Script updating gh-pages from 49b739c. [ci skip]

mlswg · Jan 28, 2025 · 4cfd67b · 4cfd67b
1 parent 42f78a7
commit 4cfd67b
Show file tree

Hide file tree

Showing 2 changed files with 328 additions and 1 deletion.
diff --git a/draft-ietf-mls-extensions.html b/draft-ietf-mls-extensions.html
@@ -1269,6 +1269,15 @@ <h2 id="name-copyright-notice">
                     <p id="section-toc.1-1.6.2.5.2.2.1"><a href="#section-6.5.2" class="auto internal xref">6.5.2</a>.  <a href="#name-format-2" class="internal xref">Format</a></p>
 </li>
                 </ul>
+</li>
+              <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.6.2.6">
+                <p id="section-toc.1-1.6.2.6.1"><a href="#section-6.6" class="auto internal xref">6.6</a>.  <a href="#name-multi-credentials" class="internal xref">Multi-Credentials</a></p>
+</li>
+              <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.6.2.7">
+                <p id="section-toc.1-1.6.2.7.1"><a href="#section-6.7" class="auto internal xref">6.7</a>.  <a href="#name-credential-bindings" class="internal xref">Credential Bindings</a></p>
+</li>
+              <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.6.2.8">
+                <p id="section-toc.1-1.6.2.8.1"><a href="#section-6.8" class="auto internal xref">6.8</a>.  <a href="#name-verifying-a-multi-credentia" class="internal xref">Verifying a Multi-Credential</a></p>
 </li>
             </ul>
 </li>
@@ -1337,6 +1346,12 @@ <h2 id="name-copyright-notice">
 <ul class="compact toc ulBare ulEmpty">
 <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.7.2.4.2.1">
                     <p id="section-toc.1-1.7.2.4.2.1.1"><a href="#section-7.4.1" class="auto internal xref">7.4.1</a>.  <a href="#name-extension-credential" class="internal xref">Extension Credential</a></p>
+</li>
+                  <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.7.2.4.2.2">
+                    <p id="section-toc.1-1.7.2.4.2.2.1"><a href="#section-7.4.2" class="auto internal xref">7.4.2</a>.  <a href="#name-multi-credential" class="internal xref">Multi Credential</a></p>
+</li>
+                  <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.7.2.4.2.3">
+                    <p id="section-toc.1-1.7.2.4.2.3.1"><a href="#section-7.4.3" class="auto internal xref">7.4.3</a>.  <a href="#name-weak-multi-credential" class="internal xref">Weak Multi Credential</a></p>
 </li>
                 </ul>
 </li>
@@ -1367,6 +1382,9 @@ <h2 id="name-copyright-notice">
 </li>
               <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.8.2.4">
                 <p id="section-toc.1-1.8.2.4.1"><a href="#section-8.4" class="auto internal xref">8.4</a>.  <a href="#name-selfremove" class="internal xref">SelfRemove</a></p>
+</li>
+              <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.8.2.5">
+                <p id="section-toc.1-1.8.2.5.1"><a href="#section-8.5" class="auto internal xref">8.5</a>.  <a href="#name-multi-credentials-2" class="internal xref">Multi Credentials</a></p>
 </li>
             </ul>
 </li>
@@ -2814,6 +2832,132 @@ <h4 id="name-format-2">
 </div>
 </section>
 </div>
+<div id="multi-credentials">
+<section id="section-6.6">
+        <h3 id="name-multi-credentials">
+<a href="#section-6.6" class="section-number selfRef">6.6. </a><a href="#name-multi-credentials" class="section-name selfRef">Multi-Credentials</a>
+        </h3>
+<p id="section-6.6-1">Multi-credentials address use cases where there might not be a single
+credential that captures all of a client's authenticated attributes.  For
+example, an enterprise messaging client may wish to provide attributes both
+from its messaging service, to prove that its user has a given handle in
+that service, and from its corporate owner, to prove that its user is an
+employee of the corporation. Multi-credentials can also be used in migration
+scenarios, where some clients in a group might wish to rely on a newer type
+of credential, but other clients haven't yet been upgraded.<a href="#section-6.6-1" class="pilcrow">¶</a></p>
+<p id="section-6.6-2">New safe credential types <code>MultiCredential</code> and <code>WeakMultiCredential</code> are
+defined as shown below. These credential types are indicated with
+ExtensionType values <code>multi</code> and <code>weak-multi</code> (see <a href="#iana-creds" class="auto internal xref">Section 7.4</a>).<a href="#section-6.6-2" class="pilcrow">¶</a></p>
+<div class="lang-tls-presentation sourcecode" id="section-6.6-3">
+<pre>
+struct {
+  CipherSuite cipher_suite;
+  Credential credential;
+  SignaturePublicKey credential_key;
+
+  /* SignWithLabel(., "CredentialBindingTBS", CredentialBindingTBS) */
+  opaque signature&lt;V&gt;;
+} CredentialBinding
+
+struct {
+  CredentialBinding bindings&lt;V&gt;;
+} MultiCredential;
+
+struct {
+  CredentialBinding bindings&lt;V&gt;;
+} WeakMultiCredential;
+</pre><a href="#section-6.6-3" class="pilcrow">¶</a>
+</div>
+<p id="section-6.6-4">The two types of credentials are processed in exactly the same way.  The only
+difference is in how they are treated when evaluating support by other clients,
+as discussed below.<a href="#section-6.6-4" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="credential-bindings">
+<section id="section-6.7">
+        <h3 id="name-credential-bindings">
+<a href="#section-6.7" class="section-number selfRef">6.7. </a><a href="#name-credential-bindings" class="section-name selfRef">Credential Bindings</a>
+        </h3>
+<p id="section-6.7-1">A multi-credential consists of a collection of "credential bindings".  Each
+credential binding is a signed statement by the holder of the credential that
+the signature key in the LeafNode belongs to the holder of that credential.
+Specifically, the signature is computed using the MLS <code>SignWithLabel</code> function,
+with label <code>"CredentialBindingTBS"</code> and with a content that covers the contents
+of the CredentialBinding, plus the <code>signature_key</code> field from the LeafNode in
+which this credential will be embedded.<a href="#section-6.7-1" class="pilcrow">¶</a></p>
+<div class="lang-tls-presentation sourcecode" id="section-6.7-2">
+<pre>
+struct {
+  CipherSuite cipher_suite;
+  Credential credential;
+  SignaturePublicKey credential_key;
+  SignaturePublicKey signature_key;
+} CredentialBindingTBS;
+</pre><a href="#section-6.7-2" class="pilcrow">¶</a>
+</div>
+<p id="section-6.7-3">The <code>cipher_suite</code> for a credential is NOT <span class="bcp14">REQUIRED</span> to match the cipher suite
+for the MLS group in which it is used, but <span class="bcp14">MUST</span> meet the support requirements
+with regard to support by group members discussed below.<a href="#section-6.7-3" class="pilcrow">¶</a></p>
+</section>
+</div>
+<div id="verifying-a-multi-credential">
+<section id="section-6.8">
+        <h3 id="name-verifying-a-multi-credentia">
+<a href="#section-6.8" class="section-number selfRef">6.8. </a><a href="#name-verifying-a-multi-credentia" class="section-name selfRef">Verifying a Multi-Credential</a>
+        </h3>
+<p id="section-6.8-1">A credential binding is supported by a client if the client supports the
+credential type and cipher suite of the binding.  A credential binding is valid
+in the context of a given LeafNode if both of the following are true:<a href="#section-6.8-1" class="pilcrow">¶</a></p>
+<ul class="normal">
+<li class="normal" id="section-6.8-2.1">
+            <p id="section-6.8-2.1.1">The <code>credential</code> is valid according to the MLS Authentication Service.<a href="#section-6.8-2.1.1" class="pilcrow">¶</a></p>
+</li>
+          <li class="normal" id="section-6.8-2.2">
+            <p id="section-6.8-2.2.1">The <code>credential_key</code> corresponds to the specified <code>credential</code>, in the same
+way that the <code>signature_key</code> would have to correspond to the credential if
+the credential were presented in a LeafNode.<a href="#section-6.8-2.2.1" class="pilcrow">¶</a></p>
+</li>
+          <li class="normal" id="section-6.8-2.3">
+            <p id="section-6.8-2.3.1">The <code>signature</code> field is valid with respect to the <code>signature_key</code> value in
+the leaf node.<a href="#section-6.8-2.3.1" class="pilcrow">¶</a></p>
+</li>
+        </ul>
+<p id="section-6.8-3">A client that receives a credential of type <code>multi</code> in a LeafNode <span class="bcp14">MUST</span> verify
+that all of the following are true:<a href="#section-6.8-3" class="pilcrow">¶</a></p>
+<ul class="normal">
+<li class="normal" id="section-6.8-4.1">
+            <p id="section-6.8-4.1.1">All members of the group support credential type <code>multi</code>.<a href="#section-6.8-4.1.1" class="pilcrow">¶</a></p>
+</li>
+          <li class="normal" id="section-6.8-4.2">
+            <p id="section-6.8-4.2.1">For each credential binding in the multi-credential:<a href="#section-6.8-4.2.1" class="pilcrow">¶</a></p>
+<ul class="normal">
+<li class="normal" id="section-6.8-4.2.2.1">
+                <p id="section-6.8-4.2.2.1.1">Every member of the group supports the cipher suite and credential type
+values for the binding.<a href="#section-6.8-4.2.2.1.1" class="pilcrow">¶</a></p>
+</li>
+              <li class="normal" id="section-6.8-4.2.2.2">
+                <p id="section-6.8-4.2.2.2.1">The binding is valid in the context of the LeafNode.<a href="#section-6.8-4.2.2.2.1" class="pilcrow">¶</a></p>
+</li>
+            </ul>
+</li>
+        </ul>
+<p id="section-6.8-5">A client that receives a credential of type <code>weak-multi</code> in a LeafNode <span class="bcp14">MUST</span> verify
+that all of the following are true:<a href="#section-6.8-5" class="pilcrow">¶</a></p>
+<ul class="normal">
+<li class="normal" id="section-6.8-6.1">
+            <p id="section-6.8-6.1.1">All members of the group support credential type <code>weak-multi</code>.<a href="#section-6.8-6.1.1" class="pilcrow">¶</a></p>
+</li>
+          <li class="normal" id="section-6.8-6.2">
+            <p id="section-6.8-6.2.1">Each member of the group supports at least one binding in the
+multi-credential.  (Different members may support different subsets.)<a href="#section-6.8-6.2.1" class="pilcrow">¶</a></p>
+</li>
+          <li class="normal" id="section-6.8-6.3">
+            <p id="section-6.8-6.3.1">Every binding that this client supports is valid in the context of the
+LeafNode.<a href="#section-6.8-6.3.1" class="pilcrow">¶</a></p>
+</li>
+        </ul>
+</section>
+</div>
 </section>
 </div>
 <div id="iana-considerations">
@@ -3267,7 +3411,7 @@ <h4 id="name-selfremove-proposal-2">
 </div>
 </section>
 </div>
-<div id="mls-credential-types">
+<div id="iana-creds">
 <section id="section-7.4">
         <h3 id="name-mls-credential-types">
 <a href="#section-7.4" class="section-number selfRef">7.4. </a><a href="#name-mls-credential-types" class="section-name selfRef">MLS Credential Types</a>
@@ -3293,6 +3437,48 @@ <h4 id="name-extension-credential">
           </ul>
 </section>
 </div>
+<div id="multi-credential">
+<section id="section-7.4.2">
+          <h4 id="name-multi-credential">
+<a href="#section-7.4.2" class="section-number selfRef">7.4.2. </a><a href="#name-multi-credential" class="section-name selfRef">Multi Credential</a>
+          </h4>
+<ul class="normal">
+<li class="normal" id="section-7.4.2-1.1">
+              <p id="section-7.4.2-1.1.1">Value: 0x0004<a href="#section-7.4.2-1.1.1" class="pilcrow">¶</a></p>
+</li>
+            <li class="normal" id="section-7.4.2-1.2">
+              <p id="section-7.4.2-1.2.1">Name: multi<a href="#section-7.4.2-1.2.1" class="pilcrow">¶</a></p>
+</li>
+            <li class="normal" id="section-7.4.2-1.3">
+              <p id="section-7.4.2-1.3.1">Recommended: Y<a href="#section-7.4.2-1.3.1" class="pilcrow">¶</a></p>
+</li>
+            <li class="normal" id="section-7.4.2-1.4">
+              <p id="section-7.4.2-1.4.1">Reference: RFC XXXX<a href="#section-7.4.2-1.4.1" class="pilcrow">¶</a></p>
+</li>
+          </ul>
+</section>
+</div>
+<div id="weak-multi-credential">
+<section id="section-7.4.3">
+          <h4 id="name-weak-multi-credential">
+<a href="#section-7.4.3" class="section-number selfRef">7.4.3. </a><a href="#name-weak-multi-credential" class="section-name selfRef">Weak Multi Credential</a>
+          </h4>
+<ul class="normal">
+<li class="normal" id="section-7.4.3-1.1">
+              <p id="section-7.4.3-1.1.1">Value: 0x0005<a href="#section-7.4.3-1.1.1" class="pilcrow">¶</a></p>
+</li>
+            <li class="normal" id="section-7.4.3-1.2">
+              <p id="section-7.4.3-1.2.1">Name: weak-multi<a href="#section-7.4.3-1.2.1" class="pilcrow">¶</a></p>
+</li>
+            <li class="normal" id="section-7.4.3-1.3">
+              <p id="section-7.4.3-1.3.1">Recommended: Y<a href="#section-7.4.3-1.3.1" class="pilcrow">¶</a></p>
+</li>
+            <li class="normal" id="section-7.4.3-1.4">
+              <p id="section-7.4.3-1.4.1">Reference: RFC XXXX<a href="#section-7.4.3-1.4.1" class="pilcrow">¶</a></p>
+</li>
+          </ul>
+</section>
+</div>
 </section>
 </div>
 <div id="mls-signature-labels">
@@ -3392,6 +3578,15 @@ <h3 id="name-selfremove">
 does not change with the addition of this proposal type.<a href="#section-8.4-1" class="pilcrow">¶</a></p>
 </section>
 </div>
+<div id="multi-credentials-1">
+<section id="section-8.5">
+        <h3 id="name-multi-credentials-2">
+<a href="#section-8.5" class="section-number selfRef">8.5. </a><a href="#name-multi-credentials-2" class="section-name selfRef">Multi Credentials</a>
+        </h3>
+<p id="section-8.5-1">Using a Weak Multi Credential reduces the overall credential security to the
+security of the least secure of its credential bindings.<a href="#section-8.5-1" class="pilcrow">¶</a></p>
+</section>
+</div>
 </section>
 </div>
 <div id="sec-combined-references">