company where i work implemented mls for very large groups (potentially tens of thousands of users) that can span across multiple servers in different geographies. won't recommend it.
it doesn't have things that are required for a proper "enterprise" messaging. so you need to hack around it. multi-device users were fun. chats with no active users that somebody joins to - more fun. state synchronization between multiple servers that host same chat - very exciting. during all those exercises you start to take little by little from mls. so even while it's preserved in the core, stuff that is added around, makes it "less".
to be fair, i wasn't the one that was doing implementation, i was only reviewing it. it was done by in-house crypto team. so maybe something was lost between rfc to implementation to explanations to me about how it works/supposed to work. yet, mls function is secrecy and not enterprises.
> Modern messaging services commonly support numerous features including plain and rich text, delivery notifications, read receipts, replies, reactions, presence, and many more. The working group will identify an extensible baseline set of messaging features and specify a content format to allow this feature set to be implemented interoperably. This format must be usable in the presence of E2EE.
I didn't say that there is a better alternative. It's just... point of MLS is to build end-to-end secure messaging. Taking whatever party in the middle that deals with actual delivery out of "equation". For enterprise messaging it's very nice to have but must to have its history, searches and data exports ( for various legal needs, etc). MLS doesn't deal with this well. If at all. (unless it was recently changed)
Interoperability between different messaging system (is this what mimi is about ?) it's nice, but from perspective of enterprises it's not a must (for example ms lync or skype supported xmpp federation, but i never saw it enabled.). Because of security in various aspects. For example trust between servers of different organizations. Allowing accessing "some" external users "some" internal chats. Possibility of information leaking through those chats or in case that whatever access rules for external users were incorrectly defined.
So yes, MLS/MIMI could be nice for instant messaging, but it seems not too suitable for enterprise messaging.
Wire was one of the driving forces behind MLS and they have an enterprise messaging product (client and server) that is also open-source. Presumably they will be migrating their product to MLS, now that the protocol has reached 1.0.
As I wrote above, you can torture protocol. Wire did it: "Additionally, Wire offers a surveillance service for administrators to track and record messages for specific users who require monitoring, helping you protect your organization from legal proceedings, such as litigation, government investigations, or Freedom of Information Act requests.". But it stops to be E2EE. It somewhat "okay" when it's self hosted. It's less okay when it's SaaS.
.. you have a cryptographic guarantee that everybody sees the same list of admins, sees the same list of, of non-admins and general members and whatnot.
.. The server can absolutely not inject participants because the server is not a member. So, there is this add operation, that can only be performed by an existing member. However, there is also a way for a server, or let’s say generally an outside party to suggest, uh, other members.
But that requires the outside party, you know, to have a well-defined credential and to sign that request. And then that can be honored and everybody will see that that was a suggestion from the server. And that’s a controlled way, how you can add people to a group, but you can never do that, you know, steathily.
if i correctly understand what you are trying to say, then yes but no. None of the proper "enterprise" messaging systems will expose this kind of low level information. Moreover, enterprise messaging system will actively hide some of the information that is present in order to implement all the proper enterprise functionality.
How do you think otherwise "Wire offers a surveillance service for administrators to track and record messages for specific users " in order to "protect your organization from legal proceedings, such as litigation, government investigations, or Freedom of Information Act requests".
In regulated industries, surveillance is known to the communicating parties, so there's no need to hide the presence of the mirroring member. From the interview above:
Raphael: .. the protocol itself is not enough to give you a completely private system because it’s really just one component, and to degree it is agnostic. Like, if you take double ratchet and X3DH, that’s when— you know it’s run inside of, of the Signal app, it’s super private. If you run that inside of WhatsApp, there’s two tons of metadata, but, it’s agnostic to the protocol as such. And the same is true for MLS.
Thomas: .. MLS does makes it possible to design secure group membership protocols that don’t depend on a server making sane decisions about who’s in the group.
Raphael: .. the list of members is hashed and then fed into the key schedule. So that’s how you have agreement on who’s in the group and who’s not .. when you receive a message, you also know who the sender thought they were sending it to.
Deirdre: .. that’s the thing you don’t get in Signal groups: you don’t know, everyone else that this person was trying to send to, because it’s all pairwise .. That’s pretty cool .. you can have your own [MLS] client that does whatever it wants, that can detect or reject or whatever it wants.
Yes. I know. And at this point for enterprise there is no reason to use MLS based solution for messaging. Or for software company to develop MLS based solution. Because it's just too complex for no obvious gain in security. Most of the enterprises/regulated industries/.govs simply do not need it. You can make much easier solutions.
It's still nice for security in personal instant messaging.
"It looks like someone else might be trying to access your Google Account. For your protection, you can’t sign in right now." Been like this for past year or so, on every login attempt.
Good that I never actually used gmail for my real email. Only for some random junk
the thing about anchor (and i don't mean only steam, but also lager, pilsner and liberty ale) it's that I can hop into safeway or liquor store on the corner and it will be there. cold and nicely balanced.
new craft breweries are nice for when you go out, etc. or live near by. but it doesn't replace something you can buy on the go .
Sierra Nevada always fills that niche for me: ubiquitous and of reliable quality. I don't like every SN beer, nor are they my absolute favorite, but their popular ones are consistently solid.
kirin/asahi for me only good when it's going together with yakitori. and bottle of sake.
longboard/trumers are kinda ok but they are somewhat not right . anchor steam bears for me and for my wife have better taste (we come from lager/pilsner dominating countries)
Agreed. I love a good traditional pilsner, but there's nothing ubiquitous on the market. Scrimshaw is good, and somewhat available, but it's not everywhere.
True, but those linesets introduce other downsides. They can't be cut to length, so you often have to have unsightly loops of extra line set somewhere, and the loops can potentially trap the oils that mix with the refrigerant to lubricate the compressor. They're also much more expensive, and anecdotally, I've heard of leaks from over/under tightening the threaded connections.
Not to mention, installing them without an EPA 608 certification is technically illegal. MrCool and others that use them are relying on the EPA being understaffed and unlikely to pursue homeowners, but their stance on it is perfectly clear:
"Is technician certification required to install an R-410A mini-split?
Yes. Adding or removing refrigerant from a mini-split as part of installation, and/or connecting or disconnecting hoses or pre-charged lines requires a section 608 technician certification. Activities reasonably expected to violate the integrity of the refrigerant circuit include but are not limited to: Attaching or detaching hoses and gauges to and from the appliance; adding or removing refrigerant; adding or removing components; and cutting the refrigerant line."
>True, but those linesets introduce other downsides. They can't be cut to length, so you often have to have unsightly loops of extra line set somewhere, and the loops can potentially trap the oils that mix with the refrigerant to lubricate the compressor.
well, i run my through crawlspace. had only a small extra loop. in crawlspace.
>They're also much more expensive,
per unit - yes. but... if you doing to diy mini-split not with precharged lineste, you need vacuum, refrigerant and probably license to buy it. it raises cost and make it viable if you plant to install multiple units (have coworkers that did it).
if you want to get it professionally install, than in addition to ~$1.4k for 2ton unit you look into $6k-$8k for labor. Those were prices year ago for install in garage with 240v line connected to 40amp breaker available at install location.
>Not to mention, installing them without an EPA 608 certification is technically illegal.
technically, i guess much of the work done by home owners must be done by certified professionals and get approvals and inspections.
There is actually good reason to bump up capacity by half a ton to ton, unless currently installed unit was sized recently. The reason for this it's that design temperatures jumped up, sometime in a big way in a recent ashray published design conditions (and many companies don't even know that this is the case and use those from 10 years ago or more).
And even the published numbers tend to be off and they usually use one specific weather station in a region that may or may not have same weather as you.
When I replaced hvac a couple of years ago, I retained company to make manual j calcuation as none of hvac contractors were willing to do it. I provided it with design temperatures that I calculated after scrapping data from a bunch of private weather stations in few miles radius
