Attendees: Brendan McMillian, Britta, Konrad, Raphael Robers, Richard barnes, and Sean Turner # Issues / PRs #279 * Sean still needs to provide text about designated expert * Potential concerns, but Britta/Konrad OK to proceed * Related to healing after a whole ciphersuite is compromised * If signature algorithm is per-group, need to upgrade everyone at once * Note: No worse than posture for other algorithms * Might need some stuff in arch doc / sec cons, Britta working on [descruption](https://docs.google.com/document/d/1ZDs4KGp0_6kpQZpRJ_t4kVlmgA94_pMtdSilIdFKw14/edit?usp=sharing ). #287 revisited * Raphael to do a follow-on PR to clarify that parent_hash values are on ParentNode, not ParentNodeHashInput #283 * Raphael concerned that reordering bounds will cause Proposals not to decrypt * Maybe also clarify whether FS is expected * RLB to implement & merge, see if Beurdouche can review #304 * Clear to merge, pending #279 #303 * RLB to check with Beurdouche about reuse_guard * If not, just use first 4 octets of sender_data_nonce #296 * Major question - should extensions be immutable? * Generally, folks more comfortable with the simple, immutable thing * Possibility to change via group restart, which is likely needed in any case * Also cleaner for proofs, easier to think about authn properties * Needs IANA considerations * RLB to add IANA text, review next week # AOB None.