# Issues/PRs

* PSK injection:
    - Richard: Do we want/need a proposal to inject a PSK? Currently the plan is using a commit extension. I feel like we don't need a proposal. An extension is enough.
    - Konrad: Proposals are handy because they authenticate a potential external source of the restart/re-add action.
    - Raphael: Since there is no one really advocating proposals based on a concrete use case, we should avoid overcomplicating the protocol. Vendor can do it in a proprietary way on the application level.
    - Brendan: We could make commits more extensible by keeping all proposals in a single array, which would give the committer a way to indicate ordering.
    - Richard: The application would still have to check that the ordering is sane.
    - Raphael: This might be worthwhile if it keeps commits extensible.
    - Richard: More work is needed to negotiate the availability of proposals throughout the group.
    - Brendan agrees to provide some pseudocode for his idea.

* PR #388
    - Richard: It turns out we need to refer to a raw hash function. Eric brought this up.
    - Eric: #388 solves the issue I raised.

* PR #387
    - Sean: IANA usually reserves the first enum version, but we don't have to do it. It might be sensible to change it from "invalid" to "reserved" so we have less trouble with reviews later.

* PR #369
    - Brendan: What instructions would one put in an extension would we that wouldn't work as a proposal?
    - Richard: Instructions that would not enter into the transcript.
    - Konrad: With extensible commits, we would have two ways of communicating instructions to the group.
    - Richard: That is true, if we have extensible proposals. Do we need to have communication about PSKs in the transcript?
    - Konrad: We do if we want the communication authenticated in the transcript.
    - Sean: We can wait with this PR until we agree on how to extend commits.

* PR #360
    - Richard (refers to his comment on the PR): We should go with option b) to save entropy. Option c) seems scary.
    - Brendan: b) doesn't change that much. If we want more efficiency we should go for c).
    - Britta: I believe that we can't just drop the auth tag and expect the same level of authentication.
    - Raphael: The lack of ordering requirement makes losing FS on authenticity more dangerous, although there is still a signature on the inside.
    - Britta: It might be a good idea to rely on both signatures and auth tags, because signature keys won't get rotated as much.
    - Sean: We should push this back one or two weeks.