# Privacy Enhancements and Assessments Research Group (PEARG) Minutes -
IETF 122

• Date: 2025-03-2025
• Chair(s): Allison Mankin & Sara Dickinson
• Notetaker(s): Saidu Sokoto

Authentication in MLS and Its Variants

Slides
Presenter: Keitaro Hashimoto
Topic: Exploring How to Authenticate Application Messages in MLS:
More Efficient, Post-Quantum, and Anonymous Blocklistable

Discussion & Questions

• Guiin Wang: Why is this scheme considered anonymous if the
  receiver sees the second MAC?

  • Keitaro: The receiver needs to know the sender, so Y is
    pre-shared with group members.

• Guiin Wang: Question unclear.

  • Keitaro: The token is only used once.

• Richard Barnes: Trade-offs in the Cosmos variant—less data sent,
  but overhead in establishing one-time keys.

  • Keitaro: New tokens are attached to messages and sent when a
    sender sends a new message.

• Q Miseli: Are fuzzy tags applicable to this scheme?

  • Keitaro: Discussion to be taken offline.

Guidelines for Performing Safe Measurements on the Internet

Speaker: Gurshabad Grover
Goal: Provide a brief on guidelines for conducting internet
measurements.

Key Points

• Feedback on improving language to avoid negativity.
• Suggestions to incorporate prior research on network measurements
  from beyond IETF.
• Recent updates already reflect most feedback.
• More feedback is welcome.

Future Directions for the Research Group

Key Considerations

• Privacy landscape is evolving rapidly

  • Stability of internet infrastructure cannot be taken for granted
    (see WSIS+20).
  • UK Gov vs. Apple highlights real-world privacy-policy conflicts.
  • Post-quantum cryptography needs more focus.

• Community input on future directions is welcome (in-meeting &
  mailing list).

Discussion

• Nick Sullivan: Should censorship-related work be a research
  focus?

  • Chair: Some interest but mixed feedback. Within charter, but
    a separate group could also be an option.

• Dirk: Open to exploring new topics for future meetings.

• Nick Doty: Other relevant privacy areas:

  • Privacy-preserving techniques
  • Multi-party computation for telemetry
  • Human understanding of cryptographic protocols
  • Sara: These are valuable topics.

• Alison:

  • Call for agenda items.
  • Possible longer meeting with open agenda for proposals.
  • Group’s focus is assessing protocols for real-world use.

• Nick Doty: Should we engage more with IETF privacy review
  standards?

  • Alison: Open to contributing thoughts.

• Sara: Past discussions about a privacy secretariat—unclear if
  interest remains.

• Colin Perkins: IRTF cannot formally give unsolicited advice to
  IETF.
• Jim Reid: DNS Directorate accepts proposals on DNS-related
  topics.

• Tommy Pauly: How can research inform IETF privacy review?
  Possible outputs:

  • Identifying useful privacy requirements
  • Joint workshops

• Sara: Retrospective analysis of privacy requirements could be
  useful.

• Dirk Kutscher: The biggest challenge is having enough people to
  conduct reviews.

Next Steps:

• Continue discussions on mailing list.
• Gather input on future research topics.
• Consider expanding focus on censorship, post-quantum, and IETF
  privacy engagement.