I2P_Developers/i2p.www
3
0
Fork 5
Code Issues 27 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

beginning of branch i2p.www.i2pwww

Browse Source
This commit is contained in:
cvs_import
2004-07-06 20:39:18 +00:00
committed by zzz
commit 3a8017c239
23 changed files with 1795 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
.htaccess Normal file
View File

@ -0,0 +1,18 @@
Options FollowSymLinks
# Various rewrite rules
<IfModule mod_rewrite.c>
RewriteEngine on
# Modify the RewriteBase if you are using this in a subdirectory and the
# rewrite rules are not working properly:
# RewriteBase /i2p-www/site/
# Rewrite URLs of the form 'index.php?page=x':
RewriteCond %{REQUEST_URI} !^/(images|pages|styles)/
RewriteCond %{REQUEST_URI} !^/favicon\.ico
RewriteCond %{REQUEST_URI} !^/robots\.txt
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?page=$1 [L,QSA]
</IfModule>

BIN
images/i2plogo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 925 B

28
index.php Normal file
View File

@ -0,0 +1,28 @@
<?php
define(PAGE_DIR,'pages/');
define(PAGE_EXT,'.html');
/* Filter out everything except alphanumerical characters and underscores */
function form_filter($data) {
return preg_replace('/[^[:alnum:]_]/','',$data);
}
$page = '';
if(isset($_REQUEST['page'])) {
$page = form_filter(urldecode($_REQUEST['page']));
} else {
$page = 'home';
}
if(is_readable(PAGE_DIR.$page.PAGE_EXT)) {
include(PAGE_DIR.'header'.PAGE_EXT);
include(PAGE_DIR.$page.PAGE_EXT);
include(PAGE_DIR.'footer'.PAGE_EXT);
} else {
header("HTTP/1.0 404 Not Found");
include(PAGE_DIR.'header'.PAGE_EXT);
print "<h1>Error: Page \"$page\" not found</h1>";
include(PAGE_DIR.'footer'.PAGE_EXT);
}
?>

1
pages/.htaccess Normal file
View File

@ -0,0 +1 @@
Options Indexes FollowSymLinks

177
pages/applications.html Normal file
View File

@ -0,0 +1,177 @@
<h1>Applications</h1>
<p>here's some content that might help someone who wants to put together an application developer's guide for <B style="color:black;background-color:#ffff66">I2P</B> - I dont have time to polish this up before I leave, but thought it might be of use to someone. Feel free to tear this up, edit like mad, or just read it :)</p>
<h1>Application development guide</h1>
<h2>Why write <B style="color:black;background-color:#ffff66">I2P</B> specific code?</h2>
<p>Using mihi's I2PTunnel application, you can hook up application instances and
have them talk to each other over standard TCP sockets. In plain client-server
scenarios, this is an effective technique for many simple protocols, but for
distributed systems where each peer may contact a number of other peers (instead
of just a single server), or for systems that expose TCP or IP information within
the communication protocols themselves, there are problems.</p>
<p>With I2PTunnel, you need to explicitly instantiate an I2PTunnel for each peer
you want to contact - if you are building a distributed instant messenger
application, that means you need to have each peer create an I2PTunnel 'client'
pointing at each peer it wants to contact, plus a single I2PTunnel 'server' to
receive other peer's connections. This process can of course be automated, but
there are nontrivial overheads involved in running more than just a few I2PTunnel
instances. In addition, with many protocols you will need to force everyone to
use the same set of ports for all peers - e.g. if you want to reliably run DCC
chat, everyone needs to agree that port 10001 is Alice, port 10002 is Bob, port
10003 is Charlie, and so on, since the protocol includes TCP/IP specific information
(host and port).</p>
<p>Applications that are designed to work with <B style="color:black;background-color:#ffff66">I2P</B> can take advantage of its
built in data security and optional pseudonymous authentication. All data sent
over the network is transparently end to end encrypted (not even the router's
get the cleartext), and any application using the ministreaming or datagram
functionality has all of that data authenticated by the sending destination's
public key. As an aside, environments where anonymity instead of pseudonymity
is required are trivially accomodated by either using the I2CP directly, SAM RAW
sessions, or by simply creating a new sending destination whenever needed).</p>
<p>Another important thing to remember is that <B style="color:black;background-color:#ffff66">I2P</B> is simply a communication
system - what data is sent and what is done with that data is outside of its scope.
Applications that are used on top of <B style="color:black;background-color:#ffff66">I2P</B> should be carefully sanitized of any
insecure or identifying data or protocols (hostnames, port numbers, time zone,
character set, etc). This in and of itself is often a daunting task, as
analyzing the safety of a system that has had anonymity and security strapped on to
it is no small feat, giving significant incentive to learn from the experiences of
the traditional application base, but design the application and its communication
protocols with <B style="color:black;background-color:#ffff66">I2P's</B> anonymity and security in mind.</p>
<p>There are also efficiency considerations to review when determining how to
interact on top of <B style="color:black;background-color:#ffff66">I2P</B>. The ministreaming library and things built on top of it
operate with handshakes similar to TCP, while the core <B style="color:black;background-color:#ffff66">I2P</B> protocols (I2NP and I2CP)
are strictly message based (like UDP or in some instances raw IP). The important
distinction is that with <B style="color:black;background-color:#ffff66">I2P</B>, communication is operating over a long fat network -
each end to end message will have nontrivial latencies, but may contain payloads
of up to 32KB. An application that needs a simple request and response can get rid
of any state and drop the latency incurred by the startup and teardown handshakes
by using (best effort) datagrams without having to worry about MTU detection or
fragmentation of messages under 32KB. The ministreaming library itself uses a
functional but inefficient scheme for dealing with reliable and in order delivery
by requiring the equivilant of an ACK after each message which must traverse the
network end to end again (though there are plans for improving this with a more
efficient and robust algorithm). Given that as the current state, an application
that uses one of the <B style="color:black;background-color:#ffff66">I2P</B> message oriented protocols can in some situations get
substantially better performance.</p>
<h2>Important ideas</h2>
<p>There are a few changes that require adjusting to when using <B style="color:black;background-color:#ffff66">I2P</B>:</p>
<h3>Destination ~= host+port</h3>
<p>An application running on <B style="color:black;background-color:#ffff66">I2P</B> sends messages from and receives messages to a
unique cryptographically secure end point - a "destination". In TCP or UDP
terms, a destination could (largely) be considered the equivilant of a hostname
plus port number pair, though there are a few differences. </p>
<ul>
<li>An <B style="color:black;background-color:#ffff66">I2P</B> destination itself is a cryptographic construct - all data sent to one is
encrypted as if there were universal deployment of IPsec with the (anonymized)
location of the end point signed as if there were universal deployment of DNSSEC. </li>
<li><B style="color:black;background-color:#ffff66">I2P</B> destinations are mobile identifiers - they can be moved from one <B style="color:black;background-color:#ffff66">I2P</B> router
to another (or with some special software, it can even operate on multiple routers at
once). This is quite different from the TCP or UDP world where a single end point (port)
must stay on a single host.</li>
<li><B style="color:black;background-color:#ffff66">I2P</B> destinations are ugly and large - behind the scenes, they contain a 2048bit ElGamal
public key for encryption, a 1024bit DSA public key for signing, and a variable size
certificate (currently this is the null type, but may contain proof of work, blinded
data, or other information to increase the 'cost' of a destination in an effort to fight
Sybil). <br />There are existing ways to refer to these large and ugly destinations by short
and pretty names (e.g. "irc.duck.<B style="color:black;background-color:#ffff66">i2p</B>"), but at the moment those techniques do not guarantee
globally uniqueness (since they're stored locally at each person's machine as "hosts.txt")
and the current mechanism is neither scalable nor secure (updates to those hosts files are
manually managed within CVS, and as such, anyone with commit rights on the repository can
change the destinations). There may be some secure, human readable, scalable, and globally
unique, naming system some day, but applications shouldn't depend upon it being in place,
since there are those who don't think such a beast is possible :)</li>
</ul>
<h3>Anonymity and confidentiality</h3>
<p>A useful thing to remember is that <B style="color:black;background-color:#ffff66">I2P</B> has transparent end to end encryption
and authentication for all data passed over the network - if Bob sends Alice's destination,
only Alice's destination can receive it, and if Bob is using the datagrams or streaming
library, Alice knows for certain that Bob's destination is the one who sent the data. </p>
<p>Of course, another useful thing to remember is that <B style="color:black;background-color:#ffff66">I2P</B> transparently anonymizes the
data sent between Alice and Bob, but it does nothing to anonymize the content of what they
send. For instance, if Alice sends Bob a form with her full name, government IDs, and
credit card numbers, there is nothing <B style="color:black;background-color:#ffff66">I2P</B> can do. As such, protocols and applications should
keep in mind what information they are trying to protect and what information they are willing
to expose.</p>
<h3><B style="color:black;background-color:#ffff66">I2P</B> datagrams can be up to 32KB</h3>
<p>Applications that use <B style="color:black;background-color:#ffff66">I2P</B> datagrams (either raw or repliable ones) can essentially be thought
of in terms of UDP - the datagrams are unordered, best effort, and connectionless - but unlike
UDP, applications don't need to worry about MTU detection and can simply fire off 32KB datagrams
(31KB when using the repliable kind). For many applications, 32KB of data is sufficient for an
entire request or response, allowing them to transparently operate in <B style="color:black;background-color:#ffff66">I2P</B> as a UDP-like
application without having to write fragmentation, resends, etc.</p>
<h2>Integration techniques</h2>
<p>There are four means of sending data over <B style="color:black;background-color:#ffff66">I2P</B>, each with their own pros and cons.</p>
<h3>SAM</h3>
<p>SAM is the <a href="book/view/144?PHPSESSID=ee3d79e304bf6e3746ccc3592c38a972">Simple Anonymous Messaging</a> protocol, allowing an
application written in any language to talk to a SAM bridge through a plain TCP socket and have
that bridge multiplex all of its <B style="color:black;background-color:#ffff66">I2P</B> traffic, transparently coordinating the encryption/decryption
and event based handling. SAM supports three styles of operation:</p>
<ul>
<li>streams, for when Alice and Bob want to send data to each other reliably and in order</li>
<li>repliable datagrams, for when Alice wants to send Bob a message that Bob can reply to</li>
<li>raw datagrams, for when Alice wants to squeeze the most bandwidth and performance as possible,
and Bob doesn't care whether the data's sender is authenticated or not (e.g. the data transferred
is self authenticating)</li>
</ul>
<h3>I2PTunnel</h3>
<p>The I2PTunnel application allows applications to build specific TCP-like tunnels to peers
by creating either I2PTunnel 'client' applications (which listen on a specific port and connect
to a specific <B style="color:black;background-color:#ffff66">I2P</B> destination whenever a socket to that port is opened) or I2PTunnel 'server'
applications (which listen to a specific <B style="color:black;background-color:#ffff66">I2P</B> destination and whenever it gets a new <B style="color:black;background-color:#ffff66">I2P</B>
connection it outproxies to a specific TCP host/port). These streams are 8bit clean and are
authenticated and secured through the same streaming library that SAM uses, but there is a
nontrivial overhead involved with creating multiple unique I2PTunnel instances, since each have
their own unique <B style="color:black;background-color:#ffff66">I2P</B> destination and their own set of tunnels, keys, etc.</p>
<h3>ministreaming and datagrams</h3>
<p>For applications written in Java, the simplest way to go is to use the libraries that the SAM
bridge and I2PTunnel applications use. The streaming functionality is exposed in the 'ministreaming'
library, which is centered on the
<a href="http://www.i2p.net/javadocs/net/i2p/client/streaming/package-summary.html">I2PSocketManager</a>,
the <a href="http://www.i2p.net/javadocs/net/i2p/client/streaming/I2PSocket.html">I2PSocket</a>, and the
<a href="http://www.i2p.net/javadocs/net/i2p/client/streaming/I2PServerSocket.html">I2PServerSocket</a>.</p>
<p>For applications that want to use repliable datagrams, they can be built with the
<a href="http://www.i2p.net/javadocs/net/i2p/client/datagram/I2PDatagramMaker.html">I2PDatagramMaker</a>
and parsed on the receiving side by the
<a href="http://www.i2p.net/javadocs/net/i2p/client/datagram/I2PDatagramDissector.html">I2PDatagramDissector</a>.
In turn, these are sent and received through an
<a href="http://www.i2p.net/javadocs/net/i2p/client/I2PSession.html">I2PSession</a>.</p>
<p>Applications that want to use raw datagrams simply send directly through the I2PSession's
<a href="http://www.i2p.net/javadocs/net/i2p/client/I2PSession.html#sendMessage(net.i2p.data.Destination,%20byte[])">sendMessage(...)</a>
method, receiving notification of available messages through the
<a href="http://www.i2p.net/javadocs/net/i2p/client/I2PSessionListener.html">I2PSessionListener</a> and
then fetching those messages by calling
<a href="http://www.i2p.net/javadocs/net/i2p/client/I2PSession.html#receiveMessage(int)">receiveMessage(...)</a>.
<h3>I2CP</h3>
<p>I2CP itself is a language independent protocol, but to implement an I2CP library in something other
than Java there is a significant amount of code to be written (encryption routines, object marshalling,
asynchronous message handling, etc). While someone could write an I2CP library in C or something else,
it would most likely be more useful to write a C SAM library instead. </p>

91
pages/bounties.html Normal file
View File

@ -0,0 +1,91 @@
<h1>Bounties</h1>
<p>While we always gratefully accept any contributions of code,
documentation, and the like, there are other ways to help <B style="color:black;background-color:#ffff66">I2P</B> move
forward. As with any open source project, our goals would be achieved more
rapidly if we were able to support all of our contributors to work on
<B style="color:black;background-color:#ffff66">I2P</B> full time. However, as with any open source project, thats not a
possibility. Instead, we are making use of a bounty system, whereby
anyone can get support for working on something that people want
implemented, and people who want to contribute to <B style="color:black;background-color:#ffff66">I2P</B> can be assured that
their support goes to what they care about.</p>
<p>We are also keeping open the ability for people who want to support <B style="color:black;background-color:#ffff66">I2P</B>
but don't have strong feelings about the bounties available. Those people
can simply put their trust in the <B style="color:black;background-color:#ffff66">I2P </B><B style="color:black;background-color:#A0FFFF">team</B> to do what we feel is best by
donating to a catch-all general fund that will be used as deemed
necessary - allocated to various bounties, covering incidentals (hosting,
etc), and the like.</p>
<h2>Current bounties</h2>
<p>
<table border="1">
<tr><td><p><b>Name</b></p></td><td><p><b>Status</b></p></td><td><p><b>Judge</b></p></td><td><p><b>Dev <sup>*</sup></b></p></td><td><p><b>Bounty</b></p></td></tr>
<tr>
<td><p><b><a href="/node/view/216?PHPSESSID=e29545d707f7ab5166fec8899e9dde5d">MyI2P</a></b></p></td>
<td><p>Proposal in development</p></td>
<td><p><a href="/user/view/2?PHPSESSID=e29545d707f7ab5166fec8899e9dde5d">jrandom</a></p></td>
<td><p>None yet</p></td>
<td><p>$110</p></td>
</tr>
<tr>
<td><p><b><a href="/node/view/224?PHPSESSID=e29545d707f7ab5166fec8899e9dde5d">Streaming library window size</a></b></p></td>
<td><p>Proposal in development</p></td>
<td><p>[vacant]</p></td>
<td><p>None yet</p></td>
<td><p>$60</p></td>
</tr>
<tr>
<td><p><b><a href="/node/view/153?PHPSESSID=e29545d707f7ab5166fec8899e9dde5d">Swarming file transfer</a></b></p></td>
<td><p>Proposal in development</p></td>
<td><p>[vacant]</p></td>
<td><p>None yet</p></td>
<td><p></p></td>
</tr>
<tr>
<td><p><b><a href="/node/view/154?PHPSESSID=e29545d707f7ab5166fec8899e9dde5d">Distributed data store</a></b></p></td>
<td><p>Proposal in development</p></td>
<td><p>[vacant]</p></td>
<td><p><a href="mailto:mpc@innographx.com">Nightblade</a></p></td>
<td><p></p></td>
</tr>
<tr>
<td><p><b><a href="/node/view/210?PHPSESSID=e29545d707f7ab5166fec8899e9dde5d">IRC connect time monitor</a></b></p></td>
<td>CLAIMED for $10 USD</td>
<td><p><a href="/user/view/2?PHPSESSID=e29545d707f7ab5166fec8899e9dde5d">jrandom</a></p></td>
<td><p>hypercubus</p></td>
<td><p></p></td>
</tr>
<tr>
<td><p><b><a href="/node/view/156?PHPSESSID=e29545d707f7ab5166fec8899e9dde5d">Native GMP packaging</a></b></p></td>
<td><p>Proposal in development</p></td>
<td><p><a href="/user/view/2?PHPSESSID=e29545d707f7ab5166fec8899e9dde5d">jrandom</a></p></td>
<td><p>None yet</p></td>
<td><p></p></td>
</tr>
</table>
</p>
<p><i><sup>*</sup> Dev lists anyone who may already be working on the bounty - collaboration is preferred, so if you're interested in working on it, please contact one of the people listed!</i></p>
<p />
<h2>General fund balance</h2>
<p>
<table border="1">
<tr><td><p><b>E-gold</b></p></td>
<td><p><b>Paypal</b></p></td>
</tr>
<tr><td><p>1.979 g (~24.02 USD)</p></td>
<td><p>98.53 USD</p></td>
</tr>
</table>
</p>

19
pages/cvs.html Normal file
View File

@ -0,0 +1,19 @@
<h1>CVS</h1>
This is just a reminder for me so I don't have to memorize the commands to download <B style="color:black;background-color:#ffff66">i2p</B> cvs:<br />
<br />
Unix CVS:<br />
<br />
cvs -d:pserver:anoncvs@cvs.<B style="color:black;background-color:#ffff66">i2p</B>.net:/cvsroot login<br />
(password anoncvs)<br />
cvs -d:pserver:anoncvs@cvs.<B style="color:black;background-color:#ffff66">i2p</B>.net:/cvsroot co <B style="color:black;background-color:#ffff66">i2p</B><br />
<br />
WinCVS CVSRoot (login then checkout):<br />
<br />
anoncvs@cvs.<B style="color:black;background-color:#ffff66">i2p</B>.net:/cvsroot<br />
(password anoncvs)<br />
<br />
<a href="http://dev.i2p.net/cgi-bin/cvsweb.cgi/i2p/?f=H"><B style="color:black;background-color:#ffff66">I2P</B> CVSWeb (w/ nice diffs)</a><br />
<br />
Humourous quote from WinCVS: "Did you know... Never experiment with new CVS commands on your working repository. Create a sample module instead."

154
pages/donate.html Normal file
View File

@ -0,0 +1,154 @@
<h1>Donate</h1>
<p>Thank you for your interest in contributing to <B style="color:black;background-color:#ffff66">I2P</B>! The details of how you can make your contribution are provided below:</p>
<!--break-->
<h2><a href="http://www.e-gold.com/" target="_new">e-gold</a></h2>
<p>
Account name: <B style="color:black;background-color:#ffff66">I2P</B><br/>
Account number: 1274080</p>
<form action="https://www.e-gold.com/sci_asp/payments.asp" method="POST" target="_top"><input type="hidden" name="PHPSESSID" value="a30a4abf201d1b2315cafbb49fc6e4d7" />
<input type="hidden" name="PAYEE_ACCOUNT" value="1274080">
<input type="hidden" name="PAYEE_NAME" value="I2P">
<input type="hidden" name="PAYMENT_METAL_ID" value="1">
<input type="hidden" name="STATUS_URL" value="mailto:wilde@i2p.net">
<input type="hidden" name="NOPAYMENT_URL" value="http://www.i2p.net/">
<input type="hidden" name="NOPAYMENT_URL_METHOD" value="LINK">
<input type="hidden" name="PAYMENT_URL" value="http://www.i2p.net/">
<input type="hidden" name="PAYMENT_URL_METHOD" value="LINK">
<input type="hidden" name="BAGGAGE_FIELDS" value="">
<table>
<tr>
<td><p>Amount:</p></td>
<td><input type="text" name="PAYMENT_AMOUNT" value="20" size="4"></td>
</tr
><tr>
<td><p>Units:</p></td>
<td><p><select name="PAYMENT_UNITS">
<option selected value="1">US Dollar</option>
<option value="85">Euro</option>
<option value="8888">Gram</option>
<option value="9999">Troy Ounce</option>
</select> of e-gold</p></td>
</tr>
<tr>
<td><p>Memo:</p></td>
<td><input type="text" name="SUGGESTED_MEMO" value="generic donation | anonymous" size="50" maxlength="50"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td><p>(enter the bounty name that this donation is for,<br/>
also if you want credit add your nym)</p></td>
</tr>
<tr>
<td>&nbsp;</td>
<td><input type="submit" name="PAYMENT_METHOD" value="Donate"></td>
</tr>
</table>
</form>
<h2><a href="http://www.paypal.com/" target="_new">PayPal</a></h2>
<p>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post"><input type="hidden" name="PHPSESSID" value="a30a4abf201d1b2315cafbb49fc6e4d7" />
<input type="hidden" name="cmd" value="_s-xclick">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but04.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----
MIIHFgYJKoZIhvcNAQcEoIIHBzCCBwMCAQExggEwMIIBLAIBADCBlDCBjjELMAkG
A1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQw
EgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UE
AxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJ
KoZIhvcNAQEBBQAEgYClMcfyr/wWPmdsH+fOJ3TaUBHA96bf53aruo8Jm5XL7Hfm
BdYBc5bxVOBNSf6WdJvbYmBfu2j//mSxdKT32KsjaPpimRZy0AQ5nJq/Wvxnh3dS
voVaBcUR2LCT06/Q4hLSQ9sZVa2jjpcimHu40RK3VBKwESor9phrQJuswai6GTEL
MAkGBSsOAwIaBQAwgZMGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIUnPw9ExlSZ6A
cPDMTUtDyjqdheENeEgN4Mt8c1oySI7CKjOWI5HIjgDgk9awsQl7xStCi+pnfNcF
lGlUu8gfUC1oSEkm59boQnfTIKlR1jZJKc1zLs9xSVzMuEZvb40fQhyYWthjxLOA
gpNQCBbzMHl7N8zbNj/2ttigggOHMIIDgzCCAuygAwIBAgIBADANBgkqhkiG9w0B
AQUFADCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3Vu
dGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9j
ZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBh
bC5jb20wHhcNMDQwMjEzMTAxMzE1WhcNMzUwMjEzMTAxMzE1WjCBjjELMAkGA1UE
BhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYD
VQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQI
bGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wgZ8wDQYJKoZI
hvcNAQEBBQADgY0AMIGJAoGBAMFHTt38RMxLXJyO2SmS+Ndl72T7oKJ4u4uw+6aw
ntALWh03PewmIJuzbALScsTS4sZoS1fKciBGoh11gIfHzylvkdNe/hJl66/RGqrj
5rFb08sAABNTzDTiqqNpJeBsYs/c2aiGozptX2RlnBktH+SUNpAajW724Nv2Wvhi
f6sFAgMBAAGjge4wgeswHQYDVR0OBBYEFJaffLvGbxe9WT9S1wob7BDWZJRrMIG7
BgNVHSMEgbMwgbCAFJaffLvGbxe9WT9S1wob7BDWZJRroYGUpIGRMIGOMQswCQYD
VQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDAS
BgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQD
FAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbYIBADAMBgNV
HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAIFfOlaagFrl71+jq6OKidbWFSE+
Q4FqROvdgIONth+8kSK//Y/4ihuE4Ymvzn5ceE3S/iBSQQMjyvb+s2TWbQYDwcp1
29OPIbD9epdr4tJOUNiSojw7BHwYRiPh58S1xGlFgHFXwrEBb3dgNbMUa+u4qect
sMAXpVHnD9wIyfmHMYIBmjCCAZYCAQEwgZQwgY4xCzAJBgNVBAYTAlVTMQswCQYD
VQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFs
IEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRww
GgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tAgEAMAkGBSsOAwIaBQCgXTAYBgkq
hkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNDAzMjUxMjUx
NDNaMCMGCSqGSIb3DQEJBDEWBBRSOWpV+zUddBaL/atCJmn1P97wDDANBgkqhkiG
9w0BAQEFAASBgHOHuzIUpyxgxaFpblJlnjIBpXiPb2cfKeMms/VwaOePqzY7kg95
2We/s4EOaSbYTnuivMVGJf+58tJZej6GGzySbgP1RvUAdxvVC7JVi2xGxV699DsK
osN7CakRqhmOKFbkg7LIIUjIXiybk/oEjMblnj1XLnvK3AN0A5HB0j5s
-----END PKCS7-----
">
</form>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post"><input type="hidden" name="PHPSESSID" value="a30a4abf201d1b2315cafbb49fc6e4d7" />
<input type="hidden" name="cmd" value="_s-xclick">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but20.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----
MIIHPwYJKoZIhvcNAQcEoIIHMDCCBywCAQExggEwMIIBLAIBADCBlDCBjjELMAkG
A1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQw
EgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UE
AxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJ
KoZIhvcNAQEBBQAEgYANtxMfLDd6PxqlkZDJU6SXcUnZUEjg+26Z3IH8esNIpuKJ
+hL0iiMPbbYrVS81cLG+86ftW6k/qAh1dc6XslPJTKMwF5oy12ueCvTaI8mdH9eZ
icksVaMy5o4pDuDABYD5LntxDDrPV77St9OI7bmuDAaBZvJ30uwu7dtRDcZkujEL
MAkGBSsOAwIaBQAwgbwGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIfD1LmDIx7iyA
gZg9C67zPE37PgYhOycYxQZqmzko3psL6idiyh8OQtDddZPtEYdDp+ncoz0orjLp
ElsqtoE2k4HMpkQCi1f3xWheBl0p5bqQg1Hb40Q8ifP6c96EEP8Es/uky3GoCdm9
l9IO7i0k+oId60Ab0iiy7RpO4SUp0/WVAjqtBn621HcjmPwJgpzT2pcoJkTDDtMk
XdnMaYp6AGD5naCCA4cwggODMIIC7KADAgECAgEAMA0GCSqGSIb3DQEBBQUAMIGO
MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZp
ZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREw
DwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbTAe
Fw0wNDAyMTMxMDEzMTVaFw0zNTAyMTMxMDEzMTVaMIGOMQswCQYDVQQGEwJVUzEL
MAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1Bh
eVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2Fw
aTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbTCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEAwUdO3fxEzEtcnI7ZKZL412XvZPugoni7i7D7prCe0AtaHTc9
7CYgm7NsAtJyxNLixmhLV8pyIEaiHXWAh8fPKW+R017+EmXrr9EaquPmsVvTywAA
E1PMNOKqo2kl4Gxiz9zZqIajOm1fZGWcGS0f5JQ2kBqNbvbg2/Za+GJ/qwUCAwEA
AaOB7jCB6zAdBgNVHQ4EFgQUlp98u8ZvF71ZP1LXChvsENZklGswgbsGA1UdIwSB
szCBsIAUlp98u8ZvF71ZP1LXChvsENZklGuhgZSkgZEwgY4xCzAJBgNVBAYTAlVT
MQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChML
UGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVf
YXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tggEAMAwGA1UdEwQFMAMB
Af8wDQYJKoZIhvcNAQEFBQADgYEAgV86VpqAWuXvX6Oro4qJ1tYVIT5DgWpE692A
g422H7yRIr/9j/iKG4Thia/Oflx4TdL+IFJBAyPK9v6zZNZtBgPBynXb048hsP16
l2vi0k5Q2JKiPDsEfBhGI+HnxLXEaUWAcVfCsQFvd2A1sxRr67ip5y2wwBelUecP
3AjJ+YcxggGaMIIBlgIBATCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNB
MRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjET
MBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG
9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJ
AzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA0MDMyNTEzMjY0OFowIwYJ
KoZIhvcNAQkEMRYEFMQ/rcekFWjkOUKjXf5RvQNUQZXoMA0GCSqGSIb3DQEBAQUA
BIGAQv8rsNUoRnw9CIILiX3YQ40dDKgbcEIv9vsxQnK/bV1B8AOrMgl2PRwJ0XGa
qU/m8s4pmghjkc9MOy8Je6fJrgNQ9ZU0bB+Yw2dCt9Ow1xZuQFsTOGFztB8pWTWs
uzQVonDRMJ5Wol8oHCP0APGhsJo/ym2LUgn8UkapRXLacaY=
-----END PKCS7-----
">
</form> - Donate $10/month
</p>

83
pages/faq.html Normal file
View File

@ -0,0 +1,83 @@
<h1>FAQ</h1>
<h3>What is <B style="color:black;background-color:#ffff66">I2P</B>?</h3>
<p><B style="color:black;background-color:#ffff66">I2P</B> is a generic anonymous and secure peer to peer communication layer. It is a network that sits on
top of another network (in this case, it sits on top of the internet). It is responsible for delivering
a message anonymously and securely to another location. More tech details are
<a href="/book/view/39?PHPSESSID=a8b251952f5a8f0b893e37f48a2c6f64">available</a></p>
<h3>What does that mean?</h3>
<p>It means that you can do things anonymously and host services anonymously from your computer.
You will need to use programs that are designed to work with <B style="color:black;background-color:#ffff66">I2P</B>, though in some cases you can use
regular internet programs with <B style="color:black;background-color:#ffff66">I2P</B> by creating something called an
<a href="/i2ptunnel?PHPSESSID=a8b251952f5a8f0b893e37f48a2c6f64">I2PTunnel</a></p>
<h3>What is the difference between <B style="color:black;background-color:#ffff66">I2P</B> and the internet?</h3>
<p>Data transferred via <B style="color:black;background-color:#ffff66">I2P</B> is anonymous and encrypted. Regular internet traffic is not
(although it can be encrypted). If you set up a web page using <B style="color:black;background-color:#ffff66">I2P</B>, nobody will know who
you are. If you browse a web page using <B style="color:black;background-color:#ffff66">I2P</B>, nobody will know who you are. If you transfer
files using <B style="color:black;background-color:#ffff66">I2P</B>, nobody will know who you are.</p>
<h3>Whats an "eepsite"?</h3>
<p>An eepsite is a website that is hosted anonymously - you can access it by setting your web browser's HTTP proxy to use the web proxy (typically it listens on localhost port 4444),
and browsing to the site.</p>
<h3>Can I browse the web with <B style="color:black;background-color:#ffff66">I2P</B>?</h3>
<p>Yes - the I2PTunnel eepproxy includes a hook to use an anonymously hosted outbound proxy
(squid.<B style="color:black;background-color:#ffff66">i2p</B>). If you have your browser set to use the web proxy, if you type
http://google.com/ your request will be routed through <B style="color:black;background-color:#ffff66">I2P</B> to the outbound proxy.</p>
<h3>How anonymous is <B style="color:black;background-color:#ffff66">I2P</B> anyway?</h3>
<p><B style="color:black;background-color:#ffff66">I2P</B> is working to support militant grade anonymity, <b>but we're not there yet</b>. You should not
use <B style="color:black;background-color:#ffff66">I2P</B> if you <i>need</i> your anonymity - there are likely bugs and perhaps other issues, and it
has not gone through sufficient peer review. However, we're confident that we'll get to the point
that we can provide anonymity strong enough even for militantly subversive political action (so it
should be fine for you to chat online with your friends)</p>
<p>An important point to note is that <B style="color:black;background-color:#ffff66">I2P</B> does <b>not</b> provide anonymity or security of content
after it is transferred - you can still download and run a virus, or even submit your full name
and bank account numbers on an eepsite. <B style="color:black;background-color:#ffff66">I2P</B> only tries to provide communication security and anonymity -
what you say or do is up to you.</p>
<h3>How does <B style="color:black;background-color:#ffff66">I2P</B> protect itself from denial of service attacks?</h3>
<p>
For this too, there are several answers. Short summary is "the best it can".
Briefly, <B style="color:black;background-color:#ffff66">I2P</B> attempts to defend against several forms of denial of service
attack, all without centralized coordination. For applications using <B style="color:black;background-color:#ffff66">I2P</B>,
the computer they are located on is not exposed to the public, so the
standard denial of service attack cannot be directly mounted against them
(ala ping floods, etc). Instead, attackers are forced to go after the
gateways to that application's inbound tunnels - of which there can be many
at any given time. Each gateway also has its own limits for how many messages
and/or bytes it agrees to send down the tunnel. The application itself
periodically tests these tunnels to make sure they're still reachable and
usable, so if one of them is taken out by an IP level attack of any kind,
it will know and rebuild its leases, specifying new gateways.
</p>
<p>
To prevent individual users from consuming excessive resources (registering
too many tunnels, sending too many messages, looking up too many entries in
the network database, and creating too many router and destination identities),
various messages and identities have a certificate attached to them. Currently
these certificates are blank, but down the line they will be filled with
<a href="http://wiki.invisiblenet.net/iip-wiki?HashCash">IIP Wiki: HashCash</a> - a computationally expensive collision based on the contents of the
message or identity. They can also be filled with other certificates as deemed
necessary (e.g. a blinded certificate from an anonymous certificate authority,
a receipt for real currency payments, etc). It is also believed that through this
certificate attachment system <B style="color:black;background-color:#ffff66">I2P</B> will be able to overcome the <a href="http://citeseer.nj.nec.com/douceur02sybil.html">sybil attack</a>.<br>
</p>
<p>
Other denial of service attacks include creating a few thousand high quality
<B style="color:black;background-color:#ffff66">I2P</B> routers, running them for a week, and then taking them all offline. This
indeed may force the creation of islands within the network, but the underlying
<a href="/network_database?PHPSESSID=a8b251952f5a8f0b893e37f48a2c6f64">Network Database</a> is built off of a modified <a href="http://citeseer.nj.nec.com/529075.html">Kademlia</a>,
which should allow the network to recover with minimal overhead (though, of course,
if a router has literally no other peers left after the bad ones leave, that router will
need to 'reseed' - fetch a reference to another router through some other mechanism).
</p>
<hr />
<h3>I have a question!</h3>
<p>Great! Please leave a comment and we'll include it here (with the answer, hopefully)</p>

4
pages/footer.html Normal file
View File

@ -0,0 +1,4 @@
</div>
</body>
</html>

60
pages/halloffame.html Normal file
View File

@ -0,0 +1,60 @@
<h1>Hall of Fame</h1>
<p>Big thanks go to the following people who have donated to bounties or the general fund!</p>
<p>
<table border="1">
<tr>
<td><b>Contributor</b></td>
<td><b>Amount</b></td>
<td><b>Bounty</b></td>
</tr>
<tr>
<td>Pseudonym</td>
<td>$60.00 USD</td>
<td>Upgrade of transport protocol</td>
</tr>
<tr>
<td>duck</td>
<td>$50.00 USD</td>
<td>MyI2P</td>
</tr>
<tr>
<td>wilde</td>
<td>$60.00 USD</td>
<td>MyI2P</td>
</tr>
<tr>
<td>eco</td>
<td>$30.01 USD</td>
<td>General fund</td>
</tr>
<tr>
<td>Jeff Teitel</td>
<td>$50.00 USD</td>
<td>General Fund</td>
</tr>
<tr>
<td>hypercubus</td>
<td>$10.00 USD</td>
<td>General Fund</td>
</tr>
<tr>
<td>eco</td>
<td>$23.45 USD</td>
<td>General fund</td>
</tr>
<tr>
<td>duck</td>
<td>0.0186g gold</td>
<td>General fund</td>
</tr>
</table>
</p>

81
pages/header.html Normal file
View File

@ -0,0 +1,81 @@
<?php
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>I2P</title>
<link rel="stylesheet" href="styles/default.css" type="text/css" />
<link rel="shortcut icon" href="favicon.ico" />
</head>
<body>
<div class="logo">
<a href="home"><img src="images/i2plogo.png" alt="I2P Logo" border="0" width="178" height="35"></a>
</div>
<h1>I2P</h1>
<div class="menu">
<b><a href="home">News[ ]</a></b><br/>
- <a href="roadmap">Roadmap[x]</a><br/>
<br/>
<b><a href="about">About I2P[ ]</a></b><br/>
- <a href="bounties">Bounties[x]</a><br/>
- <a href="donate">Donate[x]</a><br/>
- <a href="getinvolved">Get involved[ ]</a><br/>
- <a href="halloffame">Hall of Fame[x]</a><br/>
- <a href="team">Team[x]</a><br/>
<br/>
<b><a href="download">Download[ ]</a></b><br/>
<br/>
<b><a href="documentation">Documentation[ ]</a></b><br/>
- <a href="installation">Installation[ ]</a><br/>
- <a href="applications">Applications[x]</a><br/>
&nbsp;&nbsp;* <a href="myi2p">MyI2P[ ]</a><br/>
&nbsp;&nbsp;* <a href="minwww">MinWWW[x]</a><br/>
&nbsp;&nbsp;* <a href="i2ptunnel">I2PTunnel[ ]</a><br/>
<!--
&nbsp;&nbsp;&nbsp;&nbsp;&gt; <a href="i2ptunnel_services">Setting up services[ ]</a><br/>
&nbsp;&nbsp;&nbsp;&nbsp;&gt; <a href="i2ptunnel_tuning">Tuning[ ]</a><br/>
&nbsp;&nbsp;&nbsp;&nbsp;&gt; <a href="i2ptunnel_lan">LAN setup[ ]</a><br/>
-->
- <a href="performance">Performance[x]</a><br/>
&nbsp;&nbsp;* <a href="jbigi">jbigi[x]</a><br/>
&nbsp;&nbsp;* <a href="jvm">JVM[ ]</a><br/>
&nbsp;&nbsp;* <a href="config_tweaks">Config tweaks[ ]</a><br/>
- <a href="api">API[ ]</a><br/>
<!--
&nbsp;&nbsp;* <a href="sam">SAM[ ]</a><br/>
&nbsp;&nbsp;* <a href="ministreaming">ministreaming[ ]</a><br/>
&nbsp;&nbsp;* <a href="i2cp">I2CP[ ]</a><br/>
&nbsp;&nbsp;* <a href="datagrams">Datagrams[ ]</a><br/>
-->
- <a href="how_intro">How does it work?[x]</a><br/>
<!-- &nbsp;&nbsp;* <a href="how_intro">Intro[x]</a><br/>
&nbsp;&nbsp;* <a href="how_threatmodel">Threat model[x]</a><br/>
&nbsp;&nbsp;* <a href="how_tunnelrouting">Tunnel routing[ ]</a><br/>
&nbsp;&nbsp;* <a href="how_garlicrouting">Garlic routing[ ]</a><br/>
&nbsp;&nbsp;* <a href="how_networkdatabase">Network database[ ]</a><br/>
&nbsp;&nbsp;* <a href="how_peerselection">Peer selection[ ]</a><br/>
&nbsp;&nbsp;* <a href="how_cryptography">Cryptography[ ]</a><br/>
&nbsp;&nbsp;&nbsp;&nbsp;&gt; <a href="how_elgamalaes">ElGamal /<br/>AES+SessionTag[x]</a><br/>
&nbsp;&nbsp;* <a href="how_networkcomparisons">Network comparisons[ ]</a><br/>
<br/>
-->
<b><a href="faq">FAQ[x]</a></b><br/>
<br/>
<b><a href="development">Development[ ]</a></b><br/>
- <a href="implementation">Implementation[ ]</a><br/>
- <a href="http://dev.i2p.net/bugzilla/index.cgi">Bugzilla[*]</a><br/>
- <a href="licenses">Licenses[x]</a><br/>
- <a href="http://dev.i2p.net/pipermail/i2p/">Mailinglist[*]</a><br/>
- <a href="meetings">Meetings[ ]</a><br/>
- <a href="cvs">CVS[x]</a><br/>
<br/>
<b><a href="http://forum.i2p.net/">Forum[*]</a></b><br/>
<br/>
<b><a href="links">Links[ ]</a></b><br/>
</div>
<div class="main">

1
pages/home.html Normal file
View File

@ -0,0 +1 @@
<h1>Welcome on I2P.net</h1>

78
pages/how_elgamalaes.html Normal file
View File

@ -0,0 +1,78 @@
<h1>ElGamal / AES+SessionTag</h1>
<p>
Within <B style="color:black;background-color:#ffff66">I2P</B>, various messages are encrypted, but we don't want anyone to know
to whom or from whom it is bound, so we can't just toss a "to" or "from" address.
In addition, messages are not delivered in order (or reliably), so we can't simply
ElGamal encrypt the first message and AES the subsequent messages. The alternative
of ElGamal encrypting each individual message is daunting in light of the message
frequency desired. Instead, we take each message and evaluate whether it fits into
the three possible conditions:</p>
<OL>
<li> its ElGamal encrypted to us</li>
<li> its AES encrypted to us</li>
<li> its not encrypted to us</li>
</OL>
<p>
If its ElGamal encrypted to us, the message is considered a new session, and
is encrypted per encryptNewSession(...) in
<a href="http://i2p.net/cgi-bin/cvsweb.cgi/i2p/code/core/java/src/net/invisiblenet/i2p/crypto/ElGamalAESEngine.java">[ElGamalAESEngine]</a>
as follows -</p>
<p>An initial ElGamal block, encrypted <a href="/book/view/45?PHPSESSID=ddc3289882c8e520569e63b68722c3c5">as before</a>:</p>
<PRE>
|_______1_______2_______3_______4_______5_______6_______7_______8
| 32 byte session key
|
|
| |
| 32 byte pre-IV (first 16 bytes of H(pre-IV) == IV)
|
|
| |
| (158 bytes of random data)
| ...
| |
</PRE>
<p>Followed by the following, AES encrypted <a href="/book/view/45?PHPSESSID=ddc3289882c8e520569e63b68722c3c5">as before</a>,
using the session key and IV from the header:</p>
<PRE>
|_______1_______2_______3_______4_______5_______6_______7_______8
| # session tags| that many sessionTags (32 byte random numbers)
| ...
| | size of the payload (bytes) | H(payload)
|
|
|
| | flag |payload
| ...
| |
| random bytes leaving the total AES block (size % 16 == 0) |
</PRE>
<p>If the flag is 0x01, it is followed by a new session key, replacing
the old one.</p>
<p>The session tags delivered successfully are remembered for a
brief period (30 minutes currently) until they are used (and discarded).
They are used by packaging in a message that is not preceeded by an
ElGamal block. Instead, it is encrypted per encryptExistingSession(...) in
<a href="http://i2p.net/cgi-bin/cvsweb.cgi/i2p/code/core/java/src/net/invisiblenet/i2p/crypto/ElGamalAESEngine.java">[ElGamalAESEngine]</a>
as follows -</p>
<PRE>
|_______1_______2_______3_______4_______5_______6_______7_______8
| session tag (32 byte random number previously delivered and
| not yet expired or used). the session tag also serves as
| the pre-IV (the first 16 bytes of H(sessionTag) == IV)
| |
</PRE>
<p>Followed by the AES encrypted block above (2 byte # session tags,
that many session tags, sizeof(payload), H(payload), flag, payload,
random padding).</p>

150
pages/how_intro.html Normal file
View File

@ -0,0 +1,150 @@
<h1>Intro</h1>
<p><B style="color:black;background-color:#ffff66">I2P</B> is an effort to build, deploy, and maintain a network to support secure and anonymous
communication. People using <B style="color:black;background-color:#ffff66">I2P</B> are in control of the tradeoffs between anonymity, reliability,
bandwidth usage, and latency. There is no central point in the network on which pressure can be
exerted to compromise the integrity, security, or anonymity of the system. The network supports
dynamic reconfiguration in response to various attacks, and has been designed to make use of
additional resources as they become available. Of course, all aspects of the network are open
and freely available.</p>
<p>Unlike many other anonymizing networks, <B style="color:black;background-color:#ffff66">I2P</B> doesn't try to provide anonymity by hiding the
originator of some communication and not the recipient, or the other way around. <B style="color:black;background-color:#ffff66">I2P</B> is designed
to allow peers using <B style="color:black;background-color:#ffff66">I2P</B> to communicate with each other anonymously both sender and recipient
are unidentifiable to each other as well as to third parties. For example, today there are both
in-<B style="color:black;background-color:#ffff66">I2P</B> web sites (allowing anonymous publishing / hosting) as well as HTTP proxies to the normal
web (allowing anonymous web browsing). Having the ability to run servers within <B style="color:black;background-color:#ffff66">I2P</B> is essential,
as it is quite likely that any outbound proxies to the normal internet will be monitored, disabled,
or even taken over to attempt more malicious attacks.</p>
<p>The network itself is message oriented - it is essentially a secure and anonymous IP layer,
where messages are addressed to cryptographic keys (Destinations) and can be significantly larger
than IP packets. Some example uses of the network include "eepsites" (webservers hosting normal web
applications within <B style="color:black;background-color:#ffff66">I2P</B>), a <a href="http://bitconjurer.org/BitTorrent/">BitTorrent</a> port ("I2PSnark"),
or a distributed data store. With the help of mihi's <a href="/i2ptunnel?PHPSESSID=a2cc81573922db94d0656146d3764863">I2PTunnel</a> application,
we are able to stream traditional TCP/IP applications over <B style="color:black;background-color:#ffff66">I2P</B>, such as SSH, irc, a squid proxy, and
even streaming audio. Most people will not use <B style="color:black;background-color:#ffff66">I2P</B> directly, or even need to know they're using it.
Instead their view will be of one of the <B style="color:black;background-color:#ffff66">I2P</B> enabled applications, or perhaps as a little controller
app to turn on and off various proxies to enable the anonymizing functionality.</p>
<p>An essential part of designing, developing, and testing an anonymizing network is to define the
<a href="/book/view/41?PHPSESSID=a2cc81573922db94d0656146d3764863">threat <B style="color:black;background-color:#A0FFFF">model</B></a>, since there is no such thing as "true" anonymity, just
increasingly expensive costs to identify someone. Briefly, <B style="color:black;background-color:#ffff66">I2P's</B> intent is to allow people to communicate
in arbitrarily hostile environments by providing militant grade anonymity, mixed in with sufficient cover
traffic provided by the activity of people who require less anonymity. This includes letting Joe Sixpack
chat with his buddies without anyone listening in, Jane Filetrader to share files knowing that large
corporations cannot identify her, as well as Will Whistleblower to publish sensitive documents -
<i>all on the same network</i>, where each one's messages are essentially indistinguishable from the
others.</p>
<h2>Why?</h2>
<p>There are a multitude of fantastic <a href="/book/view/8?PHPSESSID=a2cc81573922db94d0656146d3764863">reasons</a> why we need a system to support
anonymous communication, and everyone has their own personal rationale. There have are many
<a href="/book/view/47?PHPSESSID=a2cc81573922db94d0656146d3764863">other efforts</a> working on finding ways to provide varying degrees of
anonymity to people through the Internet, but we could not find any that met our needs or threat
<B style="color:black;background-color:#A0FFFF">model</B>.</p>
<h2>How?</h2>
<p>The network at a glance is made up of a set of nodes (“routers”) with a number of unidirectional
inbound and outbound virtual paths ("tunnels", as outlined on <a href="/book/view/42?PHPSESSID=a2cc81573922db94d0656146d3764863">Tunnel Routing</a>).
Each router is identified by a cryptographic RouterIdentity which is typically long lived. These routers
communicate with each other through existing transport mechanisms (e.g. TCP, UDP, PHTTP), passing various
messages. Client applications have their own cryptographic identifier ("Destination") which enables it
to send and receive messages. These clients can connect to any router and authorize the temporary
allocation ("lease") of some tunnels that will be used for sending and receiving messages through the
network. <B style="color:black;background-color:#ffff66">I2P</B> has its own internal <a href="/book/view/44?PHPSESSID=a2cc81573922db94d0656146d3764863">network database</a> (using a modification of
the Kademlia algorithm) for distributing routing and contact information.</p>
<p>The following illustration is a simplistic view regarding how tunnels, routers, and destinations
are associated, with a pair of inbound tunnels (pink lines) leading towards the router which the
destination is connected to (little "a"), with a set of outbound tunnels (green lines) leading away
from that router. The gateway for each of the inbound tunnels (big "A"s) are identified in the lease
as published in the network database. Additional topological information can be found
<a href="/book/page/wtf?PHPSESSID=a2cc81573922db94d0656146d3764863">here</a>.</p>
<p><img src="http://i2p.net/~jrandom/wiki/topology.png" alt="The network topology" /></p>
<p>Messages send from one Destination to another are (typically) sent through a pair of tunnels - first
they go out one of the local router's outbound tunnels with instructions specifying that the outbound
tunnel's end point forward the message to one of the target Destination's inbound tunnel gateways,
which, on receiving the message, passes it down the tunnel to the recipient. Various mechanisms are
used to secure these tunnel routed messages, as described <a href="/book/view/42?PHPSESSID=a2cc81573922db94d0656146d3764863">tunnel routing</a>.
In addition, they can be sent in parallel down multiple tunnels, with the last router discarding
duplicates.</p>
<p><img src="http://i2p.net/~jrandom/wiki/tunnelSending.png" alt="I2P Tunnel sending"></p>
<p>Some of the messages sent in the network (such as those used to manage tunnels, publish some Leases,
and deliver long lived end to end messages) may be instead are sent via
<a href="/book/view/43?PHPSESSID=a2cc81573922db94d0656146d3764863">garlic routing</a>. Inspired by a subsection for future works written by
Michael Freedman within Roger Dingledine's freehaven
<a href="http://www.freehaven.net/doc/freehaven10.ps">thesis</a>, and with some similarities to
<a href="http://onion-router.net/">onion routing</a>. <B style="color:black;background-color:#ffff66">I2P's</B> garlic routing allows multiple messages
("cloves") to be wrapped inside a single message ("garlic") so that only the intended recipient can
determine how many cloves are contained as well as how those cloves should be processed.</p>
<p>To deal with a wide range of attacks, <B style="color:black;background-color:#ffff66">I2P</B> is fully distributed with no centralized resources - and
hence there are no directory servers keeping statistics regarding the performance and reliability of
routers within the network. As such, each router must keep and maintain profiles of various routers
and is responsible for selecting appropriate peers to meet the anonymity, performance, and reliability
needs of the users, as described in the <a href="/book/view/135?PHPSESSID=a2cc81573922db94d0656146d3764863">peer selection</a> pages</p>
<p>The network itself makes use of a significant number of cryptographic techniques and altorithms -
a full laundry list includes 2048bit ElGamal encryption, 256bit AES in CBC mode with PKCS#5 padding,
1024bit DSA signatures, SHA256 hashes, 2048bit Diffie-Hellman negotiated connections with station to
station authentication, and <a href="/book/view/46?PHPSESSID=a2cc81573922db94d0656146d3764863">ElGamal / AES+SessionTag</a>.</p>
<p>Content sent over <B style="color:black;background-color:#ffff66">I2P</B> is encrypted through three or four layers - end to end encryption (absolutely
no routers get the plaintext, ever), garlic encryption (used to verify the delivery of the message to
the recipient), tunnel encryption (all messages passing through a tunnel is encrypted by the tunnel
gateway to the tunnel endpoint), and interrouter transport layer encryption (e.g. the TCP transport
uses AES256 with ephemeral keys):</p>
<p><img src="http://i2p.net/~jrandom/endToEndEncryption.png" alt="end to end layered encryption" /></p>
<p>The specific use of these algorithms are outlined <a href="/book/view/45?PHPSESSID=a2cc81573922db94d0656146d3764863">elsewhere</a></p>
<p>The two main mechanisms for allowing people who need militant grade anonymity use the network are
explicitly delayed garlic routed messages and more comprehensive tunnels to include support for pooling
and mixing messages. These are currently planned for release 3.0, but garlic routed messages with no
delays and FIFO tunnels are currently in place. Additionally, the 2.0 release will allow people to set
up and operate behind restricted routes (perhaps with trusted peers), as well as the deployment of more
flexible and anonymous transports.</p>
<p>Some questions have been raised with regards to the scalability of <B style="color:black;background-color:#ffff66">I2P</B>, and reasonably so. There
will certainly be more analysis over time, but peer lookup and integration should be bounded by
<code>O(log(N))</code> due to the <a href="/book/view/44?PHPSESSID=a2cc81573922db94d0656146d3764863">network database</a>'s algorithm, while end to end
messages should be <code>O(log(1))</code> (scale free), since messages go out K hops through the outbound
tunnel and another K hops through the inbound tunnel - the size of the network (N) bears no impact.</p>
<h2>When?</h2>
<p><B style="color:black;background-color:#ffff66">I2P</B> initially began in Feb 2003 as a proposed modification to
<a href="http://freenetproject.org">freenet</a> to allow it to use alternate transports, such as
<a href="http://java.sun.com/products/jms/index.jsp">JMS</a>, then grew into its own as an
'anonCommFramework' in April 2003, turning into <B style="color:black;background-color:#ffff66">I2P</B> in July, with code being cut in earnest in August,
reaching the 0.2 release in September and 0.3 in March. <B style="color:black;background-color:#ffff66">I2P</B> is currently moving forward according to
the <a href="/roadmap?PHPSESSID=a2cc81573922db94d0656146d3764863">roadmap</a>.</p>
<p>The network itself is not ready for general use, and should not be used by those who need anonymity
until it has been met with sufficient peer review.</p>
<h2>Who?</h2>
<p>We have a small <a href="/team?PHPSESSID=a2cc81573922db94d0656146d3764863">team</a> spread around several continents, working to advance different
aspects of the project. We are very open to other developers who want to get involved and anyone else
who would like to contribute in other ways, such as critiques, peer review, testing, writing <B style="color:black;background-color:#ffff66">I2P</B> enabled
applications, or documentation. The entire system is open source - the router and most of the SDK are
outright public domain with some BSD and Cryptix licensed code, while some applications like I2PTunnel
and I2PSnark are GPL. Almost everything is written in Java (1.3+), though some third party applications
are being written in Python. The code generally works on <a href="http://www.kaffe.org/">Kaffe</a>, and
we are hoping to get it working on <a href="http://gcc.gnu.org/java/">GCJ</a> sooner rather than later.</p>
<h2>Where?</h2>
<p>Anyone interested should subscribe to the <a href="http://i2p.net/pipermail/i2p/">mailing list</a> and
join us on the irc channel #<B style="color:black;background-color:#ffff66">i2p</B> (hosted concurrently on <a href="http://invisiblenet.net/iip/">IIP</a>,
irc.freenode.net, irc.duck.<B style="color:black;background-color:#ffff66">i2p</B>, and irc.baffled.<B style="color:black;background-color:#ffff66">i2p</B>). Weekly development meetings are held there every
Tuesday at 9pm GMT with <a href="/node/view/49?PHPSESSID=a2cc81573922db94d0656146d3764863">archives available</a>.</p>
<p>The current source is available through an anonymous CVS repository</p>
<pre>
cvs -d :pserver:anoncvs@<B style="color:black;background-color:#ffff66">i2p</B>.net/cvsroot co <B style="color:black;background-color:#ffff66">i2p</B></pre>
<p>with the password <code>anoncvs</code>. </p>

125
pages/how_threatmodel.html Normal file
View File

@ -0,0 +1,125 @@
<h1>Threatmodel</h1>
<p>
There are a great many other applications and projects working on anonymous
communication and <B style="color:black;background-color:#ffff66">I2P</B> has been inspired by much of their efforts. This is not
a comprehensive list of anonymity resources - both freehaven's
<a href="http://freehaven.net/anonbib/topic.html">Anonymity Bibliography</a>
and GNUnet's <a href="http://www.ovmj.org/GNUnet/links.php3">related projects</a> serve
that purpose well. That said, a few systems stand out for further comparison:</p>
<UL>
<li> Morphmix and Tarzan
<li> TOR / Onion Routing
<li> Mixminion / Mixmaster
<li> Freenet
<li> JAP
</UL>
<H2>Morphmix and Tarzan</H2>
<i><a href="http://www.tik.ee.ethz.ch/~morphmix/">[Morphmix]</a>
<a href="http://www.pdos.lcs.mit.edu/tarzan/">[Tarzan]</a></i>
<p>
Morphmix and Tarzan are both fully distributed, peer to peer networks of
anonymizing proxies, allowing people to tunnel out through the low latency
mix network. Morphmix includes some very interesting collusion detection
algorithms and Sybil defenses, while Tarzan makes use of the scarcity of IP
addresses to accomplishs the same. The two primary differences between
these systems and <B style="color:black;background-color:#ffff66">I2P</B> are related to <B style="color:black;background-color:#ffff66">I2P's</B> <a href="/book/view/41?PHPSESSID=42d2b0545f243f2537476db228ce1636"><B style="color:black;background-color:#A0FFFF">threat </B><B style="color:black;background-color:#99ff99">model</B></a>
and their out-proxy design (as opposed to providing both sender and receiver
anonymity). There is source code available to both systems, but we are not aware
of their use outside of academic environments.</p>
<p>
Stealing quite directly from the Tarzan paper, the following includes a quick
comparison of Tarzan, Crowds, Onion Routing (OR), and <B style="color:black;background-color:#ffff66">I2P</B>:</p>
<img src="http://i2p.net/~jrandom/wiki/comparison.png">
<H2>TOR / Onion Routing</H2>
<i><a href="http://freehaven.net/tor/">[TOR]</a>
<a href="http://www.onion-router.net">[Onion Routing]</a></i>
<p>
TOR and Onion Routing are both anonymizing proxy networks, allowing people
to tunnel out through their low latency mix network. The two primary
differences between TOR / OnionRouting and <B style="color:black;background-color:#ffff66">I2P</B> are again related to differences
in the <B style="color:black;background-color:#A0FFFF">threat </B><B style="color:black;background-color:#99ff99">model</B> and the out-proxy design (though TOR is working to provide
redevous points within the mix network, which will provide recipient anonymity).
In addition, these networks take the directory based approach - providing a
centralized point to manage the overall 'view' of the network, as well as gather
and report statistics, as opposed to <B style="color:black;background-color:#ffff66">I2P's</B> distributed
<a href="/book/view/44?PHPSESSID=42d2b0545f243f2537476db228ce1636">network database</a> and <a href="/book/view/135?PHPSESSID=42d2b0545f243f2537476db228ce1636">peer selection</a>.</p>
<p>On the technical side, there are 5 main differences between TOR and <B style="color:black;background-color:#ffff66">I2P</B>:</p>
<ul>
<li>TOR is centrally managed (trusted directories, only some people fully participate
in the network with cover traffic) while <B style="color:black;background-color:#ffff66">I2P</B> is fully distributed. This has serious
anonymity implications for people using TOR that are not one of the TOR nodes,
since a powerful attacker could determine your identity, or coerce the maintainer
of TOR's directory server to include untrustworthy nodes.</li>
<li>TOR is circuit based (with reliable, ordered, bidirectional tunnels), while <B style="color:black;background-color:#ffff66">I2P</B>
is packet based (with unreliable, unordered, unidirectional tunnels). As with the
TCP/IP separation, <B style="color:black;background-color:#ffff66">I2P</B> optionally adds TCL-like functionality on top of the packet
based network by means of mihi's ministreaming library.</li>
<li>TOR is low latency, while <B style="color:black;background-color:#ffff66">I2P</B> is variable latency (both ASAP and stop+go). This will
allow <B style="color:black;background-color:#ffff66">I2P</B> to provide a higher level of anonymity by blending the anonymity set of
different user bases together - for example, filesharing users and militants look
the same, though make use of different techniques to balance their own anonymity
and security needs)</li>
<li>TOR is IP addressed, relying on the security of the IP layer for authenticating
and securing the message delivery, while <B style="color:black;background-color:#ffff66">I2P</B> is cryptographically addressed.</li>
<li>TOR is written in C on *nix (windows port w/ cygwin?), while <B style="color:black;background-color:#ffff66">I2P</B> is written in
Java and tested on *nix, windows, and macs</li>
</ul>
<H2>Mixminion / Mixmaster</H2>
<i><a href="http://mixminion.net/">[Mixminion]</a>
<a href="http://mixmaster.sourceforge.net/">[Mixmaster]</a></i>
<p>
Mixminion and Mixmaster are networks to support anonymous email against a very
powerful adversary. <B style="color:black;background-color:#ffff66">I2P</B> aims to provide an adequate means to meet their <B style="color:black;background-color:#A0FFFF">threat
</B><B style="color:black;background-color:#99ff99">model</B> as we reach <B style="color:black;background-color:#ffff66">I2P</B> 3.0 along side the needs of low latency users, providing
a significantly larger anonymity set. As with TOR and Onion Routing above,
both Mixminion and Mixmaster take the directory based approach as well.</p>
<H2>Freenet</H2>
<i><a href="http://freenetproject.org/">[Freenet]</a></i>
<p>
Freenet is a fully distributed, peer to peer anonymous publishing network.
As such, generic anonymous communication over it requires the use of the global
blackboard <B style="color:black;background-color:#99ff99">model</B> - storing data somewhere that the recipient will then check
for a message. Freenet also does not support the concept of user defined delays -
it stores and fetches data as quickly as it can, rather than queueing up, pooling,
delaying, and mixing the data, leaving a hole with regards to long term intersection
attacks. In addition, there seem to be some performance issues that can arguably
be attributed to the global blackboard <B style="color:black;background-color:#99ff99">model</B> which will likely rule out interactive
low latency communication.</p>
<H2>JAP</H2>
<i><a href="http://anon.inf.tu-dresden.de/index_en.html">[JAP]</a></i>
<p>
JAP (Java Anonymous Proxy) is a network of mix cascades for anonymizing web requests,
and as such it has a few centralized nodes (participants in the cascade) that blend
and mix requests from clients through the sequence of nodes (the cascade) before
proxying out onto the web. The scope, <B style="color:black;background-color:#A0FFFF">threat </B><B style="color:black;background-color:#99ff99">model</B>, and security is substantially
different from <B style="color:black;background-color:#ffff66">I2P</B>, but for those who don't require significant anonymity but still
are not satisfied with an Anonymizer-like service, JAP is worth reviewing. One
caution to note is that anyone under the jurisdiction of the German courts may want
to take care, as the German Federal Bureau of Criminal Investigation (FBCI) has has
successfully mounted an
<a href="http://www.datenschutzzentrum.de/material/themen/presse/anonip3_e.htm">[attack]</a>
on the network. Even though the method of this attack was later found to be illegal
in the German courts, the fact that the data was successfully collected is the
concern. Courts change their minds based upon circumstance, and this is evidence that
if a government body or intelligence agency wanted to, they could gather the data, even
if it may be found inadmissible in some courts later)
</p>

52
pages/jbigi.html Normal file
View File

@ -0,0 +1,52 @@
<h1>jbigi</h1>
<p>Using JNI (Java Native Interface), a bit of C code
(thanks <a href="/user/view/8?PHPSESSID=8efeebc6ed1c132cdcb12821e7ab4a27">ughabugha</a>!), a little manual work and
a piece of chewinggum it is possible to make the public key cryptography
quite a bit faster.</p>
<h2>Requirements</h2>
<p>This works on Linux, and with a few changes in build.sh probably also on other
platforms. FreeBSD has also been reported to work too. On Kaffee the speedup is very
small, because it already uses native BitInteger internally. Blackdown seems to cause
strange errors. Because you are going to do compilation, you need JDK; JRE won't work.</p>
<p>The required code is available in CVS and the latest source tarball.</p>
<p>The GNU MP Bignum library (libgmp) needs to be installed, if it isn't included in
your OS / distribution or installed already, it can be received from
<a href="http://www.swox.com/gmp/">http://www.swox.com/gmp/</a>. Even if you have already
installed it as binary, it might still be worth a try to compile GMP yourself, since then
it will be able to use the specific instructions of your processor.</p>
<h2>Step-by-step instructions</h2>
<ol>
<li>Look on <a href="http://localhost:7655/routerStats.html">http://localhost:7655/routerStats.html</a>
to see what the values for <code>crypto.elGamal.decrypt</code> and <code>crypto.elGamal.encrypt</code> are.
Copy this somewhere so you can compare it later on.</li>
<li>Get the latest sourcecode</li>
<li>Inside the source tree change directory to: <code>core/c</code></li>
<li>Take a look at <code>build.sh</code>, if your <code>JAVA_HOME</code> environment variable is set and
you are using Linux then it might just work. Otherwise change the settings.</li>
<li>Run <code>build.sh</code><br/>
A file named <code>libjbigi.so</code> should be created in the current directory.
If this doesn't happen and/or you get errors then please report them.<br/>
Also some tests are done. Read the final lines of output for some additional
info, it will be something like this:
<pre>
native run time: 5842ms ( 57ms each)
java run time: 41072ms (406ms each)
native = 14.223802103622907% of pure java time
</pre>
If the native is indeed 5-7x faster then it looks all good. If not, please report.</li>
<li>Copy <code>libjbigi.so</code> to your <B style="color:black;background-color:#ffff66">i2p</B> directory</li>
<li>Restart your <B style="color:black;background-color:#ffff66">I2P</B> programs.</li>
<li>On <a href="http://localhost:7655/routerStats.html">http://localhost:7655/routerStats.html</a>
the <code>crypto.elGamal.decrypt</code> and <code>crypto.elGamal.encrypt</code> should be a lot faster.</li>
</ol>
<p>Feedback is appreciated</p>

192
pages/licenses.html Normal file
View File

@ -0,0 +1,192 @@
<h1>Licenses</h1>
<p>As required by our threat model (among other reasons), the
software developed to support the anonymous communication
network we call I2P must be freely available, open source,
and user modifiable. To meet this criteria, we make use of
a variety of legal and software engineering techniques so
as to remove as many barriers to entry for those considering
making use of or contributing to the I2P effort. </p>
<p>While the information below may be more confusing than just simply
stating "I2P is BSD", "I2P is GPL", or "I2P is public domain",
the short answer to the question "How is I2P licensed?" is this:</p>
<h2>All software bundled in the I2P distributions will allow:</h2>
<ol>
<li>use without fee</li>
<li>use with no restrictions on how, when, where, why, or by whom is running it</li>
<li>access to the source code without fee</li>
<li>modifications to the source</li>
</ol>
<p>Most of the software guarantees much more - the ability of <b>anyone</b> to
distribute the modified source however they choose. However, not all of the
software bundled provides this freedom - the GPL restricts the ability of
developers who wish to integrate I2P with their own applications that are not
themselves open source applications. While we applaud the noble goals of
increasing the resources in the commons, I2P is best served by removing any
barriers that stand in the way of its adoption - if a developer considering whether
they can integrate I2P with their application has to stop and check with their lawyer,
or conduct a code audit to make sure their own source can be released as GPL-compatible,
we lose out.</p>
<h2>Component licenses</h2>
<p>The I2P distribution contains several resources, reflecting the partitioning of
the source code into components. Each component has its own license, which all
developers who contribute to it agree to - either by explicitly declaring the release
of code committed under a license compatible with that component, or by implicitly
releasing the code committed under the component's primary license. Each of these
components has a lead developer who has the final say as to what license is compatible
with the component's primary license, and the I2P project manager has the final say as
to what licenses meet the above four guarantees for inclusion in the I2P distribution. </p>
<table border="1">
<tr>
<td valign="top" align="left"><b>Component</b></td>
<td valign="top" align="left"><b>CVS path</b></td>
<td valign="top" align="left"><b>Resource</b></td>
<td valign="top" align="left"><b>Primary license</b></td>
<td valign="top" align="left"><b>Alternate licenses</b></td>
<td valign="top" align="left"><b>Lead developer</b></td>
</tr>
<tr>
<td valign="top" align="left"><b>I2P SDK</b></td>
<td valign="top" align="left">core</td>
<td valign="top" align="left">i2p.jar</td>
<td valign="top" align="left"><a href="http://en.wikipedia.org/wiki/Public_domain">Public domain</a></td>
<td valign="top" align="left"><a href="http://opensource.org/licenses/bsd-license.php">BSD</a><br />
<a href="http://cryptix.org/docs/license.html">Cryptix<a><br />
<a href="http://opensource.org/licenses/mit-license.html">MIT</a></td>
<td valign="top" align="left">jrandom</td>
</tr>
<tr>
<td valign="top" align="left"><b>I2P Router</b></td>
<td valign="top" align="left">router</td>
<td valign="top" align="left">router.jar</td>
<td valign="top" align="left"><a href="http://en.wikipedia.org/wiki/Public_domain">Public domain</a></td>
<td valign="top" align="left"><a href="http://opensource.org/licenses/bsd-license.php">BSD</a><br />
<a href="http://cryptix.org/docs/license.html">Cryptix<a><br />
<a href="http://opensource.org/licenses/mit-license.html">MIT</a></td>
<td valign="top" align="left">jrandom</td>
</tr>
<tr>
<td valign="top" align="left"><b>ministreaming</b></td>
<td valign="top" align="left">apps/ministreaming</td>
<td valign="top" align="left">mstreaming.jar</td>
<td valign="top" align="left"><a href="http://opensource.org/licenses/bsd-license.php">BSD</a></td>
<td valign="top" align="left"><a href="http://en.wikipedia.org/wiki/Public_domain">Public domain</a><br />
<a href="http://cryptix.org/docs/license.html">Cryptix<a><br />
<a href="http://opensource.org/licenses/mit-license.html">MIT</a></td>
<td valign="top" align="left">mihi</td>
</tr>
<tr>
<td valign="top" align="left"><b>I2PTunnel</b></td>
<td valign="top" align="left">apps/i2ptunnel</td>
<td valign="top" align="left">i2ptunnel.jar</td>
<td valign="top" align="left"><a href="#javaException">GPL + exception</a></td>
<td valign="top" align="left"><a href="http://en.wikipedia.org/wiki/Public_domain">Public domain</a><br />
<a href="http://opensource.org/licenses/bsd-license.php">BSD</a><br />
<a href="http://cryptix.org/docs/license.html">Cryptix<a><br />
<a href="http://opensource.org/licenses/mit-license.html">MIT</a></td>
<td valign="top" align="left">mihi</td>
</tr>
<tr>
<td valign="top" align="left"><b>HTTPTunnel</b></td>
<td valign="top" align="left">apps/httptunnel</td>
<td valign="top" align="left">httptunnel.jar</td>
<td valign="top" align="left"><a href="#javaException">GPL + exception</a></td>
<td valign="top" align="left"><a href="http://en.wikipedia.org/wiki/Public_domain">Public domain</a><br />
<a href="http://opensource.org/licenses/bsd-license.php">BSD</a><br />
<a href="http://cryptix.org/docs/license.html">Cryptix<a><br />
<a href="http://opensource.org/licenses/mit-license.html">MIT</a></td>
<td valign="top" align="left">mihi</td>
</tr>
<tr>
<td valign="top" align="left"><b>SAM bridge</b></td>
<td valign="top" align="left">apps/sam</td>
<td valign="top" align="left">i2psam.jar</td>
<td valign="top" align="left"><a href="http://www.gnu.org/licenses/gpl.html">GPL</a></td>
<td valign="top" align="left"><a href="http://en.wikipedia.org/wiki/Public_domain">Public domain</a><br />
<a href="http://cryptix.org/docs/license.html">Cryptix<a><br />
<a href="http://opensource.org/licenses/bsd-license.php">BSD</a><br />
<a href="http://opensource.org/licenses/mit-license.html">MIT</a></td>
<td valign="top" align="left">aum</td>
</tr>
<tr>
<td valign="top" align="left"><b>phttprelay</b></td>
<td valign="top" align="left">apps/phttprelay</td>
<td valign="top" align="left">phttprelay.war</td>
<td valign="top" align="left"><a href="http://en.wikipedia.org/wiki/Public_domain">Public domain</a></td>
<td valign="top" align="left"><a href="http://cryptix.org/docs/license.html">Cryptix<a><br />
<a href="http://opensource.org/licenses/bsd-license.php">BSD</a><br />
<a href="http://opensource.org/licenses/mit-license.html">MIT</a></td>
<td valign="top" align="left">jrandom</td>
</tr>
<tr>
<td valign="top" align="left"><b>Installer</b></td>
<td valign="top" align="left">installer</td>
<td valign="top" align="left">install.jar, guiinstall.jar</td>
<td valign="top" align="left"><a href="http://en.wikipedia.org/wiki/Public_domain">Public domain</a></td>
<td valign="top" align="left"><a href="#javaException">GPL + exception</a><br />
<a href="http://opensource.org/licenses/bsd-license.php">BSD</a><br />
<a href="http://cryptix.org/docs/license.html">Cryptix<a><br />
<a href="http://opensource.org/licenses/mit-license.html">MIT</a></td>
<td valign="top" align="left">jrandom</td>
</tr>
</table>
<h3><a name="javaException">GPL + java exception</a></h3>
<p>While it may be redundant, just for clarity the <a href="http://www.fsf.org/licenses/gpl.html">GPL</a>'ed
code included within I2PTunnel must be released under the GPL with an additional "exception" explicitly
authorizing the use of Java's standard libraries:</p>
<p><code>
In addition, as a special exception, XXXX gives permission to link
the code of this program with the proprietary Java implementation
provided by Sun (or other vendors as well), and distribute linked
combinations including the two. You must obey the GNU General
Public License in all respects for all of the code used other than
the proprietary Java implementation. If you modify this file, you
may extend this exception to your version of the file, but you are
not obligated to do so. If you do not wish to do so, delete this
exception statement from your version.
</code></p>
<p>
All source code under each component will by default be licensed under the primary license,
unless marked otherwise in the code. All of the above is summary of the license terms -
please see the specific license for the component or source code in question for authoritative
terms. Component CVS locations and resource packaging may be changed if the repository
is reorganized.</p>
<h2>CVS commit priviliges</h2>
<p>All developers must explicitly agree with the above terms to receive commit access to I2P's
CVS repository. That means that they affirm that:</p>
<ul>
<li>unless marked otherwise, all code they commit is implicitly licensed under the component's
primary license</li>
<li>if specified in the source, the code may be explicitly licensed under one of the component's
alternate licenses</li>
<li>they have the right to release the code they commit under the terms they are committing it</li>
</ul>
<p>If anyone is aware of any instances where the above conditions are not met, please contact the
component lead and/or the I2P project manager with further information.</p>

115
pages/minwww.html Normal file
View File

@ -0,0 +1,115 @@
<h1>MinWWW</h1>
Here's an outline and rationale for a minimal WWW proxy app for use
over <a href="iip-wiki?I2P&PHPSESSID=6e225478566d893d09caaefd76f406ce"><B style="color:black;background-color:#ffff66">I2P</B></a>.
<p>
HTTP operation over <B style="color:black;background-color:#ffff66">I2P</B> using I2PTunnel. When the base SocketLibrary
is out, the only significant difference will be the 'wrapRequest' and
'unwrapRequest' will functionally be placed in the socketLibrary, not
in the router (but later versions of the SocketLibrary will be able to
use selective ACK and large window sizes, allowing more ACKs to be
skipped)
<pre>
---BROWSER---&gt;-I2PTUNNEL---&gt;-ROUTERA---&gt;-ROUTERB---&gt;-I2PTUNNEL---&gt;-HTTPD----------
1: openCon
2: requestCon
3: wrapRequest
4: unwrapRequest
5: receiveACK receiveCon
6: sentSuccess sendSYN
7: wrapRequest
8: unwrapRequest
9: receiveSYN receiveACK
10: "GET /" sentSuccess
11: sendData
12: wrapRequest
13: unwrapRequest
14: receiveACK receiveData
15: sentSuccess "GET /"
16: "HTTP 200\n\nHi"
17: sendData
18: wrapRequest
19: unwrapRequest
20: receiveData receiveACK
21: "HTTP 200\n\nHi" sentSuccess
22: closeCon
23: sendClose
24: wrapRequest
25: unwrapRequest
26: receiveACK receiveClose
27: sentSuccess
</pre>
<p>
An optimized form, designed to handle only 128KB [1] files and pages, can
operate significantly faster:
<p>
<pre>
BROWSER --&gt; MinWWW --&gt; ROUTERA --&gt; ROUTERB --&gt; MinWWW --&gt; HTTPD
1: openCon
2: opened
3: "GET /"
4: sendData
5: forward
6: receive
7: receiveData
8: "GET /"
9: "HTTP 200\n\nHi"
10: sendData
11: forward
12: receive
13: receiveData
14: "HTTP 200\n\nHi"
15: closeCon
16: closed
</pre>
<p>
The difference in network load and latency is significant - this is essentially
a UDP version of HTTP. On the normal web, we can't really do that, since most
HTTP requests and responses are orders of magnitude larger than UDP packets
functionally support, but in <B style="color:black;background-color:#ffff66">I2P</B>, messages can be large. The savings for the
network load comes from the fact that we don't need to send any ACK messages -
rather than the earlier wrap/unwrap request (that bundles a DataMessage with
a DeliveryStatusMessage to provide guaranteed delivery), the MinWWW proxy deals
with resends (if necessary - in I2PTunnel today, there are no resends).
<p>
The data that the MinWWW proxy and server need to wrap is trivial - when the
proxy wants to send "GET /", it prepends it with the <B style="color:black;background-color:#ffff66">I2P</B> Destination sending
the request, followed by a 4 byte request ID. The MinWWW server receives those
requests, contacts the appropriate HTTPD, sends the request, waits for the
response, and sends a reply to the MinWWW proxy containing the response, prefixed
with the original request ID. That response is taken and passed back to the
browser and the connection is closed.
<p>
In addition, the MinWWW proxy can choose the MinWWW server to use from a list,
going through some round robin or other algorithm, so that there are multiple
outproxies merged transparently. The bandwidth required for running one of
these outproxies is also greatly reduced, since it will only handle 128KB files
(aka no one is going to be downloading porn, warez, etc).
<p>
The functionality /is/ limited, but 128KB of data is a lot for a single HTTP
request or response. The above diagrams are also unrealistic in their hops -
ROUTERA will really never talk directly to ROUTERB. ROUTERA will send each
of the messages through two additional outbound routers, then forwarded to
two additional inbound routers to ROUTERB, so the lag there is significant -
while the above only saves 11 steps, 8 of those steps need to traverse the
entire <B style="color:black;background-color:#A0FFFF">tunnel</B> path (4+ remote hops each time when tunnels are 2 remote hops
in each stretch), leaving MinWWW with only two full traversals (one for the
request, one for the response), instead of 10.
<p>
Implementing the MinWWW proxy and server should be fairly easy - read an HTTP
request from the client fully (perhaps only start out with HTTP GET, leaving
HTTP POST for later), wrap the message, and wait for the response. The server
in turn simply needs to parse the request to either open a socket or URL,
send the request, wait for the response, and send it back through the network.
If someone were to implement this, it would be Good :)
<p>
[1] Why 128KB files? Currently I2CP allows functionally arbitrary message size,
but thats going to be going away since it involves either excessive memory
overhead on intermediary routers, or additional implementation details to
handle. I2PTunnel is currently limited to 128KB and hasn't been a burden,
so perhaps it could be increased to 256KB when the I2CP spec is updated)
</pre>

61
pages/performance.html Normal file
View File

@ -0,0 +1,61 @@
<h1>Performance</h1>
<p>Probably one of the most frequent things people ask is "how fast is <B style="color:black;background-color:#ffff66">I2P</B>?", and no one seems to like the answer - "it depends". After trying out <B style="color:black;background-color:#ffff66">I2P</B>, the next thing they ask is "will it get faster?", and the answer to that is a most emphatic <b>yes</b>.</p>
<p>There are a few major techniques that can be done to improve the percieved performance of <B style="color:black;background-color:#ffff66">I2P</B> - some of the following are CPU related, others bandwidth related, and others still are protocol related. However, all of those dimensions affect the latency, throughput, and percieved performance of the network, as they reduce contention for scarce resources. This list is of course not comprehensive, but it does cover the major ones that I see.</p>
<h2>Native math</h2>
<p>When I last profiled the <B style="color:black;background-color:#ffff66">I2P</B> code, the vast majority of time was spent within one function: java.math.BigInteger's <a href="http://java.sun.com/j2se/1.4.2/docs/api/java/math/BigInteger.html#modPow(java.math.BigInteger,%20java.math.BigInteger)">modPow</a>. Rather than try to tune this method, we'll call out to <a href="http://www.swox.com/gmp/">GNU MP</a> - an insanely fast math library (with tuned assembler for many architectures). (<i>Editor: see <a href="/node/view/147?PHPSESSID=288375bed2d584c74d7a9fdbc87e326a">NativeBigInteger for faster public key cryptography</a></i>)</p>
<p><a href="/user/view/8?PHPSESSID=288375bed2d584c74d7a9fdbc87e326a">ughabugha</a> and <a href="/user/view/7?PHPSESSID=288375bed2d584c74d7a9fdbc87e326a">duck</a> are working on the C/JNI glue code, and the existing java code is already deployed with hooks for that whenever its ready. Preliminary results look fantastic - running the router with the native GMP modPow is providing over a 800% speedup in encryption performance, and the load was cut in half. This was just on one user's machine, and things are nowhere near ready for packaging and deployment, yet.</p>
<h2>Garlic wrapping a "reply" LeaseSet</h2>
<p>This algorithm tweak will only be relevent for applications that want their peers to reply to them (though that includes everything that uses I2PTunnel or <a href="/user/view/10?PHPSESSID=288375bed2d584c74d7a9fdbc87e326a">mihi</a>'s ministreaming lib):</p>
<p>Currently, when Alice sends Bob a message, when Bob replies he has to do a lookup in the network database - sending out a few requests to get Alice's current LeaseSet. If he already has Alice's current LeaseSet, he can instead just send his reply immediately - this is (part of) why it typically takes a little longer talking to someone the first time you connect, but subsequent communication is faster. What we'll do - for clients that want it - is to wrap the sender's current LeaseSet in the garlic that is delivered to the recipient, so that when they go to reply, they'll <i>always</i> have the LeaseSet locally stored - completely removing any need for a network database lookup on replies. Sure, this trades off a bit of the sender's bandwidth for that faster reply (though overall network bandwidth usage decreases, since the recipient doesn't have to do the network database lookup).</p>
<h2>Better peer profiling and selection</h2>
<p>Probably one of the most important parts of getting faster performance will be improving how routers choose the peers that they build their tunnels through - making sure they don't use peers with slow links or ones with fast links that are overloaded, etc. In addition, we've got to make sure we don't expose ourselves to a <a href="http://www.cs.rice.edu/Conferences/IPTPS02/101.pdf">sybil</a> attack from a powerful adversary with lots of fast machines. </p>
<h2>Network database tuning</h2>
<p>We're going to want to be more efficient with the network database's healing and maintenance algorithms - rather than constantly explore the keyspace for new peers - causing a significant number of network messages and router load - we can slow down or even stop exploring until we detect that there's something new worth finding (e.g. decay the exploration rate based upon the last time someone gave us a reference to someone we had never heard of). We can also do some tuning on what we actually send - how many peers we bounce back (or even if we bounce back a reply), as well as how many concurrent searches we perform.</p>
<h2>Longer SessionTag lifetime</h2>
<p>The way the <a href="/book/view/46?PHPSESSID=288375bed2d584c74d7a9fdbc87e326a">ElGamal/AES+SessionTag</a> algorithm works is by managing a set of random one-time-use 32 byte arrays, and expiring them if they aren't used quickly enough. If we expire them too soon, we're forced to fall back on a full (expensive) ElGamal encryption, but if we don't expire them quickly enough, we've got to reduce their quantity so that we don't run out of memory (and if the recipient somehow gets corrupted and loses some tags, even more encryption failures may occur prior to detection). With some more active detection and feedback driven algorithms, we can safely and more efficiently tune the lifetime of the tags, replacing the ElGamal encryption with a trivial AES operation.</p>
<h2>Longer lasting tunnels</h2>
<p>The current default <B style="color:black;background-color:#A0FFFF">tunnel</B> duration of 10 minutes is fairly arbitrary, though it "feels ok". Once we've got <B style="color:black;background-color:#A0FFFF">tunnel</B> healing code and more effective failure detection, we'll be able to more safely vary those durations, reducing the network and CPU load (due to expensive <B style="color:black;background-color:#A0FFFF">tunnel</B> creation messages).</p>
<h2>Adjust the timeouts</h2>
<p>Yet another of the fairly arbitrary but "ok feeling" things we've got are the current timeouts for various activities. Why do we have a 60 second "peer unreachable" timeout? Why do we try sending through a different <B style="color:black;background-color:#A0FFFF">tunnel</B> that a LeaseSet advertises after 10 seconds? Why are the network database queries bounded by 60 or 20 second limits? Why are destinations configured to ask for a new set of tunnels every 10 minutes? Why do we allow 60 seconds for a peer to reply to our request that they join a <B style="color:black;background-color:#A0FFFF">tunnel</B>? Why do we consider a <B style="color:black;background-color:#A0FFFF">tunnel</B> that doesn't pass our test within 60 seconds "dead"?</p>
<p>Each of those imponderables can be addressed with more adaptive code, as well as tuneable parameters to allow for more appropriate tradeoffs between bandwidth, latency, and CPU usage.</p>
<h2>More efficient TCP rejection</h2>
<p>At the moment, all TCP connections do all of their peer validation after going through the full (expensive) Diffie-Hellman handshaking to negotiate a private session key. This means that if someone's clock is really wrong, or their NAT/firewall/etc is improperly configured (or they're just running an incompatible version of the router), they're going to consistently (though not constantly, thanks to the shitlist) cause a futile expensive cryptographic operation on all the peers they know about. While we will want to keep some verification/validation within the encryption boundary, we'll want to update the protocol to do some of it first, so that we can reject them cleanly without wasting much CPU or other resources.</p>
<h2>Adjust the <B style="color:black;background-color:#A0FFFF">tunnel</B> testing</h2>
<p>Rather than going with the fairly random scheme we have now, we should use a more context aware algorithm for testing tunnels. e.g. if we already know its passing valid data correctly, there's no need to test it, while if we haven't seen any data through it recently, perhaps its worthwhile to throw some data its way. This will reduce the <B style="color:black;background-color:#A0FFFF">tunnel</B> contetion due to excess messages, as well as improve the speed at which we detect - and address - failing tunnels.</p>
<h2>Compress some data structures</h2>
<p>The I2NP messages and the data they contain is already defined in a fairly compact structure, though one attribute of the RouterInfo structure is not - "options" is a plain ASCII name = value mapping. Right now, we're filling it with those published statistics - around 3300 bytes per peer. Trivial to implement GZip compression would nearly cut that to 1/3 its size, and when you consider how often RouterInfo structures are passed across the network, thats significant savings - every time a router asks another router for a networkDb entry that the peer doesn't have, it sends back 3-10 RouterInfo of them.</p>
<h2>Update the ministreaming protocol</h2>
<p>Currently <a href="/user/view/10?PHPSESSID=288375bed2d584c74d7a9fdbc87e326a">mihi</a>'s ministreaming library has a fairly simple stream negotiation protocol - Alice sends Bob a SYN message, Bob replies with an ACK message, then Alice and Bob send each other some data, until one of them sends the other a CLOSE message. For long lasting connections (to an irc server, for instance), that overhead is negligible, but for simple one-off request/response situations (an HTTP request/reply, for instance), thats more than twice as many messages as necessary. If, however, Alice piggybacked her first payload in with the SYN message, and Bob piggybacked his first reply with the ACK - and perhaps also included the CLOSE flag - transient streams such as HTTP requests could be reduced to a pair of messages, instead of the SYN+ACK+request+response+CLOSE.</p>
<h2>Implement full streaming protocol</h2>
<p>The ministreaming protocol takes advantage of a poor design decision in the <B style="color:black;background-color:#ffff66">I2P</B> client procotol (I2CP) - the exposure of "mode=GUARANTEED", allowing what would otherwise be an unreliable, best-effort, message based protocol to be used for reliable, blocking operation (under the covers, its still all unreliable and message based, with the router providing delivery guarantees by garlic wrapping an "ack" message in with the payload, so once the data gets to the target, the ack message is forwarded back to us [through tunnels, of course]).</p>
<p>As I've <a href="http://i2p.net/pipermail/i2p/2004-March/000167.html">said</a>, having I2PTunnel (and the ministreaming lib) go this route was the best thing that could be done, but more efficient mechanisms are available. When we rip out the "mode=GUARANTEED" functionality, we're essentially leaving ourselves with an I2CP that looks like an anonymous IP layer, and as such, we'll be able to implement the streaming library to take advantage of the design experiences of the TCP layer - selective ACKs, congestion detection, nagle, etc.</p>

65
pages/roadmap.html Normal file
View File

@ -0,0 +1,65 @@
<h1>Roadmap</h1>
<h2>0.3.2 (May)</h2>
<ul>
<li>Fixed the netDb for more reliability</li>
<li>Address the diversification issues in peer selection</li>
<li>Fix remaining "unknown tunnels" cause</li>
</ul>
<h2>0.3.3 (July)</h2>
<ul>
<li>Unique tunnelIDs per hop to increase anonymity</li>
<li>Remove SourceRouteReplyMessage, replace SourceRouteBlock with ReplyBlock (no encrypted data in it, just a sessionTag + sessionKey)</li>
<li>Out of the 0.3.* testnet - irc, eepsites, and squid should work reliably</li>
</ul>
<h2>0.4.0 (July)</h2>
<ul>
<li>Updated deployment architecture, replacing the admin console with a real web server and
allowing the integration of standard .war packages as client applications</li>
<li>New installer and web based config system</li>
<li><a href="/node/view/144?PHPSESSID=933181d1da8229467d99aad215034076">SAM</a> bridge and client libraries implemented and tested</li>
</ul>
<h2>0.4.1 (July)</h2>
<ul>
<li><a href="/node/view/164?PHPSESSID=933181d1da8229467d99aad215034076">AMOC</a> transport to allow people behind firewalls/etc to fully participate in <B style="color:black;background-color:#ffff66">I2P</B></li>
<li>Bandwidth limiter functional</li>
<li>Router throttling code (detect/adapt to overload by refusing tunnels, shrinking # connections, minimizing networkDb activity)</li>
</ul>
<h2>1.0 (August)</h2>
<ul>
<li>Javadoc and code walkthrough / guidebook updated</li>
<li>Comprehensive management tool available</li>
<li>Internal code audit complete</li>
<li><a href="/node/view/208?PHPSESSID=933181d1da8229467d99aad215034076">MyI2P</a> available</li>
</ul>
<h2>1.1 (September)</h2>
<ul>
<li>Full streaming protocol implemented</li>
</ul>
<h2>2.0 (October)</h2>
<ul>
<li>Restricted route topology (include some connected peers in routerInfo, recursive route)</li>
<li>Connectionless/alternate transports (UDP, MRTCP, SMTP+POP3/IMAP)</li>
<li>Nontrivial certificates (hashcash, other) </li>
</ul>
<h2>3.0 (December)</h2>
<ul>
<li>Sender defined message delays</li>
<li>Creator defined <B style="color:black;background-color:#A0FFFF">tunnel</B> mixing and pooling of messages, as well as optional chaff messages</li>
<li>(Mixminion integration?) </li>
</ul>
Dates, of course, are just estimates. If you get involved and help out with some of the
coding, things will go faster

189
pages/team.html Normal file
View File

@ -0,0 +1,189 @@
<h1>I2P Team</h1>
<p>
We are a small group of people spread around several continents, working
to advance different aspects of the project and discussing the design of
the network.
</p>
<table border="0">
<tr>
<td valign="top" align="left" rowspan="4"><b>Admin </b></td>
<td valign="top" align="left"><b>Project Manager<b></td>
<td valign="top" align="left"><a href="/user/view/2?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">jrandom</a></td>
<td valign="top" align="left"><i>point of contact of last resort</i></td>
</tr>
<tr>
<td valign="top" align="left"><b>Treasurer</b></td>
<td valign="top" align="left"><a href="/user/view/1?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">wilde</a></td>
<td valign="top" align="left"><i>manage donations / accounts / bounties</i></td>
</tr>
<tr>
<td valign="top" align="left"><b>Operations Manager<b></td>
<td valign="top" align="left"><a href="/user/view/7?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">duck</a></td>
<td valign="top" align="left"><i>monitor network health</i></td>
</tr>
<tr>
<td valign="top" align="left"><b>User Advocate</b></td>
<td valign="top" align="left"><a href="/user/view/23?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">protocol</a></font></td>
<td valign="top" align="left"><i>gather, prioritize, advocate for user needs</font></td>
</tr>
<tr><td colspan="4"><hr /></td></tr>
<tr>
<td valign="top" align="left" rowspan="12"><b>Dev </b></td>
<td valign="top" align="left"><b>Core Lead</b></td>
<td valign="top" align="left"><a href="/user/view/2?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">jrandom</a></td>
<td valign="top" align="left"><i>lead dev for the SDK and router</i></td>
</tr>
<tr>
<td valign="top" align="left"><b>I2PTunnel Lead</b></td>
<td valign="top" align="left"><a href="/user/view/10?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">mihi</a></td>
<td valign="top" align="left"><i>lead dev for the I2PTunnel apps</i></td>
</tr>
<tr>
<td valign="top" align="left"><b>Integration Lead</b></td>
<td valign="top" align="left"><a href="/user/view/9?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">human</a></td>
<td valign="top" align="left"><i>lead dev for integration with other apps and networks</i></td>
</tr>
<tr>
<td valign="top" align="left" rowspan="9"><b>Contributor</b></td>
<td valign="top" align="left">thecrypto</td>
<td valign="top" align="left"><i>encryption and signature routines, I2PIM</i></td>
</tr>
<tr>
<td valign="top" align="left">eco</td>
<td valign="top" align="left"><i>i2psnark - bittorrent over <B style="color:black;background-color:#ffff66">I2P</B></i></td>
</tr>
<tr>
<td valign="top" align="left">shendaras</td>
<td valign="top" align="left"><i>general help</i></td>
</tr>
<tr>
<td valign="top" align="left"><a href="/user/view/16?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">aum</a></td>
<td valign="top" align="left"><i>i2pmgr - installation and management console</i></td>
</tr>
<tr>
<td valign="top" align="left">FillaMent</td>
<td valign="top" align="left"><i>i2pmole - I2PTunnel management console</i></td>
</tr>
<tr>
<td valign="top" align="left">MrEcho</td>
<td valign="top" align="left"><i>naming service</i></td>
</tr>
<tr>
<td valign="top" align="left">wiht</td>
<td valign="top" align="left"><i>naming service</i></td>
</tr>
<tr>
<td valign="top" align="left"><a href="/user/view/8?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">ughabugha</a></td>
<td valign="top" align="left"><i>helping with c tuning</i></td>
</tr>
<tr>
<td valign="top" align="left"><font color="blue">[vacant]</font></td>
<td valign="top" align="left"><font color="blue"><i>Help needed on many fronts!</i></font></td>
</tr>
<tr><td colspan="4"><hr /></td></tr>
<tr>
<td valign="top" align="left" rowspan="8"><b>QA </b></td>
<td valign="top" align="left"><b>QA Lead</b></td>
<td valign="top" align="left"><font color="blue">[vacant]</font></td>
<td valign="top" align="left"><font color="blue"><i>develop test plans, manage bugs, coordinate contributors</i></font></td>
</tr>
<tr>
<td valign="top" align="left"><b>QA Dev</b></td>
<td valign="top" align="left"><font color="blue">[vacant]</font></td>
<td valign="top" align="left"><font color="blue"><i>automate unit and functional tests</i></font></td>
</tr>
<tr>
<td valign="top" align="left" rowspan="6"><b>QA Contributor</b></td>
<td valign="top" align="left">baffled</td>
<td valign="top" align="left"><i>router stress testing, bug reporting</i></td>
</tr>
<tr>
<td valign="top" align="left"><a href="/user/view/8?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">ughabugha</a></td>
<td valign="top" align="left"><i>router stress testing, bug reporting</i></td>
</tr>
<tr>
<td valign="top" align="left"><a href="/user/view/5?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">JAnonymous</a></td>
<td valign="top" align="left"><i>router stress testing, bug reporting</i></td>
</tr>
<tr>
<td valign="top" align="left"><a href="/user/view/12?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">jar</a></td>
<td valign="top" align="left"><i>router stress testing, bug reporting</i></td>
</tr>
<tr>
<td valign="top" align="left">Masterboy</td>
<td valign="top" align="left"><i>router stress testing, bug reporting</i></td>
</tr>
<tr>
<td valign="top" align="left"><font color="blue">[vacant]</font></td>
<td valign="top" align="left"><font color="blue"><i>router stress testing, bug reporting</i></font></td>
</tr>
<tr><td colspan="4"><hr /></td></tr>
<tr>
<td valign="top" align="left" rowspan="9"><b>Web </b></td>
<td valign="top" align="left"><b>Webmaster</b></td>
<td valign="top" align="left"><a href="/user/view/1?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">wilde</a></td>
<td valign="top" align="left"><i>manage web issues re: hosting, programming, etc</i></td>
</tr>
<tr>
<td valign="top" align="left"><b>Web Editor</b></td>
<td valign="top" align="left"><font color="blue">[vacant]</font></td>
<td valign="top" align="left"><font color="blue"><i>coordinate docs: whats needed, how its organized, who is working on what</i></font></td>
</tr>
<tr>
<td valign="top" align="left"><b>Web Designer</b></td>
<td valign="top" align="left">[anon]</td>
<td valign="top" align="left"><i>[working on graphics, stylesheets, layout]</i></td>
</tr>
<tr>
<td valign="top" align="left" rowspan="6"><b>Web Author</b></td>
<td valign="top" align="left"><a href="/user/view/5?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">JAnonymous</a></td>
<td valign="top" align="left"><i>getting started docs, wiki migration</i></td>
</tr>
<tr>
<td valign="top" align="left"><a href="/user/view/8?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">ughabugha</a></td>
<td valign="top" align="left"><i>wiki migration, doc cleanup</i></td>
</tr>
<tr>
<td valign="top" align="left"><a href="/user/view/7?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">duck</a></td>
<td valign="top" align="left"><i>howtos</i></td>
</tr>
<tr>
<td valign="top" align="left"><a href="/user/view/2?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">jrandom</a></td>
<td valign="top" align="left"><i>overview docs, tech docs</i></td>
</tr>
<tr>
<td valign="top" align="left"><a href="/user/view/12?PHPSESSID=b4da3536697d52410aa4b2c2c92c7a93">jar</a></td>
<td valign="top" align="left"><i>translations into French</i></td>
</tr>
<tr>
<td valign="top" align="left"><font color="blue">[vacant]</font></td>
<td valign="top" align="left"><font color="blue"><i>help with intro docs, walkthroughs, howtos, and explanatory materials needed!</i></font></td>
</tr>
</table>
<p />
<p>
We are very open to other developers who want to get involved and anyone else who would like to contribute in other ways, such as critiques, peer review, testing, writing <B style="color:black;background-color:#ffff66">I2P</B> enabled applications, or documentation. Almost everything is written in Java (1.3+), though some third party applications are being written in Python. The code generally works on <a href="http://www.kaffe.org/">Kaffe</a>, and <a href="http://gcc.gnu.org/java/">GCJ</a> support is slated for the 1.1 release.
</p>

51
styles/default.css Normal file
View File

@ -0,0 +1,51 @@
body {
font-family: Verdana, Tahoma, Helvetica, sans-serif;
margin: 1em 0em;
padding: 0em;
text-align:center;
background-color: white;
color: black;
}
div.logo {
float: left;
left: 1em;
top: 1em;
margin: 0em;
padding: .5em;
text-align: left;
}
div.menu {
/* width: 8em; */
/* height: 5em; */
/* position: fixed; */
float: left;
left: 1em;
top: 1em;
margin: 0em;
padding: .5em;
text-align: left;
border: medium solid #efefff;
background-color: #fafaff;
color: inherit;
font-size: small;
}
div.warning {
margin: 0em 1em 1em 12em;
padding: .5em 1em;
background-color: #ffefef;
border: medium solid #ffafaf;
text-align: left;
color: inherit;
}
div.main {
margin: 0em 1em 1em 12em;
padding: .5em 1em;
background-color: #ffffef;
border: medium solid #ffffd0;
text-align: left;
color: inherit;
}