20:32:31 Hi all 20:34:53 0) Hi 20:34:53 1) TODO 0.9.13-0.9.16 http://zzz.i2p/topics/1600 20:34:53 2) New transport for Tor PTs http://zzz.i2p/topics/1551 20:34:53 3) Any items that emerge from 1) 20:34:53 Post-meeting activity: Stress-testing Mumble (voice chat over I2P) 20:35:07 Title: zzz.i2p: TODO 0.9.13 - 0.9.16 (at zzz.i2p) 20:35:10 Title: zzz.i2p: Supporting Tor Pluggable Transports (at zzz.i2p) 20:35:29 0) Hi 20:35:57 Hello 20:37:37 Anyone else? 20:38:01 zzz2 orion psi kytv meeh_ 20:41:17 Hopefully some of them will turn up. 20:41:17 1) TODO 0.9.13-0.9.16 http://zzz.i2p/topics/1600 20:41:22 Title: zzz.i2p: TODO 0.9.13 - 0.9.16 (at zzz.i2p) 20:41:26 here 20:41:58 At zzz's request we started a discussion thread to propose ideas for the I2P roadmap moving forward. 20:42:27 There was a lot of chatter, but no actual consensus was reached. 20:43:14 I summarized some of the initial suggestions on the roadmap page http://trac.i2p2.i2p/wiki/Roadmaps/1.0 20:43:17 Title: Roadmaps/1.0 – I2P Bugtracker (at trac.i2p2.i2p) 20:45:01 zzz2: I see you have been getting stuck into susimail (yay) 20:46:19 yeah, fell down that rathole while we try to decide what's really important 20:52:07 I think that it was useful work, if only because there is a long-standing bug about login problems, and susimail is one of the first apps that users are going to try 20:52:08 http://trac.i2p2.i2p/ticket/747 20:52:12 Title: #747 (Login problems with Susimail) – I2P Bugtracker (at trac.i2p2.i2p) 20:54:45 str4d: ohai 20:54:47 * psi is late? 20:55:19 yes psi is 20:55:25 Nothing much has happened yet :/ 20:55:58 * psi scrolls up 20:56:07 To summarize what has been going on since the RFC was put out: 20:56:18 - zzz has worked on susimail 20:56:59 - psi has been getting his head around PTs, new DH and JNI 20:57:23 - I have been working on I2P-Bote Android, and now Java EdDSA 20:57:39 * psi has been spending the entire day fleshing out the structure of PT for i2p 20:58:59 if str4d and psi are making progress on EdDSA, 25519, and PTs, then I think the best use of my time is moving forward on new sig algo migration, e.g. multiple dests down a tunnel, and some sort of addressbook support 21:00:27 Starting build #581 for job I2P 21:01:01 whats the status of psi mtn keys and dev agreement? I've gotten nothing in the mail. 21:01:23 psi signed the dev agreement, I pushed it to the website 21:01:36 (so his pub keys are on record) 21:02:10 his key fingerprint is on there too? 21:02:32 if so I'll add him and announce it 21:03:02 my gpg fp is on my twitter 21:03:05 not the fingerprint, but the key itself is 21:03:47 it needs to be in that sample monotonerc template file. psi maybe you can do that as your first test of mtn skills? 21:04:23 Yippee, build fixed! 21:04:24 Project I2P build #581: FIXED in 3 min 55 sec: http://jenkins.killyourtv.i2p/job/I2P/581/ 21:04:36 i can get that 21:04:40 i already did that locally 21:04:53 zzz2, psi, I have updated the roadmap Gantt - http://trac.i2p2.i2p/wiki/Roadmaps/1.0 21:04:56 Title: Roadmaps/1.0 – I2P Bugtracker (at trac.i2p2.i2p) 21:05:21 the monotone key fp for my NOT transport key is "1ceb85b992114bae1bcb156ef238f8f3044a6bfe", -- ampernand@gmail.com 21:06:04 i can get my transport key fp as well 21:06:29 ok great, welcome to the team! As I tell everybody, please be careful, practice on www first 21:06:30 psi: you need to send that to eche, kytv and welt 21:06:43 +1 21:06:56 * kytv got it and is adding it to his server 21:07:08 psi, we have very precise instructions on how to do all this on the web page... :) 21:07:27 i will review that 21:07:38 e.g., send me mail (but no longer needed for you) 21:08:15 How does the Gantt roadmap look to everyone now? Are there any items that seem unrealistic, or any that are missing 21:08:16 ? 21:09:37 * psi reviews roadmap 21:09:43 Project I2P UnitTests build #528: SUCCESS in 5 min 6 sec: http://jenkins.killyourtv.i2p/job/UnitTests/528/ 21:09:57 Starting build #82 for job I2P-Android 21:09:59 zzz2: I suggest that you get the new GPG keys item out of the way sooner rather than later ;) 21:10:19 str4d, please tell us what it's telling you about what's important 21:10:33 psi: are you finding much overlap between your PTs work and NTCP2? 21:10:34 yes I'll do it before the next release, I promise 21:11:24 IMHO there are three things that are important: 21:11:32 Project I2P-Android build #82: SUCCESS in 1 min 34 sec: http://jenkins.killyourtv.i2p/job/I2P-Android/82/ 21:11:40 1) progress on the crypto upgrade - now finally getting underway 21:12:01 str4d: at the moment, i have yet to look at ntcp2 21:12:13 (continuing on from the prep work) 21:13:28 1) "now getting underway" ? I've been busting ass on it for 6 months 21:13:32 2) Audit prep - IMHO we need to get on top of our threat model etc. ASAP 21:15:33 * psi afks for 30 minutes 21:15:33 unexpected event bbl 21:15:33 i will look at scrollback later 21:16:21 There seems to be some confusion out there about "new signing crypto". It's done, it's out there in 0.9.12, it works. For destinations. 21:17:06 The "only" thing not done is migrating existing published destinations to a new one. 21:21:13 yes, which first relies on choosing a new one, which IMHO should be Ed25519, which relies on getting a fast impl. 21:21:15 And at the same time, I agree that the remaining required migration infrastructure should be implemented. 21:21:16 For years we have left it to the side and worked on what we think is beneficial to users, but IMHO if we want to start getting more research interest, and utilize it effectively, we need to be more conscious of what I2P can and cannot achieve. 21:21:17 I know you have zzz ;P 21:21:18 (I was specifically referring to the part of it involving the actual new crypto) 21:21:19 thank you for the effort you have put into getting it this far :) 21:21:20 3) Usability, UX - this is a third important point that is not on the Roadmap chart 21:21:22 Well - zzz's susimail work falls into that category, as does streaming improvements 21:21:41 But also important is reviewing our error and help pages, and how we aid the user in getting their jobs done. 21:21:41 (after my "2) Audit prep" line) 21:22:00 I need to go AFK in 10-15 mins 21:22:50 And since psi is AFK, I'm dropping "2) New transport for Tor PTs" from this meeting 21:23:55 zzz2: in your opinion, what do we need to do before organizing a meeting with Lance re: threat model? 21:24:59 * str4d would like to try for a meeting with Lance in May 21:26:04 so we need to work out what we need to do before then, so we can organize the meeting with enough time to finish that first. 21:29:27 I disagree that we first have to choose. 21:29:59 Or, that we can choose now (P256) and choose again later when more options are available. 21:30:02 [ I2P ] compile fix [zzz@mail.i2p] http://killyourtv.i2p/viewmtn/revision/info/12396c3ee88d1194482fc2cc3751db1169cc52e3 21:30:34 We could switch the default for new dests to P256 in 0.9.13 if we want. 21:30:35 zzz2: if we get to the stage where the naming system can cope with dynamic enc choices, then I agree 21:31:05 P256 is clearly better than DSA 21:31:34 I also agree there. 21:31:43 I think the P256 haters better take a step back and think about how bad DSA 1024 is. 21:32:03 [ WWW ] adding psi's transport key [kytv@mail.i2p] http://killyourtv.i2p/viewmtn/revision/info/029163d2d446f10ab1a129b559802fabac2ef8b7 21:32:52 zzz2: I understand your point. 21:33:39 re: audit and Lance, it's always a good time. you have an audit process update for us from the mailing list? 21:33:40 Part of my reason for wanting to get EdDSA working before the switch is that based on what you have said in threads before, I wouldn't look forward to switching Dest signing algo twice. 21:34:14 yes, the second time would be a bit easier because multi dest support etc. would be there, but the naming side is still the weakness. 21:34:48 for servers you don't want to switch twice, but for clients it doesnt matter 21:35:04 good point. 21:35:23 Is there anything that would prevent new Dests talking with old ones? 21:35:31 so i gather you guys are doing crypto upgrades? is there perhaps a page that goes into detail on what all you're planning? and on a 25519 implementation, you could just use nacl via jni, or kalium, tho that might be somewhat limiting 21:35:34 and even for servers, if you switch to P256 it hardly seems worth it to switch again, unless some really bad news comes out about P256 21:35:54 If not, it could be a good idea to get clients onto P256 sooner 21:36:08 new dests can talk to old and vice versa, as long as both are on 0.9.12 or later 21:36:39 zzz2: http://blog.cr.yp.to/20140323-ecdsa.html is reason enough for me to not want to stay on ECDSA 21:36:43 Title: cr.yp.to: 2014.03.23: How to design an elliptic-curve signature system (at blog.cr.yp.to) 21:37:56 not for any one single point (yet), but if we can get an effective, *correct* implementation of EdDSA, I think it would be very beneficial to switch 21:38:27 nombre_: http://trac.i2p2.i2p/ticket/856 21:38:30 Title: #856 (Crypto review/migration) – I2P Bugtracker (at trac.i2p2.i2p) 21:38:30 (and links therein) 21:38:40 thx str4d 21:38:53 nothing there tells me to delay getting rid of DSA though. There's nothing in there that makes me panic about P256 either. Is there anything better than P256? sure. 21:39:15 zzz2: no real updates as such from the OpenITP mailing list, there hasn't been much real activity lately. 21:40:38 I allowed for 65536 signing algos and I implemented 7. 65529 to go, we can add a few every release if we like. 21:43:27 zzz, I would support moving clients to p256 in 0.9.13 21:44:47 but if the server transition is still not going to be smooth, I'd rayher hold off a bit and see how EdDSA work goes. 21:45:49 as would i (not that my opinion counts for anything), nist ecdsa is better than dsa, even if some of us tinfoilers won't feel secure until its 25519 21:46:48 dest/b32 breaking is sorta a given tho yes? 21:47:13 it's taken a long time and a lot of work to get to this point, no sense rushing at the last minute 21:49:48 * RN pokes head in and looks around 21:54:36 there's 1) clients 2) new servers and 3) existing server migration. 21:54:43 1 and 2 we can do now, 3) takes a lot more work. 21:54:59 1 and 2 breaks compatibility with old routers, i2pcpp, and i2pd though, until they catch up 21:55:16 so is there someone working on finding/creating a java implementation of 25519? and whats the estimated timeframe on when it would be usable? 21:55:28 i assume with p256, its already doable because thats included in bouncy castle? 21:55:52 p256 is in the jvm 21:56:06 ah even better 21:56:17 we have 25519 java now but it's far too slow to be usable. str4d and psi are trying to speed it up 21:57:39 hmm well not knowing anything about crypto, i would think using jni would be the simplest way to speed it up. perhaps i should look into 25519 more to understand what parts of it are the bottlenecks 23:02:36 No one actually ended it when I went afk, so: 23:02:53 * str4d *baf*s the meeting closed.