eyedeekay
Hi everyone welcome to the meeting
eyedeekay
I'm having connectivity issues so let's try and keep things on topic
eyedeekay
Who has topics for the meeting?
eyedeekay
I'll start by adding "NetDB Change Summmary"
eyedeekay
Who else is here?
not_bob
Domains, can they auto-expire after disuse? Say a sunset of six months or a year?
not_bob
Or, should domains be a forever thing?
eyedeekay
Thanks not_bob sounds good. Anybody else got one a topic?
orignal
hi
obscuratus
hi
orignal
I'm busy today
eyedeekay
Hi orignal, hi obscuratus
eyedeekay
OK that's fine orignal
obscuratus
Update on RI secure handshake?
eyedeekay
IIRC we tabled that one for a later date because of the SSU2 change it would require
obscuratus
OK, if orignal isn't available, no need anyways.
orignal
next week please
eyedeekay
I'll be on a plane next Monday, can we do Tuesday instead?
orignal
I also want to bring an issue with false positive peer tests
orignal
fine
eyedeekay
OK
eyedeekay
On to the topics, let's start with you not_bob
eyedeekay
You explained the general idea but would you like to give us a little more about the motivations, benefits, and drawbacks?
not_bob
Many domains get registred, used for a very short time and then not used again.
eyedeekay
This is for #1 domain name expiration
not_bob
I've seen it happen countless times. Where the site is only for days, or a few weeks and is never to be seen again. But, then it eats the domain name forever.
not_bob
That's my main modivation.
not_bob
But, drawbacks include trust.
eyedeekay
Squatting by any other name, really
not_bob
It's good to know that xxx.i2p is the same xxx.i2p you visited three years ago.
not_bob
With what I propose, so long as you stay active with your domain, then you keep it forever.
not_bob
With a six month, or one year grace period.
not_bob
And, honestly, if a site is down for a year, then why bother to keep it in the database?
not_bob
They aren't using it.
RN
and these options about expiration and bookmarking one would be presented to the user in the consle?
not_bob
That's my proposal.
RN
oops sorry, hit enter b4 you done
not_bob
I was thinking it would be nice if they could auto-expire in the addressbook.
not_bob
A simple check, every so often for the leaseset would show that a domain has been active.
eyedeekay
I definitely don't want to auto-expire them in the addressbook for exactly the reason you mentioned before
not_bob
Understood.
RN
I would def want a "pin this one" option
obscuratus
Do we have any officical or semi-official existing standard for this?
eyedeekay
> i.e. It's good to know that xxx.i2p is the same xxx.i2p you visited three years ago.
not_bob
We had a situation about a week and a half ago where someone registered a site, but that site already existed, but had been dead for years.
RN
registration is permanent unless the user intervenes as it is now right?
eyedeekay
Yeah it's happened before in a particularly suspicious place, too, IIRC a search engine
eyedeekay
That's a creepy one to have a bait-and-switch on
not_bob
I agree, trust is a major issue here.
RN
subscription management tools maybe?
RN
where user could select criteria and then preview list and purge
eyedeekay
obscuratus, no official standard, we kind of went by what I'm going to coin the "stats.i2p" rule where every domain was permanent because they might come back and squatters could be dangerous
not_bob
Yes, that would be nice.
obscuratus
At six months, we're coming up quick on the point where zzz.i2p would be released.
not_bob
eyedeekay: I understand the logic there.
not_bob
obscuratus: Exactly the issue.
RN
yes
RN
tarbaby right there
not_bob
And, we don't what that one to get taken over by a squatter.
eyedeekay
Somewhat granular local controls are something that I would be open to
eyedeekay
Would it be too difficult to allow the registrant to specify the length of the grace period and save ourselves the decision?
obscuratus
On the other hand, the low-lying-fruit would be the people who existing for less than a month and disappeared. Easier to ploink those.
RN
that is the thing: subscriptions and address book are responsibility of user
eyedeekay
We could get really complicated with it and calculate confidence intervals too
not_bob
Very much so.
not_bob
Complex.
RN
yeah, maybe a registration deadman's switch configrd at registration
eyedeekay
OK so it's got to be a fixed interval then ideally
RN
like an offline destination will die if you don't tickle it from time to time
not_bob
*nod*
eyedeekay
And as you say, we're coming up on the time when zzz.i2p would be falling out of the list at the six-month mark
not_bob
The other option, which might be better, is any site with less than a month uptime and then six months of downtime gets perged.
eyedeekay
But everybody's got zzz's hostname already, we'll squawk at them if a squatter comes down
eyedeekay
moreover IIRC it's in our base hosts.txt file still
not_bob
Yes
RN
I say keep it there
eyedeekay
Yeah I basically can't think of a good reason to take stuff out of there
not_bob
In the end, it's fine if we say they last forever, domain regs. But, it's also annoying that names get used and then thrown away.
eyedeekay
But my point is that arguably when the site goes offline then as long as we don't purge them locally anybody who has a router from when the site was online can tell the difference
RN
well the initial reason nb gave... sites that pop up and dissapear
eyedeekay
Less than one month of uptime and more than six months of downtime is easy
eyedeekay
To approve of
RN
but lets say I was offline for 6 mo
RN
I would certainly still want to play peek-a-boo
not_bob
Agreed.
eyedeekay
Well your site has been up for years though
RN
mostly yes..
RN
think I did have an outage over 6mo in early days though
eyedeekay
Could be a year instead?
not_bob
I'd fine fine with that.
RN
sounds likt this could use more discussion
not_bob
Yes, I agree.
not_bob
As there would need to be a way to track all this.
not_bob
And the router itself my not be the best place to do the metrics.
eyedeekay
Yes, but we've been going around in circles about it for as long as I can remember
RN
is there a thread about it on ramble yet?
eyedeekay
No but that's a good idea
not_bob
Good uptime this last year.
obscuratus
Also, isn't each registry essentially able to make their own rules?
RN
Σ:Đ
not_bob
Yes
eyedeekay
Yes, and maybe that's the answer to just have different registries with different rules
not_bob
I'm cool with that as well.
RN
anyone can make a registry, so yeah own rules. getting adoption for a new one might have friction.
eyedeekay
But it may also be true that some rules are best for some situations and some rules are best for others
not_bob
There may not be a one size fits all solution here.
eyedeekay
But we do need to be thinking about what size fits most
not_bob
Thank you for hearing me out.
RN
sure, an NSFW blocking one, an anything goes (get your eyebleach), a 'safe' one
not_bob
I already do that with my service, offer to subs.
not_bob
two subs.
not_bob
The non censored hosts.txt is far mor popular.
eyedeekay
You're welcome not_bob. Next week, that's what I want us to know is what the possible rules for domain names are and situations where they affect how people navigate I2P
eyedeekay
Mostly talking about what we get in terms of security and authenticity from applying these rules, not worried about where it's safe to browse them
eyedeekay
Anything else on #1?
eyedeekay
#2 netDb Changes in Java I2P
eyedeekay
This is mostly just a report on git.idk.i2p/i2p-hackers/i2p.i2p/-/merge_requests/95/diffs
eyedeekay
What we've done is found a way to provide Java I2P with "true isolation" of the netDb in a similar way to the way which i2pd has done it by design
eyedeekay
But because of the incumbent design of Java I2P, ours has to work a little differently
eyedeekay
What we do instead of giving each client it's own netDb to own, we now have a tool which exists to allow clients to access their own netDb as part of a larger, netDb-managing structure using an "isolating key"
eyedeekay
That "isolating key" or "dbid" in the code can be anything, but at this time it's the base32 of the hash of the client which received the message
eyedeekay
This allows us to keep all the features we had because of our existing monolithic netDb, including extensive ability to graph stats and provide feedback on the network's state, while also providing concrete barriers against attackers who use crafted LeaseSets and RouterInfos to associate clients with the routers that host them
RN
[FIREWORKS]
eyedeekay
We've been testing it for a while but I would like to encourage anybody who can to build from the i2p.i2p.2.2.1-nested-netDb branch and report their results because this needs to be right
eyedeekay
It touches practically every corner of the router, every eye on the code and every tester is very much appreciated
eyedeekay
obscuratus thanks again for all your help already
eyedeekay
EOT
obscuratus
I'll add that the overall framework is working on my testing network, but I am accumulating a back log of fixes that I need to push back.
eyedeekay
Let me know about any of them when you're ready
eyedeekay
I did check in the excessive local RI publish fix a day or two ago
obscuratus
Would it make sense to do MR against idk/i2p.i2p on the i2p.i2p.2.4.0-test1 branch?
obscuratus
eyedeekay: Yeah that is now fixed.
eyedeekay
obscuratus sure that would be fine
eyedeekay
or the i2p.i2p.2.2.1-nested-netdb branch, either should work
eyedeekay
test1 is just where I'm merging everything that I'm considering putting onto the release together for testing, I periodically pull i2p.i2p.2.2.1-nested-netdb into it
eyedeekay
so I guess prefer i2p.i2p.2.2.1-nested-netdb for the MR
obscuratus
Also, for anybody testing it, certain people may notice differences in your router's behavior. Also, the information on the console display can only be described as "mangled" right now.
obscuratus
eyedeekay: OK.
eyedeekay
Anything else on 2?
eyedeekay
Anything else for the meeting?
eyedeekay
All right thanks everybody for coming, remember we've rescheduled the next one for Tuesday the 15th
RN
:)
obscuratus
eyedeekay: For the post-meeting, if you're still around... Some of my stuff isn't nested-netdb related, such as my banlist modifications.
eyedeekay
You can put it in an MR?
obscuratus
But some of the other stuff is near-by on on-top of the banlist stuff. I'd like to get it in or get it NACKed.
obscuratus
Yes, it's ready for a MR, but it's now on to of the nested-netdb stuff.
obscuratus
s/on to/on top/
obscuratus
Everything change of any size seems to have tentacles going into just enough of everything else to raise conflicts. :)
eyedeekay
yeah that's probably part of why zzz really didn't want to do this before
obscuratus
I'll put in a MR for the banlist stuff to the i2p.i2p.2.2.1-nested-netdb, and if it looks like you want to somewhere else, just let me know.
eyedeekay
Sounds good
eyedeekay
It will be fine