lbt/I2P_Website
1
0
Fork 0
forked from I2P_Developers/i2p.www
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Redo RouterAddress picture

Browse Source 
Add transport idle timeout info
More SSU key clarification
This commit is contained in:
zzz
2014-02-20 13:02:21 +00:00
parent 24826038a9
commit af9ea07829
4 changed files with 85 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
i2p2www/pages/site/docs/spec/common-structures.html
View File

@@ -792,15 +792,18 @@ After that comes a <a href="#type_String">String</a> defining the transport prot
IP address, port number, email address, URL, etc. IP address, port number, email address, URL, etc.
{% endtrans %}</p> {% endtrans %}</p>
{% highlight lang='dataspec' %} {% highlight lang='dataspec' %}
+----+
|cost|
+----+----+----+----+----+----+----+----+ +----+----+----+----+----+----+----+----+
| expiration | |cost| expiration
+----+----+----+----+-//-+----+----+----+ +----+----+----+----+----+----+----+----+
| transport_style | | transport_style |
+----+----+----+----+-//-+----+----+----+ +----+----+----+----+-//-+----+----+----+
| |
+ +
| options | | options |
+----+----+----+----+-//-+----+----+----+ ~ ~
~ ~
| |
+----+----+----+----+----+----+----+----+
cost :: `Integer` cost :: `Integer`
length -> 1 byte length -> 1 byte
@@ -858,7 +861,6 @@ the contained <a href="#struct_RouterIdentity">RouterIdentity</a>.
+ + + +
| | | |
~ ~ ~ ~
~ ~ ~ ~
| | | |
+----+----+----+----+----+----+----+----+ +----+----+----+----+----+----+----+----+
@@ -868,16 +870,12 @@ the contained <a href="#struct_RouterIdentity">RouterIdentity</a>.
+----+ + +----+ +
| | | |
~ ~ ~ ~
~ ~ ~ ~
| | | |
+----+----+----+----+----+----+----+----+ +----+----+----+----+----+----+----+----+
| RouterAddress 1 | | RouterAddress 1 |
+ + + +
| | | |
~ ~
~ ~
~ ~ ~ ~
~ ~ ~ ~
| | | |
@@ -886,7 +884,6 @@ the contained <a href="#struct_RouterIdentity">RouterIdentity</a>.
+ + + +
| | | |
~ ~ ~ ~
~ ~ ~ ~
| | | |
+----+----+----+----+-//-+----+----+----+ +----+----+----+----+-//-+----+----+----+

61
i2p2www/pages/site/docs/spec/ssu.html
View File

@@ -265,7 +265,9 @@ This is the first message sent to establish a session.
<li>that many byte representation of Bob's IP address</li> <li>that many byte representation of Bob's IP address</li>
<li>N bytes, currently uninterpreted</li> <li>N bytes, currently uninterpreted</li>
</ul></td></tr> </ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td> <tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>Bob's introKey, as retrieved from the network database</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Bob's introKey, as retrieved from the network database</td></tr> <td>Bob's introKey, as retrieved from the network database</td></tr>
</table> </table>
@@ -323,9 +325,11 @@ This is the response to a Session Request.
using the negotiated session key as part of the DSA block</li> using the negotiated session key as part of the DSA block</li>
<li>N bytes, currently uninterpreted</li> <li>N bytes, currently uninterpreted</li>
</ul></td></tr> </ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td> <tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>Bob's introKey, with an additional layer of encryption over the 40 byte <td>Bob's introKey, with an additional layer of encryption over the 40 byte
signature and the following 8 bytes padding.</td></tr> signature and the following 8 bytes padding.</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Bob's introKey</td></tr>
</table> </table>
<p>Message format:</p> <p>Message format:</p>
@@ -418,8 +422,10 @@ bits 3-0: total identity fragments (F) 1-15</pre></li>
+ Alice's new relay key + Alice's signed on time)</li> + Alice's new relay key + Alice's signed on time)</li>
</li></ul> </li></ul>
</ul></td></tr> </ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td> <tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>Alice/Bob sessionKey, as generated from the DH exchange</td></tr> <td>Alice/Bob sessionKey, as generated from the DH exchange</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Alice/Bob MAC Key, as generated from the DH exchange</td></tr>
</table> </table>
<p> <p>
@@ -512,8 +518,10 @@ and is sent as of release 0.8.9.
<tr><td align="right" valign="top"><b>Data:</b></td> <tr><td align="right" valign="top"><b>Data:</b></td>
<td>none <td>none
</td></tr> </td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td> <tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>Alice/Bob sessionKey</td></tr> <td>Alice/Bob sessionKey</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Alice/Bob MAC Key</td></tr>
</table> </table>
@@ -549,8 +557,10 @@ This is the first message sent from Alice to Bob to request an introduction to C
<li>4 byte nonce of Alice's relay request</li> <li>4 byte nonce of Alice's relay request</li>
<li>N bytes, currently uninterpreted</li> <li>N bytes, currently uninterpreted</li>
</ul></td></tr> </ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td> <tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>Bob's introKey, as retrieved from the network database (or Alice/Bob sessionKey, if established)</td></tr> <td>Bob's introKey, as retrieved from the network database (or Alice/Bob sessionKey, if established)</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Bob's introKey, as retrieved from the network database (or Alice/Bob MAC Key, if established)</td></tr>
</table> </table>
<p>Message format:</p> <p>Message format:</p>
@@ -622,8 +632,10 @@ This is the response to a Relay Request and is sent from Bob to Alice.
<li>4 byte nonce sent by Alice</li> <li>4 byte nonce sent by Alice</li>
<li>N bytes, currently uninterpreted</li> <li>N bytes, currently uninterpreted</li>
</ul></td></tr> </ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td> <tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>Alice's introKey, as received in the Relay Request (or Alice/Bob sessionKey, if established)</td></tr> <td>Alice's introKey, as received in the Relay Request (or Alice/Bob sessionKey, if established)</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Alice's introKey, as received in the Relay Request (or Alice/Bob MAC Key, if established)</td></tr>
</table> </table>
<p>Message format:</p> <p>Message format:</p>
@@ -682,8 +694,10 @@ This is the introduction for Alice, which is sent from Bob to Charlie.
<li>that many bytes relayed from Alice</li> <li>that many bytes relayed from Alice</li>
<li>N bytes, currently uninterpreted</li> <li>N bytes, currently uninterpreted</li>
</ul></td></tr> </ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td> <tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>Bob/Charlie sessionKey</td></tr> <td>Bob/Charlie sessionKey</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Bob/Charlie MAC Key</td></tr>
</table> </table>
<p>Message format:</p> <p>Message format:</p>
@@ -789,8 +803,10 @@ byte 1
<li>that many bytes</li></ul> <li>that many bytes</li></ul>
<li>N bytes padding, uninterpreted</li> <li>N bytes padding, uninterpreted</li>
</ul></td></tr> </ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td> <tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td>sessionKey</td></tr> <td>Alice/Bob sessionKey</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>Alice/Bob MAC Key</td></tr>
</table> </table>
<p>Message format:</p> <p>Message format:</p>
@@ -890,7 +906,7 @@ See <a href="{{ site_url('docs/transport/ssu') }}#peerTesting">the SSU overview
<li>Alice's or Charlie's 32-byte introduction key</li> <li>Alice's or Charlie's 32-byte introduction key</li>
<li>N bytes, currently uninterpreted</li> <li>N bytes, currently uninterpreted</li>
</ul></td></tr> </ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td> <tr><td align="right" valign="top"><b>Crypto Key used:</b></td>
<td> <td>
Listed in order of occurrence: Listed in order of occurrence:
<ol><li> <ol><li>
@@ -913,6 +929,31 @@ Alice's introKey, as received in the Peer Test message from Bob
</li><li> </li><li>
When sent from Alice to Charlie: When sent from Alice to Charlie:
Charlie's introKey, as received in the Peer Test message from Charlie Charlie's introKey, as received in the Peer Test message from Charlie
</li></ol>
</td></tr>
<tr><td align="right" valign="top"><b>MAC Key used:</b></td>
<td>
Listed in order of occurrence:
<ol><li>
When sent from Alice to Bob:
Alice/Bob MAC Key
(the protocol also permits Bob's introKey if Alice and Bob do not have an established session,
but in the current implementation Alice always selects a Bob that is established)
</li><li>
When sent from Bob to Charlie:
Bob/Charlie MAC Key
</li><li>
When sent from Charlie to Bob:
Bob/Charlie MAC Key
</li><li>
When sent from Bob to Alice:
Alice's introKey, as received in the Peer Test message from Alice
</li><li>
When sent from Charlie to Alice:
Alice's introKey, as received in the Peer Test message from Bob
</li><li>
When sent from Alice to Charlie:
Charlie's introKey, as received in the Peer Test message from Charlie
</li></ol> </li></ol>
</td></tr> </td></tr>
</table> </table>

12
i2p2www/pages/site/docs/transport/ntcp.html
View File

@@ -1,6 +1,6 @@
{% extends "global/layout.html" %} {% extends "global/layout.html" %}
{% block title %}{% trans %}NTCP (NIO-based TCP){% endtrans %}{% endblock %} {% block title %}{% trans %}NTCP (NIO-based TCP){% endtrans %}{% endblock %}
{% block lastupdated %}{% trans %}February 2013{% endtrans %}{% endblock %} i2p2www/pages/site/docs/transport/ntcp.html 4
{% block accuratefor %}0.9.11{% endblock %} {% block accuratefor %}0.9.11{% endblock %}
{% block content %} {% block content %}
<p>{% trans transports=site_url('docs/transport'), ssu=site_url('docs/transport/ssu') -%} <p>{% trans transports=site_url('docs/transport'), ssu=site_url('docs/transport/ssu') -%}
@@ -79,6 +79,16 @@ as defined in the <a href="{{ rfc1950 }}">ZLIB Specification</a>.
{%- endtrans %}</p> {%- endtrans %}</p>
<h3>{% trans %}Idle Timeout{% endtrans %}</h3>
<p>{% trans -%}
Idle timeout and connection close is at the discretion of each endpoint and may vary.
The current implementation lowers the timeout as the number of connections approaches the
configured maximum, and raises the timeout when the connection count is low.
The recommended minimum timeout is two minutes or more, and the recommended
maximum timeout is ten minutes or more.
{%- endtrans %}</p>
<h3>{% trans %}Establishment Sequence{% endtrans %}</h3> <h3>{% trans %}Establishment Sequence{% endtrans %}</h3>
<p>{% trans -%} <p>{% trans -%}
In the establish state, there is a 4-phase message sequence to exchange DH keys and signatures. In the establish state, there is a 4-phase message sequence to exchange DH keys and signatures.

16
i2p2www/pages/site/docs/transport/ssu.html
View File

@@ -1,9 +1,8 @@
{% extends "global/layout.html" %} {% extends "global/layout.html" %}
{% block title %}{% trans %}Secure Semireliable UDP{% endtrans %} (SSU){% endblock %} {% block title %}{% trans %}Secure Semireliable UDP{% endtrans %} (SSU){% endblock %}
{% block lastupdated %}{% trans %}December 2013{% endtrans %}{% endblock %} {% block lastupdated %}{% trans %}February 2014{% endtrans %}{% endblock %}
{% block accuratefor %}0.9.9{% endblock %} {% block accuratefor %}0.9.11{% endblock %}
{% block content %} {% block content %}
Note: IPv6 information is preliminary.
<p>{% trans transports=site_url('docs/transport'), ntcp=site_url('docs/transport/ntcp') -%} <p>{% trans transports=site_url('docs/transport'), ntcp=site_url('docs/transport/ntcp') -%}
SSU (also called "UDP" in much of the I2P documentation and user interfaces) SSU (also called "UDP" in much of the I2P documentation and user interfaces)
@@ -134,6 +133,17 @@ Further work is necessary to raise the UDP transport limit above 32KB.
For connections using the larger MTU, larger messages are possible. For connections using the larger MTU, larger messages are possible.
{%- endtrans %}</p> {%- endtrans %}</p>
<h2>{% trans %}Idle Timeout{% endtrans %}</h2>
<p>{% trans -%}
Idle timeout and connection close is at the discretion of each endpoint and may vary.
The current implementation lowers the timeout as the number of connections approaches the
configured maximum, and raises the timeout when the connection count is low.
The recommended minimum timeout is two minutes or more, and the recommended
maximum timeout is ten minutes or more.
{%- endtrans %}</p>
<h2><a name="keys">{% trans %}Keys{% endtrans %}</a></h2> <h2><a name="keys">{% trans %}Keys{% endtrans %}</a></h2>
<p>{% trans -%} <p>{% trans -%}