I2P dev meeting, January 18, 2005

Quick recap

  • Present:

ant, bla, BrockSamson, cervantes, dox, duck, Frooze, jrandom, kaji, mule, orion, polecat, postman, protokol, Ragnarok, Teal`c, Xan,

完全な IRC ログ

13:04 < jrandom> 0) hi
13:04 < jrandom> 1) Net status
13:04 < jrandom> 2) 0.5
13:04 < jrandom> 3) i2pmail.v2
13:04 < jrandom> 4) azneti2p_0.2
13:04 < jrandom> 5) ???
13:04 < ant> <duck> (the sound of the crypto talk flying past my ears)
13:04 < jrandom> :)
13:04  * jrandom waves
13:04 < cervantes> 'lo
13:04 < jrandom> you too can listen to the sound of crypto talk flying past your ears!  weekly status note posted @ http://dev.i2p.net/pipermail/i2p/2005-January/000559.html
13:05 < bla> hi
13:05 < jrandom> jumping on in, since we're cutting into an interesting discussion anyway... 1) net status
13:05 < jrandom> i dont really have anything to add beyond whats in the mail - anyone have anything they want to bring up wrt the net status?
13:06 < bla> Other that we have, for the first time, seen nodes on *all* continents except Antarctica, no.
13:06 < jrandom> w00t!
13:07 < jrandom> ok, moving on to 2) 0.5 stuff
13:07 < mule> hey, my father is just on his way to antarctica, should have given him a node
13:07 < ant> <duck> bloody Antarticans
13:07 < Xan> no antarcticans? :(
13:07 < jrandom> hah nice
13:07 < jrandom> though i dont think there's much of an anonymity set up there 
13:07 < Frooze> blame antarctica
13:08  * cervantes sets up an oil rig in antartica so he can finance a node there
13:09 < jrandom> ok ok, there's a lot of 0.5 stuff, so we can take it in pieces
13:09 < jrandom> first up, thanks to the folks who gathered a days worth of stats - lots of interesting data @ http://dev.i2p.net/~jrandom/messageSizes/
13:09 < postman> it was a pleasure :)
13:10 < cervantes> wrt net status...seen quite a few people having troubles getting I2P up and running lately (on the forums etc) - I don't know if that's just down to increase user volume or perhaps more i2p based apps for things to go wrong with
13:10 <+protokol> jrandom: LIAR! you said the data was interesting!
13:10  * jrandom flings mud at protokol 
13:11 < ant> <duck> cervantes: I have also seen reports of ppl able to get it up and running within a couple of minutes
13:11 < ant> <duck> I think that NAT is causing most problems
13:11 < cervantes> duck: true...
13:11 < ant> <dmdm> who is NAT?
13:11 < jrandom> cervantes: there are some ugly issues still, certainly.  the NAT issue and osx has been a bit of a pain lately, but Jhor's help with the later should improve the later
13:12 < cervantes> aye
13:12 < cervantes> *cough* so... 0.5
13:13 < Xan> dmdm: network address translation
13:13 < jrandom> heh, ok.  basically the drive with those message size stats is to explore the padding issues 
13:14 < jrandom> unfortunately, the strategy i built by cherry picking numbers sucked, giving a 25% overhead just with padding data
13:14 < jrandom> if we go with one of the proposals for the 0.5 encryption (tunnels-alt.html), we won't have that issue
13:15 < jrandom> (since it'll force small fixes sizes with fragmentation)
13:15 < mule> what type of messages do you want to pad, those a router sees or those an external observer sees?
13:15 < jrandom> mule: important question
13:15 < jrandom> if we're just worried about the external observer, we can leave the messages unpadded, doing any chaff generation at the transport layer
13:16 < Teal`c> http://microsoft.i2p/david_hasselhoff_05_christmas_album__silent_night.mp3
13:16 < jrandom> otoh, if we're worried about tunnel participants doing flow analysis, we need to worry about padding down the tunnel
13:16 <@duck> with 5-6 hops, how big is the danger of a router doing traffic analysis?
13:16 < cervantes> Teal`c: meeting atm... can you use #i2p-chat for mp3 announce ;-)
13:17 < Teal`c> sorry
13:17 < cervantes> :) for david hasselhoff?
13:18 < jrandom> depends upon what level of analysis duck.  if they've somehow tracked down what tunnel they're in (e.g. they're the inbound tunnel gateway and have harvested the netDb, correlatign that with a destination), thats nontrivial data.  otoh its not a direct exposure, but does give some info
13:18 < jrandom> even more than the tunnel padding though is end to end padding, hiding message flow data from gateways and endpoints.
13:19 < jrandom> if we're crazy/stupid, we could go all the way to a pipenet, using constant bitrate everywhere
13:19 <+polecat> I got it!
13:19 < jrandom> (and end up with no users running i2p)
13:19 <+polecat> What we need to do is tunnel i2p over email!
13:19 < cervantes> what's the likelyhood of colluding routers ending up in the same tunnel on a sufficiently large network?
13:19 <+polecat> No ISP would be dumb enough to stop email!
13:20  * jrandom awaits the net.i2p.router.transport.gmail implementation
13:20 < postman> polecat: gee , this is silly 
13:20 < postman> :)
13:20 < bla> cervantes: N^(-h) (N is # of fast nodes, h = # hops). It seems
13:20 <+polecat> =3   I know.
13:21 < cervantes> is that a lot? :)
13:21 < jrandom> not the # of fast nodes, as external people won't know your profiles
13:21 <+polecat> Seriously though, in shameless abuse of existing IP services, we could tunnel i2p in any number of ingenious ways.
13:21 < jrandom> c^2/N^h to get two peers into the same tunnel
13:21 < jrandom> agreed polecat.  thats one of the reasons why we don't have bidirectional tunnels
13:22 < jrandom> some transports (e.g. email) suck for bidirectional comm
13:22 < bla> jrandom: c = ?
13:22 < jrandom> c==# colluding peers
13:23 <+polecat> Hm, interesting point.
13:23 < ant> <duck> roadmap wise, what is the impact of i2p going a wrong direction and picking a wrong crypto solution?
13:23 <+polecat> Or carrier pigeon protocol, not bidi in the slightest.
13:23 <+polecat> crypto is modular already, isn't it?
13:23 < jrandom> duck: its just one bullet point out of 0.5, and one subsection of the tunnels*.html doc.  theres lots more to the tunnel routing than just how we wrap the data
13:24 < bla> jrandom: Then again, this is the prob. for getting them in the tunnel *now*. However, over T tunnel refreshments (every so many minutes), this goes as P = 1 - (1 - c^2/N^h)^T
13:24 < jrandom> otoh, the difference between "fixed 1KB blocks" and "0-40KB blocks" has substantial impact
13:24 <+polecat> I'd hate to see this network go the way of Entropy, stuck in McEliece.
13:24 < jrandom> polecat: read http://dev.i2p.net/cgi-bin/cvsweb.cgi/i2p/router/doc/tunnel-alt.html?rev=HEAD
13:24 < bla> jrandom: And thus tends to zero for large enough time. I.e.: for large enough time, the attackers will be in the same tunnel at last one time
13:25 < jrandom> the plan is standard AES256/CBC
13:25 <+protokol> i hear dns is good for tunneling stuff, most people dont block it
13:25 < jrandom> certainly bla, though its not quite that direct (for exploratory tunnels it is, but not for client tunnels)
13:26 <+polecat> And if somehow even AES gets cracked, some equivalent symmetric cipher.
13:27 < jrandom> bla: i dont think its large enough of a practical worry for most cases in that degree, but when you mount it as part of a predecessor attack, the issue is largely moot
13:28 < jrandom> (because of the way we do the rest of the tunnel routing)
13:28 < bla> jrandom: k
13:28 < jrandom> right polecat 
13:29 < jrandom> duck: if we go w/ the second option, changing to another later will likely be easy.  
13:29 < jrandom> otoh, the second option will require some hefty performance tuning to Not Suck
13:29 < jrandom> but i'm sure we can pull it off
13:31 < jrandom> anyway, I think the above covers where we are right now wrt 0.5 work
13:31 < jrandom> does anyone have any more questions/comments/concerns?
13:31 < bla> jrandom: One
13:32 < bla> jrandom: I think we should values anon. slightly more than performance atm: so yes, the PRNG options sounds good
13:33 < jrandom> agreed.  performance can be tuned later, "adding in" better anonymity however, is much harder
13:33 < jrandom> (but, of course, performance /is/ a security parameter.  if it Sucks, no one uses it)
13:33 < bla> Yes.
13:33 < bla> jrandom: 
13:33 < bla> sorry
13:33 <@duck> right, /me flips the magical Freenet-performance bit
13:33 < cervantes> perhaps it'll deter all those torrent waving leechers to stay away a while longer ;-)
13:34 < jrandom> heh
13:34 < cervantes> <-- connection reset
13:34 < bla> cervantes: No, I'm not! :)
13:34 < cervantes> :)
13:35 < jrandom> i do think that we can pull off some really cool optimizations, and it seems a lot of our choke is not related to the peer selection, but merely (heh) bugs in the jobqueue
13:36 < jrandom> but, anyway, anything else for 2) 0.5?
13:36 < ant> <BS314159> could you post an explanation for this loop attack?
13:37 < ant> <BS314159> it sounds more dangerous than your treatment implies it is
13:37 < jrandom> loop: build a tunnel containing A-->B-->C-->D-->C, send in 10 messages.
13:37 < jrandom> without the PRNGs, you can add as many messages to that C<-->D loop as you want
13:38 < ant> <BS314159> ok
13:38 < jrandom> effectively DoSing any routers with just a few messages
13:38 < ant> <BS314159> but only A can do this
13:38 < jrandom> with the PRNGs, it limits the number of messages that can go into the loop
13:38 < ant> <BS314159> so there's no danger of an attacker shortening my tunnels by introducing loops
13:38 < jrandom> no, no one can shorten your tunnels
13:39 < jrandom> the only thing this is useful for is a DoS
13:39 < jrandom> (a very cheap DoS)
13:39 < jrandom> (but when you can selectively DoS peers without much cost, you can do naaaasty stuff)
13:40 < ant> <BS314159> comprendo
13:40 <+protokol> and hashcash certs will help this?
13:40 < jrandom> protokol: hashcash addresses the issue of a peer building too many tunnels, and perhaps building too many hops
13:41 < jrandom> protokol: it doesnt help with loops.  the two ways i could find that /did/ were the PRNGs (tunnel-alt.html) or verifying at each step (tunnel.html)
13:42 < jrandom> verifying at each step has dangers, so the current leaning is towards the PRNGs
13:42 <+Ragnarok> how effective will the prng method be?
13:42 < Xan> A-->B-->C-->D-->C - shouldnt each hop get a different id or something, so that messages leave the tunnel the second time they reach C rather than looping?
13:43 < jrandom> Xan: they do, but without verifying each step, you can't tell whether its bad or not
13:44 < jrandom> Ragnarok: i think it'll be very effective at minimizing the damage done
13:45 < jrandom> at least, from what I can see so far
13:45 < jrandom> if anyone sees any problems/issues with it, or suggestions for improvement, please get in touch :)
13:46 < Xan> or maybe Im missing the point
13:46 < Xan> bbl
13:46 < jrandom> 'k l8r, i'll update the doc to be more clear 
13:47 < jrandom> ok, unless there's something else, shall we move on to 3) i2pmail.v2?
13:47 < jrandom> postman: you 'round?
13:48 < postman> yes
13:49 < postman> :)
13:49 < jrandom> anything to add from your post on the forum?  it sounds pretty cool
13:49 < postman> well, a few of you might have read the draft for i2pmail.v2 already
13:50 < bla> wtf is happening? Massive disconnects. I've got trouble reaching sites (say orion, library) here too
13:50 < postman> it aims towards a fully decentralized mail infrastructure in the future
13:50 < postman> but is in need of proxysoftware on the nodes as well as a bunch of dedicated relays
13:51 < postman> all are invited to contribute ideas / concepts / rants
13:51 < postman> development already has started - dont expect anything before late spring :)
13:51 < jrandom> w00t
13:51 < kaji> hmm, the cops just showed up at my door
13:52 < bla> kaji: ?
13:52 < jrandom> quick, blow your hard drive
13:52 < postman> jrandom: well, this is all i have to say for now :) 
13:52 < cervantes> hide the blackjack table!
13:52 < jrandom> wikked, thanks postman 
13:52 < kaji> they said i dialed 911, but im quite sure neither i nor my brother did
13:53 <+protokol> kaji: they're just checking up on i2p
13:53 < jrandom> ok, unless there's anytihng else on 3) i2pmail, lets move over to 4) azneti2p_0.2
13:53 <+protokol> <creepy music>
13:53 < jrandom> as mentioned in the email, there's been some important progress lately
13:53 < kaji> then they said cordless phones can freak out when off the hook, but all my cordless phones are on their charger -> #i2p-chat
13:55 < jrandom> the azureus folks have been very responsive in getting an update ready (yay!), but people should also be on the lookout for problems
13:55 < jrandom> (if you don't read the i2p mailing list and use azneti2p, read the i2p mailing list)
13:55 < jrandom> ((or even if yuo dont use azneti2p, read the list, as thats where we announce important things ;)
13:56 < jrandom> duck and orion have also been making lots of updates to accomodate the new bt client and formatting
13:56 < jrandom> (yay!)
13:56  * orion smiles
13:57 < orion> theres still a ways to go, but for now, it works.
13:57 < jrandom> (inasmuch as i2p lets it ;)
13:58 < orion> hehe, yes. ;)
13:58 < jrandom> does anyone else have anything to bring up wrt azneti2p or i2p-bt?
13:58 < jrandom> (or bytemonsoon2p ;)
14:00 < jrandom> ok if not, moving right along to 5) ???
14:00 < jrandom> open floor - anyone else have anything to bring up? 
14:00 < postman> jrandom: why does the addressbook publich userhosts entries ?
14:01 < jrandom> postman: bug.  
14:01 < postman> so this was no planned behaviour and will be changed?
14:01 < cervantes> just one thing...
14:01 < jrandom> postman: correct, and will be changed
14:02 < jrandom> (right Ragnarok?  :)
14:02 <+Ragnarok> depends on exactly what postman means...
14:03 < jrandom> Ragnarok: new entries added by the local user to their own private hosts shouldn't be propogated to the hosts published
14:03 < jrandom> (e.g. userhosts.txt is private, hosts.txt is synchronized with other people and is public)
14:03 < cervantes> As part of a semi regular slot on the forum, there will be recognition and awards for those that have contributed good things to I2P either recently or over the project's lifetime
14:03 < postman> Ragnarok: after updating to 0.4.2.6 i found entries from my userhosts.txt in the published addressbook in my eepsite folder
14:03 < ant> <BS314159> hmm
14:04 < postman> Ragnarok: those have been manually added keys, which haven't been supposed to be published
14:04 < cervantes> this week we recognise duck for general excellence as a service provider for the community and as an all round great idler: http://forum.i2p/viewtopic.php?t=275
14:04 < jrandom> w00t!
14:04 < jrandom> (go duck go, go duck go)
14:05 < Teal`c> what about domain name hijacking ?
14:05  * brachtus applauds
14:05  * orion does a duck waddle as a sign of respect.
14:05 < cervantes> one important point for the future...you don't have to be a cryptographic genius to get praise!
14:06 <+Ragnarok> no, that's expected behaviour.  I can change it, but first I'll have to finish implementing file locking so you can change hosts.txt directly
14:06 < orion> (but it helps)
14:06 < cervantes> you might just have contributed a cracking eepsite or something...
14:06 < cervantes> or been a helpful bod on the forum etc
14:07 < ant> <BS314159> hmm
14:07 < cervantes> (otherwise, lets face it, jrandom would win every week)
14:07 < jrandom> hey, y'all are paying for my beer fund, this stuff aint free ;)
14:07 < ant> <BS314159> could you just make a new file, "publichosts.txt"?
14:07 < ant> <BS314159> then have addressbook ignore userhosts.txt, but allowed users to subscribe to their own publichosts.txt?
14:08 < jrandom> Teal`c: there is no way to hijack a domain name, no entries are overwritten, and userhosts always overrides hosts
14:09 < jrandom> Ragnarok: perhaps the web interface can address the locking issue, since users won't be adding to the files manually
14:09 <+Ragnarok> once the locking is done, there's no real reason to pull in addresses from userhosts.txt anymore (it's currently the only way to dodge a race), so there's no real point in adding a third file
14:10 <+Ragnarok> jrandom: well, I was planning on using the java file locking api
14:10 < jrandom> if you think its necessary, you're the boss :)
14:10 < ant> <BS314159> it would allow you to kill all the names gotten from other people while keeping the ones you made yourself
14:10 < ant> <BS314159> simply by clearing hosts.txt and changing your subscriptiong
14:11 < ant> <BS314159> but I guess that can wait for name-signing
14:11 < orion> metadata will solve this problem.  Is a spec drafted yet?
14:11 < jrandom> using just two files should be fine - one managed by the addressbook, one not
14:12 < jrandom> (you could even have the addressbook ignore userhosts.txt entirely - userhosts.txt overrides hosts.txt anyway)
14:12 <+Ragnarok> jrandom: that would be the plan, once locking is done (which really shouldn't be too much work, I just haven't gotten around to it :)
14:13 <+Ragnarok> and I'm currently working on learning enough xml schema to write one for the namerecords
14:13 < ant> <dr_kavra> is this the channel for kenosis? another channel told me to come here :D
14:13 < jrandom> lol
14:13 < jrandom> nah, sorry, this is i2p
14:14 < jrandom> (unless you're looking for an anonymous comm layer)
14:14 < jrandom> wikked Ragnarok 
14:14 < ant> <BS314159> I still the XML is too verbose and non-human-readable for this, compared to YAML, but I'm not the one writing the code
14:14 < jrandom> Ragnarok: the tough part will be doing the crypto w/ XML without reverting to ugly CDATA
14:14 < orion> anybody write a working draft for the metadata spec yet?
14:15 < jrandom> (i personally think xml sucks, but i'm just a naysayer)
14:15 < jrandom> orion: http://dev.i2p.net/pipermail/i2p/2004-February/000135.html has a basic setup
14:15 < orion> (name/key metadata)
14:15 < dox> has the addressbook and its features been announced somewhere? I didn't know my hosts.txt is published
14:15 < jrandom> (see NameReference and LocalEntry elements)
14:16 < jrandom> dox: its written to the location specified in addressbook/config.txt
14:16 < jrandom> (by default, ./eepsite/docroot/hosts.txt)
14:17 < orion> is missing a public/private (i.e. distribute, don't) flag.
14:17 < ant> <cervantes> the only good thing about XML (and this is a large + point) is that it's a widely accepted standard
14:17 < jrandom> right orion, lots of good ideas have come up since that post
14:17 <+Ragnarok> xml may suck, but frankly, it better than any of the alternatives for what I'm doing
14:17 < jrandom> cervantes: so is EDI
14:17 < orion> is there a place to condense them?  i.e. forum area?
14:18 < orion> or maybe a wiki page?
14:18 < jrandom> orion: susi's or ugha's wiki
14:18 < orion> I'm going to set up wikis for bytemonsoon and orion.i2p to help get some community consensus as to the future development goals of each.
14:18 < BrockSamson> xml + crypto w/o CDATA = mime, no?
14:19 < jrandom> wikked orion 
14:19 < jrandom> BrockSamson: smime, with different parsers ;)
14:19 < orion> (also one for name metadata)
14:21 < jrandom> there are lots of ways to do the metadata, the important thing is flexibility and 'correctness' so that it can grow or change over time
14:21  * jrandom is sure Ragnarok et al will come up with some good stuff :)
14:21 < orion> thats why I think a public draft is in order.
14:22 < ant> <cervantes> i2p consortium :P
14:22 < jrandom> well, people have been saying "someone should put up their ideas on the wiki" for the last few meetings, but the wiki pages aren't growing too much ;)  which is fine, we take the pace we take
14:23  * orion promises to have three wikis up within a day and email everyone their locations
14:23 < BrockSamson> call me lazy, but compare an ANSI 850 Purchase order EDI to nearly any other XML based purchase order, and i'd rather decode, code, and debug for the XML version. Even if it's 5x the EDI size
14:23 < jrandom> w00t
14:23 < jrandom> heh BrockSamson 
14:24 < BrockSamson> Position 10 is ST? oh then position 310 should be name
14:24 < BrockSamson> duh me
14:24 < jrandom> BrockSamson: don't think the xml schemas for POs are much better ;)
14:24 < jrandom> (but yeah, that stuff is just a totally bloody disaster)
14:25 < BrockSamson> they are at 4:30 in the morning
14:25 < BrockSamson> unless...
14:25 < jrandom> heh
14:25 < BrockSamson> it's written by an ex EDI programmer
14:25 < BrockSamson> and the xml looks like this: <p1><po><q>1</q></po></p1>
14:26 < BrockSamson> i bet though, if you add up the horuse OpenSource projects spend talking about to 'XML' or not 'XML' you could code linux 10x over.
14:26 < BrockSamson> every project i've ever been part of has had massive debates on it
14:27 < orion> debates are good for a project, depending on who's debating. ;)
14:27 < jrandom> eh, it does what it does, but its not a panacea.  it may work well for the naming stuff
14:28 < BrockSamson> many people are in projects just to debate though.
14:28 < jrandom> not here.  i'm here for the free beer
14:28 < ant> <cervantes> that's debatable
14:28 < orion> the implementation details will be clearer when the draft spec is more tangable.
14:28 < orion> hence the need for a wiki/peer review.
14:29 < BrockSamson> I heard this project gave away free Garlic
14:29 < jrandom> lots of it
14:30 < jrandom> ok, anyone else have anything to bring up for the meeting?
14:30 < ant> * cervantes wheels out the ceremonial call with bell
14:30 < ant> <cervantes> call =cow
14:30  * jrandom winds up
14:31  * jrandom *baf*s the cowbell, closing the meeting