lbt/I2P_Website
1
0
Fork 0
forked from I2P_Developers/i2p.www
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Redo RouterAddress picture

Browse Source 
Add transport idle timeout info
More SSU key clarification
This commit is contained in:
zzz
2014-02-20 13:02:21 +00:00
parent 24826038a9
commit af9ea07829
4 changed files with 85 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
i2p2www/pages/site/docs/spec/common-structures.html
View File

@@ -792,15 +792,18 @@ After that comes a <a href="#type_String">String</a> defining the transport prot
IP address, port number, email address, URL, etc.
{% endtrans %}</p>
{% highlight lang='dataspec' %}
+----+
|cost|
+----+----+----+----+----+----+----+----+
| expiration |
+----+----+----+----+-//-+----+----+----+
| transport_style |
+----+----+----+----+-//-+----+----+----+
| options |
|cost| expiration
+----+----+----+----+----+----+----+----+
| transport_style |
+----+----+----+----+-//-+----+----+----+
| |
+ +
| options |
~ ~
~ ~
| |
+----+----+----+----+----+----+----+----+
cost :: `Integer`
length -> 1 byte
@@ -858,7 +861,6 @@ the contained <a href="#struct_RouterIdentity">RouterIdentity</a>.
+ +
| |
~ ~
~ ~
| |
+----+----+----+----+----+----+----+----+
@@ -868,16 +870,12 @@ the contained <a href="#struct_RouterIdentity">RouterIdentity</a>.
+----+ +
| |
~ ~
~ ~
| |
+----+----+----+----+----+----+----+----+
| RouterAddress 1 |
+ +
| |
~ ~
~ ~
~ ~
~ ~
| |
@@ -886,7 +884,6 @@ the contained <a href="#struct_RouterIdentity">RouterIdentity</a>.
+ +
| |
~ ~
~ ~
| |
+----+----+----+----+-//-+----+----+----+

61
i2p2www/pages/site/docs/spec/ssu.html
View File

@@ -265,7 +265,9 @@ This is the first message sent to establish a session.
<li>that many byte representation of Bob's IP address</li>
<li>N bytes, currently uninterpreted</li>
</ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td>
<tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>Bob's introKey, as retrieved from the network database</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Bob's introKey, as retrieved from the network database</td></tr>
</table>
@@ -323,9 +325,11 @@ This is the response to a Session Request.
using the negotiated session key as part of the DSA block</li>
<li>N bytes, currently uninterpreted</li>
</ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td>
<tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>Bob's introKey, with an additional layer of encryption over the 40 byte
signature and the following 8 bytes padding.</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Bob's introKey</td></tr>
</table>
<p>Message format:</p>
@@ -418,8 +422,10 @@ bits 3-0: total identity fragments (F) 1-15</pre></li>
+ Alice's new relay key + Alice's signed on time)</li>
</li></ul>
</ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td>
<tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>Alice/Bob sessionKey, as generated from the DH exchange</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Alice/Bob MAC Key, as generated from the DH exchange</td></tr>
</table>
<p>
@@ -512,8 +518,10 @@ and is sent as of release 0.8.9.
<tr><td align="right" valign="top"><b>Data:</b></td>
<td>none
</td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td>
<tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>Alice/Bob sessionKey</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Alice/Bob MAC Key</td></tr>
</table>
@@ -549,8 +557,10 @@ This is the first message sent from Alice to Bob to request an introduction to C
<li>4 byte nonce of Alice's relay request</li>
<li>N bytes, currently uninterpreted</li>
</ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td>
<tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>Bob's introKey, as retrieved from the network database (or Alice/Bob sessionKey, if established)</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Bob's introKey, as retrieved from the network database (or Alice/Bob MAC Key, if established)</td></tr>
</table>
<p>Message format:</p>
@@ -622,8 +632,10 @@ This is the response to a Relay Request and is sent from Bob to Alice.
<li>4 byte nonce sent by Alice</li>
<li>N bytes, currently uninterpreted</li>
</ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td>
<tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>Alice's introKey, as received in the Relay Request (or Alice/Bob sessionKey, if established)</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Alice's introKey, as received in the Relay Request (or Alice/Bob MAC Key, if established)</td></tr>
</table>
<p>Message format:</p>
@@ -682,8 +694,10 @@ This is the introduction for Alice, which is sent from Bob to Charlie.
<li>that many bytes relayed from Alice</li>
<li>N bytes, currently uninterpreted</li>
</ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td>
<tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>Bob/Charlie sessionKey</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Bob/Charlie MAC Key</td></tr>
</table>
<p>Message format:</p>
@@ -789,8 +803,10 @@ byte 1
<li>that many bytes</li></ul>
<li>N bytes padding, uninterpreted</li>
</ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td>
<td>sessionKey</td></tr>
<tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>Alice/Bob sessionKey</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Alice/Bob MAC Key</td></tr>
</table>
<p>Message format:</p>
@@ -890,7 +906,7 @@ See <a href="{{ site_url('docs/transport/ssu') }}#peerTesting">the SSU overview
<li>Alice's or Charlie's 32-byte introduction key</li>
<li>N bytes, currently uninterpreted</li>
</ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td>
<tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>
Listed in order of occurrence:
<ol><li>
@@ -913,6 +929,31 @@ Alice's introKey, as received in the Peer Test message from Bob
</li><li>
When sent from Alice to Charlie:
Charlie's introKey, as received in the Peer Test message from Charlie
</li></ol>
</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>
Listed in order of occurrence:
<ol><li>
When sent from Alice to Bob:
Alice/Bob MAC Key
(the protocol also permits Bob's introKey if Alice and Bob do not have an established session,
but in the current implementation Alice always selects a Bob that is established)
</li><li>
When sent from Bob to Charlie:
Bob/Charlie MAC Key
</li><li>
When sent from Charlie to Bob:
Bob/Charlie MAC Key
</li><li>
When sent from Bob to Alice:
Alice's introKey, as received in the Peer Test message from Alice
</li><li>
When sent from Charlie to Alice:
Alice's introKey, as received in the Peer Test message from Bob
</li><li>
When sent from Alice to Charlie:
Charlie's introKey, as received in the Peer Test message from Charlie
</li></ol>
</td></tr>
</table>

12
i2p2www/pages/site/docs/transport/ntcp.html
View File

@@ -1,6 +1,6 @@
{% extends "global/layout.html" %}
{% block title %}{% trans %}NTCP (NIO-based TCP){% endtrans %}{% endblock %}
{% block lastupdated %}{% trans %}February 2013{% endtrans %}{% endblock %}
i2p2www/pages/site/docs/transport/ntcp.html 4
{% block accuratefor %}0.9.11{% endblock %}
{% block content %}
<p>{% trans transports=site_url('docs/transport'), ssu=site_url('docs/transport/ssu') -%}
@@ -79,6 +79,16 @@ as defined in the <a href="{{ rfc1950 }}">ZLIB Specification</a>.
{%- endtrans %}</p>
<h3>{% trans %}Idle Timeout{% endtrans %}</h3>
<p>{% trans -%}
Idle timeout and connection close is at the discretion of each endpoint and may vary.
The current implementation lowers the timeout as the number of connections approaches the
configured maximum, and raises the timeout when the connection count is low.
The recommended minimum timeout is two minutes or more, and the recommended
maximum timeout is ten minutes or more.
{%- endtrans %}</p>
<h3>{% trans %}Establishment Sequence{% endtrans %}</h3>
<p>{% trans -%}
In the establish state, there is a 4-phase message sequence to exchange DH keys and signatures.

16
i2p2www/pages/site/docs/transport/ssu.html
View File

@@ -1,9 +1,8 @@
{% extends "global/layout.html" %}
{% block title %}{% trans %}Secure Semireliable UDP{% endtrans %} (SSU){% endblock %}
{% block lastupdated %}{% trans %}December 2013{% endtrans %}{% endblock %}
{% block accuratefor %}0.9.9{% endblock %}
{% block lastupdated %}{% trans %}February 2014{% endtrans %}{% endblock %}
{% block accuratefor %}0.9.11{% endblock %}
{% block content %}
Note: IPv6 information is preliminary.
<p>{% trans transports=site_url('docs/transport'), ntcp=site_url('docs/transport/ntcp') -%}
SSU (also called "UDP" in much of the I2P documentation and user interfaces)
@@ -134,6 +133,17 @@ Further work is necessary to raise the UDP transport limit above 32KB.
For connections using the larger MTU, larger messages are possible.
{%- endtrans %}</p>
<h2>{% trans %}Idle Timeout{% endtrans %}</h2>
<p>{% trans -%}
Idle timeout and connection close is at the discretion of each endpoint and may vary.
The current implementation lowers the timeout as the number of connections approaches the
configured maximum, and raises the timeout when the connection count is low.
The recommended minimum timeout is two minutes or more, and the recommended
maximum timeout is ten minutes or more.
{%- endtrans %}</p>
<h2><a name="keys">{% trans %}Keys{% endtrans %}</a></h2>
<p>{% trans -%}