The Messaging Layer Security (MLS) Architecture

	draft-ietf-mls-architecture-15.txt
	Date:	03/08/2024
	Authors:	Benjamin Beurdouche, Eric Rescorla, Emad Omara, Srinivas Inguva, Alan Duric
	Working Group:	Messaging Layer Security (mls)

The Messaging Layer Security (MLS) protocol (I-D.ietf-mls-protocol) provides a Group Key Agreement protocol for messaging applications. MLS is meant to protect against eavesdropping, tampering, message forgery, and provide Forward Secrecy (FS) and Post-Compromise Security (PCS). This document describes the architecture for using MLS in a general secure group messaging infrastructure and defines the security goals for MLS. It provides guidance on building a group messaging system and discusses security and privacy tradeoffs offered by multiple security mechanisms that are part of the MLS protocol (e.g., frequency of public encryption key rotation). The document also provides guidance for parts of the infrastructure that are not standardized by MLS and are instead left to the application. While the recommendations of this document are not mandatory to follow in order to interoperate at the protocol level, they affect the overall security guarantees that are achieved by a messaging application. This is especially true in the case of active adversaries that are able to compromise clients, the delivery service, or the authentication service.

The Messaging Layer Security (MLS) Extensions

	draft-ietf-mls-extensions-05.txt
	Date:	21/10/2024
	Authors:	Raphael Robert
	Working Group:	Messaging Layer Security (mls)

This document describes extensions to the Messaging Layer Security (MLS) protocol. Discussion Venues This note is to be removed before publishing as an RFC. Source for this draft and an issue tracker can be found at https://github.com/mlswg/mls-extensions.

Flexible Hybrid PQ MLS Combiner

	draft-hale-mls-combiner-01.txt
	Date:	26/09/2024
	Authors:	Joel, Britta Hale, Marta Mularczyk, Xisen Tian
	Working Group:	Messaging Layer Security (mls)

This document describes a protocol for combining a traditional MLS session with a post-quantum (PQ) MLS session to achieve flexible and efficient hybrid PQ security that amortizes the computational cost of PQ Key Encapsulation Mechanisms and Digital Signature Algorithms. Specifically, we describe how to use the exporter secret of a PQ MLS session, i.e. an MLS session using a PQ ciphersuite, to seed PQ guarantees into an MLS session using a traditional ciphersuite. By supporting on-demand traditional-only key updates (a.k.a. PARTIAL updates) or hybrid-PQ key updates (a.k.a. FULL updates), we can reduce the bandwidth and computational overhead associated with PQ operations while meeting the requirement of frequent key rotations.

Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Messaging Layer Security (mls)

WG	Name	Messaging Layer Security
	Acronym	mls
	Area	Security Area (sec)
	State	Active
	Charter	charter-ietf-mls-02 Approved
	Status update	Show Changed 2018-11-07
	Document dependencies	Document dependencies Loading... Pan and zoom the dependency graph after the layout settles. Show legend Loading...
	Additional resources	GitHub organization Issue tracker Wiki Zulip Stream
Personnel	Chairs	Nick Sullivan, Sean Turner
	Area Director	Paul Wouters
	Secretary	Katriel Cohn-Gordon
Mailing list	Address	mls@ietf.org
	To subscribe	https://www.ietf.org/mailman/listinfo/mls
	Archive	https://mailarchive.ietf.org/arch/browse/mls/
Chat	Room address	https://zulip.ietf.org/#narrow/stream/mls

Charter for Working Group

The Messaging Layer Security (MLS) protocol, RFC 9420, specifies a key
establishment protocol that provides efficient asynchronous group key
establishment with forward secrecy (FS) and post-compromise security (PCS)
for groups in size ranging from two to thousands.

The MLS WG will maintain the protocol and will work on the
following MLS protocol extensions:

Support for use of MLS in protocols developed by the MIMI working group
Support for new credential types
Support for common operational patterns in messaging applications
Support for quantum resistance
Framework for safe extensibility
Detection of lost application messages
Support for sending messages to individual members of a group

Many of the extensions to support these features will be included in
draft-ietf-mls-extensions, but some of the extensions will be published in
separate specifications.

Milestones

Date	Milestone	Associated documents
Dec 2026	Post Quantum security for MLS
Dec 2025	Submit Additional Credentials I-D to IESG as Proposed Standard	draft-barnes-mls-addl-creds
Dec 2024	Submit MLS extensions I-D to IESG as Proposed Standard	draft-ietf-mls-extensions