**Session Date/Time:** 28 Jul 2023 19:00

# ohai

## Summary

The ohai working group met to discuss the status of existing drafts and a new proposal from Tommy Pauly on adding streaming capabilities to oblivious HTTP (OHAI). The discussion focused on the use cases for streaming OHAI, security implications, and potential alternatives like MASQUE. The group provided feedback on the proposal and the next steps involve creating a 00 draft and further discussion on the mailing list.

## Key Discussion Points

*   **Status of Working Group Drafts:**
    *   The main protocol draft was pulled back from the RFC editor queue due to a late-breaking change and has been resubmitted.
    *   The SVCB config draft has been submitted for publication.
    *   A call for adoption will be made for the "OHAI the feedback to proxy" draft.
*   **Streaming OHAI Proposal (Tommy Pauly):**
    *   Current OHAI uses single messages in each direction, encrypted and decrypted in a single chunk.
    *   The proposal aims to add streaming capabilities, allowing for longer messages, interactive workflows, and processing in multiple parts.
    *   Key changes needed: cryptographic mechanisms for chunk encapsulation, request/response format, and a new media type.
    *   Security implications were discussed, particularly regarding statefulness, correlation, and the lack of forward secrecy.
    *   Use cases were questioned; the importance of clearly defining use cases that retain the lack of correlation property was emphasized.
    *   Potential benefits and drawbacks compared to using MASQUE were discussed, especially regarding performance.
    *   Ensuring all chunks arrive at the same server instance was identified as an operational consideration.
    *   The need for guidance on when to use OHAI vs. TLS was highlighted.
    *   Concerns about back pressure and rate control were raised.
*   **Forward Secrecy:** The possibility of enabling forward secrecy in OHAI by rapidly updating gateway public keys was briefly discussed.

## Decisions and Action Items

*   **Action Item:** Tommy Pauly will create a 00 draft of the streaming OHAI proposal, incorporating the feedback received during the meeting.
*   **Action Item:** The chairs will make a call for adoption for the "OHAI the feedback to proxy" draft.

## Next Steps

*   Tommy Pauly will circulate the 00 draft of the streaming OHAI proposal.
*   Further discussion on use cases, security considerations, and design choices will continue on the mailing list.
*   The working group will assess interest in adopting the "OHAI the feedback to proxy" draft.