Re-frame "Safe Additional Authenticated Data (AAD)"

[TWal]

The section about Safe Additional Authenticated Data (AAD) discuss about the authenticated_data field of PrivateContentAAD.

It seems to me that this field is defined to be identical to authenticated_data in FramedContent. Shouldn't we frame this section about FramedContent then?

[rohanmahy]

There are 3 places where authenticated_data appears. I think this needs to apply to all of them.

• PrivateContentAAD
• PrivateMessage
• FramedContent

I'll write something up to fix that.

[rohanmahy]

I think this can get closed with the merge of #50

[TWal]

Indeed the text is less confusing now, thanks!

Still, I am wondering: it seems to be that MLS clients deal primarily with FramedContent, and MLS implementations translate them to PublicMessage or PrivateMessage, which are more like internal structures? If this is true, I would have framed it as "An MLS FramedContent can contain [...]" instead of "An MLS PrivateMessage can contain [...]", but this is mostly nit-picking so I guess we can close.

[rohanmahy]

Ultimately, there is no way to include application-specific AAD in a PublicMessage because there is no place to put it. Hence I mentioned PrivateMessage. Of course a SemiPrivate message will have the same properties.

[TWal]

I don't understand, PublicMessage contains FramedContent content; which itself contains opaque authenticated_data<V>;?

[rohanmahy]

Sorry, I guess I just think of it as the first A in AAD. All the data in a PublicMessage is authenticated data. It doesn't have any different properties in the authenticated_data field than it would elsewhere in the message (in application_data for example).
By "no place to put it" I just meant that there is no AEAD algorithm we are putting the A AD into.

I suppose it is perfectly OK to still call this AAD, it's just a different definition. Do you think having application-defined content in authenticated_data is useful in a PublicMessage?