├── .circleci
└── config.yml
├── .editorconfig
├── .github
└── workflows
│ ├── archive.yml
│ ├── ghpages.yml
│ └── publish.yml
├── .gitignore
├── .note.xml
├── CONTRIBUTING.md
├── LICENSE.md
├── Makefile
├── README.md
├── auth48
├── Makefile
├── QUESTIONS.md
├── README.md
├── rfc9420.authors.xml
├── text-clean.py
└── xml-clean.py
├── extract-tls.py
└── rfc9420.md
/.circleci/config.yml:
--------------------------------------------------------------------------------
1 | version: 2
2 | jobs:
3 | build:
4 | docker:
5 | - image: martinthomson/i-d-template:latest
6 | working_directory: ~/draft
7 |
8 | steps:
9 | - run:
10 | name: "Print Configuration"
11 | command: |
12 | xml2rfc --version
13 | gem list -q kramdown-rfc2629
14 | echo -n 'mmark '; mmark --version
15 |
16 | - restore_cache:
17 | name: "Restoring cache - Git"
18 | keys:
19 | - v2-cache-git-{{ .Branch }}-{{ .Revision }}
20 | - v2-cache-git-{{ .Branch }}
21 | - v2-cache-git-
22 |
23 | - restore_cache:
24 | name: "Restoring cache - References"
25 | keys:
26 | - v1-cache-references-{{ epoch }}
27 | - v1-cache-references-
28 |
29 | # Workaround for https://discuss.circleci.com/t/22437
30 | - run:
31 | name: Tag Checkout
32 | command: |
33 | if [ -n "$CIRCLE_TAG" ] && [ -d .git ]; then
34 | remote=$(echo "$CIRCLE_REPOSITORY_URL" | \
35 | sed -e 's,/^git.github.com:,https://github.com/,')
36 | git fetch -f "$remote" "refs/tags/$CIRCLE_TAG:refs/tags/$CIRCLE_TAG" || \
37 | (echo 'Removing .git cache for tag build'; rm -rf .git)
38 | fi
39 |
40 | - checkout
41 |
42 | # Build txt and html versions of drafts
43 | - run:
44 | name: "Build Drafts"
45 | command: "make 'CLONE_ARGS=--reference ~/git-reference'"
46 |
47 | # Update editor's copy on gh-pages
48 | - run:
49 | name: "Update GitHub Pages"
50 | command: |
51 | if [ "${CIRCLE_TAG#draft-}" == "$CIRCLE_TAG" ]; then
52 | make gh-pages
53 | fi
54 |
55 | # For tagged builds, upload to the datatracker.
56 | - deploy:
57 | name: "Upload to Datatracker"
58 | command: |
59 | if [ "${CIRCLE_TAG#draft-}" != "$CIRCLE_TAG" ]; then
60 | make upload
61 | fi
62 |
63 | # Archive GitHub Issues
64 | - run:
65 | name: "Archive GitHub Issues"
66 | command: "make archive || make archive DISABLE_ARCHIVE_FETCH=true && make gh-archive"
67 |
68 | # Create and store artifacts
69 | - run:
70 | name: "Create Artifacts"
71 | command: "make artifacts CI_ARTIFACTS=/tmp/artifacts"
72 |
73 | - store_artifacts:
74 | path: /tmp/artifacts
75 |
76 | - run:
77 | name: "Prepare for Caching"
78 | command: "git reflog expire --expire=now --all && git gc --prune=now"
79 |
80 | - save_cache:
81 | name: "Saving Cache - Git"
82 | key: v2-cache-git-{{ .Branch }}-{{ .Revision }}
83 | paths:
84 | - ~/draft/.git
85 |
86 | - save_cache:
87 | name: "Saving Cache - Drafts"
88 | key: v1-cache-references-{{ epoch }}
89 | paths:
90 | - ~/.cache/xml2rfc
91 |
92 |
93 | workflows:
94 | version: 2
95 | build:
96 | jobs:
97 | - build:
98 | filters:
99 | tags:
100 | only: /.*?/
101 |
--------------------------------------------------------------------------------
/.editorconfig:
--------------------------------------------------------------------------------
1 | root = true
2 |
3 | [*.md]
4 | charset = utf-8
5 | end_of_line = lf
6 | indent_size = 2
7 | indent_style = space
8 | insert_final_newline = true
9 | max_line_length = 80
10 | trim_trailing_whitespace = true
11 |
--------------------------------------------------------------------------------
/.github/workflows/archive.yml:
--------------------------------------------------------------------------------
1 | name: "Archive Issues and Pull Requests"
2 |
3 | on:
4 | schedule:
5 | - cron: '0 0 * * 0,2,4'
6 | repository_dispatch:
7 | types: [archive]
8 |
9 | jobs:
10 | build:
11 | name: "Archive Issues and Pull Requests"
12 | runs-on: ubuntu-latest
13 | steps:
14 | - name: "Checkout"
15 | uses: actions/checkout@v2
16 |
17 | - name: "Update Archive"
18 | uses: martinthomson/i-d-template@v1
19 | with:
20 | make: archive
21 | env:
22 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
23 |
24 | - name: "Update GitHub Pages"
25 | uses: martinthomson/i-d-template@v1
26 | with:
27 | make: gh-archive
28 | env:
29 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
30 |
31 | - name: "Save Archive"
32 | uses: actions/upload-artifact@v2
33 | with:
34 | path: archive.json
35 |
--------------------------------------------------------------------------------
/.github/workflows/ghpages.yml:
--------------------------------------------------------------------------------
1 | name: "Update Editor's Copy"
2 |
3 | on:
4 | push:
5 | paths-ignore:
6 | - README.md
7 | - CONTRIBUTING.md
8 | - LICENSE.md
9 | - .gitignore
10 | pull_request:
11 | paths-ignore:
12 | - README.md
13 | - CONTRIBUTING.md
14 | - LICENSE.md
15 | - .gitignore
16 |
17 | jobs:
18 | build:
19 | name: "Update Editor's Copy"
20 | runs-on: ubuntu-latest
21 | steps:
22 | - name: "Checkout"
23 | uses: actions/checkout@v2
24 |
25 | - name: "Cache Setup"
26 | id: cache-setup
27 | run: |
28 | mkdir -p "$HOME"/.cache/xml2rfc
29 | echo "::set-output name=path::$HOME/.cache/xml2rfc"
30 | date -u "+::set-output name=date::%FT%T"
31 |
32 | - name: "Cache References"
33 | uses: actions/cache@v2
34 | with:
35 | path: ${{ steps.cache-setup.outputs.path }}
36 | key: refcache-${{ steps.cache-setup.outputs.date }}
37 | restore-keys: |
38 | refcache-${{ steps.cache-setup.outputs.date }}
39 | refcache-
40 |
41 | - name: "Build Drafts"
42 | uses: martinthomson/i-d-template@v1
43 |
44 | - name: "Update GitHub Pages"
45 | uses: martinthomson/i-d-template@v1
46 | if: ${{ github.event_name == 'push' }}
47 | with:
48 | make: gh-pages
49 | env:
50 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
51 |
52 | - name: "Save HTML"
53 | uses: actions/upload-artifact@v2
54 | with:
55 | path: "*.html"
56 |
57 | - name: "Save Text"
58 | uses: actions/upload-artifact@v2
59 | with:
60 | path: "*.txt"
61 |
--------------------------------------------------------------------------------
/.github/workflows/publish.yml:
--------------------------------------------------------------------------------
1 | name: "Publish New Draft Version"
2 |
3 | on:
4 | push:
5 | tags:
6 | - "draft-*"
7 |
8 | jobs:
9 | build:
10 | name: "Publish New Draft Version"
11 | runs-on: ubuntu-latest
12 | steps:
13 | - name: "Checkout"
14 | uses: actions/checkout@v2
15 |
16 | # See https://github.com/actions/checkout/issues/290
17 | - name: "Get Tag Annotations"
18 | run: git fetch -f origin ${{ github.ref }}:${{ github.ref }}
19 |
20 | - name: "Cache Setup"
21 | id: cache-setup
22 | run: |
23 | mkdir -p "$HOME"/.cache/xml2rfc
24 | echo "::set-output name=path::$HOME/.cache/xml2rfc"
25 | date -u "+::set-output name=date::%FT%T"
26 |
27 | - name: "Cache References"
28 | uses: actions/cache@v2
29 | with:
30 | path: ${{ steps.cache-setup.outputs.path }}
31 | key: refcache-${{ steps.date.outputs.date }}
32 | restore-keys: |
33 | refcache-${{ steps.date.outputs.date }}
34 | refcache-
35 |
36 | - name: "Upload to Datatracker"
37 | uses: martinthomson/i-d-template@v1
38 | with:
39 | make: upload
40 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | *#
2 | *.html
3 | *.pdf
4 | *.redxml
5 | *.swp
6 | *.txt
7 | *.upload
8 | *~
9 | .#*
10 | .refcache
11 | .tags
12 | .targets.mk
13 | /*-[0-9][0-9].xml
14 | archive.json
15 | draft-ietf-mls-protocol.xml
16 | issues.json
17 | lib
18 | pulls.json
19 | report.xml
20 | venv/
21 | lib
22 | draft-ietf-mls-protocol.xml
23 | draft-ietf-mls-protocol.tls
24 |
25 | # AUTH48 temporary artifacts
26 | auth48/rfc9420.gen.xml
27 |
--------------------------------------------------------------------------------
/.note.xml:
--------------------------------------------------------------------------------
1 |
2 | Source for this draft and an issue tracker can be found at
3 | https://github.com/mlswg/mls-protocol.
4 |
5 |
--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
1 | # Contributing
2 |
3 | This repository relates to activities in the Internet Engineering Task Force
4 | ([IETF](https://www.ietf.org/)). All material in this repository is considered
5 | Contributions to the IETF Standards Process, as defined in the intellectual
6 | property policies of IETF currently designated as
7 | [BCP 78](https://www.rfc-editor.org/info/bcp78),
8 | [BCP 79](https://www.rfc-editor.org/info/bcp79) and the
9 | [IETF Trust Legal Provisions (TLP) Relating to IETF Documents](http://trustee.ietf.org/trust-legal-provisions.html).
10 |
11 | Any edit, commit, pull request, issue, comment or other change made to this
12 | repository constitutes Contributions to the IETF Standards Process
13 | (https://www.ietf.org/).
14 |
15 | You agree to comply with all applicable IETF policies and procedures, including,
16 | BCP 78, 79, the TLP, and the TLP rules regarding code components (e.g. being
17 | subject to a Simplified BSD License) in Contributions.
18 |
19 |
20 | ## Other Resources
21 |
22 | Discussion of this work occurs on the
23 | [mls working group mailing list](https://mailarchive.ietf.org/arch/browse/mls/)
24 | ([subscribe](https://www.ietf.org/mailman/listinfo/mls)). In addition to
25 | contributions in GitHub, you are encouraged to participate in discussions there.
26 |
27 | **Note**: Some working groups adopt a policy whereby substantive discussion of
28 | technical issues needs to occur on the mailing list.
29 |
30 | You might also like to familiarize yourself with other
31 | [working group documents](https://datatracker.ietf.org/wg/mls/documents/).
32 |
--------------------------------------------------------------------------------
/LICENSE.md:
--------------------------------------------------------------------------------
1 | # License
2 |
3 | See the
4 | [guidelines for contributions](https://github.com/mlswg/mls-protocol/blob/master/CONTRIBUTING.md).
5 |
--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
1 | LIBDIR := lib
2 | include $(LIBDIR)/main.mk
3 |
4 | $(LIBDIR)/main.mk:
5 | ifneq (,$(shell grep "path *= *$(LIBDIR)" .gitmodules 2>/dev/null))
6 | git submodule sync
7 | git submodule update $(CLONE_ARGS) --init
8 | else
9 | git clone -q --depth 10 $(CLONE_ARGS) \
10 | -b main https://github.com/martinthomson/i-d-template $(LIBDIR)
11 | endif
12 |
13 | fix-insecure-links:
14 | sed -i'.bak' -e 's/http:/https:/g' draft-ietf-mls-protocol.html
15 |
16 | extract-tls:
17 | cat draft-ietf-mls-protocol.md | python3 extract-tls.py > draft-ietf-mls-protocol.tls
18 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # The Messaging Layer Security (MLS) Protocol
2 |
3 | This is the working area for the IETF [MLS Working Group](https://datatracker.ietf.org/wg/mls/documents/) Internet-Draft, "The Messaging Layer Security (MLS) Protocol".
4 |
5 | * [Editor's Copy](https://mlswg.github.io/mls-protocol/#go.draft-ietf-mls-protocol.html)
6 | * [Working Group Draft](https://tools.ietf.org/html/draft-ietf-mls-protocol)
7 | * [Compare Editor's Copy to Working Group Draft](https://mlswg.github.io/mls-protocol/#go.draft-ietf-mls-protocol.diff)
8 |
9 | ## Building the Draft
10 |
11 | Formatted text and HTML versions of the draft can be built using `make`.
12 |
13 | ```sh
14 | $ make
15 | ```
16 |
17 | This requires that you have the necessary software installed. See
18 | [the instructions](https://github.com/martinthomson/i-d-template/blob/master/doc/SETUP.md).
19 |
20 | Since -13, you will also need `aasvg` and `svgcheck`. First, install `npm`, then:
21 |
22 | ```sh
23 | $ npm install -g aasvg
24 | $ pip3 install svgcheck
25 | ```
26 |
27 |
28 | ## Contributing
29 |
30 | See the
31 | [guidelines for contributions](https://github.com/mlswg/mls-protocol/blob/master/CONTRIBUTING.md).
32 |
--------------------------------------------------------------------------------
/auth48/Makefile:
--------------------------------------------------------------------------------
1 | DRAFT=draft-ietf-mls-protocol
2 | RFC=9420
3 | RFC_ED_URL="https://www.rfc-editor.org/authors/rfc${RFC}.xml"
4 |
5 | .PHONY: prepare gen diff
6 |
7 | init:
8 | curl -s ${RFC_ED_URL} | \
9 | xmllint --exc-c14n - | \
10 | xmllint --format - \
11 | >rfc${RFC}.authors.xml
12 |
13 | gen: rfc${RFC}.gen.xml
14 |
15 | rfc${RFC}.gen.xml: ../${DRAFT}.md
16 | make -C .. ${DRAFT}.xml
17 | mv ../${DRAFT}.xml .
18 | python3 xml-clean.py <${DRAFT}.xml | \
19 | xmllint --exc-c14n - | \
20 | xmllint --format - | \
21 | python3 text-clean.py >rfc${RFC}.gen.xml
22 | rm ${DRAFT}.xml
23 |
24 | diff: rfc${RFC}.authors.xml rfc${RFC}.gen.xml
25 | mvim -d rfc${RFC}.gen.xml rfc${RFC}.authors.xml
26 |
27 | clean:
28 | rm rfc${RFC}.gen.xml
29 |
--------------------------------------------------------------------------------
/auth48/QUESTIONS.md:
--------------------------------------------------------------------------------
1 | # RFC Editor Questions
2 |
3 | ## RLB Notes
4 |
5 | * This document contains the changes from PR#878, which were reviewed by the WG
6 | and approved by the AD: https://github.com/mlswg/mls-protocol/pull/878
7 |
8 | * I updated Emad Omara's email address and affiliation based on his advice.
9 |
10 | * I noticed a copy/paste error in the IANA considerations, where "where this
11 | credential is defined" was repeated in other registries.
12 |
13 | * Raphael noted that there was inconsistency over whether "ciphersuite" is one
14 | or two words. I have updated the document to use the two-word form, following
15 | the example of RFC 8446. Please check that all instances have been updated
16 | properly. Note that this changed the title of one of the IANA registries, from
17 | "MLS Ciphersuites" to "MLS Cipher Suites".
18 |
19 | * You seem to be deleting commas that do not preced independent clauses. In
20 | most cases cases, the sentence structure is sufficiently complex that these
21 | these commas improve clarity, so I have re-added them.
22 |
23 | * You seem to be adding commas before "as described in..." and similar. This is
24 | almost always incorrect. These references are not "see more details", they
25 | are part of the definition of the thing they are modifying. For example,
26 | "Verify that the credential in the LeafNode is valid as described in Section
27 | X" means that you need to follow the procedure in Section X. (In one
28 | instance, the with-comma version doesn't even parse! "... an init secret
29 | computed, as described in Section X")
30 |
31 | * You seem to be adding comma after one-word introductions like "Here" and
32 | "Hence". These are unnecessary and distracting.
33 |
34 | * The document is inconsistent as to whether a is used inside
.
35 |
36 | ## Questions and Answers (Round 1)
37 |
38 | > 1) [rfced] xml2rfc returns a number of warnings and suggest that
39 | > viewBox be used. Please review and let us know if you would like to make
40 | > any updates.
41 | >
42 | > Examples:
43 | > rfc9420.xml(434): Warning: Found SVG with width or height specified, which will make the artwork not scale. Specify a viewBox only to let the artwork scale.
44 | > rfc9420.xml(568): Warning: Found SVG with width or height specified, which will make the artwork not scale. Specify a viewBox only to let the artwork scale.
45 | > ...
46 | > rfc9420.xml(5759): Warning: Found SVG with width or height specified, which will make the artwork not scale. Specify a viewBox only to let the artwork scale.
47 | > rfc9420.xml(8128): Warning: Found SVG with width or height specified, which will make the artwork not scale. Specify a viewBox only to let the artwork scale.
48 | >
49 |
50 | The document's viewBox setting is correct; xml2rfc's default is wrong. Setting
51 | width and height ensures that the SVG's scale and positioning is consistent with
52 | the text across scaling.
53 |
54 |
55 | > 2) [rfced] Please insert any keywords (beyond those that appear in
56 | > the title) for use on https://www.rfc-editor.org/search.
57 |
58 | The authors' XML file now has
59 |
60 |
61 | > 3) [rfced] Section 2. Should the terminology be placed in alphabetical
62 | > order, or do you prefer the current ordering? Please review and
63 | > let us know your preference.
64 | >
65 |
66 | We would prefer to keep the terminology in the existing order. Since there are
67 | some semantic dependencies, having them in this order is clearer.
68 |
69 |
70 | > 4) [rfced] Please review the "type" attribute of each sourcecode
71 | > element in the XML file to ensure correctness.
72 | >
73 | > Note that "tls-presentation" (not "tls") is already considered an
74 | > acceptable "type" per the current list of preferred values
75 | > (https://www.rfc-editor.org/materials/sourcecode-types.txt). Would it make
76 | > sense to update instances of type "tls" to "tls-presentation". Are you
77 | > recommending that "tls" be added as a new type? Note that it is also
78 | > acceptable to leave the "type" attribute not set.
79 | >
80 | > In addition, review each artwork element. Specifically,
81 | > should any artwork element be tagged as sourcecode or another
82 | > element?
83 | >
84 |
85 | Thanks, we were unaware of the `tls-presentation` type. All of the `tls`
86 | instances have been changed to `tls-presentation`.
87 |
88 |
89 | > 5) [rfced] In the html and pdf outputs, the text enclosed in `` is
90 | > output in fixed-width font. In the txt output, there are no changes to the
91 | > font, and the quotation marks have been removed.
92 | >
93 | > In the html and pdf outputs, the text enclosed in `` is output in
94 | > italics. In the txt output, the text enclosed in `` appears with an
95 | > underscore before and after.
96 | >
97 | > Please review carefully and let us know if the output is acceptable or if
98 | > any updates are needed.
99 | >
100 |
101 | Yes, this output matches our expectations.
102 |
103 |
104 | > 6) [rfced] We note that `` is used for superscript, but not for
105 | > all instances. Please review and let us know if you would like to
106 | > use `` for the instances that do not contain the `` element.
107 | >
108 |
109 | We should use `` throughout, removing `` if necessary. I have
110 | attempted to update all of the required occurrences.
111 |
112 |
113 | > 7) [rfced] Would it be correct to say that a member "sends" a Welcome
114 | > message to a new client instead of "broadcasts" it since the
115 | > Welcome is only being distributed to one client?
116 | >
117 | > Original:
118 | > Any member of the group can download a KeyPackage for a new client
119 | > and broadcast Add and Commit messages that the current group will
120 | > use to update their state, and a Welcome message that the new client
121 | > can use to initialize its state and join the group.
122 | >
123 | > Perhaps:
124 | > Any member of the group can download a KeyPackage for a new client
125 | > and broadcast Add and Commit messages that the current group will
126 | > use to update their state, and send a Welcome message that
127 | > the new client can use to initialize its state and join the group.
128 | >
129 |
130 | I have edited this to be serial: "download ... broadcast ... send".
131 |
132 |
133 | > 8) [rfced] Please review whether any of the notes in this document
134 | > should be in the `