is full of security technical
details.

Major Issue:
1. Introduction
Perhaps highlighting the relationship between MLS Architecture in the
introduction section can help to understand? I find the description of
authentication and delivery service in MLS Architecture really helps.

Nits:
4.2.  Example Protocol Execution
It's a more readable if the figure can be referenced in the text. E.g. figure 2
and figure 3, it is helpful to show which part of text corresponds to the
figures.

6.1.  Ciphersuites
AEAD, ECDSA: Please expand on first use.

7.  Message Framing
   enum {
       reserved(0),
       mls10(1),
       (255)
   } ProtocolVersion;
Current protocol is defined as MLS 1.0, but maybe it's possible to explicitly
describe the current protocol version and the negotiation mechanism?