MLS over OCM Proposal

[mickenordin]

This is a proposed architecture for federated groups in OCM leveraging MLS.

[KrausMatthias]

Sounds great!

I'm a bit worried about the added complexity, but I guess it might be worth it.

This would also act as a replacement/alternative to sharedSecret or Token Flow?

Data Encryption support might be advertised via a capability?

[mickenordin]

Sounds great!

I'm a bit worried about the added complexity, but I guess it might be worth it.

This is an optional part that you have to advetize.

This would also act as a replacement/alternative to sharedSecret or Token Flow?

The idea is to keep the current OCM messages as is, so not in my proposal.

Data Encryption support might be advertised via a capability?

You don't need to, since it is you who share encrypted material, you would only do that if you support encryption. Decryption support on the other hand could be made optional and signaled via a capability, but since you have to implement decryption any way, using the same algorithms, I think it should come as a package.

[MahdiBaghbani]

I'm very interested in this and as someone who has followed your progress in code (Amity) I have seen a little bit of MLS work in action

Although I'm quite uninformed about this and need to read more to understand it better

I would like to see a name different than DS though because it already means "Directory Service" in OCM, overloading them isn't ideal for me :-)

It's a cool thing to add since we have also work on group sharing or even resharing!