@eyedeekay
+R4SAS
+RN
+RN_
+Xeha
+acetone
+orignal
+weko
Irc2PGuest42386
Irc2PGuest5995
Leopold_
Onn4l7h
Onn4|7h
T3s|4_
aargh2
anon2
eyedeekay_bnc
hk
not_bob_afk
profetikla
shiver_
u5657
x74a6
eyedeekay
Hi everyone, meeting time
orignal
hi
eyedeekay
hi orignal
eyedeekay
dr|zed obscuratus weko Xeha R4SAS not_bob will anybody else be joining us today?
orignal
I think time to discuss SSU2
eyedeekay
OK good I think so too
eyedeekay
Also I think release
xeiaso
hi
orignal
yes
orignal
also someone's break should be over
eyedeekay
It's up to him if he wants to do that
eyedeekay
I certainly can't force anyone to do anything
orignal
he musr
orignal
6 months is coming
orignal
so, have you had a chance to think/discuss this issue with SSU2?
eyedeekay
You're free to contact him, his info hasn't changed, regardless there's nothing to be achieved by discussing this at the meeting
eyedeekay
Good, SSU2
orignal
Tor has instroduced PoW as you probably know
eyedeekay
Yes I do
orignal
so SSU2, where are you with it?
eyedeekay
I understand how to implement solution A, modifying the handshake so that bob sends a signature, and I understand how it's backward compatible, and I think I even mostly know how to do it
orignal
another option that Bob sends IdentHash
orignal
third option that Alice sends Bob's iden hash
orignal
backward compatibility
orignal
you require that block since some partcular version
orignal
for older routers it's not required
eyedeekay
I was getting to that. I understand very little about solution B, sending bob's identHash, or now solution C, having alice send bob's identhash
eyedeekay
For instance, when does bob send the identHash in solution B?
orignal
we have "RouterInfo" block already
orignal
but we can't send it in SessionCreated
orignal
why? because it's too long
orignal
Bob sends own identhash in SessionCreated
eyedeekay
OK so at the same time as the signature then
orignal
Alice receives SessionCreated and compares with her Bob's RouterInfo
orignal
you actually don't need to send signature
eyedeekay
Now I see what you mean
orignal
just"abbreviated" RouterInfo
eyedeekay
OK that sounds even simpler than signatures and equally effective
eyedeekay
Just for completeness, what about C? how might it help for alice to send bob's identhash, and who is she sending it to, and how are they using it?
orignal
yes
orignal
Alice sends Bob's IdentHash to Bob in SEssionRequest
orignal
Bob sees wrong IdentHash and terminate session
orignal
the advanage is
orignal
Bob doesn't generate DH keys if identhash doesn't match
orignal
that let's elimited an attack with less resources
orignal
*eliminate
not_bob
That sounds like an elegant solution.
eyedeekay
but if Bob is malicious why does Bob terminate the request?
orignal
he doesn't
xeiaso
bob is not malicious, just his SSU connection address was added by some other RI
orignal
but he doesn't have "s" private key
eyedeekay
Now I'm caught up with you, OK
orignal
we are trying to eliminate another attck
orignal
bob is good but he get annoyed with session
orignal
because advesary published his IP in fake routers
eyedeekay
OK that's more sensible, I had it backward for a moment
eyedeekay
And I agree that sounds like a better bargain, more defenses for about the same amount of work
orignal
eyedeekay do you know how yggdrasil works?
orignal
you can always peer's public key in a link
orignal
to make sure you are still connected to node you expect to connect
eyedeekay
Yeah that makes sense
orignal
so if Alice want to make sure that she is connect to right Bob, she should add that block and Bob should verify it if presented
eyedeekay
So by sending the routerIdent Bob knows who Alice is expecting to connect to
not_bob
Sanity checks are good.
eyedeekay
Yup
orignal
no
orignal
yes, right
orignal
Alice sends Bob's routerident
eyedeekay
alice sends bobs ident, bob sees if alice is actually trying to connect to him or some fake router somewhere. terminates if that validation fails
orignal
сcorrect
eyedeekay
This sounds very promising
weko
Hi all
xeiaso
hello weko
eyedeekay
I'm going to focus on figuring out how this solution can be implemented in Java I2P in the coming weeks
eyedeekay
welcome weko
eyedeekay
Anything else for topic 1?
eyedeekay
We should revisit it in 2 weeks at the next meeting after I've got some time to look at our code
eyedeekay
Moving on to 2) release
eyedeekay
Pending some moving targets, I will be freezing our translation tags on the 7th or the 8th, and will be releasing on the 19th. We had to push back in order to have time to test some recent changes
eyedeekay
orignal is your plan still to release on the 12th?
orignal
yes
orignal
because R4SAS is busy after 15-th
orignal
maybe we will release on 14-th
eyedeekay
OK as long as it's about the same
orignal
I don;t think it's a big difference between 12 or 19
xeiaso
eyedeekay: you will be doing netdb code refactoring?
eyedeekay
xeiaso I'm going to try, but we won't release anything without testing it
xeiaso
ok
orignal
eyedeekay what are you going to use instead stats.i2p?
orignal
people really complain that Java can't resolve addresses by default
not_bob
My jump service should be in the stock java client.
eyedeekay
I'm using metrics.i2p right now and aggregating stats from my floodfills, or do you mean for a default addressbook subscription?
eyedeekay
not_bob it is
eyedeekay
not_bob if you're not the default subscription already, do you mind to be? It would mean potentially lots of people downloading your hosts.txt file
orignal
yes
orignal
for addressbook
orignal
yes, be prepared
orignal
you probably would need mutihoming
not_bob
I'm fine being the default. I'm already multi-homed.
orignal
just FYI, reg.i2p consumes a lot
xeiaso
how much is "a lot"?
eyedeekay
Awesome, there's our answer
eyedeekay
thank you not_bob
orignal
ask R4SAS
not_bob
No worries.
eyedeekay
OK anything else for 2 or for the meeting?
orignal
no
eyedeekay
All right thanks everybody for coming, see you around IRC and in 2 weeks, same time
not_bob
Thank you.
not_bob
Also, I can put more homes online as needed.
obscuratus
Sorry I missed the meeting. Been struggling with hardware problems.
R4SAS
not_bob: around 350 leasesets in moment
not_bob
R4SAS: How much is that in m/s or k/s?
R4SAS
m/s? k/s?
not_bob
We are talking about default jump service.
not_bob
And for subscriptions, default for that as well.
not_bob
speed, bandwidth usage esimate.
R4SAS
our leasesets means one client per lease of address at destination
R4SAS
so i don't collect any statistics, so it is hard to say
not_bob
Ok
not_bob
I guess I'll find out.
not_bob
I'm currently showing about 705 active eepsites on the network.
not_bob
With domain names.
R4SAS
around same for me
not_bob
Registering a domain is not required to host.
not_bob
I know I host a number of sites for internal use that are not registered.
not_bob
Just use the b32 and call it a day.
R4SAS
18:10:27 [CHECKER] Result: Total hosts: 1034, Alive: 750
R4SAS
19:10:52 [CHECKER] Result: Total hosts: 1034, Alive: 694
R4SAS
20:11:16 [CHECKER] Result: Total hosts: 1034, Alive: 656
not_bob
Perfect.
R4SAS
whole hosts list checked at 8 AM
R4SAS
08:52:53 [CHECKER] Result: Total hosts: 6827, Alive: 766
not_bob
Nice
not_bob
I check my list hourly
not_bob
I don't get 766 alive though.
R4SAS
I check only leaseset existence
not_bob
Ahh!
not_bob
Yeah, that's not at all the same way I do it.
R4SAS
I really don't want check if there is really eepsite or something else
R4SAS
because sometime there can be service which will never respond to HTTP request
not_bob
Is there a chance I could get a copy of the code you use to check the lease sets?
R4SAS
I using BOB, so idk if you can use it )))
not_bob
Yeah, I get that.
not_bob
Yes, I've run into that as well.
not_bob
There is one, nethack.idk.i2p that's a telnet nethack server.
not_bob
I can handle BOB interface.
R4SAS
not_bob: pm