Skip to main content
  • IETF 116 Highlights and other thoughts

    Mirja Kühlewind reports on a few highlights and some personal impressions from the IETF 116 Yokohama meeting held 25-31 March 2023.

    • Mirja KühlewindIESG Member
    7 Jun 2023
  • Banishing the bane of bufferbloat

    Bufferbloat affects everyone who uses the Internet, resulting in frustratingly slow web browsing, laggy video calls, and overall poor quality of experience for Internet users and there's a lot of work underway in the IETF to address it.

    • Bjørn Ivar TeigenIETF Participant
    23 May 2023
  • IETF 116 post-meeting survey

    IETF 116 Yokohama was held 25-31 March 2023 and the results of the post-meeting survey are now available on a web-based interactive dashboard.

    • Jay DaleyIETF Executive Director
    26 Apr 2023
  • Catching up on IETF 116

    Recordings are now available for sessions held during the IETF 115 meeting and the IETF Hackathon, where more than 1500 participants gathered in London and online 5-11 November 2022.

      1 Apr 2023
    • Reducing IETF Meeting Scheduling Conflicts

      With many IETF participants active across a number of active working groups and limited time slots in an IETF meeting week, we aim to arrange sessions in the agenda to minimize conflicts that prevent participants from joining sessions that are of interest to them. In each post-meeting survey we ask meeting participants to comment on the scheduling conflicts they experienced in the meeting agenda and we then use this information to improve the meeting agenda.

      • Alexa MorrisIETF Managing Director
      1 Apr 2023

    Filter by topic and date

    Filter by topic and date

    Messaging Layer Security: Secure and Usable End-to-End Encryption

    • Nick SullivanMLS Working Group Chair
    • Sean TurnerMLS Working Group Chair

    29 Mar 2023

    The IETF has approved publication of Messaging Layer Security (MLS), a new standard for end-to-end security that will make it easy for apps to provide the highest level of security to their users. End-to-end encryption is an increasingly important security feature in Internet applications. It keeps users’ information safe even if the cloud service they’re using has been breached.


    For an app to provide end-to-end encryption, it needs an extra layer of cryptography that sets up encryption keys among the devices participating in a conversation, so that these devices can encrypt users’ data in a way that cloud services can’t decrypt. Before MLS, there was no open, interoperable specification for this extra layer. MLS fills this gap, providing a system that is completely specified, formally verified, and easy for developers to use.

    MLS builds on the best lessons of the current generation of security protocols. Like the widely used Double Ratchet protocol, MLS allows for asynchronous operation and provides advanced security features such as Post-Compromise Security. And, like TLS 1.3, MLS provides robust authentication, and its security properties have been verified by formal analyses. MLS combines the best features of these predecessors, and adds on features like efficient scaling to conversations involving thousands of devices without sacrificing security.

    Draft versions of MLS have been deployed at scale to protect sensitive real-time conversations in Webex and RingCentral communications products. These early deployments provide validation of MLS’s ability to work well in real-world scenarios, at the scale of major communications services. Other apps, such as Wire, Wickr and Matrix, are planning to transition to MLS, and the IETF MIMI working group expects to use MLS as the end-to-end encryption layer in their solution for interoperable messaging.

    This is just the beginning for MLS, though. There are already a handful of MLS implementations, including multiple open-source implementations. But, more implementations will make it easier to use MLS in more places. Likewise, more deployments will provide valuable lessons on how future versions of MLS need to improve. And while MLS is a major piece of the end-to-end security story, there are still important pieces yet to be written, for example, creating a strong identity that can integrate with MLS’s authentication system and secrets management systems that help users have a more seamless experience.

    Share this page