propagate from branch 'i2p.www' (head c8354c923fc97e3ad8c94ea4ba561087d8f68ea8)

to branch 'i2p.www.revamp' (head 93d34f791a25a0ef2f2821afd47c2f359fd41f57)
2013-07-01 12:23:03 +00:00
parent 1061a04e18 a585aab5d2
commit c4b594d61d
17 changed files with 265 additions and 81 deletions
--- a/i2p2www/pages/downloads/list.html
+++ b/i2p2www/pages/downloads/list.html
@@ -4,13 +4,13 @@
 <h1>{{ _('Download I2P') }}</h1>

 <h3>{{ _('Dependency') }}</h3>
-<p>{% trans java='https://www.java.com/en/download/index.jsp',
+<p>{% trans java='http://java.com/download/',
 openjdk='http://openjdk.java.net/install/',
 icedtea='http://icedtea.classpath.org/wiki/Main_Page' %}
 Java Runtime 1.5 or higher.
-(<a href="{{ java }}">Oracle/Sun Java Version 6</a>,
-<a href="{{ openjdk }}">OpenJDK 6</a>, or
-<a href="{{ icedtea }}">IcedTea6</a>
+(<a href="{{ java }}">Oracle Java Version 6/7</a>,
+<a href="{{ openjdk }}">OpenJDK 6/7</a>, or
+<a href="{{ icedtea }}">IcedTea6/7</a>
 recommended)
 <br />
 <a href="http://java.com/en/download/installed.jsp?detect=jre&amp;try=1">Determine your installed Java version here</a>
@@ -140,8 +140,12 @@ or type <tt>java -version</tt> at your command prompt.
    </div>
  </div>
  <div class="details">
-    {% trans monotoneurl=site_url('get-involved/guides/new-developers'), i2pversion=ver() -%}
-    Alternately, you can fetch the source from <a href="{{ monotoneurl }}#getting-the-i2p-code">monotone</a>.
+    {% trans monotoneurl=site_url('get-involved/guides/new-developers'),
+             gitrepo='http://git.repo.i2p/w/i2p.i2p.git',
+             github='https://github.com/i2p/i2p.i2p',
+             i2pversion=ver() -%}
+    Alternately, you can fetch the source from <a href="{{ monotoneurl }}#getting-the-i2p-code">monotone</a>
+    or via Git from <a href="{{ gitrepo }}">git.repo.i2p</a> or <a href="{{ github }}">Github</a>.
    <br />
    Run <code>(tar xjvf i2psource_{{ i2pversion }}.tar.bz2 ; cd i2p-{{ i2pversion }} ; ant pkg)</code> then either
    run the GUI installer or headless install as above.
--- a/i2p2www/pages/site/docs/how/network-database.html
+++ b/i2p2www/pages/site/docs/how/network-database.html
@@ -309,7 +309,15 @@ The SHA256 hash of the key being looked up or stored is XOR-ed with
 the hash of the router in question to determine closeness.
 A modification to this algorithm is done to increase the costs of <a href="#sybil-partial">Sybil attacks</a>.
 Instead of the SHA256 hash of the key being looked up of stored, the SHA256 hash is taken
-of the key appended with the date: yyyyMMdd (SHA256(key + yyyyMMdd).
+of the 32-byte binary key appended with the UTC date represented as an 8-byte ASCII string yyyyMMdd, i.e. SHA256(key + yyyyMMdd).
+This is called the "routing key", and it changes every day at midnight UTC.
+The daily transformation of the DHT is sometimes called "keyspace rotation",
+although it isn't strictly a rotation.
+{%- endtrans %}</p>
+
+<p>{% trans -%}
+Routing keys are never sent on-the-wire in any I2NP message, they are only used locally for
+determination of distance.
 {%- endtrans %}</p>


@@ -332,6 +340,28 @@ This allows an initial response, and later responses, to be sent to an appropria
 without requiring any LeaseSet lookups, or requiring the communicating Destinations to have published LeaseSets at all.
 {%- endtrans %}</p>

+<h3>Floodfill Selection</h3>
+<p>{% trans -%}
+The DatabaseStoreMessage should be sent to the floodfill that is closest
+to the current routing key for the RouterInfo or LeaseSet being stored.
+Currently, the closest floodfill is found by a search in the local database.
+Even if that floodfill is not actually closest, it will flood it "closer" by
+sending it to multiple other floodfills.
+This provides a high degree of fault-tolerance.
+{%- endtrans %}</p>
+
+<p>{% trans -%}
+In traditional Kademlia, a peer would do a "find-closest" search before inserting
+an item in the DHT to the closest target. As the verify operation will tend to
+discover closer floodfills if they are present, a router will quickly improve
+its knowledge of the DHT "neighborhood" for the RouterInfo and LeaseSets it regularly publishes.
+While I2NP does not define a "find-closest" message, if it becomes necessary,
+a router may simply do an iterative search for a key with the least significant bit flipped
+(i.e. key ^ 0x01) until no closer peers are received in the DatabaseSearchReplyMessages.
+This ensures that the true closest peer will be found even if a more-distant peer had
+the netdb item.
+{%- endtrans %}</p>
+

 <h3>{% trans %}RouterInfo Storage to Floodfills{% endtrans %}</h3>
 <p>{% trans i2np=site_url('docs/protocol/i2np') -%}
@@ -372,12 +402,15 @@ This message is sent back to one of the client's inbound tunnels.
 After a floodfill router receives a DatabaseStoreMessage containing a
 valid RouterInfo or LeaseSet which is newer than that previously stored in its
 local NetDb, it "floods" it.
-To flood a NetDb entry, it looks up the 7 floodfill routers closest to the key
-of the NetDb entry. (The key is the SHA256 Hash of the RouterIdentity or Destination with the date (yyyyMMdd) appended.)
+To flood a NetDb entry, it looks up several (currently 4) floodfill routers closest to the routing key
+of the NetDb entry. (The routing key is the SHA256 Hash of the RouterIdentity or Destination with the date (yyyyMMdd) appended.)
+By flooding to those closest to the key, not closest to itself, the floodfill ensures that the storage
+gets to the right place, even if the storing router did not have good knowledge of the
+DHT "neighborhood" for the routing key.
 {%- endtrans %}</p>

 <p>{% trans i2np=site_url('docs/protocol/i2np') -%}
-It then directly connects to each of the 7 peers
+The floodfill then directly connects to each of those peers
 and sends it a <a href="{{ i2np }}">I2NP</a> DatabaseStoreMessage
 with a zero Reply Token. The message is not end-to-end garlic encrypted,
 as this is a direct connection, so there are no intervening routers
@@ -658,6 +691,19 @@ to the target key, or to each other.

 <p>{% trans -%}
 This attack becomes more difficult as the network size grows.
+However, recent research demonstrates that the keyspace rotation is not particularly effective.
+An attacker can precompute numerous router hashes in advance,
+and only a few routers are sufficient to "eclipse" a portion
+of the keyspace within a half hour after rotation.
+{%- endtrans %}</p>
+
+<p>{% trans -%}
+One consequence of daily keyspace rotation is that the distributed network database
+may become unreliable for a few minutes after the rotation --
+lookups will fail because the new "closest" router has not received a store yet.
+The extent of the issue, and methods for mitigation
+(for example netdb "handoffs" at midnight)
+are a topic for further study.
 {%- endtrans %}</p>

 <p>{% trans -%}
--- a/i2p2www/pages/site/docs/protocol/i2np.html
+++ b/i2p2www/pages/site/docs/protocol/i2np.html
@@ -1,7 +1,7 @@
 {% extends "global/layout.html" %}
 {% block title %}I2NP{% endblock %}
-{% block lastupdated %}{% trans %}August 2010{% endtrans %}{% endblock %}
-{% block accuratefor %}0.8{% endblock %}
+{% block lastupdated %}{% trans %}June 2013{% endtrans %}{% endblock %}
+{% block accuratefor %}0.9.6{% endblock %}
 {% block content %}
 <h2>{% trans %}I2P Network Protocol{% endtrans %} (I2NP)</h2>
 <p>{% trans -%}
@@ -20,16 +20,11 @@ through multiple hops to the ultimate destination.
 Priority is only used locally at the origin, i.e. when queuing for outbound delivery.
 {%- endtrans %}</p>

-<p>{% trans -%}
-Both the NTCP and UDP transports implement priority transmission,
-but in quite different manners.
-UDP has complex code with queues for each priority, however it treats
-messages with priorities 400-499, for example, the same.
-(The priority queues are 100, 200, 300, 400, 500, and 1000)
-These are global queues for all peers.
-NTCP has a trivial linear search for the highest priority within
-each buffer for a particular peer.
-This is much less effective.
+<p>{% trans outnetmessage='http://docs.i2p-projekt.de/javadoc/net/i2p/router/OutNetMessage.html' -%}
+The priorities listed below may not be current and are subject to change.
+See the <a href="{{ outnetmessage }}">OutNetMessage Javadocs</a>
+for the current priority settings.
+Priority queueing implementation may vary.
 {%- endtrans %}</p>

 <h3>{% trans %}Message Format{% endtrans %}</h3>
@@ -104,13 +99,8 @@ which is wrapped in a DataMessage.
 DatabaseLookupMessage
 <td align=right>2
 <td>&nbsp;
-<td align=right>100/400
-<td>{% trans -%}
-400 normally; 100 if from HarvesterJob and sent directly;
-400 for a router lookup
-{%- endtrans %}</td>
-</tr>
-
+<td align=right>500
+<td>{% trans %}May vary{% endtrans %}</td>
 <tr><td>
 DatabaseSearchReplyMessage
 <td align=right>3
@@ -126,9 +116,9 @@ three floodfill routers are returned.
 DatabaseStoreMessage
 <td align=right>1
 <td align=right>{% trans %}Varies{% endtrans %}</td>
-<td align=right>100/400
+<td align=right>460
 <td>{% trans -%}
-Usually 100 (why?)
+Priority may vary.
 Size is 898 bytes for a typical 2-lease leaseSet.
 RouterInfo structures are compressed, and size varies; however
 there is a continuing effort to reduce the amount of data published in a RouterInfo
@@ -140,8 +130,10 @@ as we approach release 1.0.
 DataMessage
 <td align=right>20
 <td align=right>4 - 62080
-<td align=right>400
-<td>
+<td align=right>425
+<td>{% trans -%}
+Priority may vary on a per-destination basis
+{%- endtrans %}</td>
 </tr>

 <tr><td>
@@ -167,8 +159,8 @@ but when unwrapped, given a priority of 100 by the forwarding router
 <a href="{{ site_url('docs/spec/tunnel-creation') }}#tunnelCreate.requestRecord">TunnelBuildMessage</a>
 <td align=right>21
 <td align=right>4224
-<td align=right>300/500
-<td>{% trans %}Usually 500 (why?){% endtrans %}</td>
+<td align=right>500
+<td>
 </tr>

 <tr><td>
@@ -203,7 +195,7 @@ TunnelGatewayMessage
 VariableTunnelBuildMessage
 <td align=right>23
 <td align=right>1057 - 4225
-<td align=right>300/500
+<td align=right>500
 <td>{% trans %}Shorter TunnelBuildMessage as of 0.7.12{% endtrans %}</td>
 </tr>

--- a/i2p2www/pages/site/docs/spec/i2np.html
+++ b/i2p2www/pages/site/docs/spec/i2np.html
@@ -519,6 +519,8 @@ data:
 <h4>Notes</h4>
 <ul><li>
 For security, the reply fields are ignored if the message is received down a tunnel.
+</li><li>
+The key is the "real" hash of the RouterIdentity or Destination, NOT the routing key.
 </li></ul>


@@ -622,28 +624,33 @@ excludedPeers ::

 reply_key ::
     32 byte SessionKey
-     only included if encryptionFlag == 1
+     only included if encryptionFlag == 1, only as of release 0.9.7

 tags ::
     1 byte Integer
     valid range: 1-32 (typically 1)
     the number of reply tags that follow
-     only included if encryptionFlag == 1
+     only included if encryptionFlag == 1, only as of release 0.9.7

 reply_tags ::
     one or more 32 byte SessionTags (typically one)
-     only included if encryptionFlag == 1
+     only included if encryptionFlag == 1, only as of release 0.9.7

 {% endhighlight %}

 <h4>Notes</h4>
 <ul><li>
-Encryption flag, reply key, and reply tags are preliminary, not yet implemented.
+The key may be for a RouterInfo or LeaseSet, as they are in the same key space,
+and there is no flag to request only a particular type of data.
+</li><li>
+Encryption flag, reply key, and reply tags as of release 0.9.7.
 </li><li>
 Encrypted replies are only useful when the response is through a tunnel.
 </li><li>
 The number of included tags could be greater than one if alternative DHT lookup strategies
 (for example, recursive lookups) are implemented.
+</li><li>
+The lookup key and exclude keys are the "real" hashes, NOT routing keys.
 </li></ul>


@@ -700,12 +707,11 @@ key ::

 num ::
    1 byte Integer
-    number of peer hashes that follow
+    number of peer hashes that follow, 0-255

-peer_hash ::
+peer_hash ($num entries) ::
          32 bytes
-          SHA256 of the RouterInfo that the other router thinks are close to the key
-          $num entries
+          SHA256 of the RouterIdentity that the other router thinks is close to the key

 from ::
     32 bytes
@@ -713,9 +719,19 @@ from ::
 {% endhighlight %}

 <h4>Notes</h4>
-<p>
+<ul><li>
  The 'from' hash is unauthenticated and cannot be trusted.
-</p>
+</li><li>
+  The returned peer hashes are not necessarily closer to the key
+  than the router being queried.
+</li><li>
+  Typical number of hashes returned: 3
+</li><li>
+The lookup key, peer hashes, and from hash are "real" hashes, NOT routing keys.
+</li>
+
+
+

 <h3 id="msg_DeliveryStatus">DeliveryStatus</h3>
 <h4>Description</h4>
--- a/i2p2www/pages/site/docs/spec/ssu.html
+++ b/i2p2www/pages/site/docs/spec/ssu.html
@@ -1,6 +1,6 @@
 {% extends "global/layout.html" %}
 {% block title %}SSU Protocol Specification{% endblock %}
-{% block lastupdated %}May 2013{% endblock %}
+{% block lastupdated %}June 2013{% endblock %}
 {% block accuratefor %}0.9.6{% endblock %}
 {% block content %}

@@ -35,8 +35,9 @@ key.  The specific construct of the MAC is the first 16 bytes from:</p>
 </pre>
 where '||' means append.
 The payload is the message starting with the flag byte.
-The macKey is either the introduction key or the
-session key, as specified for each message below.
+The macKey is either the introduction key or is constructed from the
+exchanged DH key (see details below), as specified for each message below.
+Note that protocolVersion is 0, so the exclusive or is a no-op.
 <b>WARNING</b> - the HMAC-MD5-128 used here is non-standard,
 see <a href="{{ site_url('docs/how/cryptography') }}#udp">the cryptography page</a> for details.

@@ -52,6 +53,48 @@ and is currently set to 0.  Peers using a different protocol version will
 not be able to communicate with this peer, though earlier versions not
 using this flag are.</p>

+<h3>Session Key Details</h3>
+The 32-byte session key is created as follows:
+<ol><li>
+Take the exchanged DH key, represented as a positive minimal-length BigInteger byte array (two's complement big-endian)
+</li><li>
+If the most significant bit is 1 (i.e. array[0] & 0x80 != 0),
+prepend a 0x00 byte, as in Java's BigInteger.toByteArray() representation
+</li><li>
+If the byte array is greater than or equal to 32 bytes, use the first (most significant) 32 bytes
+</li><li>
+If the byte array is less than 32 bytes, append 0x00 bytes to extend to 32 bytes.
+<i>Won't happen - See note below</i>
+</li></ol>
+
+<h3>MAC Key Details</h3>
+The 32-byte MAC key is created as follows:
+<ol><li>
+Take the exchanged DH key byte array, prepended with a 0x00 byte if necessary,
+from step 2 in the Session Key Details above.
+</li><li>
+If that byte array is greater than or equal to 64 bytes, the MAC key is
+bytes 33-64 from that byte array.
+</li><li>
+If that byte array is greater than 32 bytes but less than 64 bytes, the MAC key is formed from
+the bytes starting at byte 33, followed by 0x00 bytes to extend the MAC key to 32 bytes.
+<i>Broken - See note below</i>
+</li><li>
+If that byte array is equal to 32 bytes, the MAC key is all zeros.
+<i>Broken - See note below</i>
+</li><li>
+If that byte array is less than 32 bytes, the MAC key is the SHA-256 Hash of the 32-bytes
+from step 3 in the Session Key Details above.
+<i>See note below</i>
+</li></ol>
+Important note: It appears that the existing code is buggy and does not correctly handle DH key byte arrays
+between 32 and 63 bytes (steps 3 and 4 above) and the connection will fail.
+As these cases won't ever work, they are subject to change (probably using SHA-256).
+Since the nominal exchanged DH key is 256 bytes, the chances of the mininimal representation
+being less than 64 bytes is vanishingly small.
+
+
+<h3>Header Format</h3>
 <p>Within the AES encrypted payload, there is a minimal common structure
 to the various messages - a one byte flag and a four byte sending 
 timestamp (seconds since the unix epoch).  The flag byte contains 
@@ -117,6 +160,12 @@ provide a significant amount of protection.
 In the future, additional padding in the transport layer up to
 a set of fixed packet sizes may be appropriate to further hide the data 
 fragmentation to external adversaries.
+</p><p>
+Through release 0.9.6, messages were only padded to the next 16 byte boundary,
+and messages not a multiple of 16 bytes could possibly be invalid.
+As of release 0.9.7, messages may be padded to any length as long as the current MTU is honored.
+Any extra 1-15 padding bytes beyond the last block of 16 bytes cannot be encrypted or decrypted and will be ignored.
+However, the full length and all padding is included in the MAC calculation.
 </p>


@@ -412,7 +461,7 @@ Signed-on time appears to be unused or unverified in the current implementation.
 <h3 id="sessionDestroyed">SessionDestroyed (type 8)</h3>
 <p>
 The Session Destroyed message was implemented (reception only) in release 0.8.1,
-and is never sent. Transmission implemented as of release 0.8.9.
+and is sent as of release 0.8.9.
 </p>

 <table border="1">
@@ -752,6 +801,10 @@ While we use the I2NP message ID as the SSU message ID, from the SSU
 protocol view, they are random numbers.
 In fact, since the router uses a single Bloom filter for all peers,
 the message ID must be an actual random number.
+</li><li>
+Because there are no sequence numbers, there is no way to be sure an ACK was received.
+The current implementation routinely sends a large amount of duplicate ACKs.
+Duplicate ACKs should not be taken as an indication of congestion.
 </li></ul>


--- a/i2p2www/pages/site/docs/spec/tunnel-creation.html
+++ b/i2p2www/pages/site/docs/spec/tunnel-creation.html
@@ -85,6 +85,7 @@ message ID that the message (or reply) should use.</p>
 Bit 7 indicates that the hop will be an inbound gateway (IBGW).
 Bit 6 indicates that the hop will be an outbound endpoint (OBEP).
 If neither bit is set, the hop will be an intermediate participant.
+Both cannot be set at once.

 <h4>Request Record Creation</h4>
 <p>
@@ -120,7 +121,7 @@ for the hop in question.

 <p>When a hop receives a TunnelBuildMessage, it looks through the
 records contained within it for one starting with their own identity
-hash (trimmed to 8 bytes).  It then decrypts the ElGamal block from
+hash (trimmed to 16 bytes).  It then decrypts the ElGamal block from
 that record and retrieves the protected cleartext.  At that point,
 they make sure the tunnel request is not a duplicate by feeding the 
 AES-256 reply key into a bloom filter.
--- a/i2p2www/pages/site/get-involved/bounties/netdb.html
+++ b/i2p2www/pages/site/get-involved/bounties/netdb.html
@@ -66,17 +66,36 @@ still maintain an unlimited search horizon.
  <dt><b>Investigate refactoring</b></dt>
  <dd>Investigate I2P NetDB refactoring strategy.</dd>

-  <dt><b>Investigate multirouter</b></dt>
-  <dd>Investigate the maturity of multirouter, which will simplify development tremendously.</dd>
+  <dt><b>Investigate and fix MultiRouter</b></dt>
+  <dd>Investigate the usability of MultiRouter, and fix issues found. MultiRouter will simplify further development.</dd>
+
+  <dt><b>Select base implementation</b></dt>
+  <dd>i2p.zzz.kademlia / i2psnarkdht is the most likely base implementation.</dd>
+ </dl>
+</td>
+<td><p><a href="http://trac.i2p2.de/changeset/0f0a99298bfbd4652d3dad2885ee1f0e1472c156">Trac</a></p></td>
+<td><p>162.5&euro;</p></td>
+</tr>
+
+
+<tr>
+<td><h4>Begin implementation of the most basic DHT</h4></td>
+<td>
+ <dl>
+  <dt><b>Investigate I2CP</b></dt>
+  <dd>Investigate and design/select an I2NP message.</dd>
+
+  <dt><b>Implement iterative DHT lookups</b></dt>
+  <dd>Implement support for iterative DHT lookups</dd>

-  <dt><b>More to come</b></dt>
-  <dd>...</dd>
 </dl>
 </td>
 <td><p>None yet</p></td>
-<td><p>162.5&euro;</p></td>
+<td><p>325&euro;</p></td>
 </tr>

+
+
 <tr>
 <td><h4>More to come</h4></td>
 <td>...</td>
--- a/i2p2www/pages/site/get-involved/develop/license-agreements.html
+++ b/i2p2www/pages/site/get-involved/develop/license-agreements.html
@@ -769,5 +769,29 @@ QUamNO18hBy7N/YdF2DPoV41ntobkM+kVfmR0jLCbiNjisMg1eO8mQ1ynY4Kf2F1
 =7u31
 -----END PGP SIGNATURE-----

+digit:
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Applicable to the code I contribute to the I2P project,
+I hereby state that:
+
+* Unless marked otherwise, all code I commit is implicitly licensed under the component's primary license
+* If specified in the source, the code may be explicitly licensed under one of the component's alternate licenses
+* I have the right to release the code I commit under the terms I am committing it
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.20 (MingW32)
+
+iQEcBAEBAgAGBQJRzgXbAAoJEAhQLmhPD07oWTkH/0nonFM5g0gw5SlqLKTxuBal
+OMomT+4+FFaCDgXOSXnnlw38no7c234LeKpuvlr0LLxjiRdfcsnnuvqIWmeeY4cq
+m3w6xGI+wNO2c/FYwTVumJO165sPc0Rg3b8d+zdUBncactRMdxcWUJTSHPdNzW2/
+tmtChmVft6SOj+qgBQEMW0IjYm/4+vg4NEO4OAg8ncogea8dubpIFJjE2UbSr7dE
+jkBoHiRXn4EN20Id4puCwXQK4QbbGwJGlKAUPgZXMd7nLqu9MljwLDkDWBMY9nRl
+Zf9i4Wqw8wKgkWIIbZ2+V+zP83FLcX6ga+GMr8tf/bwWjSe1PN7mZAQlPB4p8Qc=
+=NxxT
+-----END PGP SIGNATURE-----
+
+
 </pre>
 {% endblock %}
--- a/www.i2p2/pages/translations/download_ar.html
+++ b/www.i2p2/pages/translations/download_ar.html
@@ -4,9 +4,9 @@
 <h1>تحميل I2P</h1>      
 <h3>المتطلبات البرمجية</h3>
 اصدار 1.5 من Java Runtime (أو أعلى)
-(<a href="http://java.com/download/">Oracle/Sun Java Version 6</a>,
-<a href="http://openjdk.java.net/install/">OpenJDK 6</a>, or
-<a href="http://icedtea.classpath.org/wiki/Main_Page">IcedTea6</a>
+(<a href="http://java.com/download/">Oracle Java Version 6/7</a>,
+<a href="http://openjdk.java.net/install/">OpenJDK 6/7</a>, or
+<a href="http://icedtea.classpath.org/wiki/Main_Page">IcedTea6/7</a>
 منصوح بهم)
 <br>
 <a href="http://java.com/en/download/installed.jsp?detect=jre&try=1">اعرف نسخة الجافا المثبتة لديك من هنا</a>
--- a/www.i2p2/pages/translations/download_cs.html
+++ b/www.i2p2/pages/translations/download_cs.html
@@ -3,7 +3,7 @@
 {% block content %}
 <h1>Stáhnout I2P</h1>      
 <h3>Požadavky pro instalaci</h3>
-<a href="http://java.com/download/">Sun Java</a> 1.5 nebo novější (doporučená verze <a href="http://java.com/download/">Sun Java 1.6</a>), nebo ekvivalentní JRE.
+<a href="http://java.com/download/">Oracle Java</a> 1.5 nebo novější (doporučená verze <a href="http://java.com/download/">Oracle Java 6/7</a>), nebo ekvivalentní JRE.
 <br>
 Svou aktuální nainstalovanou verzi Javy si můžete ověřit <a href="http://java.com/en/download/installed.jsp?detect=jre&try=1">na této stránce</a>
 nebo z příkazové řádky pomocí příkazu <tt>java -version</tt>
@@ -55,7 +55,8 @@ bf7d11f0a36acff9cd51ad3ef89d66975b0b0de344ca72719a5576159ec965d1
    (SHA256
 fd2aa881d68b3164c43de9d91dcb04a93a36228d416582ada14ae40031436d18
     <a href="http://mirror.i2p2.de/i2psource_0.9.6.tar.bz2.sig">sig</a>)<br />
-    Alternativně lze zdrojový kód stáhnout <a href="newdevelopers#getting-the-i2p-code">z repozitáře monotone</a>.<br/>
+    Alternativně lze zdrojový kód stáhnout <a href="newdevelopers#getting-the-i2p-code">z repozitáře monotone</a>
+    <a href="http://git.repo.i2p/w/i2p.i2p.git">git.repo.i2p</a> <a href="https://github.com/i2p/i2p.i2p">Github</a>.<br/>
    Spusťte sestavení programu příkazem <code>(tar xjvf i2psource_0.9.6.tar.bz2 ; cd i2p-0.9.6 ; ant pkg)</code> a potom 
    spusťte grafický instalační program nebo instalaci z příkazové řádky (viz výše).</li>
 </ul>
--- a/www.i2p2/pages/translations/download_de.html
+++ b/www.i2p2/pages/translations/download_de.html
@@ -4,9 +4,9 @@
 <h1>Download I2P</h1>      
 <h3>Abh&auml;ngigkeiten</h3>
 Java Runtime 1.5 oder neuer.
-(<a href="http://java.com/download/">Oracle/Sun Java Version 6</a>,
-<a href="http://openjdk.java.net/install/">OpenJDK 6</a>, oder
-<a href="http://icedtea.classpath.org/wiki/Main_Page">IcedTea6</a>
+(<a href="http://java.com/download/">Oracle Java Version 6/7</a>,
+<a href="http://openjdk.java.net/install/">OpenJDK 6/7</a>, oder
+<a href="http://icedtea.classpath.org/wiki/Main_Page">IcedTea6/7</a>
 recommended)
 <br>
 <a href="http://java.com/de/download/installed.jsp?detect=jre&try=1">Bestimme hier deine Java Version</a>
@@ -60,7 +60,8 @@ bf7d11f0a36acff9cd51ad3ef89d66975b0b0de344ca72719a5576159ec965d1
    (SHA256
 fd2aa881d68b3164c43de9d91dcb04a93a36228d416582ada14ae40031436d18
     <a href="http://mirror.i2p2.de/i2psource_0.9.6.tar.bz2.sig">sig</a>)<br />
-    Alternativ kannst Du den Quelltext aus <a href="newdevelopers_de#getting-the-i2p-code">Monotone</a> kopieren.
+    Alternativ kannst Du den Quelltext aus <a href="newdevelopers_de#getting-the-i2p-code">Monotone</a>
+    <a href="http://git.repo.i2p/w/i2p.i2p.git">git.repo.i2p</a> <a href="https://github.com/i2p/i2p.i2p">Github</a> kopieren.<br/>
    <br/>
    F&uuml;hre folgendes aus: <code>(tar xjvf i2psource_0.9.6.tar.bz2 ; cd i2p_0.9.6 ; ant pkg)</code> 
    und starte dann den GUI Installer oder die headless Installation wie oben beschrieben</li>
--- a/www.i2p2/pages/translations/download_el.html
+++ b/www.i2p2/pages/translations/download_el.html
@@ -4,9 +4,9 @@
 <h1>Ληψη I2P</h1>
 <h3>Εξάρτηση</h3>
 Java Runtime 1.5 ή νεότερο.
-(<a href="http://java.com/download/">Oracle/Sun Java Version 6</a>,
-<a href="http://openjdk.java.net/install/">OpenJDK 6</a>, ή
-<a href="http://icedtea.classpath.org/wiki/Main_Page">IcedTea6</a>
+(<a href="http://java.com/download/">Oracle Java Version 6/7</a>,
+<a href="http://openjdk.java.net/install/">OpenJDK 6/7</a>, ή
+<a href="http://icedtea.classpath.org/wiki/Main_Page">IcedTea6/7</a>
 συνιστάται)
 <br />
 <a href="http://java.com/en/download/installed.jsp?detect=jre&amp;try=1">Βρείτε την έκδοση Java που έχετε εδώ</a>
@@ -61,7 +61,8 @@ bf7d11f0a36acff9cd51ad3ef89d66975b0b0de344ca72719a5576159ec965d1
    (SHA256
 fd2aa881d68b3164c43de9d91dcb04a93a36228d416582ada14ae40031436d18
     <a href="http://mirror.i2p2.de/i2psource_0.9.6.tar.bz2.sig">sig</a>)<br />
-    Εναλλακτικά, μπορείτε να πάρετε τον πηγαίο κώδικα από το <a href="newdevelopers#getting-the-i2p-code">monotone</a>.
+    Εναλλακτικά, μπορείτε να πάρετε τον πηγαίο κώδικα από το <a href="newdevelopers#getting-the-i2p-code">monotone</a>
+    <a href="http://git.repo.i2p/w/i2p.i2p.git">git.repo.i2p</a> <a href="https://github.com/i2p/i2p.i2p">Github</a>.
    <br />
    Εκτελέστε <code>(tar xjvf i2psource_0.9.6.tar.bz2 ; cd i2p-0.9.6 ; ant pkg)</code> και μετά
    είτε τρέξτε την εγκατάσταση με γραφικό περιβάλλον είτε από τη γραμμή εντολών όπως παραπάνω.
--- a/www.i2p2/pages/translations/download_es.html
+++ b/www.i2p2/pages/translations/download_es.html
@@ -4,9 +4,9 @@
 <h1>Descargar I2P</h1>      
 <h3>Dependencias</h3>
 Java Runtime 1.5 o superior.
-(<a href="http://java.com/download/">Oracle/Sun Java Versión 6</a>,
-<a href="http://openjdk.java.net/install/">OpenJDK 6</a>, o
-<a href="http://icedtea.classpath.org/wiki/Main_Page">IcedTea6</a>
+(<a href="http://java.com/download/">Oracle Java Versión 6/7</a>,
+<a href="http://openjdk.java.net/install/">OpenJDK 6/7</a>, o
+<a href="http://icedtea.classpath.org/wiki/Main_Page">IcedTea6/7</a>
 recomendado)
 <br>
 <a href="http://java.com/en/download/installed.jsp?detect=jre&try=1">Determina aquí tu versión instalada de Java</a>
@@ -60,7 +60,8 @@ bf7d11f0a36acff9cd51ad3ef89d66975b0b0de344ca72719a5576159ec965d1
    (SHA256
 fd2aa881d68b3164c43de9d91dcb04a93a36228d416582ada14ae40031436d18
     <a href="http://mirror.i2p2.de/i2psource_0.9.6.tar.bz2.sig">sig</a>)<br />
-    De forma alternativa, puedes obtener las fuentes usando <a href="newdevelopers#getting-the-i2p-code">monotone</a>.
+    De forma alternativa, puedes obtener las fuentes usando <a href="newdevelopers#getting-the-i2p-code">monotone</a>
+    <a href="http://git.repo.i2p/w/i2p.i2p.git">git.repo.i2p</a> <a href="https://github.com/i2p/i2p.i2p">Github</a>.
    <br/>
    Ejecuta <code>tar xjvf i2psource_0.9.6.tar.bz2 ; cd i2p-0.9.6 ; ant pkg ;</code> después puedes arrancar el instalador gráfico o bien hacer la instalación desde la línea de comandos descritas anteriormente.</li>
 </ul>
--- a/www.i2p2/pages/translations/download_fr.html
+++ b/www.i2p2/pages/translations/download_fr.html
@@ -5,9 +5,9 @@ Traduction de juillet 2011. <a href="download.html">Version anglaise actuelle</a
 <h1>Télécharger I2P</h1> 
 <h3>Prérequis</h3>
 Java Runtime 1.5 ou plus récent.
-(<a href="http://java.com/download/">Oracle/Sun Java Version 6</a>,
-<a href="http://openjdk.java.net/install/">OpenJDK 6</a>, ou
-<a href="http://icedtea.classpath.org/wiki/Main_Page">IcedTea6</a>
+(<a href="http://java.com/download/">Oracle Java Version 6/7</a>,
+<a href="http://openjdk.java.net/install/">OpenJDK 6/7</a>, ou
+<a href="http://icedtea.classpath.org/wiki/Main_Page">IcedTea6/7</a>
 recommandé)
 <br>
 <a href="http://java.com/en/download/installed.jsp?detect=jre&try=1">Déterminez la version de Java installée</a>
@@ -57,7 +57,8 @@ ou tapez <tt>java -version</tt> à l'invite de commande.
    <a href="http://mirror.i2p2.de/i2psource_0.9.6.tar.bz2">i2psource_0.9.6.tar.bz2</a>
    (SHA256 fd2aa881d68b3164c43de9d91dcb04a93a36228d416582ada14ae40031436d18
     <a href="http://mirror.i2p2.de/i2psource_0.9.6.tar.bz2.sig">sig</a>)<br />
-    Vous pouvez si vous préférez récupérer les sources sur  <a href="newdevelopers#getting-the-i2p-code">monotone</a>.
+    Vous pouvez si vous préférez récupérer les sources sur  <a href="newdevelopers#getting-the-i2p-code">monotone</a>
+    <a href="http://git.repo.i2p/w/i2p.i2p.git">git.repo.i2p</a> <a href="https://github.com/i2p/i2p.i2p">Github</a>.
    <br/>
    Exécuter <code>(tar xjvf i2psource_0.9.6.tar.bz2 ; cd i2p-0.9.6 ; ant pkg)</code> puis, soit
    lancer l'installeur graphique, soit passer par la ligne de commande.</li>
--- a/www.i2p2/pages/translations/download_ru.html
+++ b/www.i2p2/pages/translations/download_ru.html
@@ -6,7 +6,7 @@

 <h3>Требования для установки</h3>

-<a href="http://java.com/download/">Sun Java</a> 1.5 или новее (рекомендуется <a href="http://java.com/download/">Sun Java 1.6</a>), либо иная совместимая JRE.
+<a href="http://java.com/download/">Oracle Java</a> 1.5 или новее (рекомендуется <a href="http://java.com/download/">Oracle Java 6/7</a>), либо иная совместимая JRE.
 <br>
 Узнать, какая версия Java установлена на Вашем компьютере можно <a href="http://java.com/en/download/installed.jsp?detect=jre&try=1">на этой странице</a>, либо набрав в командной строке <tt>java -version</tt>

@@ -62,7 +62,8 @@ bf7d11f0a36acff9cd51ad3ef89d66975b0b0de344ca72719a5576159ec965d1
 fd2aa881d68b3164c43de9d91dcb04a93a36228d416582ada14ae40031436d18
    <a href="http://mirror.i2p2.de/i2psource_0.9.6.tar.bz2.sig">sig</a>)<br />
    
-    (Как вариант, можете скачать текущий исходный код из <a href="newdevelopers#getting-the-i2p-code">monotone-репозитория</a>.)
+    (Как вариант, можете скачать текущий исходный код из <a href="newdevelopers#getting-the-i2p-code">monotone-репозитория</a>
+     <a href="http://git.repo.i2p/w/i2p.i2p.git">git.repo.i2p</a> <a href="https://github.com/i2p/i2p.i2p">Github</a>.)
    <br/>
    Запустите процесс сборки <code>(tar xjvf i2psource_0.9.6.tar.bz2 ; cd i2p-0.9.6 ; ant pkg)</code>, затем воспользуйтесь собранным инсталлятором в графическом или консольном режиме (см. предыдущие способы установки). 
 </li>
--- a/www.i2p2/pages/translations/download_zh.html
+++ b/www.i2p2/pages/translations/download_zh.html
@@ -3,8 +3,8 @@
 {% block content %}
 <h1>下载 I2P</h1>      
 <h3>依赖关系</h3>
-<a href="http://java.com/zh_CN/download/">Sun Java</a> 1.5 或更高版本，或等效的 JRE。
-(推荐使用 <a href="http://java.com/zh_CN/download/">Sun Java 1.6</a>) 
+<a href="http://java.com/zh_CN/download/">Oracle Java</a> 1.5 或更高版本，或等效的 JRE。
+(推荐使用 <a href="http://java.com/zh_CN/download/">Oracle Java 6/7</a>) 
 <br>
 确定您安装的 Java 版本可以<a href="http://java.com/zh_CN/download/installed.jsp?detect=jre&try=1">点这里</a> 
 或在命令行中输入 <tt>java -version</tt> 。
--- a/www.i2p2/pages/translations/license-agreements_de.html
+++ b/www.i2p2/pages/translations/license-agreements_de.html
@@ -753,5 +753,28 @@ QUamNO18hBy7N/YdF2DPoV41ntobkM+kVfmR0jLCbiNjisMg1eO8mQ1ynY4Kf2F1
 =7u31
 -----END PGP SIGNATURE-----

+digit:
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Applicable to the code I contribute to the I2P project,
+I hereby state that:
+
+* Unless marked otherwise, all code I commit is implicitly licensed under the component's primary license
+* If specified in the source, the code may be explicitly licensed under one of the component's alternate licenses
+* I have the right to release the code I commit under the terms I am committing it
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.20 (MingW32)
+
+iQEcBAEBAgAGBQJRzgXbAAoJEAhQLmhPD07oWTkH/0nonFM5g0gw5SlqLKTxuBal
+OMomT+4+FFaCDgXOSXnnlw38no7c234LeKpuvlr0LLxjiRdfcsnnuvqIWmeeY4cq
+m3w6xGI+wNO2c/FYwTVumJO165sPc0Rg3b8d+zdUBncactRMdxcWUJTSHPdNzW2/
+tmtChmVft6SOj+qgBQEMW0IjYm/4+vg4NEO4OAg8ncogea8dubpIFJjE2UbSr7dE
+jkBoHiRXn4EN20Id4puCwXQK4QbbGwJGlKAUPgZXMd7nLqu9MljwLDkDWBMY9nRl
+Zf9i4Wqw8wKgkWIIbZ2+V+zP83FLcX6ga+GMr8tf/bwWjSe1PN7mZAQlPB4p8Qc=
+=NxxT
+-----END PGP SIGNATURE-----
+
 </pre>
 {% endblock %}