@eyedeekay
+R4SAS
+RN
+RN_
+Xeha
+acetone
+orignal
+weko
Irc2PGuest42386
Irc2PGuest5995
Leopold_
Onn4l7h
Onn4|7h
T3s|4_
aargh2
anon2
eyedeekay_bnc
hk
not_bob_afk
profetikla
shiver_
u5657
x74a6
dr|z3d
thanks, orignal. as you've read, nothing to do with I2P+.
dr|z3d
what we'd ideally have is a single LS on a dest, with DSA-SHA1 retired, and an automated method to revoke the DSA LS.
dr|z3d
is it possible? I don't know. could one dest forward requests to another dest transparently, with some authentication between dest 1 and 2?
dr|z3d
and why does the old (DSA) dest require the same number of leases as the new dest? seems wasteful. if I own DSA dest, I should be able to do the equivalent of a 301 and the client should update their addressbook.
dr|z3d
and at a time of my choosing I should be able to shutdown the DSA dest and have the EdDSA dest persist, when I'm confident clients have updated.
orignal
zzz so what do you do by timer?
orignal
and more important wht do you do it in case of postman?
zzz
double LS issue fixed, 6 hours for a one-line change
orignal
now tell me in which case you do it
zzz
I verified that we are sending the right LS in any case, so it's a harmless bug, I'm not even going to ask postman to test it
zzz
it was sending the wrong LS with a ratchet-layer ack after an ack request was received
orignal
ack request
orignal
but what you do with timer?
zzz
I set the timer when I receive an ack request; if the client doesn't respond sooner, the timer sends a ratchet-layer ack
orignal
how long?
orignal
so you receive ack request
orignal
but you don't reposnd because nobody send data
zzz
timer is 1 second
zzz
client sends streaming ack + LS + ratchet ack request
zzz
server streaming doesn't respond, because it was just a streaming ack
zzz
server sends ratchet ack 1 sec later
orignal
server waits if server app sends something, right?
orignal
if not then after 1 sec
zzz
if server streaming replies before 1 sec, the ack timer doesn't do anything
orignal
thanks. will implement the same
orignal
but it's not postman's case because irc always sends heartbeats
zzz
surprised you don't do that now, section about it in the spec: i2p-projekt.i2p/spec/ecies#protocol-layer-responses
orignal
I forgot )))
orignal
to implement it
zzz
yeah, irc sends heartbeats but not very often, so the ratchet acks help
orignal
m_AckRequests.push_back ({receiveTagset->GetTagSetID (), index});
orignal
that's all I so upon receive Ack request
zzz
it's also important to set a timer for the handshake, because if streaming is dropping everything because the dest is banned, at least you'll get spammed with symmetric crypto ))
orignal
yes time to do it
orignal
I'm confused
orignal
when you receive an ack request how do you know where to send response to?
orignal
you know your peer though SYN streaming packet or repliable datagram
orignal
in general you don't know
orignal
that's why I don't have it
zzz
orignal, for outbound of course you know. for inbound:
zzz
pull the LS out of any database store msg you see in a clove, if the EC pubkey matches the static key in the handshake, store the dest with the session
zzz
until you find it, you can't do a ratchet-layer ack
orignal
yes I mean if I'm a server
zzz
^^
orignal
don't you think it's against protocols model?
orignal
racthets should know nothing about transports
orignal
yes I know I can fin dby static key
zzz
it's a little messy, yes. We had this discussion in 2019. But it works well
orignal
I would prefer to do it in streams and datagrams
orignal
but I2CP
zzz
well, you could have streaming tell ratchet who it is
zzz
but the static key in the noise handshake proves it
zzz
there's a lot of stuff in ratchet that isn't perfect. I think we listened to str4d too much ))
zzz
but that's the good thing about IK, you know who Alice is right away
orignal
in streaming I can state of ractchet session and if somthing need to be sent I will send an empty message
orignal
that's how I do for datagrams
zzz
right, "ratchet ack" == no garlic clove blocks
orignal
that's my idea
orignal
but I don't know what to do with I2CP
zzz
yeah I couldn't see any other way to do it
zzz
out of all the changes and protocols we've done in 8 years, the only one I'm < 99% happy with is ratchet
orignal
nevermind I know remote destination
orignal
even for I2CP
orignal
for handshake true I need to lookup
orignal
for leaaseset
zzz
I doubt it would be helpful but here's my code to pull the dest out of NS: git.idk.i2p/i2p-hackers/i2p.i2p/-/blob/master/router/java/src/net/i2p/router/crypto/ratchet/ECIESAEADEngine.java#L1472
orignal
will check