Filter by topic and date
New MLS protocol provides groups better and more efficient security at Internet scale
19 Jul 2023
The core specification for Messaging Layer Security (MLS), which is already making it easy for apps to provide the highest level of end-to-end security for their users, has been published as an RFC.
MLS provides unsurpassed security and privacy for users of group communications applications. Using MLS, participants always know which other members of a group will receive the messages they send, and the validity of new participants joining a group is verified by all the other participants. During its development in the IETF, MLS underwent formal security analysis and industry review. It currently supports multiple ciphersuites, and makes it straightforward to add quantum attack resistant ciphersuites in the future.
The open processes and “running code” that are hallmarks of the IETF, mean that MLS is already proven to be efficient at Internet scale, working efficiently with groups that have thousands of participants. MLS is either already available from—or soon will be implemented and deployed by—a wide range of companies and organizations, including:
- AWS
- Cisco
- Cloudflare
- The Matrix.org Foundation
- Meta
- Mozilla
- Phoenix R&D
- Wire
MLS is also extensible, meaning it can be easily updated in a number of ways. Work is continuing in the MLS Working Group in a number of areas., and the IETF More Instant Messaging Interoperability (mimi) working group is looking to build on MLS as they aim to specify the minimal set of mechanisms required to make modern Internet messaging services interoperable.