Markdown Version | Session Recording

Session Date/Time: 28 Jul 2023 00:00

mls

Summary

The MLS meeting covered several topics, including newly published RFCs, extensions to credential types, post-quantum cipher suites, self-removal proposals, and guidance on designing safe extensions. There was discussion and support for adopting several drafts, including the additional credentials draft and the post-quantum cipher suites draft. The meeting concluded with a discussion on the need to re-charter the working group.

Key Discussion Points

• RFC Publication: MLS RFC 9420 has been published.
• Additional Credentials: Discussion on new credential types, including user info VC, multi-credential, and weak multi-credential. User info VC ties into OpenID for easier user authentication.
• Post-Quantum Cipher Suites: Proposal for a hybrid post-quantum (Kyber + x25519) cipher suite to protect against the harvest now decrypt later attack. Discussions on the appropriate symmetric key sizes (AES-128 vs AES-256).
• Self-Removal Proposals: Proposal for a self-removal mechanism to address the challenges of leaving groups with frequent joins and removes due to external commits invalidating remove proposals.
• MLS Extensions: Update on the MLS extensions document, including guidance on designing safe extensions and a concrete API for extensions. Discussion of potential extensions, including deniability modes, mini-related extensions, and application messages from external senders.
• Guardianship for MLS: Presentation of a concept for guardianship in MLS, enabling users with multiple devices operating in limited mode to benefit from MLS security guarantees. Discussions centered on design choices and the trade-offs in security and traceability.

Decisions and Action Items

• Additional Credentials Draft Adoption: The group unanimously agreed to adopt the additional credentials draft.
• Post-Quantum Cipher Suites Draft Adoption: The group agreed to adopt the post-quantum cipher suites draft.
• Self-Removal Proposal: The group agreed to incorporate the self-removal proposal into the extensions draft via a PR.
• Rechartering: The chairs will take an action item to begin the re-chartering process for the working group, figuring out what to prioritize and setting milestones.

Next Steps

• Richard will continue editorial work on the detector document.
• Implementation and review of the adopted drafts (additional credentials and post-quantum cipher suites).
• Submit a PR to incorporate the self-removal proposal into the extensions draft.
• Chairs to initiate the re-chartering process, prioritizing work and setting milestones.
• The "Guardianship for MLS" team will write an Internet Draft.