==Appendix B: Other design possibilities==
During the process of designing ''(n)sec'' we have considered, and debated, other design possibilities which we will describe in this section along side our argument arguments in favour of the choice we have choices made.
===Group Key Scheme vs Broadcast Scheme===
# Delayed join and leave: In a group scheme, until all participants confirm their identical view of a new participant list (due to a member joining or leaving the room), they need to assume the status quo. This might delay a new participant from joining a chat or, if no further measure is taken, enable a participant to deny join/leave for the whole group. While various mitigation methods are possible against such attacks (all summarized under the umbrella term "Denial of Service" ) they are not included in threat model considered in ''(n)sec'' protocol.
Based on the above differences, we selected a group key scheme for the proposed protocol. This is primarily because room consistency is one of the main security properties desired. However, when it is critical, the sub-protocol described by [[#Sending_and_receiving_messages_ while_joining_is__in_progresswhile_joining_is_in_progress|VISection VIII.II.2b2 Sending and receiving messages while joining is in progress]] allows for communication with users while they are waiting for the join procedure to complete.
===Participatory vs individually independent computation of group keys===