#ls2 (irc2p) | #ls2 proposal review channel : Reviews Tuesdays 7 PM UTC: none scheduled

dr|z3d thanks, orignal. as you've read, nothing to do with I2P+.

dr|z3d what we'd ideally have is a single LS on a dest, with DSA-SHA1 retired, and an automated method to revoke the DSA LS.

dr|z3d is it possible? I don't know. could one dest forward requests to another dest transparently, with some authentication between dest 1 and 2?

dr|z3d and why does the old (DSA) dest require the same number of leases as the new dest? seems wasteful. if I own DSA dest, I should be able to do the equivalent of a 301 and the client should update their addressbook.

dr|z3d and at a time of my choosing I should be able to shutdown the DSA dest and have the EdDSA dest persist, when I'm confident clients have updated.

orignal zzz so what do you do by timer?

orignal and more important wht do you do it in case of postman?

zzz double LS issue fixed, 6 hours for a one-line change

orignal now tell me in which case you do it

zzz I verified that we are sending the right LS in any case, so it's a harmless bug, I'm not even going to ask postman to test it

zzz it was sending the wrong LS with a ratchet-layer ack after an ack request was received

orignal ack request

orignal but what you do with timer?

zzz I set the timer when I receive an ack request; if the client doesn't respond sooner, the timer sends a ratchet-layer ack

orignal how long?

orignal so you receive ack request

orignal but you don't reposnd because nobody send data

zzz timer is 1 second

zzz client sends streaming ack + LS + ratchet ack request

zzz server streaming doesn't respond, because it was just a streaming ack

zzz server sends ratchet ack 1 sec later

orignal server waits if server app sends something, right?

orignal if not then after 1 sec

zzz if server streaming replies before 1 sec, the ack timer doesn't do anything

orignal thanks. will implement the same

orignal but it's not postman's case because irc always sends heartbeats

zzz surprised you don't do that now, section about it in the spec: i2p-projekt.i2p/spec/ecies#protocol-layer-responses

orignal I forgot )))

orignal to implement it

zzz yeah, irc sends heartbeats but not very often, so the ratchet acks help

orignal m_AckRequests.push_back ({receiveTagset->GetTagSetID (), index});

orignal that's all I so upon receive Ack request

zzz it's also important to set a timer for the handshake, because if streaming is dropping everything because the dest is banned, at least you'll get spammed with symmetric crypto ))

orignal yes time to do it

orignal I'm confused

orignal when you receive an ack request how do you know where to send response to?

orignal you know your peer though SYN streaming packet or repliable datagram

orignal in general you don't know

orignal that's why I don't have it

zzz orignal, for outbound of course you know. for inbound:

zzz pull the LS out of any database store msg you see in a clove, if the EC pubkey matches the static key in the handshake, store the dest with the session

zzz until you find it, you can't do a ratchet-layer ack

orignal yes I mean if I'm a server

zzz ^^

orignal don't you think it's against protocols model?

orignal racthets should know nothing about transports

orignal yes I know I can fin dby static key

zzz it's a little messy, yes. We had this discussion in 2019. But it works well

orignal I would prefer to do it in streams and datagrams

orignal but I2CP

zzz well, you could have streaming tell ratchet who it is

zzz but the static key in the noise handshake proves it

zzz there's a lot of stuff in ratchet that isn't perfect. I think we listened to str4d too much ))

zzz but that's the good thing about IK, you know who Alice is right away

orignal in streaming I can state of ractchet session and if somthing need to be sent I will send an empty message

orignal that's how I do for datagrams

zzz right, "ratchet ack" == no garlic clove blocks

orignal that's my idea

orignal but I don't know what to do with I2CP

zzz yeah I couldn't see any other way to do it

zzz out of all the changes and protocols we've done in 8 years, the only one I'm < 99% happy with is ratchet

orignal nevermind I know remote destination

orignal even for I2CP

orignal for handshake true I need to lookup

orignal for leaaseset

zzz I doubt it would be helpful but here's my code to pull the dest out of NS: git.idk.i2p/i2p-hackers/i2p.i2p/-/blob/master/router/java/src/net/i2p/router/crypto/ratchet/ECIESAEADEngine.java#L1472

orignal will check