I'm happy to be working on MLS support for @Matrix.org. You can see our progress at arewemlsyet.com. I've been working on it for several years now (the hardest part has been figuring out how to adapt it to work in a decentralised environment), but we're getting closer to something that's usable in clients. We have a proof-of-concept implementation (don't use it for anything serious, because it may self-destruct without warning), and some demo videos. And we'll be working on advancing our extensions for decentralisation into a standard, somehow.
Messaging Layer Security (MLS) is now RFC 9420 https://datatracker.ietf.org/doc/rfc9420/! MLS is a standard for end-to-end encryption in messaging systems. Many messaging systems, including @Matrix.org, are working on supporting MLS. A huge thank you to @Richard Barnes and @Raphael Robert, and to many others, for their work on MLS.
I haven't mentioned it here yet, I've been (slowly) writing a tutorial for writing a Matrix client. It's still in the very early stages, but I've gotten to showing how to send and receive events, and I've recently been working on the end-to-end encryption section. For those who saw an earlier version, you can now know more than you wanted to know about uploading device and one-time keys, and keeping track of recipient devices.
I have to laugh and shake my head at Smith calling it a "Miracle on the Praries". No, you were leading in the polls pretty much the whole time. You're in a strongly conservative province. I mean, if you're saying that it's a miracle that the majority of Albertans chose to ignore your terribleness, then yes, sure. But people voting the same way the polls said they would isn't a miracle. If the UCP ran with a saner leader, they probably would have won by a lot more.
Alberta, I'm disappointed in you. Especially you, Calgary. Though, congratulations to the seats in Calgary that managed to flip. And Banff-Kananaskis. Lethbridge-West, why couldn't you be more like Lethbridge-East?
Hubert Chathi (hubert@social.uhoreg.ca)'s status on Monday, 29-May-2023 09:59:37 EDT
Hubert ChathiAlberta, vote today! How is it that the UCP is polling ahead of the NDP? I know that Alberta likes their conservative governments, but with the things that Smith has said and done, the UCP shouldn't be polling so high. Get out and vote. It doesn't matter if you're in a "safe Blue", or a "safe Orange" riding. Vote!
Hubert Chathi (hubert@social.uhoreg.ca)'s status on Wednesday, 26-Apr-2023 18:32:35 EDT
Hubert ChathiIt's taking over 4 hours to download a VM image of Windows with Visual Studio that will expire and be unusable in 3 months (and I'm lucky that such a VM is even available, though I won't be surprised if, after it's done downloading and I've set it up, I find out it isn't what I need). It took about half an hour to download a VM image of FreeBSD that will never expire. I hate working with proprietary software.
"Asked if she ever thought about pressing her panic button or leaving the cave, she replied: 'Never. In fact I didn't want to come out.'" Ah, I see that she's been keeping up with the news while she was in there. Can I go live in a cave too?
Hubert Chathi (hubert@social.uhoreg.ca)'s status on Saturday, 08-Apr-2023 09:52:11 EDT
Hubert ChathiThe other day, on the radio, they were talking about the power outages in Quebec and Eastern Ontario. The commentator was saying that in Quebec, most houses are heated with electric heat since they have pretty cheap electricity there, so if the power goes out, they lose their heat and they'll get cold. And I was thinking, "Sure, but the gas furnaces that we have here still need electricity to run, so if we lose electricity, we'll get cold too." Somebody obviously hasn't been watching enough @Technology Connections videos.
Yes, I agree. I would have liked to be able to use an unaltered MLS for Matrix, but haven't figured out a way to do it. Of course, just because I can't figure it out, doesn't mean it isn't possible, and if anyone has any brilliant ideas, I'd be happy to hear them.
I don't think I ever said that the servers need to have any knowledge of the group membership. All I said was that "the application has a way to allow clients to determine the membership of the group in the face of concurrent changes to the group membership." Whether it's done client-side or server-side, it shouldn't matter.
If you're using a system where you can just use MLS's notion of membership, then you can just use that and ignore that part of my proposal. But if you're in a decentralised situation where membership changes can come from anywhere and need to be merged together, then you may need something outside of MLS to manage that. (Consider: Alice bans Bob from the room in one branch, and Bob invites Carol in another branch. When the branches get merged, should Carol be in the room or not?) MLS doesn't include any way of resolving those types of conflicts.
Also, MLS isn't a complete membership system; for example, it doesn't define any permissions, and deliberately leaves that up to the application. For example, if Alice sends a commit that removes Bob from the tree, is that a valid operation? MLS leaves it up to the application to decide if that should be accepted.
I don't know about the timelines, but there's already talk amongst people in the MLS WG about working on a new version of MLS.
I don't think it's possible to use an unmodified MLS in a decentralised case. Even if you could create a strict ordering, would have to end up completely discarding some updates, which is less than ideal.