IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#ls2
/2023/06/05
eyedeekay Hi everyone, meeting time
eyedeekay hi orignal
eyedeekay dr|zed obscuratus weko Xeha R4SAS not_bob will anybody else be joining us today?
orignal I think time to discuss SSU2
eyedeekay OK good I think so too
eyedeekay Also I think release
orignal also someone's break should be over
eyedeekay It's up to him if he wants to do that
eyedeekay I certainly can't force anyone to do anything
orignal he musr
orignal 6 months is coming
orignal so, have you had a chance to think/discuss this issue with SSU2?
eyedeekay You're free to contact him, his info hasn't changed, regardless there's nothing to be achieved by discussing this at the meeting
eyedeekay Good, SSU2
orignal Tor has instroduced PoW as you probably know
eyedeekay Yes I do
orignal so SSU2, where are you with it?
eyedeekay I understand how to implement solution A, modifying the handshake so that bob sends a signature, and I understand how it's backward compatible, and I think I even mostly know how to do it
orignal another option that Bob sends IdentHash
orignal third option that Alice sends Bob's iden hash
orignal backward compatibility
orignal you require that block since some partcular version
orignal for older routers it's not required
eyedeekay I was getting to that. I understand very little about solution B, sending bob's identHash, or now solution C, having alice send bob's identhash
eyedeekay For instance, when does bob send the identHash in solution B?
orignal we have "RouterInfo" block already
orignal but we can't send it in SessionCreated
orignal why? because it's too long
orignal Bob sends own identhash in SessionCreated
eyedeekay OK so at the same time as the signature then
orignal Alice receives SessionCreated and compares with her Bob's RouterInfo
orignal you actually don't need to send signature
eyedeekay Now I see what you mean
orignal just"abbreviated" RouterInfo
eyedeekay OK that sounds even simpler than signatures and equally effective
eyedeekay Just for completeness, what about C? how might it help for alice to send bob's identhash, and who is she sending it to, and how are they using it?
orignal Alice sends Bob's IdentHash to Bob in SEssionRequest
orignal Bob sees wrong IdentHash and terminate session
orignal the advanage is
orignal Bob doesn't generate DH keys if identhash doesn't match
orignal that let's elimited an attack with less resources
orignal *eliminate
not_bob That sounds like an elegant solution.
eyedeekay but if Bob is malicious why does Bob terminate the request?
orignal he doesn't
xeiaso bob is not malicious, just his SSU connection address was added by some other RI
orignal but he doesn't have "s" private key
eyedeekay Now I'm caught up with you, OK
orignal we are trying to eliminate another attck
orignal bob is good but he get annoyed with session
orignal because advesary published his IP in fake routers
eyedeekay OK that's more sensible, I had it backward for a moment
eyedeekay And I agree that sounds like a better bargain, more defenses for about the same amount of work
orignal eyedeekay do you know how yggdrasil works?
orignal you can always peer's public key in a link
orignal to make sure you are still connected to node you expect to connect
eyedeekay Yeah that makes sense
orignal so if Alice want to make sure that she is connect to right Bob, she should add that block and Bob should verify it if presented
eyedeekay So by sending the routerIdent Bob knows who Alice is expecting to connect to
not_bob Sanity checks are good.
orignal yes, right
orignal Alice sends Bob's routerident
eyedeekay alice sends bobs ident, bob sees if alice is actually trying to connect to him or some fake router somewhere. terminates if that validation fails
orignal сcorrect
eyedeekay This sounds very promising
weko Hi all
xeiaso hello weko
eyedeekay I'm going to focus on figuring out how this solution can be implemented in Java I2P in the coming weeks
eyedeekay welcome weko
eyedeekay Anything else for topic 1?
eyedeekay We should revisit it in 2 weeks at the next meeting after I've got some time to look at our code
eyedeekay Moving on to 2) release
eyedeekay Pending some moving targets, I will be freezing our translation tags on the 7th or the 8th, and will be releasing on the 19th. We had to push back in order to have time to test some recent changes
eyedeekay orignal is your plan still to release on the 12th?
orignal because R4SAS is busy after 15-th
orignal maybe we will release on 14-th
eyedeekay OK as long as it's about the same
orignal I don;t think it's a big difference between 12 or 19
xeiaso eyedeekay: you will be doing netdb code refactoring?
eyedeekay xeiaso I'm going to try, but we won't release anything without testing it
orignal eyedeekay what are you going to use instead stats.i2p?
orignal people really complain that Java can't resolve addresses by default
not_bob My jump service should be in the stock java client.
eyedeekay I'm using metrics.i2p right now and aggregating stats from my floodfills, or do you mean for a default addressbook subscription?
eyedeekay not_bob it is
eyedeekay not_bob if you're not the default subscription already, do you mind to be? It would mean potentially lots of people downloading your hosts.txt file
orignal for addressbook
orignal yes, be prepared
orignal you probably would need mutihoming
not_bob I'm fine being the default. I'm already multi-homed.
orignal just FYI, reg.i2p consumes a lot
xeiaso how much is "a lot"?
eyedeekay Awesome, there's our answer
eyedeekay thank you not_bob
orignal ask R4SAS
not_bob No worries.
eyedeekay OK anything else for 2 or for the meeting?
eyedeekay All right thanks everybody for coming, see you around IRC and in 2 weeks, same time
not_bob Thank you.
not_bob Also, I can put more homes online as needed.
obscuratus Sorry I missed the meeting. Been struggling with hardware problems.
R4SAS not_bob: around 350 leasesets in moment
not_bob R4SAS: How much is that in m/s or k/s?
R4SAS m/s? k/s?
not_bob We are talking about default jump service.
not_bob And for subscriptions, default for that as well.
not_bob speed, bandwidth usage esimate.
R4SAS our leasesets means one client per lease of address at destination
R4SAS so i don't collect any statistics, so it is hard to say
not_bob I guess I'll find out.
not_bob I'm currently showing about 705 active eepsites on the network.
not_bob With domain names.
R4SAS around same for me
not_bob Registering a domain is not required to host.
not_bob I know I host a number of sites for internal use that are not registered.
not_bob Just use the b32 and call it a day.
R4SAS 18:10:27 [CHECKER] Result: Total hosts: 1034, Alive: 750
R4SAS 19:10:52 [CHECKER] Result: Total hosts: 1034, Alive: 694
R4SAS 20:11:16 [CHECKER] Result: Total hosts: 1034, Alive: 656
not_bob Perfect.
R4SAS whole hosts list checked at 8 AM
R4SAS 08:52:53 [CHECKER] Result: Total hosts: 6827, Alive: 766
not_bob I check my list hourly
not_bob I don't get 766 alive though.
R4SAS I check only leaseset existence
not_bob Yeah, that's not at all the same way I do it.
R4SAS I really don't want check if there is really eepsite or something else
R4SAS because sometime there can be service which will never respond to HTTP request
not_bob Is there a chance I could get a copy of the code you use to check the lease sets?
R4SAS I using BOB, so idk if you can use it )))
not_bob Yeah, I get that.
not_bob Yes, I've run into that as well.
not_bob There is one, nethack.idk.i2p that's a telnet nethack server.
not_bob I can handle BOB interface.
R4SAS not_bob: pm