simplify slug base (de)date valids

Signed-off-by: AGentooCat <agentoocat@mail.i2p>

.dockerignore

@@ -0,0 +1 @@
+.git

.gitignore

@@ -5,3 +5,4 @@
 env/
 i2p2www/translations/*/LC_MESSAGES/*.mo
 *~
+.vscode

.mtn-ignore

@@ -1,9 +0,0 @@
-env
-\.pot\.old$
-\.pyc$
-\.pyo$
-\.mo$
-~$
-\.custom$
-\.wsgi$
-\.pybabel-stamp$

Dockerfile

@@ -1,4 +1,4 @@
-FROM debian:stable
+FROM debian:buster
 ENV SERVERNAME=geti2p.net
 ENV SERVERMAIL=example@geti2p.net
 
@@ -8,7 +8,7 @@ WORKDIR /var/www/i2p.www
 
     ## Install the dependencies
 RUN apt-get update && \
-    apt-get -y install apache2 apache2-utils libapache2-mod-wsgi python2-dev python-pip patch python-virtualenv git && \
+    apt-get -y install apache2 apache2-utils libapache2-mod-wsgi python2-dev python-pip patch python-virtualenv git python-polib && \
     ## Start setting up the site
     rm -rfv env && \
     virtualenv --distribute env                && \  

README.md

@@ -34,9 +34,7 @@ If you want to mirror the I2P website, thanks! Here is a checklist:
   - In particular, do not change the `CANONICAL_DOMAIN` variable in
     `i2p2www/__init__.py`, it needs to point to the official site for SEO.
 - If you need to edit variables in `etc/update.vars`, copy the file to
-  `etc/update.vars.custom` and edit appropriately. The only variable you
-  may need to edit is `MTNURL` in `etc/update.vars` (if your Monotone client
-  tunnel is listening on a different port).
+  `etc/update.vars.custom` and edit appropriately.
 - If you want to enable caching, copy `i2p2www/settings.py.sample` to
   `i2p2www/settings.py` and edit appropriately.
 - Add `./site-updater.sh` to your crontab. This will keep the site updated,
@@ -99,11 +97,6 @@ in `etc/translation.vars` can be overridden by creating the file
     $ git commit -am "Updated translations"
     ```
 
-    ```
-    # older mtn instructions
-    $ mtn ci `cat newtranslations.txt` -m "Updated translations"
-    ```
-
 6. Check in any new translations:
    First, look to see which translations are supported in i2pwww/__init__.py.
    For any new translations that are NOT in __init__.py,
@@ -115,11 +108,6 @@ in `etc/translation.vars` can be overridden by creating the file
     $ git add i2p2www/translations/* && git commit -am "New translations"
     ```
 
-    ```
-    # older mtn instructions
-    $ mtn add -R i2p2www/translations/ && mtn ci i2p2www/translations/ -m "New translations"
-    ```
-
 ## Pushing updated translation source (.pot) files to Transifex:
 
 1. Update the .pot files with any changes to the website text:
@@ -135,11 +123,6 @@ in `etc/translation.vars` can be overridden by creating the file
     $ git commit -am "Updated translation strings"
     ```
 
-    ```
-    # older mtn instructions
-    $ mtn ci pots/ -m "Updated translation strings"
-    ```
-
 3. Push pots file changes to Transifex:
 
     ```

docker-run-dev.sh

@@ -0,0 +1,5 @@
+#! /usr/bin/env sh
+virtualenv --distribute env
+. env/bin/activate
+#./setup_venv.sh
+DEV=on ./runserver.py

i2p2www/__init__.py

@@ -22,8 +22,9 @@ except ImportError:
 ###########
 # Constants
 
-CURRENT_I2P_VERSION = '0.9.48'
-CURRENT_I2P_FIREFOX_PROFILE_VERSION = '0.02b'
+CURRENT_I2P_VERSION = '2.2.0'
+CURRENT_I2P_FIREFOX_PROFILE_VERSION = '2.1.0'
+CURRENT_I2P_OSX_VERSION = '1.9.0'
 
 CANONICAL_DOMAIN = 'geti2p.net'
 
@@ -48,6 +49,7 @@ SUPPORTED_LANGS = [
     'zh_TW',
     'el',
     'he',
+    'hu',
     'it',
     'ja',
     'ko',
@@ -75,6 +77,7 @@ SUPPORTED_LANG_NAMES = {
     'fr': u'Français',
     'el': u'Greek Ελληνικά',
     'he': u'Hebrew עברית',
+    'hu': u'Hungarian',
     'it': u'Italiano',
     'ja': u'Japanese 日本語',
     'ko': u'Korean 한국말',
@@ -207,9 +210,7 @@ def set_lang(endpoint, values):
 # Detect and store chosen theme
 @app.before_request
 def detect_theme():
-    theme = 'duck'
-    if 'style' in request.cookies:
-        theme = request.cookies['style']
+    theme = request.cookies.get('style', 'duck')
     if 'theme' in request.args.keys():
         theme = request.args['theme']
         # TEMPORARY: enable external themes

i2p2www/blog/2010/12/22/release-0.8.2.html

@@ -11,7 +11,7 @@ Please help grow the network.
 <a href="http://www.i2p2.de/getinvolved.html">Get involved</a>,
 spread the word,
 and <a href="http://www.i2p2.de/donate.html">donate</a>!
-If you find a bug, please enter a report on <a href="http://trac.i2p2.de/report/1">trac</a>.
+If you find a bug, please enter a report on <a href="http://i2pgit.org/i2p-hackers/i2p.i2p/issues">gitlab</a>.
 We are still looking for help on new and existing translations.
 Please volunteer on IRC #i2p.
 </p>

i2p2www/blog/2011/01/24/release-0.8.3.html

@@ -17,7 +17,7 @@ Please help grow the network.
 <a href="http://www.i2p2.de/getinvolved.html">Get involved</a>,
 spread the word,
 and <a href="http://www.i2p2.de/donate.html">donate</a>!
-If you find a bug, please enter a report on <a href="http://trac.i2p2.de/report/1">trac</a>.
+If you find a bug, please enter a report on <a href="http://i2pgit.org/i2p-hackers/i2p.i2p/issues">gitlab</a>.
 We are still looking for help on new and existing translations.
 Please volunteer on IRC #i2p.
 </p>

i2p2www/blog/2011/03/02/release-0.8.4.html

@@ -7,7 +7,7 @@ Please help grow the network.
 <a href="http://www.i2p2.de/getinvolved.html">Get involved</a>,
 spread the word,
 and <a href="http://www.i2p2.de/donate.html">donate</a>!
-If you find a bug, please enter a report on <a href="http://trac.i2p2.de/report/1">trac</a>.
+If you find a bug, please enter a report on <a href="http://i2pgit.org/i2p-hackers/i2p.i2p/issues">gitlab</a>.
 We are still looking for help on new and existing translations.
 Please volunteer on IRC #i2p-dev.
 </p>

i2p2www/blog/2011/04/18/release-0.8.5.html

@@ -6,7 +6,7 @@ Please help grow the network.
 <a href="http://www.i2p2.de/getinvolved.html">Get involved</a>,
 spread the word,
 and <a href="http://www.i2p2.de/donate.html">donate</a>!
-If you find a bug, please enter a report on <a href="http://trac.i2p2.de/report/1">trac</a>.
+If you find a bug, please enter a report on <a href="http://i2pgit.org/i2p-hackers/i2p.i2p/issues">gitlab</a>.
 We are still looking for help on new and existing translations.
 Please volunteer on IRC #i2p-dev.
 </p>

i2p2www/blog/2011/05/16/release-0.8.6.html

@@ -7,7 +7,7 @@ Please help grow the network.
 <a href="http://www.i2p2.de/getinvolved.html">Get involved</a>,
 spread the word,
 and <a href="http://www.i2p2.de/donate.html">donate</a>!
-If you find a bug, please enter a report on <a href="http://trac.i2p2.de/report/1">trac</a>.
+If you find a bug, please enter a report on <a href="http://i2pgit.org/i2p-hackers/i2p.i2p/issues">gitlab</a>.
 We are still looking for help on new and existing translations.
 Please volunteer on IRC #i2p-dev.
 </p>

i2p2www/blog/2011/06/27/release-0.8.7.html

@@ -26,7 +26,7 @@ Please help grow the network.
 <a href="http://www.i2p2.de/getinvolved.html">Get involved</a>,
 spread the word,
 and <a href="http://www.i2p2.de/donate.html">donate</a>!
-If you find a bug, please enter a report on <a href="http://trac.i2p2.de/report/1">trac</a>.
+If you find a bug, please enter a report on <a href="http://i2pgit.org/i2p-hackers/i2p.i2p/issues">gitlab</a>.
 We are still looking for help on new and existing translations.
 Please volunteer on IRC #i2p-dev.
 </p>

i2p2www/blog/2011/08/23/release-0.8.8.html

@@ -13,7 +13,7 @@ Please help grow the network.
 <a href="http://www.i2p2.de/getinvolved.html">Get involved</a>,
 spread the word,
 and <a href="http://www.i2p2.de/donate.html">donate</a>!
-If you find a bug, please enter a report on <a href="http://trac.i2p2.de/report/1">trac</a>.
+If you find a bug, please enter a report on <a href="http://i2pgit.org/i2p-hackers/i2p.i2p/issues">gitlab</a>.
 We are still looking for help on new and existing translations.
 Please volunteer on IRC #i2p-dev.
 </p>

i2p2www/blog/2019/06/15/i2p-i2pd-ssh-config.rst

@@ -139,13 +139,12 @@ tunnels.conf
 
        [SSH-SERVER]
        type = server
+       host = 127.0.0.1
        port = 22
        inbound.length = 1
        outbound.length = 1
        inbound.quantity = 5
        outbound.quantity = 5
-       inbound.backupQuantity = 2
-       outbound.backupQuantity = 2
        i2cp.reduceOnIdle = true
        keys = ssh-in.dat
 
@@ -294,10 +293,8 @@ adjust it for your performance/anonymity needs.
        outbound.length = 1
        inbound.quantity = 5
        outbound.quantity = 5
-       inbound.backupQuantity = 2
-       outbound.backupQuantity = 2
        i2cp.dontPublishLeaseSet = true
-       destination = bubfjkl2l46pevgnh7yicm2e7rkld4jrgpmruw2ueqn5fa4ag6eq.b32.I2P
+       destination = thisshouldbethebase32ofthesshservertunnelabovebefore.b32.i2p
        keys = ssh-in.dat
 
 {% trans -%}Restart the I2P router on the client{%- endtrans %}

i2p2www/blog/2020/12/10/Hello-git-goodbye-mtn.rst

@@ -0,0 +1,91 @@
+======================================================
+{% trans -%}Hello Git, Goodbye Monotone{%- endtrans %}
+======================================================
+
+.. meta::
+   :author: idk
+   :date: 2020-12-10
+   :category: git
+   :excerpt: {% trans %}Hello git, goodbye mtn{% endtrans %}
+
+{% trans -%}
+Hello Git, Goodbye Monotone
+{%- endtrans %}
+===========================
+
+{% trans -%}
+The I2P Git Migration is nearly concluded
+{%- endtrans %}
+-----------------------------------------
+
+{% trans -%}
+For over a decade, I2P has relied on the venerable Monotone service to support
+its version control needs, but during the past few years, most of the world has
+moved on to the now-universal Git version control system. In that same
+time, the I2P Network has become faster and more reliable, and accessible
+workarounds to Git's non-resumability have been developed.
+{%- endtrans %}
+
+{% trans -%}
+Today marks a significant occasion for I2P, as we switched off the old mtn
+i2p.i2p branch, and moved the development of the core Java I2P libraries from
+Monotone to Git officially.
+{%- endtrans %}
+
+{% trans -%}
+While our use of mtn has been questioned in the past, and it's not always been a
+popular choice, I'd like to take this moment, as perhaps the very last project to use
+Monotone to thank the Monotone developers, current and former, wherever they are,
+for the software they created.
+{%- endtrans %}
+
+.. image:: /_static/images/GoodbyeMTN.png
+
+{% trans -%}
+GPG Signing
+{%- endtrans %}
+-----------
+
+{% trans -%}
+Checkins to the I2P Project repositories require you to configure GPG signing for
+your git commits, including Merge Requests and Pull Requests. Please configure
+your git client for GPG signing before you fork i2p.i2p and check anything in.
+{%- endtrans %}
+
+{% trans -%}
+Official Repositories and Gitlab/Github Syncing
+{%- endtrans %}
+-----------------------------------------------
+
+{% trans -%}
+The official repository is the one hosted at https://i2pgit.org/i2p-hackers/i2p.i2p
+and at https://git.idk.i2p/i2p-hackers/i2p.i2p, but there is a "Mirror" available
+at Github at https://github.com/i2p/i2p.i2p.
+{%- endtrans %}
+
+{% trans -%}
+Now that we're on git, we can synchronize repositories from our own self-hosted Gitlab
+instance, to Github, and back again. This means that it is possible to create and submit
+a merge request on Gitlab and when it is merged, the result will be synced with Github,
+and a Pull Request on Github, when merged, will appear on Gitlab.
+{%- endtrans %}
+
+{% trans -%}
+This means that it's possible to submit code to us through our Gitlab instance or through
+Github depending on what you prefer, however, more of the I2P developers are regularly
+monitoring Gitlab than Github. MR's to Gitlab are more likely to be merged sooner
+than PR's to Github.
+{%- endtrans %}
+
+{% trans -%}
+Thanks
+{%- endtrans %}
+------
+
+{% trans -%}
+Congratulations and thanks to everyone who helped in the git migration, especially
+zzz, eche|on, nextloop, and our site mirror operators! While some of us will miss
+Monotone, it has become a barrier for new and existing participants in I2P development
+and we're excited to join the world of developers using Git to manage their distributed
+projects.
+{%- endtrans %}

i2p2www/blog/2021/02/17/0.9.49-Release.rst

@@ -0,0 +1,108 @@
+===========================================
+{% trans -%}0.9.49 Release{%- endtrans %}
+===========================================
+
+.. meta::
+   :author: zzz
+   :date: 2021-02-17
+   :category: release
+   :excerpt: {% trans %}0.9.49 with SSU fixes and faster crypto{% endtrans %}
+
+{% trans -%}
+Update details
+{%- endtrans %}
+============================================
+
+{% trans -%}
+0.9.49 continues the work to make I2P faster and more secure.
+We have several improvements and fixes for the SSU (UDP) transport that should result in faster speeds.
+This release also starts the migration to new, faster ECIES-X25519 encryption for routers.
+(Destinations have been using this encryption for a few releases now)
+We've been working on the specifications and protocols for new encryption for several years,
+and we are getting close to the end of it! The migration will take several releases to complete.
+{%- endtrans %}
+
+{% trans -%}
+For this release, to minimize disruption, only new installs and a very small percentage of existing installs
+(randomly selected at restart) will be using the new encryption.
+If your router does "rekey" to use the new encryption, it may have lower traffic or less reliability than usual for several days after you restart.
+This is normal, because your router has generated a new identity.
+Your performance should recover after a while.
+{%- endtrans %}
+
+{% trans -%}
+We have "rekeyed" the network twice before, when changing the default signature type,
+but this is the first time we've changed the default encryption type.
+Hopefully it will all go smoothly, but we're starting slowly to be sure.
+{%- endtrans %}
+
+{% trans -%}
+As usual, we recommend that you update to this release. The best way to
+maintain security and help the network is to run the latest release.
+{%- endtrans %}
+
+
+**{% trans %}RELEASE DETAILS{% endtrans %}**
+
+**{% trans %}Changes{% endtrans %}**
+
+- {% trans %}Build: Git migration{% endtrans %}
+- {% trans %}Build: Move web resources to wars{% endtrans %}
+- {% trans %}i2psnark WebSeed support{% endtrans %}
+- {% trans %}i2psnark padding file support{% endtrans %}
+- {% trans %}i2ptunnel: Move proxy resources to jar{% endtrans %}
+- {% trans %}Router: Redesign ECIES encryption for floodfills (proposal 156){% endtrans %}
+- {% trans %}Router: Verify RI stores after startup{% endtrans %}
+- {% trans %}Router: Reduce Sybil threshold{% endtrans %}
+- {% trans %}Router: ECIES for new routers{% endtrans %}
+- {% trans %}Router: Start of ECIES migration{% endtrans %}
+- {% trans %}SSU: Send individual fragments of messages{% endtrans %}
+- {% trans %}SSU: Westwood+ congestion control{% endtrans %}
+- {% trans %}SSU: Fast retransmit{% endtrans %}
+
+
+**{% trans %}Bug Fixes{% endtrans %}**
+
+- {% trans %}Build: Fix Gradle build{% endtrans %}
+- {% trans %}Crypto: Increase ratchet tag window to prevent message loss{% endtrans %}
+- {% trans %}I2CP: Fix encrypted leaseset combined with ECIES crypto or offline keys{% endtrans %}
+- {% trans %}i2ptunnel: Fix config file saving issues{% endtrans %}
+- {% trans %}Router: Fix leaseset request fails causing watchdog to bark{% endtrans %}
+- {% trans %}Router: Hidden mode fixes{% endtrans %}
+- {% trans %}SSU: Fix partial acks not being sent{% endtrans %}
+- {% trans %}SSU: Fix occasional high CPU usage{% endtrans %}
+
+
+**{% trans %}Other{% endtrans %}**
+
+- {% trans %}Crypto: AES performance improvements{% endtrans %}
+- {% trans %}DoH: Change to RFC 8484 style{% endtrans %}
+- {% trans %}i2ptunnel: Remove DSA shared clients{% endtrans %}
+- {% trans %}Proxy: Add jump servers{% endtrans %}
+- {% trans %}Router: Add more countries for hidden mode{% endtrans %}
+- {% trans %}Router: Tunnel peer selection changes{% endtrans %}
+- {% trans %}Router: Move Sybil subsystem from console to router for embedded use{% endtrans %}
+- {% trans %}Router: Verify RI stores for a while after startup{% endtrans %}
+- {% trans %}Util: New unit tests{% endtrans %}
+- {% trans %}Translation updates{% endtrans %}
+
+
+
+
+`{% trans %}Full list of fixed bugs{% endtrans %}`__
+
+__ http://{{ i2pconv('trac.i2p2.i2p') }}/query?resolution=fixed&milestone=0.9.49
+
+
+**{% trans %}SHA256 Checksums:{% endtrans %}**
+
+::
+
+      af4f022f3532b46dd341717fd08447007ca5217b6c88664be693cac7f71912ea  i2pinstall_0.9.49_windows.exe
+      1614da8703b43e5bdc55007c784f2c211d00650ae0308273605d2ddc321b807e  i2pinstall_0.9.49.jar
+      5164ffb6eab228b4082d203c691906faa9ff32f09f41c3cebe6d941e03b0b9f2  i2psource_0.9.49.tar.bz2
+      af685caf28c842be6589471ebe32fc6bd85ad3fc609f1f5e0fbcae69b5d2575f  i2pupdate_0.9.49.zip
+      f41a6b47d2ea6e1b0d87427a57bd99a3d7f971d57de39b425dbf5017fae156dc  i2pupdate.su3
+
+
+

i2p2www/blog/2021/05/17/0.9.50-Release.rst

@@ -0,0 +1,104 @@
+===========================================
+{% trans -%}0.9.50 Release{%- endtrans %}
+===========================================
+
+.. meta::
+   :author: zzz
+   :date: 2021-05-17
+   :category: release
+   :excerpt: {% trans %}0.9.50 with IPv6 fixes{% endtrans %}
+
+{% trans -%}
+Update details
+{%- endtrans %}
+============================================
+
+{% trans -%}
+0.9.50 continues the transition to ECIES-X25519 for router encryption keys.
+We have enabled DNS over HTTPS for reseeding to protect users from passive DNS snooping.
+There are numerous fixes and improvements for IPv6 addresses, including new UPnP support.
+{%- endtrans %}
+
+{% trans -%}
+We have finally fixed some longstanding SusiMail corruption bugs.
+Changes to the bandwidth limiter should improve network tunnel performance.
+There are several improvements in our Docker containers.
+We have improved our defenses for possible malicious and buggy routers in the network.
+{%- endtrans %}
+
+{% trans -%}
+As usual, we recommend that you update to this release. The best way to
+maintain security and help the network is to run the latest release.
+{%- endtrans %}
+
+
+**{% trans %}RELEASE DETAILS{% endtrans %}**
+
+**{% trans %}Changes{% endtrans %}**
+
+- {% trans %}Docker improvements{% endtrans %}
+- {% trans %}NTCP: Remove support for version 1{% endtrans %}
+- {% trans %}Reseed: Use DNSOverHTTPS{% endtrans %}
+- {% trans %}Router: Increase ECIES rekey probability{% endtrans %}
+- {% trans %}Router: Persist Sybil blocklist{% endtrans %}
+- {% trans %}SSU: Enable introducers and introductions via IPv6 (proposal 158){% endtrans %}
+- Tomcat 9.0.45
+- {% trans %}Transports: Publish support for outbound IPv4/v6 (proposal 158){% endtrans %}
+- {% trans %}UPnP: Add support for IPv6{% endtrans %}
+
+
+
+**{% trans %}Bug Fixes{% endtrans %}**
+
+- {% trans %}Debian: Fix link to compiler jar{% endtrans %}
+- {% trans %}i2psnark: Fix theme selection{% endtrans %}
+- {% trans %}Jetty: Fix detection of SSL connector{% endtrans %}
+- {% trans %}NetDB: Fix NPE when validating expired blinded leaseset{% endtrans %}
+- {% trans %}NTP: Year 2036 fixes{% endtrans %}
+- {% trans %}Router: Fix rekeying every restart on ARM{% endtrans %}
+- {% trans %}Router: Fix decryption of encrypted leasesets{% endtrans %}
+- {% trans %}SAM: Fix removal of subsessions{% endtrans %}
+- {% trans %}SSU: Fix excessive dropping by the bandwidth limiter{% endtrans %}
+- {% trans %}SSU: Fix publishing 'C' capability when not an introducer{% endtrans %}
+- {% trans %}SSU: Fixes for firewalled/not firewalled state transitions{% endtrans %}
+- {% trans %}SSU: IPv6 fixes{% endtrans %}
+- {% trans %}SSU: Peer test fixes{% endtrans %}
+- {% trans %}SusiMail: Fix theme selection{% endtrans %}
+- {% trans %}SusiMail: Fix stream closed errors{% endtrans %}
+- {% trans %}SusiMail: Fix corruption in display of large, new messages{% endtrans %}
+- {% trans %}Tunnels: Several fixes in the participating tunnel bandwidth limiter{% endtrans %}
+- {% trans %}UPnP: Fix leases not being renewed before expiration{% endtrans %}
+
+
+
+**{% trans %}Other{% endtrans %}**
+
+- {% trans %}Build: Remove empty jars and wars from installers{% endtrans %}
+- {% trans %}Build: Prep for different release and API versions{% endtrans %}
+- {% trans %}Build: Remove launcher code{% endtrans %}
+- {% trans %}Gradle build fixes{% endtrans %}
+- {% trans %}Profiles: Disable tunnel peer test{% endtrans %}
+- {% trans %}Profiles: Remove unused tunnel test response time stat{% endtrans %}
+- {% trans %}SSU: Avoid outbound connections to buggy routers{% endtrans %}
+- {% trans %}Transports: Increase connection limits for some platforms{% endtrans %}
+- {% trans %}Translation updates{% endtrans %}
+
+
+
+
+`{% trans %}Full list of fixed bugs{% endtrans %}`__
+
+__ http://{{ i2pconv('trac.i2p2.i2p') }}/query?resolution=fixed&milestone=0.9.50
+
+
+**{% trans %}SHA256 Checksums:{% endtrans %}**
+
+::
+
+     92e38abf0650671e08460dd25711afa67f7933a0b6fa655cbd2746662f06fb30  i2pinstall_0.9.50_windows.exe
+     34902d2a7e678fda9261d489ab315661bd2915b9d0d81165acdee008d9031430  i2pinstall_0.9.50.jar
+     66d32b3fd29fb5d68c1cbfdcf2ee74a671ebb359cdc697260291f12e441d94ff  i2psource_0.9.50.tar.bz2
+     c32e9472e25b5d086198dba8e555604a12593ec92be987565b2fc5efa5ce3a7f  i2pupdate_0.9.50.zip
+     400e342a46a4ef76948e5118ce4005f7b03dd22424acb407f42d99f0bf581352  i2pupdate.su3
+
+

i2p2www/blog/2021/08/23/1.5.0-Release.rst

@@ -0,0 +1,74 @@
+===========================================
+{% trans -%}1.5.0 Release{%- endtrans %}
+===========================================
+
+.. meta::
+   :author: zzz
+   :date: 2021-08-23
+   :category: release
+   :excerpt: {% trans %}1.5.0 with new tunnel build messages{% endtrans %}
+
+{% trans -%}
+Update details
+{%- endtrans %}
+============================================
+
+{% trans -%}
+Yes, that's right, after 9 years of 0.9.x releases, we are going straight from 0.9.50 to 1.5.0.
+This does not signify a major API change, or a claim that development is now complete.
+It is simply a recognition of almost 20 years of work to provide anonymity and security for our users.
+{%- endtrans %}
+
+{% trans -%}
+This release finishes implementation of smaller tunnel build messages to reduce bandwidth.
+We continue the transition of the network's routers to X25519 encryption.
+Of course there are also numerous bug fixes and performance improvements.
+{%- endtrans %}
+
+{% trans -%}
+As usual, we recommend that you update to this release. The best way to
+maintain security and help the network is to run the latest release.
+{%- endtrans %}
+
+
+**{% trans %}RELEASE DETAILS{% endtrans %}**
+
+**{% trans %}Changes{% endtrans %}**
+
+- RRD4J 3.8
+- {% trans %}Tunnels: Finish support for new build messages (proposal 157){% endtrans %}
+- {% trans %}Updates: Support for .dmg and .exe updates{% endtrans %}
+
+
+**{% trans %}Bug Fixes{% endtrans %}**
+
+- {% trans %}Console: Fix generation of SSL keys on Java 17{% endtrans %}
+- {% trans %}i2psnark: Fix autostart for magnets{% endtrans %}
+- {% trans %}Router: Fix rare deadlock in publishing our RI{% endtrans %}
+- {% trans %}SSU: Fix handling of bad peer test responses{% endtrans %}
+- {% trans %}UPnP: IPv6 fixes{% endtrans %}
+
+
+**{% trans %}Other{% endtrans %}**
+
+- {% trans %}Jetty: Improve sort in directory listings{% endtrans %}
+- {% trans %}Jetty: Add X-I2P-Location header{% endtrans %}
+- {% trans %}Router: Increase probability to rekey to ECIES{% endtrans %}
+- {% trans %}Streaming: Performance improvements for low-latency connections{% endtrans %}
+- {% trans %}Translation updates{% endtrans %}
+
+
+`{% trans %}Full list of fixed bugs{% endtrans %}`__
+
+__ http://{{ i2pconv('trac.i2p2.i2p') }}/query?resolution=fixed&milestone=1.5.0
+
+
+**{% trans %}SHA256 Checksums:{% endtrans %}**
+
+::
+
+     2c9c382852e17e124d77a2bf28f95056599fd458f8de77adcf8e2aaa22b3ef81  i2pinstall_1.5.0_windows.exe
+     8c843c90870223b4808065761d059a02b168b74daddd1773c36f0a0245e201f9  i2pinstall_1.5.0.jar
+     26e5f4d95b1a0766870f97b30e57c9a8e98690279c3bf09198e30effabecc450  i2psource_1.5.0.tar.bz2
+     ea1b4b8095f4d6f5568ce879242e1d5b077de1beb4366f4a75a75cffd559ee7f  i2pupdate_1.5.0.zip
+     5d4812278350ce80f3a718f40698afc7f20f0808ef1e2ff56432ab0c2891134c  i2pupdate.su3

i2p2www/blog/2021/08/26/20-Years-of-I2P.rst

@@ -0,0 +1,104 @@
+===========================================
+{% trans -%}I2P Celebrates its 20th Year{%- endtrans %}
+===========================================
+
+.. meta::
+   :author: idk
+   :date: 2021-08-26
+   :category: general
+   :excerpt: {% trans %}I2P has been around for 20 years, let's take a look back{% endtrans %}
+
+{% trans -%}
+20 Years of I2P
+{%- endtrans %}
+============================================
+
+{% trans -%}
+It's hard to believe, but I2P has been around for nearly 20 years! From its
+beginning as a C project which provided anonymous access to IRC, we've had
+hundreds of contributors, accepted checkins from dozens of coders, used 2
+main languages, 3 version control systems, experienced a migration of its
+crypography, and multiple soft-forks. There have been around 500 registered
+sites on the Invisible Web, and countless unregistered I2P sites that were only
+accessible via their cryptographic hostnames.
+{%- endtrans %}
+
+{% trans -%}
+Thanks to the participation of users like you, the network has grown from a tiny
+group of power users to over 75,000 nodes operated from all over the world,
+made of I2P routers bundled in perhaps dozens of applications. Today I2P is
+available in on Windows, Mac OSX, Linux, and has ports for FreeBSD, OpenBSD, and
+many other systems. I2P can run on phones and even in SOHO routers (thanks to the
+independent C++ implementation of the protocol, i2pd).
+{%- endtrans %}
+
+{% trans -%}
+A Routing Protocol with Flagship Applications
+{%- endtrans %}
+---------------------------------------------
+
+{% trans -%}
+Even before other anonymity projects were providing their own application
+bundles, I2P was a tool for building applications that were configured for
+anonymity. Over the years, we've leaned on this strength, by expanding our
+APIs to support more and more versatile applications. Today, we're still
+developing new ways of building I2P into applications.
+{%- endtrans %}
+
+{% trans -%}
+Using the power of the Hidden Services Manager or the SAM API, developers of all
+kinds of applications can empower their users with anonymity using I2P. Exciting
+downstream projects like Monero's I2P-Zero have made it very easy for developers
+to help their users get connected to I2P. Today, I2P helps provide anonymity to
+dozens of applications including Bitcoin, IRC, email and multiple file-sharing
+protocols.
+{%- endtrans %}
+
+{% trans -%}
+An Anonymous Network By Everyone, For Everyone
+{%- endtrans %}
+----------------------------------------------
+
+{% trans -%}
+I2P has always been a decentralized network, because its obvious that providing
+an anonymity network is an intrinsically collaborative process. To illustrate
+with the most extreme example, a single computer cannot provide itself
+with anonymity, nor can it be a useful network, by definiton. However, building
+I2P in this fully-decentralized manner hasn't always been easy.
+{%- endtrans %}
+
+{% trans -%}
+From the beginning, I2P would need to be scalable, and be able to balance itself
+so that  high-bandwidth nodes wouldn't be able to easily take over the network.
+Sybil attacks would leave the realm of academia and we would need to develop
+new defenses against them.
+{%- endtrans %}
+
+{% trans -%}
+We've worked very hard to never compromise on this stance, and today every I2P
+router helps participate in providing the network with bandwidth resources and
+providing the users with anonymity. In doing so, we've learned incredible things
+and produced a network which at times has seemed inconceivable.
+{%- endtrans %}
+
+{% trans -%}
+Celebrating I2P
+{%- endtrans %}
+---------------
+
+{% trans -%}
+Over the next 2 weeks, we've planned some blog posts where we'll explore the past,
+present, and future of I2P, highlight applications and tools that build on
+and enhance I2P, and showcase the best of our community. Check back here for
+more in the coming days!
+{%- endtrans %}
+
+* {% trans -%}`The History of I2P
+  </en/blog/post/2021/08/28/History-of-I2P>`_{%- endtrans %}
+* {% trans -%}`Dependency-Free I2P of the Future - Jpackage Bundles and I2P-Zero (from Monero)
+  </en/blog/post/2021/09/08/I2P-Jpackage-Bundles-and-Zero>`_{%- endtrans %}
+* {% trans -%}`Level-Up your I2P use with Encrypted LeaseSets
+  </en/blog/post/2021/09/07/Level-Up-Encrypted-Leasesets>`_{%- endtrans %}
+* {% trans -%}Dividing the Triangle: How I2P Eases Naming and Increases Flexibility for End-Users{%- endtrans %}
+* {% trans -%}I2P's Usability Journey{%- endtrans %}
+* {% trans -%}Building Bridges - Making Connections with Other Privacy Projects{%- endtrans %}

i2p2www/blog/2021/08/28/History-of-I2P.rst

@@ -0,0 +1,510 @@
+===========================================================
+{% trans -%}20 Years of Privacy: A Brief History of I2P{%- endtrans %}
+===========================================================
+
+.. meta::
+    :author: sadie
+    :date: 2021-08-28
+    :category: general
+    :excerpt: {% trans %}A history of I2P As We Know It{% endtrans %}
+
+{% trans -%}
+Invisibility is the best defense: building an internet within an internet
+{%- endtrans %}
+-------------------------------------------------------------------------
+
+    {% trans -%}I believe most people want this technology so they can express
+    themselves freely. It’s a comfortable feeling when you know you can
+    do that. At the same time we can conquer some of the problems seen
+    within the Internet by changing the way security and privacy is
+    viewed, as well as the extent to what it is valued.{%- endtrans %}
+
+
+{% trans -%}In October 2001, 0x90 ( Lance James) had a dream. It started as a
+“desire for instant communication with other Freenet users to talk about
+Freenet issues, and exchange Freenet keys while still maintaining
+anonymity, privacy and security.” It was called IIP — the Invisible IRC
+Project.{%- endtrans %}
+
+.. compound::
+  .. image:: /_static/images/history/invisibleirc_banner.png
+    :width: 100%
+  .. image:: /_static/images/history/invisibleirc.png
+    :width: 100%
+
+{% trans -%}The Invisible IRC Project was based on an ideal and framework behind The
+InvisibleNet:{%- endtrans %}
+
+{% trans -%}In an interview from 2002, 0x90 described the project:{%- endtrans %}
+
+    {% trans -%}“InvisibleNet is a research & development driven organization whose main
+    focus is the innovation of intelligent network technology. Our goal is
+    to provide the highest standards in security and privacy on the widely
+    used, yet notoriously insecure Internet."{%- endtrans %}
+
+    {% trans -%}"The InvisibleNet team is comprised of a talented group of developers and
+    architects entirely dedicated to providing its users with both
+    convenience and the very best in secure communication."{%- endtrans %}
+
+    {% trans -%}"Our technological ideals are reflected in the implementation of a
+    framework that is solid in design, and transparent in its application."{%- endtrans %}
+
+    {% trans -%}"Here at InvisibleNet we strive towards the greatest level of quality
+    possible by keeping all areas of our research & development open and
+    available to the public for peer review, feedback, suggestions and new
+    ideas.”{%- endtrans %}
+
+    {% trans -%}"The Invisible Internet Project: Defined as the “New Internet”.
+    Peer 2 Peer Internet. Using your peers to protect you. It is a
+    similar concept to the Invisible IRC Project, with its design as our
+    test model. We plan to re-design the Internet by taking it a step
+    further and having security and privacy be first priority."{%- endtrans %}
+
+    {% trans -%}"The Invisible Internet Project or Protocol will be utilizing the
+    tests and research/development concepts of the Invisible IRC Project
+    to give us the scalability that we need and leverage this to take it
+    to the next level."{%- endtrans %}
+
+    {% trans -%}"This, in essence will be an impenetrable neural-network, that is
+    self-driven, self-defensed, and completely seamless to already
+    applied protocols, specifically client to server (or agents as I call
+    them). It will be THE next transport layer, a layer on top of the
+    notoriously insecure Internet, to deliver full anonymity, privacy,
+    and security at the highest level possible. Decentralized and peer to
+    peer Internet, by the way, means no more worrying about your ISP
+    controlling your traffic. This will allow you to do seamless
+    activities and change the way we look at security and even the
+    Internet, utilizing public key cryptography, IP steganography, and
+    message authentication. The Internet that should have been, will be
+    soon."{%- endtrans %}
+
+.. compound::
+  .. image:: /_static/images/history/invisiblenet.png
+     :width: 100%
+
+| {% trans -%}All citations and quotes are from the interviews found here:{%- endtrans %}
+| http://invisibleip.sourceforge.net/iip/mediaDCInterview1.php
+| http://invisibleip.sourceforge.net/iip/mediaDCInterview2.php
+| http://invisibleip.sourceforge.net/index.php
+
+{% trans -%}By 2003, several other similar projects had started, the largest being
+Freenet, GNUNet, and Tor. All of these projects had broad goals to
+encrypt and anonymize a variety of traffic. For IIP, it became clear
+that IRC alone was not a big-enough target. What was needed was an
+anonymizing layer for all protocols. IIP by now was also being called
+“InvisibleNet”.{%- endtrans %}
+
+{% trans -%}In early 2003, a new anonymous developer, “jrandom” joined the project.
+His explicit goal was to broaden the charter of IIP.{%- endtrans %}
+
+{% trans -%}jrandom wished to rewrite the IIP code base in Java, a language he was
+familiar with, and the same language Freenet was using. He also wished
+to redesign the IIP protocols based on recent papers and the early
+design decisions that Tor and Freenet were making. Some of these
+concepts and naming conventions, such as “onion routing”, were modified
+to become “garlic routing”. For several of the design decisions, jrandom
+made different choices than Tor did, including selecting different
+cryptographic primitives in a number of places. Many (but not all) of
+these choices turned out quite well. For some others, such as using
+unidirectional tunnels rather than Tor’s bidirectional tunnels, the
+benefits and trade-offs are still not well-studied.{%- endtrans %}
+
+{% trans -%}jrandom also set out a clear vision for the architecture of the code. It
+would be a client/server model, with the server (i.e. the router)
+isolated from any “client” protocols. Clients such as web browsers, web
+servers, IRC clients and servers, and others, would communicate through
+the router using I2CP, the I2P Client Protocol.{%- endtrans %}
+
+{% trans -%}jrandom also had strong opinions on the direction of the project and its
+philosophy. He was strongly committed to open source and free software.
+He explicitly set a goal of protection from organizations with
+“unlimited financial and political resources.”{%- endtrans %}
+
+{% trans -%}By late summer 2003, jrandom had taken control of the project, and
+renamed it the Invisible Internet Project or “I2P”. He published a
+document outlining the philosophy of the project, and placed its
+technical goals and design in the context of mixnets and anonymizing
+layers. He also published the specification of two protocols (I2CP and
+I2NP) and their underlying data structures, that formed the basis of the
+network I2P uses today. Lance (“nop”) was last seen in a project meeting
+on November 11, 2003.{%- endtrans %}
+
+.. image:: /_static/images/history/bw1.png
+
+https://www.bloomberg.com/news/articles/2003-09-14/the-underground-internet
+
+.. image:: /_static/images/history/bw2.png
+
+{% trans -%}By fall 2003, I2P, Freenet, and Tor were rapidly developing. Business
+Week published an article on “The Underground Internet” which referenced
+InvisibleNet and discussed “darknets” extensively. jrandom released I2P
+version 0.2 on November 1, 2003, and continued rapid releases for the
+next 3 years. He maintained regular weekly meetings and status notes
+during this time. Several popular services and “respites” emerged during
+this time. Auto updates via clearnet HTTP became available in 2004.{%- endtrans %}
+
+{% trans -%}Through 2004 and 2005, router development continued, and several
+“clients” or applications were added to the I2P package. “Mihi” wrote
+the first streaming protocol implementation and the i2ptunnel interface
+for configuring and starting client tunnels. “Susi” wrote the web mail
+and address book applications SusiMail and SusiDNS. Many people worked
+on the router console web interface. A bridge to make it easier for
+non-I2P clients to communicate over I2P, called “SAM” (Simple Anonymous
+Messaging) was added.{%- endtrans %}
+
+| {% trans -%}In February 2005, zzz installed I2P for the first time.{%- endtrans %}
+| {% trans -%}Anonymity projects were in the news. After surveying the field, he
+  installed Freenet, and found it ambiguous, and difficult to explore.
+  Not only that, it was very resource heavy and it was difficult to get
+  anything to load. Tor and I2P were the other options, and he tried
+  I2P.{% endtrans %}
+
+{% trans -%}zzz had no preconceived plans to contribute to the project, and had
+never written a line of Java. He had maybe used IRC once. At this time,
+I2P was at version 0.5, with maybe a thousand users and three hard-coded
+floodfills. Forum.i2p and postman’s tracker were up and running at the
+time, and weekly meetings and status notes, and releases every couple of
+week were happening.{%- endtrans %}
+
+{% trans -%}By summer 2005, zzz had set up two websites. The first was zzz.i2p,
+which over the years became a central resource for I2P development, and
+still is. The second was stats.i2p, the first site to gather statistics
+on I2P network performance and present graphs on both the network and
+individual routers. While the individual router statistics eventually
+had to be shut down due to the tremendous growth of the network, the
+overall performance graphs remain. We are not sure that he ever planned
+to become the release manger for almost 2 decades, but we are happy he
+did. The project has not only stayed active, it has thrived and scaled
+to the demands of its growth.{%- endtrans %}
+
+.. compound::
+  .. image:: /_static/images/history/statsi2p.png
+     :width: 100%
+
+{% trans -%}On July 27, 2005, jrandom released I2P version 0.6, including an
+innovative new UDP transport protocol he designed called “SSU”, for
+Secure Semi-reliable UDP. It contained features for IP discovery and
+firewall traversal.{%- endtrans %}
+
+{% trans -%}In September 2005, jrandom bundled “Syndie”, his new high-latency
+anonymous messaging system. In October 2005, jrandom ported Snark, a
+Java BitTorrent client, to become an I2P application and bundled it with
+the I2P package. This completed the collection of client applications
+that are still bundled with I2P today.{%- endtrans %}
+
+{% trans -%}In late 2005 and early 2006, jrandom redesigned the way that I2P built
+tunnels. This was a major effort that was done to increase the security
+of the tunnel building, which is crucial to maintain anonymity and
+resist attacks. He worked closely with the Freenet developers, including
+“Toad”, on this design. The new build protocol required new I2NP
+messages and a hard cut-over or “flag day”. These changes were released
+in version 0.6.1.10 on February 16, 2006. This is significant as it is
+the last flag day I2P has had. While, in practice, an 0.6.1.10 router
+would not work well, if at all, in today’s network, we are, technically
+speaking, backwards-compatible with this ten-year-old version today.{%- endtrans %}
+
+{% trans -%}By early 2006, the I2P software was at least feature-complete, but it
+was still not widely-known. jrandom’s view was that it shouldn’t be
+marketed publicly until it was near-perfect, and labeled as version 1.0.
+The network had perhaps a thousand users at the time. Project members
+were discouraged from talking about it online, and the website
+(`i2p.net <http://i2p.net>`__) was unpolished and incomplete.{%- endtrans %}
+
+{% trans -%}On July 27, 2006, jrandom released I2P version 0.6.1.23, including an
+innovative new TCP transport protocol he designed called “NTCP”, for
+new-IO-based TCP. It used Java’s new IO library for efficient handling
+of large numbers of TCP connections.{%- endtrans %}
+
+{% trans -%}In late 2006, jrandom turned his focus to Syndie. He came to see it as
+his top priority, and the “killer application” for I2P. Highly secure
+and almost unusable, it delayed messages for up to two days before
+delivery to resist traffic analysis. Later in 2006, he stopped work on
+the bundled Syndie application and started a new, incompatible,
+standalone messaging application. This application was, confusingly,
+also called “Syndie”. The new Syndie was a large and complex
+development, and it was essentially a one-man project.{%- endtrans %}
+
+{% trans -%}From late 2006 into 2007, core I2P development and releases slowed
+dramatically. From almost 30 releases in 2005 and 13 in the first half
+of 2006, there were only 5 in the second half of 2006 and only 4 in all
+of 2007. During this time, zzz and a developer named Complication had
+source code commit privileges and were making changes, but their
+understanding of the code base was limited. zzz worked, for example, on
+improving i2psnark, fixing bugs, and redesigning the strategy for
+anticipatory tunnel building. But there was a lot more that needed to be
+done. Complication and zzz did what they could, and they wrote the code
+for almost all the changes in the four 2007 releases
+(0.6.1.27–0.6.1.30). By this time, jrandom was providing very little
+guidance, code review, or direction for the project.{%- endtrans %}
+
+{% trans -%}It wasn’t apparent at the time, but the project was in trouble.{%- endtrans %}
+
+{% trans -%}jrandom had almost stopped working on the core I2P router and
+applications. Even the new Syndie, which he had declared as far more
+important than I2P itself, languished. After regular releases through
+March 2007, his next Syndie release, 1.100a, was August 25, 2007. All
+I2P releases were required to be signed by jrandom’s key, and he built
+and signed his last release, 0.6.1.30, on October 7, 2007.{%- endtrans %}
+
+{% trans -%}In November 2007, disaster struck. Complication and zzz received a
+cryptic message from jrandom, that he would have to take time off from
+both Syndie and I2P development for a year or more. He expected that he
+would still be available to sign releases, but was willing to pass the
+release signing key to somebody else. Complication and zzz immediately
+replied with a request for the release key and other credentials, such
+as access to the website, mailing list, CVS administration, and others.
+Unfortunately, they never heard from jrandom again.{%- endtrans %}
+
+{% trans -%}Late 2007 and early 2008, they awaited jrandom’s response, and wondered
+what to do next. However, all of the project infrastructure remained
+active, so it didn’t seem to be an immediate crisis. They knew, however,
+that without the release key or website access, they would have to sign
+with new keys, host the files on a new website, and require everybody to
+manually update since their keys wouldn’t be recognized.{%- endtrans %}
+
+{% trans -%}The second stage of the disaster happened on January 13, 2008. The
+hosting company for almost all `i2p.net <http://i2p.net>`__ servers
+suffered a power outage, and they did not fully return to service. Only
+jrandom had the credentials required to restore service. In addition,
+the centralized CVS source control appeared to be down, so five years of
+source control history appeared to be lost. Luckily, the CVS server was
+up, only the name server for it was down. The full contents of the CVS
+archive was quickly downloaded.{%- endtrans %}
+
+| {% trans -%}Complication, welterde, and zzz quickly made a number of decisions to
+  get the project back up and running. Welterde started a new website at
+  `i2p2.de <http://i2p2.de>`__. I2P needed to move to a decentralized
+  source code control system. They tested bazaar and that did not work
+  well over I2P. Git was just getting started. jrandom had used monotone
+  for Syndie and liked its security properties, and it worked well over
+  I2P, so it was selected.{%- endtrans %}
+| {% trans -%}Several people set up new services. The next release, 0.6.1.31, was
+  signed by Complication and required a manual upgrade. It was released
+  on February 10, 2008.{%- endtrans %}
+
+{% trans -%}The project realized that even though it claimed to be totally
+decentralized, it actually depended on a number of centralized
+resources, above all, on jrandom. Work was done throughout 2008 to
+decentralize the project, and distribute roles to a number of people.
+Additionally, it was realized that development had essentially stalled
+in 2007, because jrandom had stopped working on it, but had not
+delegated to other developers. Nobody had an overall understanding of
+the code base.{%- endtrans %}
+
+{% trans -%}Complication continued to sign the releases through mid-2009, but his
+contributions declined as he focused on activism and other projects.
+Starting with release 0.7.6 on July 31, 2009, zzz would sign the next 49
+releases.{%- endtrans %}
+
+{% trans -%}In December 2008, zzz attended his first CCC, 25C3 in Berlin, and met
+other I2P project team members for the first time, including hottuna and
+welterde. The experience was overwhelming, and also humbling, as he
+struggled to explain I2P to others or answer even basic questions about
+its design and use of cryptography.{%- endtrans %}
+
+{% trans -%}By mid-2009, zzz had come to understand the code base much better. Far
+from being complete or perfect, it was filled with problems and
+scalability issues. In 2009 the project experienced more network growth
+due to its anonymizing properties as well as its circumvention
+abilities. Participants appeared who were beginning to adopt the network
+for reasons like censorship and clearnet issues like blocking of popular
+services. For development gains, in-net auto updates became available
+for the software.{%- endtrans %}
+
+.. image:: /_static/images/history/propaganda.jpeg
+
+{% trans -%}July 2010 zzz briefly presented I2P at the end of Adrian Hong’s
+presentation at HOPE XXXX. Adrian talked about how tech has helped
+expose human rights violations, and the need for defensive tools for
+activists. He urged that we all be ambassadors for all tech, stay on top
+of new tech, and keep the barrier low and educate people about how to
+use the tool we create.{%- endtrans %}
+
+{% trans -%}He also talked about how we need many options for people to use, and
+asked how do we make it easier to support human rights, freedom of
+expression?{%- endtrans %}
+
+{% trans -%}At the end of the talk, zzz was invited on stage to introduce I2P and
+give an overview of what the project was about. The same weekend, it was
+pointed out that the I2P documentation was not in great shape.{%- endtrans %}
+
+{% trans -%}In Fall 2010, zzz declared a moratorium on I2P development until the
+website documentation was complete and accurate. It took 3 months to get
+it done.{%- endtrans %}
+
+{% trans -%}Beginning in 2010, until COVID restrictions were put in place, zzz, ech,
+hottuna, and other I2P contributors have attended CCC ( Chaos
+Communications Congress) every year. Over the years, meeh, Zab, Sadie,
+LazyGravy, KYTV, IDK and others have made the trip to Germany to share
+tables with other projects and celebrate the end of a year of releases.
+The project looks forward to one day being able to meet up again and
+have an in-person yearly roadmap meeting.{%- endtrans %}
+
+{% trans -%}Anoncoin, a digital cryptocurrency that focuses on privacy and anonymity
+for its users was created in 2013. It was the first coin that provided
+built-in support for I2P, as well as Tor that makes it impossible to
+determine the IP address of the user. The developers, including meeh,
+also ran organizations like Privacy Solutions, and provided infrastructure
+support to the I2P network by running services like outproxies and
+reseed servers.{%- endtrans %}
+
+{% trans -%}I2PBote development started to take off again in 2014 when str4d began
+contributing to the project. Bote is a server-less email client — it
+stores email in a `distributed hash
+table <http://en.wikipedia.org/wiki/Distributed_hash_table>`__. Email is
+“automatically encrypted and digitally signed, which ensures no one but
+the intended recipient can read the email, and third parties cannot
+forge them.” ( https://i2pbote.xyz/). The project has existed since
+2009.{%- endtrans %}
+
+.. compound::
+  .. image:: /_static/images/history/bote.png
+     :width: 100%
+
+> I2PBote screenshot Credit: AceBarry
+
+{% trans -%}At Real World Crypto that year, zzz, psi and str4d began to talk about
+and review the plan to update I2P’s cryptography. The same year, the
+project was awarded a $5k donation from Duck Duck Go. Lavabit,
+SecureDrop, RiseUp and Mailpile also received donations for supporting
+better trust and privacy online.{%- endtrans %}
+
+{% trans -%}By late 2014 most new signing crypto was complete, including ECDSA and
+EdDSA. New destination crypto was available; but new router info crypto
+needed to wait a year for the network to upgrade sufficiently.{%- endtrans %}
+
+{% trans -%}During the early part of 2015, zzz posted to Twitter that it would be
+great to have a mini conference for I2P. In Spring, it was decided that
+I2PCon would take place that August over the course of a weekend.{%- endtrans %}
+
+{% trans -%}Hottuna and Sadie organized most of the details, getting graphic assets
+created, posters printed and a banner made for the podium. Nick at
+Hacklab, where the event would take place, helped with making sure the
+space was ready for the event. Sadie reached out to the local infosec
+community and helped secure guest speakers as well. The event happened
+on one of the hottest weekends of the Summer, with attendees arriving
+from America and Europe. The I2P community did an amazing job of
+supporting the event by postering, giving talks, and spreading the word
+in forums and on social media. The talks can be viewed on KYTV’s YouTube
+Channel https://www.youtube.com/channel/UCZfD2Dk6POE-VU8DOqW7VVw{%- endtrans %}
+
+.. compound::
+  .. image:: /_static/images/history/i2pcon1.png
+     :width: 100%
+
+{% trans -%}In January 2016 at Real World Crypto Stanford — str4d gave a talk on the
+crypto migration progress and future plans for the project. zzz and
+others would continue weekly meetings to plan the migration over the
+next few years.{%- endtrans %}
+
+{% trans -%}NTCP2 was implemented in 2018, in release 0.9.36. It was disabled by
+default so that it could be tested. It was enabled in 0.9.37. NTCP1 was
+disabled in 0.9.40.{%- endtrans %}
+
+    {% trans -%}The new I2P transport protocol provides effective resistance against
+    DPI censorship. It also results in reduced CPU load because of the
+    faster, modern cryptography used. It makes I2P more likely to run on
+    low-end devices, such as smartphones and home routers. Both major I2P
+    implementations have full support for NTCP2 and it make NTCP2
+    available for use starting with version 0.9.36 (Java) and 2.20 (i2pd,
+    C++).{%- endtrans %}
+
+{% trans -%}The complete implementation details can be read here
+https://geti2p.net/en/blog/post/2018/08/20/NTCP2{%- endtrans %}
+
+{% trans -%}0.9.39 included extensive changes for new network database types
+(proposal 123). The i2pcontrol plugin was bundled as a web-app to support
+development of RPC applications.{%- endtrans %}
+
+{% trans -%}In 2019, the team decided to attend more conferences. That year IDK and
+zzz attended DefCon, and IDK gave a workshop on I2P application
+development. At Monero Village, zzz gave a talk called I2P for
+Cryptocurrency Developers.{%- endtrans %}
+
+{% trans -%}Late that year, Sadie and IDK attended Our Networks in Toronto, where
+IDK gave a lightning talk about I2P.{%- endtrans %}
+
+{% trans -%}Sadie attended RightsCon in Tunis and the Internet Freedom Festival in
+Valencia to meet with NGO’s and Human Right Defenders. Thanks to the the
+connections we made, the project received grants for usability and
+accessibility support from Open Tech Fund, and most recently Internews.
+This will ensure more user friendly onboarding, UX, and information
+architecture improvements to support the growing interest in the
+network. It will also support specific tooling to help in-need users
+with specific risk surfaces through user research.{%- endtrans %}
+
+.. image:: /_static/images/history/phong.png
+
+{% trans -%}That Summer, Hoàng Nguyên Phong had his research into I2P censorship
+accepted too FOCI at USENIX in Santa Clara. Sadie had supported the
+research and they attended together. I2P Metrics was created during this
+time https://i2p-metrics.np-tokumei.net/, and well as research into more
+resistant reseed servers for the I2P network
+https://homepage.np-tokumei.net/post/notes-i2p-reseed-over-cloudflare/.
+You can read the research report here
+https://homepage.np-tokumei.net/post/notes-otf-wrapup-blogpost/.{%- endtrans %}
+
+{% trans -%}At CCC that year, the decision was made to migrate from Monotone too
+GitLab. The project was one of the last to use Monotone, and it was time
+to prepare to move on. IDK would spend 2020 ensuring the process was as
+smooth as it could be. The pandemic would result in the team not being
+able to see each other that year to celebrate the ( mostly) smooth move
+to Gitlab. On December 10. 2020, the project switched off the old mtn
+i2p.i2p branch, and moved the development of the core Java I2P libraries
+from Monotone to Git officially.{%- endtrans %}
+
+    {% trans -%}Congratulations and thanks to everyone who helped in the git
+    migration, especially zzz, eche|on, nextloop, and our site mirror
+    operators! While some of us will miss Monotone, it has become a
+    barrier for new and existing participants in I2P development and
+    we’re excited to join the world of developers using Git to manage
+    their distributed projects.{%- endtrans %}
+
+https://geti2p.net/en/blog/post/2020/12/10/Hello-git-goodbye-mtn
+
+{% trans -%}0.9.47 enabled the new end-to-end encryption protocol (proposal 144) by
+default for some services. A Sybil analysis and blocking tool was also
+now enabled by default. 0.9.48 enabled the new end-to-end encryption
+protocol (proposal 144) for most services. Preliminary support was added
+for new tunnel build message encryption (proposal 152). There were
+significant performance improvements throughout the router.{%- endtrans %}
+
+{% trans -%}0.9.49 was the release that brought faster crypto. The I2P network
+became faster and more secure. Improvements and fixes for the SSU (UDP)
+transport resulted in faster speeds. The release also started the
+migration to new, faster ECIES-X25519 encryption for routers. The
+project had been working on the specifications and protocols for new
+encryption for several years, and was getting close to the end of it.
+The migration would take several releases to complete.{%- endtrans %}
+
+{% trans -%}To minimize disruption, only new installs and a very small percentage of
+existing installs (randomly selected at restart) would be using the new
+encryption.{%- endtrans %}
+
+{% trans -%}The project had “rekeyed” the network twice before, when changing the
+default signature type, but this was the first time it had changed the
+default encryption type. 0.9.50 enabled DNS over HTTPS for reseeding to
+protect users from passive DNS snooping. There were numerous fixes and
+improvements for IPv6 addresses, including new UPnP support.{%- endtrans %}
+
+.. _31b4:
+
+{% trans -%}1.5.0 — The early anniversary release because it is so good!{%- endtrans %}
+------------------------------------------------------------
+
+    {% trans -%}Yes, that’s right, after 9 years of 0.9.x releases, we are going
+    straight from 0.9.50 to 1.5.0. This does not signify a major API
+    change, or a claim that development is now complete. It is simply a
+    recognition of almost 20 years of work to provide anonymity and
+    security for our users.{%- endtrans %}
+
+    {% trans -%}This release finishes implementation of smaller tunnel build messages
+    to reduce bandwidth. We continue the transition of the network’s
+    routers to X25519 encryption. Of course there are also numerous bug
+    fixes and performance improvements.{%- endtrans %}
+
+    {% trans -%}As usual, we recommend that you update to this release. The best way
+    to maintain security and help the network is to run the latest
+    release.{%- endtrans %}
+
+{% trans -%}Congratulations team. Let’s do another 20.{%- endtrans %}

i2p2www/blog/2021/09/07/Level-Up-Encrypted-Leasesets.rst

@@ -0,0 +1,193 @@
+=============================================================
+{% trans -%}Level up your I2P Skills with Encrypted LeaseSets{%- endtrans %}
+=============================================================
+
+.. meta::
+   :author: idk
+   :date: 2021-09-07
+   :category: general
+   :excerpt: {% trans %}It has been said that I2P emphasizes Hidden Services, we examine one interpretation of this{% endtrans %}
+
+{% trans -%}
+Level up your I2P Skills with Encrypted LeaseSets
+{%- endtrans %}
+=================================================
+
+{% trans -%}
+It has been said in the past that I2P emphasizes support for Hidden Services,
+which is true in many ways. However, what this means to users, developers, and
+hidden service administrators isn't always the same. Encrypted LeaseSets and
+their use-cases provide a unique, practical window into how I2P makes hidden
+services more versatile, easier to administer, and how I2P extends on the
+Hidden Service concept to provide security benefits for potentially interesting
+use-cases.
+{%- endtrans %}
+
+{% trans -%}
+What is a LeaseSet?
+-------------------
+{%- endtrans %}
+
+{% trans -%}
+When you create a hidden service, you publish something called a "LeaseSet" to
+the I2P NetDB. The "LeaseSet" is, in the simplest terms, what other I2P users
+need to discover "where" your hidden service is on the I2P Network. It contains
+"Leases" which identify tunnels that can be used to reach your hidden service,
+and the public key of your destination, which clients will encrypt messages to.
+This type of hidden service is reachable by anyone who has the address, which
+is probably the most common use case for now.
+{%- endtrans %}
+
+{% trans -%}
+Sometimes, you might not want to allow your hidden services to be accessible by
+anyone, though. Some people use hidden services as a way of accessing an SSH
+server on a home PC, or to stitch together a network of IOT Devices. In these
+cases it's not necessary, and may be counter-productive, to make your hidden
+service accessible to everyone one the I2P Network. This is where "Encrypted
+LeaseSets" come into play.
+{%- endtrans %}
+
+{% trans -%}
+Encrypted LeaseSets: VERY Hidden Services
+------------------------------------------
+{%- endtrans %}
+
+{% trans -%}
+Encrypted LeaseSets are LeaseSets which are published to the NetDB in an
+encrypted form, where none of the Leases or public keys are visible unless
+the client has the keys required to decrypt the LeaseSet inside of it. Only
+clients you share keys with(For PSK Encrypted LeaseSets), or who share their
+keys with you(For DH Encrypted LeaseSets), will be able to see the destination
+and no one else.
+{%- endtrans %}
+
+{% trans -%}
+I2P Supports several strategies for Encrypted LeaseSets. The key characteristics
+of each strategy are important to understand when deciding which one to use. If
+an Encrypted LeaseSet uses a "Pre-Shared Key(PSK)" strategy, then the server
+will generate a key(or keys) which the server operator then shares with each
+client. Of course, this exchange must happen out-of-band, possibly via an
+exchange on IRC for example. This version of Encrypted LeaseSets is sort of
+like logging into Wi-Fi with a password. Except, what you're logging into is
+a Hidden Service.
+{%- endtrans %}
+
+{% trans -%}
+If an Encrypted LeaseSet uses a "Diffie-Hellman(DH)
+strategy, then they keys are generated on the client instead. When a
+Diffie-Hellman client connects to a destination with an Encrypted LeaseSet, they
+must first share their keys with the server operator. The server operator then
+decides whether to authorize the DH client. This version of Encrypted LeaseSets
+is sort of like SSH with an `authorized_keys` file. Except, what you're logging
+into is a Hidden Service.
+{%- endtrans %}
+
+{% trans -%}
+By Encrypting your LeaseSet, you not only make it impossible for unauthorized
+users to connect to your destination, you make it impossible for unauthorized
+visitors to even discover the real destination of the I2P Hidden Service. Some
+readers have probably already considered a use-case for their own Encrypted
+LeaseSet.
+{%- endtrans %}
+
+{% trans -%}
+Using Encrypted LeaseSets to Safely Access a Router Console
+-----------------------------------------------------------
+{%- endtrans %}
+
+{% trans -%}
+As a general rule, the more complex information a service has access to about
+your device, the more dangerous it is to expose that service to the Internet or
+indeed, to a Hidden Service network like I2P. If you want to expose such a
+service, you need to protect it with something like a password, or, in the case
+of I2P, a much more thorough and secure option could be an Encrypted LeaseSet.
+{%- endtrans %}
+
+{% trans -%}
+**Before continuing, please read and understand that if you do the following**
+**procedure without an Encrypted LeaseSet, you will be defeating the security of**
+**your I2P router. Do not configure access to your router console over I2P without**
+**an Encrypted LeaseSet. Additionally, do not share your Encrypted LeaseSet PSK's**
+**with any devices you do not control.**
+{%- endtrans %}
+
+{% trans -%}
+One such service which is useful to share over I2P, but ONLY with an Encrypted
+LeaseSet, is the I2P router console itself. Exposing the I2P router console on
+one machine to I2P with an Encrypted LeaseSet allows another machine with a
+browser to administer the remote I2P instance. I find this useful for remotely
+monitoring my regular I2P Services. It could also be used to monitor a server
+which is used to seed a torrent long-term as a way to access I2PSnark.
+{%- endtrans %}
+
+{% trans -%}
+For as long as it takes to explain them, setting up an Encrypted LeaseSet is
+straightforward to configure via the Hidden Services Manager UI. 
+{%- endtrans %}
+
+{% trans -%}
+On the "Server"
+---------------
+{%- endtrans %}
+
+.. compound::
+  .. image:: /_static/images/encryptls/newhs.png
+     :width: 100%
+
+{% trans -%}
+Start by opening the Hidden Services Manager at http://127.0.0.1:7657/i2ptunnelmgr
+and scroll to the bottom of the section that says "I2P Hidden Services." Create
+a new hidden service with the host "127.0.0.1" and the port "7657" with these
+"Tunnel Cryptography Options" and save the hidden service. 
+{%- endtrans %}
+
+.. compound::
+  .. image:: /_static/images/encryptls/demosettings.png
+     :width: 100%
+
+{% trans -%}
+Then, select your new tunnel from the Hidden Services Manager main page. The
+Tunnel Cryptography Options should now include your first Pre-Shared Key. Copy
+this down for the next step, along with the Encrypted Base32 Address of your
+tunnel.
+{%- endtrans %}
+
+.. compound::
+  .. image:: /_static/images/encryptls/demoresult.png
+     :width: 100%
+
+{% trans -%}
+On the "Client"
+---------------
+{%- endtrans %}
+
+{% trans -%}
+Now switch computers to the client which will connect to the hidden service,
+and visit the Keyring Configuration at http://127.0.0.1:7657/configkeyring to
+add the keys from earlier. Start by pasting the Base32 from the Server into
+the field labeled: "Full destination, name, Base32, or hash." Next, paste the
+Pre-Shared Key from the server into the "Encryption Key" field. Click save,
+and you're ready to securely visit the Hidden Service using an Encrypted
+LeaseSet.
+{%- endtrans %}
+
+.. compound::
+  .. image:: /_static/images/encryptls/client.png
+     :width: 100%
+
+{% trans -%}
+Now You're Ready to Remotely Administer I2P
+-------------------------------------------
+{%- endtrans %}
+
+{% trans -%}
+As you can see, I2P offers unique capabilities to Hidden Service Administrators
+which empower them to securely manage their I2P connections from anywhere in the
+world. Other Encrypted LeaseSets I keep on the same device for the same reason
+point to the SSH server, the Portainer instance I user to manage my service
+containers, and my personal NextCloud instance. With I2P, truly private, always
+reachable Self-Hosting is an achievable goal, in fact I think it's one of the
+things we're uniquely suited to, because of Encrypted LeaseSets. With them, I2P
+could become the key to securing self-hosted home automation or simply become
+the backbone of a new more private peer-to-peer web.
+{%- endtrans %}

i2p2www/blog/2021/09/15/i2p-jpackages.rst

@@ -0,0 +1,102 @@
+==========================================================================
+{% trans -%}Improving I2P Adoption and Onboarding using Jpackage, I2P-Zero{%- endtrans %}
+==========================================================================
+
+.. meta::
+   :author: idk
+   :date: 2021-09-15
+   :category: general
+   :excerpt: {% trans %}Versatile and emerging ways of installing and embedding I2P in your application{% endtrans %}
+
+{% trans -%}
+For the majority of I2P's existence, it's been an application that runs with the
+help of a Java Virtual Machine that is already installed on the platform. This
+has always been the normal way to distribute Java applications, but it leads to
+a complicated installation procedure for many people. To make things even more
+complicated, the "right answer" to making I2P easy to install on any given
+platform might not be the same as any other platform. For example, I2P is quite
+simple to install with standard tools on Debian and Ubuntu based operating
+systems, because we can simply list the required Java components as "Required"
+by our package, however on Windows or OSX, there is no such system allowing us to make
+sure that a compatible Java is installed.
+{%- endtrans %}
+
+{% trans -%}
+The obvious solution would be to manage the Java installation ourselves, but
+this used to a problem in-and-of-itself, outside of the scope of I2P. However,
+in recent Java versions, a new set of options has emerged which has the
+potential to solve this problem for many Java software. This exciting tool is
+called **"Jpackage."**
+{%- endtrans %}
+
+{% trans -%}
+I2P-Zero and Dependency-Free I2P Installation
+{%- endtrans %}
+---------------------------------------------
+
+{% trans -%}
+The first very successful effort at building a dependency-free I2P Package was
+I2P-Zero, which was created by the Monero project originally for use with the
+Monero cryptocurrency. This project got us very excited because of it's success
+in creating a general-purpose I2P router which could easily packaged with an
+I2P application. Especially on Reddit, many people express their preference for
+the simplicity of setting up an I2P-Zero router.
+{%- endtrans %}
+
+{% trans -%}
+This really proved to us that a dependency-free I2P Package which was easy to
+install was possible using modern Java tools, but I2P-Zero's use case was a
+little bit different than ours. It is best for embedded apps that need an I2P
+router that they can easily control using it's convenient control port on port
+"8051". Our next step would be to adapt the technology to the general-purpose
+I2P Application.
+{%- endtrans %}
+
+{% trans -%}
+OSX Application Security Changes affect I2P IzPack Installer
+{%- endtrans %}
+------------------------------------------------------------
+
+{% trans -%}
+The issue became more pressing in recent versions of Mac OSX, where it is no
+longer straightforward to use the "Classic" installer which comes in the .jar
+format. This is because the application is not "Notarized" by Apple authorities
+and it is deemed a security risk. **However**, Jpackage can produce a .dmg file,
+which can be notarized by Apple authorities, conveniently solving our problem.
+{%- endtrans %}
+
+{% trans -%}
+The new I2P .dmg installer, created by Zlatinb, makes I2P easier to install on
+OSX than ever, no longer requiring users to install Java themselves and using
+standard OSX installation tools in their prescribed ways. The new .dmg installer
+makes setting up I2P on Mac OSX easier than it's ever been.
+{%- endtrans %}
+
+Get the dmg_.
+
+.. _dmg: /mac
+
+{% trans -%}
+The I2P of the future is Easy to Install
+{%- endtrans %}
+----------------------------------------
+
+{% trans -%}
+One of the things I hear from users the most is that if I2P wants adoption, it
+needs to be easy to use for people. Many of them want a "Tor Browser Like" user
+experience, to quote or paraphrase many familiar Redditors. Installation should
+not require complicated and error-prone "post-installation" steps. Many new
+users are not prepared to deal with their browser configuration in a thorough
+and complete way. To address this problem, we created the I2P Profile Bundle
+which configured Firefox so that it would automatically "Just Work" for I2P.
+As it's developed, it's added security features and improved integration with
+I2P itself. In it's latest version, it **also** bundles a complete, Jpackage
+powered I2P Router. The I2P Firefox Profile is now a fully-fledged distribution
+of I2P for Windows, with the only remaining dependency being Firefox itself.
+This should provide an unprecedented level of convenience for I2P users on
+Windows.
+{%- endtrans %}
+
+Get the installer_.
+
+.. _installer: /nsis

i2p2www/blog/2021/09/18/i2p-bitcoin.rst

@@ -0,0 +1,108 @@
+=============================================================
+{% trans -%}Bitcoin Core adds support for I2P!{%- endtrans %}
+=============================================================
+
+.. meta::
+   :author: idk
+   :date: 2021-09-18
+   :category: general
+   :excerpt: {% trans %}A new use case and a signal of growing acceptance{% endtrans %}
+
+{% trans -%}
+An event months in the making, Bitcoin Core has added official support for I2P!
+Bitcoin-over-I2P nodes can interact fully with the rest of the Bitcoin nodes,
+using the help of nodes that operate within both I2P and the clearnet, making
+them first-class participants in the Bitcoin network. It's exciting to see
+large communities like Bitcoin taking notice of the advantages I2P can bring
+to them providing privacy and reachability to people all over the world.
+{%- endtrans %}
+
+{% trans -%}
+How it Works
+{%- endtrans %}
+------------
+
+{% trans -%}
+I2P support is automatic, via the SAM API. This is also exciting news, because
+it highlights some of the things I2P is singularly good at, like empowering 
+application developers to build I2P connections programmatically and
+conveniently. Bitcoin-over-I2P users can use I2P with no manual configuration by
+enabling the SAM API and running Bitcoin with I2P enabled.
+{%- endtrans %}
+
+{% trans -%}
+Configuring your I2P Router
+{%- endtrans %}
+---------------------------
+
+{% trans -%}
+In order to set up an I2P Router to provide anonymous connectivity to bitcoin,
+the SAM API needs to be enabled. In Java I2P, you should go to `http://127.0.0.1:7657/configclients
+<http://127.0.0.1:7657/configclients>`_. and start the SAM Application Bridge
+with the "Start" button. You may also want to enable the SAM Application Bridge
+by default by checking the "Run at Startup" box and clicking "Save Client
+Configuration."
+{%- endtrans %}
+
+{% trans -%}
+On i2pd, the SAM API is normally enabled by default, but if it isn't, you should
+set::
+
+  sam.enabled=true
+
+in your i2pd.conf file.
+{%- endtrans %}
+
+{% trans -%}
+Configuring your Bitcoin Node for Anonymity and Connectivity
+{%- endtrans %}
+------------------------------------------------------------
+
+{% trans -%}
+Getting Bitcoin itself launched in an anonymous mode still requires editing some
+configuration files in the Bitcoin Data Directory, which is %APPDATA%\Bitcoin on
+Windows, ~/.bitcoin on Linux, and ~/Library/Application Support/Bitcoin/ on Mac
+OSX. It also requires at least version 22.0.0 for I2P support to be present. 
+{%- endtrans %}
+
+{% trans -%}
+After following these instructions, you should have a private Bitcoin
+node which uses I2P for I2P connections, and Tor for .onion and clearnet
+connections, so that all your connections are anonymous. For convenience,
+Windows users should open their Bitcoin Data Directory by opening the start menu
+and searching for "Run." Inside the run prompt, type "%APPDATA%\Bitcoin" and
+press enter.
+{%- endtrans %}
+
+{% trans -%}
+In that directory create a file called "i2p.conf." On Windows, you should make
+sure that you've add quotes around the file when you save it, in order to
+prevent Windows from adding a default file extension to the file. The file
+should contain the following I2P-Related Bitcoin configuration options::
+
+  i2psam=127.0.0.1:7656
+  i2pacceptincoming=true
+  onlynet=i2p
+
+Next, you should create another file called "tor.conf." The file should contain
+the following Tor related configuration options::
+
+  proxy=127.0.0.1:9050
+  onion=127.0.0.1:9050
+  onlynet=tor
+
+Finally, you'll need to "include" these configuration options in your Bitcoin
+configuration file, called "bitcoin.conf" in the Data Directory. Add these two
+lines to your bitcoin.conf file::
+
+  includeconf=i2p.conf
+  includeconf=tor.conf
+
+Now your Bitcoin node is configured to only use anonymous connections. In order
+to enable direct connections to remote nodes, remove the lines beginning in::
+
+  onlynet=
+
+You can do this if you do not require your Bitcoin node to be anonymous, and
+it helps anonymous users connect to the rest of the Bitcoin network.
+{%- endtrans %}

i2p2www/blog/2021/11/2/i2p-jpackage-1.5.1.rst

@@ -0,0 +1,61 @@
+=============================================================
+{% trans -%}I2P Jpackages get their First Update{%- endtrans %}
+=============================================================
+
+.. meta::
+   :author: idk
+   :date: 2021-11-02
+   :category: general
+   :excerpt: {% trans %}New, easier-to-install packages reach a new milestone{% endtrans %}
+
+{% trans -%}
+A few months ago we released new packages which we hoped would help with onboarding new
+people to the I2P network by making the installation and configuration of I2P easier for
+more people. We removed dozens of steps from the installation process by switching from
+an external JVM to a Jpackage, built standard packages for target operating systems, and
+signed them in a way the operating system would recognize to keep the user secure. Since
+then, the jpackage routers have reached a new milestone, they are about to recieve their
+first incremental updates. These updates will replace the JDK 16 jpackage with an updated
+JDK 17 jpackage and provide fixes for some small bugs which we caught after the release.
+{%- endtrans %}
+
+{% trans -%}
+Updates common to Mac OS and Windows
+{%- endtrans %}
+------------------------------------
+
+{% trans -%}
+All jpackaged I2P installers recieve the following updates:
+
+* Update the jpackaged I2P router to 1.5.1 which is built with JDK 17
+
+Please update as soon as possible.
+{%- endtrans %}
+
+{% trans -%}
+I2P Windows Jpackage Updates
+{%- endtrans %}
+----------------------------
+
+{% trans -%}
+Windows only packages recieve the following updates:
+
+* Updates I2P in Private Browsing, NoScript browser extensions
+* Begins to phase out HTTPS everywhere on new Firefox releases
+* Updates launcher script to `fix post NSIS launch issue on some architectures <https://i2pgit.org/i2p-hackers/i2p.firefox/-/issues/9>`_
+
+For a full list of changes see the `changelog.txt in i2p.firefox <https://i2pgit.org/i2p-hackers/i2p.firefox/>`_
+{%- endtrans %}
+
+{% trans -%}
+I2P Mac OS Jpackage Updates
+{%- endtrans %}
+---------------------------
+
+{% trans -%}
+Mac OS only packages recieve the following updates:
+
+* No Mac-Specific changes. Mac OS is updated to build with JDK 17.
+
+For a summary of development see the `checkins in i2p-jpackage-mac <https://i2pgit.org/i2p-hackers/i2p-jpackage-mac>`_
+{%- endtrans %}

i2p2www/blog/2021/11/29/1.6.0-Release.rst

@@ -0,0 +1,83 @@
+===========================================
+{% trans -%}1.6.1 Release{%- endtrans %}
+===========================================
+
+.. meta::
+   :author: zzz
+   :date: 2021-11-29
+   :category: release
+   :excerpt: {% trans %}1.6.1 enables new tunnel build messages{% endtrans %}
+
+{% trans -%}
+Update details
+{%- endtrans %}
+============================================
+
+{% trans -%}
+Note: 1.6.1 is the current release. 1.6.0 was tagged but not released.
+{%- endtrans %}
+
+{% trans -%}
+This release completes the rollout of two major protocol updates developed in 2021.
+The transition to X25519 encryption for routers is accelerated, and we expect almost all routers to be rekeyed by the end of the year.
+Short tunnel build messages are enabled for a significant bandwidth reduction.
+{%- endtrans %}
+
+{% trans -%}
+We added a theme selection panel to the new install wizard.
+We've improved SSU performance and fixed an issue with SSU peer test messages.
+The tunnel build Bloom filter was adjusted to reduce memory usage.
+We have enhanced support for non-Java plugins.
+{%- endtrans %}
+
+{% trans -%}
+In other news, we are making excellent progress on the design of our new UDP transport SSU2 and expect to start implementation early next year.
+{%- endtrans %}
+
+{% trans -%}
+As usual, we recommend that you update to this release. The best way to
+maintain security and help the network is to run the latest release.
+{%- endtrans %}
+
+
+**{% trans %}RELEASE DETAILS{% endtrans %}**
+
+**{% trans %}Changes{% endtrans %}**
+
+- {% trans %}Console: Add theme selection to new-install wizard{% endtrans %}
+- Jetty 9.3.30.v20211001
+- {% trans %}Router: Increase probability of rekey to X25519{% endtrans %}
+- {% trans %}SSU: Performance improvements{% endtrans %}
+- {% trans %}SSU: Improve security of peer test{% endtrans %}
+- Tomcat 9.0.54
+- {% trans %}Tunnels: Enable sending new short build messages{% endtrans %}
+
+
+**{% trans %}Bug Fixes{% endtrans %}**
+
+- {% trans %}i2ptunnel: Fix encryption type selection logic{% endtrans %}
+
+
+**{% trans %}Other{% endtrans %}**
+
+- {% trans %}Improve support for non-Java plugins{% endtrans %}
+- {% trans %}Router: Reduce tunnel build Bloom filter memory usage{% endtrans %}
+- {% trans %}Updates: More changes to support bundled updaters{% endtrans %}
+- {% trans %}Translation updates{% endtrans %}
+
+
+
+`{% trans %}Full list of fixed bugs{% endtrans %}`__
+
+__ http://{{ i2pconv('git.idk.i2p') }}/i2p-hackers/i2p.i2p/-/issues?scope=all&state=closed&milestone_title=1.6.0
+
+
+**{% trans %}SHA256 Checksums:{% endtrans %}**
+
+::
+
+      c5d5757d0cc1f4ce0cf2a663c35ca173d0cfe4ef0f38ac50b1be116787b03c87  i2pinstall_1.6.1_windows.exe
+      2ae90f28d51b84796079430bde53589e1c2117125d5fb7bb5c036c4e1ad1eb80  i2pinstall_1.6.1.jar
+      719606c4cb510de4fe74f24bbfa53911a70531821fc1ee79a29e3d96eaa16733  i2psource_1.6.1.tar.bz2
+      90ac2eb6a0207a7614568129e4f8927b9e3765a533033600b9a1f5a53779134d  i2pupdate_1.6.1.zip
+      5fe7982cc1499872864a022507d0850627448d62ef65e0a7b5c172144a04368d  i2pupdate.su3

i2p2www/blog/2021/12/11/i2p-unaffected-cve-2021-44228.rst

@@ -0,0 +1,35 @@
+==============================================
+{% trans -%}I2P is not affected by the log4j vulnerability{%- endtrans %}
+==============================================
+
+.. meta::
+   :author: idk, zzz
+   :date: 2021-12-11
+   :category: security
+   :excerpt: {% trans %}I2P doesn't use log4j and is therefore unaffected by CVE-2021-44228{% endtrans %}
+
+{% trans -%}
+I2P is not affected by the log4j 0-Day vulnerability which was published
+yesterday, CVE-2021-44228. I2P doesn't use log4j for logging, however we also
+needed to review our dependencies for log4j usage, especially jetty. This
+review has not revealed any vulnerabilities.
+{%- endtrans %}
+
+{% trans -%}
+It was also important to check all of our plugins. Plugins may bring in their
+own logging systems, including log4j. We found that most plugins also do not use
+log4j, and those that do did not use a vulnerable version of log4j.
+{%- endtrans %}
+
+{% trans -%}
+We haven't found any dependency, plugin or app that's vulnerable.
+{%- endtrans %}
+
+{% trans -%}
+We bundle a log4j.properties file with jetty for plugins that introduce log4j. This
+file only has an effect on plugins which use log4j logging internally. We have
+checked in the recommended mitigation to the log4j.properties file. Plugins which
+enable log4j will run with the vulnerable feature disabled. As we cannot find any
+usage of log4j 2.x anywhere, we have no plans to do an emergency release at this 
+time.
+{%- endtrans %}

i2p2www/blog/2022/09/07/Meet_your_Maintainer_StormyCloud.rst

@@ -0,0 +1,201 @@
+
+============================================================
+{% trans -%}Meet Your Maintainer: StormyCloud{%- endtrans %}
+============================================================
+
+.. meta::
+   :author: sadie
+   :date: 2022-09-07
+   :category: general
+   :excerpt: {% trans %}An interview with the maintainers of the StormyCloud Outproxy{% endtrans %}
+
+{% trans -%}
+A conversation with StormyCloud Inc.
+{%- endtrans %}
+====================================
+
+{% trans -%}
+With the most recent `I2P Java
+release <https://geti2p.net/en/blog/post/2022/08/22/1.9.0-Release>`__,
+the existing outproxy, false.i2p was replaced with the new StormyCloud
+outproxy for new I2P installs. For people who are updating their router,
+changing over to the Stormycloud service can be done quickly.
+{%- endtrans %}
+
+{% trans -%}
+In your Hidden Services Manager, change both Outproxies and SSL
+Outproxies to exit.stormycloud.i2p and click on the save button at the
+bottom of the page.
+{%- endtrans %}
+
+|outproxystormy| **{% trans -%}Who is StormyCloud Inc?{%- endtrans %}**
+
+**Mission of StormyCloud Inc.**
+
+{% trans -%}
+To defend Internet access as a universal human right. By doing so, the
+group protects users’ electronic privacy and builds community by
+fostering unrestricted access to information and thus the free exchange
+of ideas across borders. This is essential because the Internet is the
+most powerful tool available for making a positive difference in the
+world.
+{%- endtrans %}
+
+**{% trans -%}Vision Statement{%- endtrans %}**
+
+{% trans -%}
+To become a pioneer in providing free and open Internet to everyone in
+the universe because Internet access is a basic human right
+`(https://stormycloud.org/about-us/) <https://stormycloud.org/about-us/>`__
+{%- endtrans %}
+
+{% trans -%}
+I met with Dustin to say hello, and to talk more about privacy, the need
+for services like StormyCloud, and what drew the company to I2P.
+{%- endtrans %}
+
+**{% trans -%}What was the inspiration behind starting StormyCloud?{%- endtrans %}**
+
+{% trans -%}
+It was late 2021, I was on the /r/tor subreddit. There was a person who
+had responded in a thread about how to use Tor who talked about how they
+relied on Tor in order to stay in contact with their family. Their
+family lived in the United States, but at the time they resided in a
+country where internet access was very restricted. They needed to be
+very cautious about who they communicated with and what they said. For
+these reasons, they relied on Tor. I thought about how I can communicate
+with people without fear or restrictions and that it should be the same
+for everyone.
+{%- endtrans %}
+
+{% trans -%}
+The goal of StormyCloud is to help as many people as we can to do that.
+{%- endtrans %}
+
+**{% trans -%}What have been some of the challenges of getting StormyCloud
+started?{%- endtrans %}**
+
+{% trans -%}
+The cost — it is ungodly expensive. We went the data centre route since
+the scale of what we are doing is not something that can be done on a
+home network. There are equipment expenses and reoccurring hosting
+costs.
+{%- endtrans %}
+
+{% trans -%}
+In regard to setting up the non-profit, we followed in Emerald Onion’s
+path and utilized some of their documents and lessons learned. The Tor
+community has many resources available that are very helpful.
+{%- endtrans %}
+
+**{% trans -%}How has the response been to your services?{%- endtrans %}**
+
+{% trans -%}
+In July we served 1.5 billion DNS requests over all of our services.
+People appreciate that there is no logging being done. The data is just
+not there, and people like that.
+{%- endtrans %}
+
+**{% trans -%}What is an outproxy?{%- endtrans %}**
+
+{% trans -%}
+An outproxy is similar to Tor’s exit nodes, it allows for clearnet
+(normal internet traffic) to be relayed through the I2P network. In
+other words, it allows I2P users to access the internet through the
+safety of the I2P network.
+{%- endtrans %}
+
+**{% trans -%}What is special about the StormyCloud I2P Outproxy?{%- endtrans %}**
+
+{% trans -%}
+To start with we are multi-homed which means we have several servers
+serving outproxy traffic. This ensures the service is always available
+to the community. All the logs on our servers are wiped every 15
+minutes. This ensures both law enforcement and ourselves do not have
+access to any data. We support visiting Tor onion links though the
+outproxy, and our outproxy is pretty fast.
+{%- endtrans %}
+
+**{% trans -%}How do you define privacy? What are some of the issues you see with
+overreach and data handling?{%- endtrans %}**
+
+{% trans -%}
+Privacy is freedom from unauthorized access. Transparency is important,
+such as opting in — the example being GDPR requirements.
+{%- endtrans %}
+
+{% trans -%}
+There are big companies hoarding data that is being used for
+`warrantless access to location
+data. <https://www.eff.org/deeplinks/2022/08/fog-revealed-guided-tour-how-cops-can-browse-your-location-data>`__
+There is overreach of tech companies into what people think is, and
+should be private, like photos or messages.
+{%- endtrans %}
+
+{% trans -%}
+It is important to keep doing outreach about how to keep your
+communication safe, and what tools or apps will help a person do so. The
+way that we interact with all of the information out there is important
+as well. We need to trust but verify.
+{%- endtrans %}
+
+**{% trans -%}How does I2P fit into StormyCloud’s Mission and Vision Statement?{%- endtrans %}**
+
+{% trans -%}
+I2P is an open source project, and what it offers aligns with the
+mission of StormyCloud Inc. I2P provides a layer of privacy and
+protection for traffic and communication, and the project believes that
+everybody has a right to privacy.
+{%- endtrans %}
+
+{% trans -%}
+We became aware of I2P in early 2022 when talking to people in the Tor
+community, and liked what the project was doing. It seemed similar to
+Tor.
+{%- endtrans %}
+
+{% trans -%}
+During our introduction to I2P and its capabilities, we saw the need for
+a reliable outproxy. We had really great support from people in the I2P
+community to create and start providing the outproxy service.
+{%- endtrans %}
+
+**{% trans -%}I am always curious about first impressions and what resources we can
+provide or improve on for people who are getting started with I2P. What
+can you tell me about your experience and suggestions for onboarding?{%- endtrans %}**
+
+{% trans -%}
+Make it easy to replicate or understand for people with limited IT
+knowledge or knowledge of I2P. Using the router, or even using email on
+I2P should be easy for everybody.
+{%- endtrans %}
+
+**{% trans -%}Conclusion{%- endtrans %}**
+
+{% trans -%}
+The need for awareness about surveilling what should be private in our
+online lives is ongoing. Collecting any data should be consensual , and
+privacy should be implicit.
+{%- endtrans %}
+
+{% trans -%}
+Where we cannot trust that our traffic or communication will not be
+observed without consent, we thankfully have access to networks that
+will by-design anonymize traffic and hide our locations.
+{%- endtrans %}
+
+{% trans -%}
+Thank you to StormyCloud and everyone who provides outproxies or nodes
+for Tor and I2P so that people can access the internet more safely when
+they need to. I look forward to more people bridging the capabilities of
+these complementary networks to create a more robust privacy ecosystem
+for everyone.
+{%- endtrans %}
+
+{% trans -%}
+Learn more about StormyCloud Inc.’s services https://stormycloud.org/
+and help support their work by making a donation
+https://stormycloud.org/donate/.
+{%- endtrans %}
+
+.. |outproxystormy| image:: https://user-images.githubusercontent.com/50714166/188997993-465b6a5a-52a0-40f0-bdff-68ca2b6c97ba.png

i2p2www/blog/2022/09/07/easy_install_bundle_1.9.5.rst

@@ -0,0 +1,27 @@
+====================================================================
+{% trans -%}Windows Easy-Install Bundle 1.9.5 Release{%- endtrans %}
+====================================================================
+
+.. meta::
+   :author: idk
+   :date: 2022-09-07
+   :category: release
+   :excerpt: {% trans %}Windows Easy-Install Bundle 1.9.5{% endtrans %}
+
+{% trans -%}
+Bug Fixing release for Windows 11 users
+{%- endtrans %}
+=======================================
+
+{% trans -%}
+This point release includes a bug fix in the included I2P router, which resolves
+a highly obscure bug where the context clock is out of sync with the clock in
+use by the File System, resulting in a router which is unable to read the current
+state of it's own NetDB. Although this bug has only been observed on Windows 11
+so far, it is highly recommended that all users update to the new build.
+{%- endtrans %}
+
+{% trans -%}
+This release also features faster startup and times improved stability in the profile
+manager.
+{%- endtrans %}

i2p2www/blog/2022/09/26/i2p-safety-reminder.rst

@@ -0,0 +1,106 @@
+{% trans -%}
+==================================
+A Reminder to be Safe as I2P Grows
+==================================
+{%- endtrans %}
+.. meta::
+    :author: idk
+    :date: 2022-09-26
+    :category: general
+    :excerpt: {% trans %}A Reminder to be Safe as I2P Grows{% endtrans %}
+
+{% trans -%}
+A Reminder to be Safe as I2P Grows
+{%- endtrans %}
+==================================
+
+{% trans -%}
+It is an an exciting time for The Invisible Internet Project (I2P).
+We are completing our migration to modern cryptography across all of our transports, ( Java and C++), and we have recently gained a high-capacity and professional outproxy service, and there are more applications integrating I2P based functionality than ever.
+The network is poised to grow, so now is a good time to remind everyone to be smart and be safe when obtaining I2P and I2P-related software.
+We welcome new applications, implementations, and forks with new ideas, and the power of the network comes from its openness to participation by all I2P users.
+In fact, we don’t like to call you users, we like to use the word “Participants” because each of you helps the network, in your own way by contributing content, developing applications, or simply routing traffic and helping other participants find peers.
+{%- endtrans %}
+
+{% trans -%}
+You are the network, and we want you to be safe.
+{%- endtrans %}
+
+{% trans -%}
+We have become aware of attempts to impersonate I2P’s presence on the web and social media.
+To avoid offering momentum to these campaigns, we will not mention the actors affiliated with them, However, in order to help you recognize these campaigns should you encounter them in the wild, we are documenting their tactics:
+{%- endtrans %}
+
+-  Copying text directly from the I2P Web Site without acknowledging our license requirements in a way that may suggest endorsement.
+-  Involvement or promotion of an Initial Coin Offering, or ICO
+-  Crypto-Scam like language
+-  Graphics that have nothing to do with the textual content
+-  Click-farming behavior, sites that appear to have content but which instead link to other sites
+-  Attempts to get the user to register for non-I2P chat servers. We come to you or you come to us, we will not ask you to meet us at a third-party service unless you already use it(Note that this is not always true for other forks and projects, but it is true of geti2p.net).
+-  The use of bot networks to amplify any message on social media. I2P(geti2p.net) does not use bots for social media advertising.
+
+{% trans -%}
+These campaigns have had the side-effect of “shadow-banning” some legitimate I2P-related discussion on Twitter and possibly other social media.
+{%- endtrans %}
+
+{% trans -%}Our Sites{%- endtrans %}
+---------
+
+{% trans -%}
+We have official sites where people may obtain the I2P software safely:
+{%- endtrans %}
+
+-  `{% trans -%}Official Website - i2p.net{%- endtrans %}
+   <https://i2p.net>`__
+-  `{% trans -%}Official Website - geti2p.net{%- endtrans %}
+   <https://geti2p.net>`__
+-  `{% trans -%}Official Gitlab - i2pgit.org{%- endtrans %}
+   <https://i2pgit.org>`__
+-  `{% trans -%}Official Debian Repository - deb.i2p2.de{%- endtrans %}
+   <https://deb.i2p2.de>`__
+-  `{% trans -%}Official Debian Repository - deb.i2p2.no{%- endtrans %}
+   <https://deb.i2p2.no>`__
+-  `{% trans -%}Official Forums - i2pforum.net{%- endtrans %}
+   <https://i2pforum.net>`__
+
+{% trans -%}Invisible Internet Project Forums, Blogs and Social Media{%- endtrans %}
+---------------------------------------------------------
+
+{% trans -%}Hosted by the project{%- endtrans %}
+~~~~~~~~~~~~~~~~~~~~~
+
+-  `{% trans -%}I2P Forums{%- endtrans %} <https://i2pforum.net>`__ - `{% trans -%}I2P{%- endtrans %}
+   Mirror <https://i2pforum.i2p>`__
+-  irc: `#i2p-dev` on Irc2P(`127.0.0.1:6668` in a standard I2P installation)
+
+{% trans -%}Hosted by Others{%- endtrans %}
+~~~~~~~~~~~~~~~~
+
+{% trans -%}
+These services are hosted by third-parties, sometimes corporations, where we participate in order to provide a social media outreach presence to I2P users who choose to participate in them.
+We will never ask you to participate in these unless you already have an account with them, prior to interacting with us.
+{%- endtrans %}
+
+-  `{% trans -%}Launchpad{%- endtrans %} : https://launchpad.net/i2p <https://launchpad.net/i2p>`__
+-  `{% trans -%}Github{%- endtrans %} : https://github.com/i2p <https://github.com/i2p>`__
+-  `{% trans -%}Twitter{%- endtrans %} : https://twitter.com/GetI2P <https://twitter.com/GetI2P>`__
+-  `{% trans -%}Reddit{%- endtrans %} :
+   https://www.reddit.com/r/i2p/ <https://www.reddit.com/r/i2p/>`__
+-  `{% trans -%}Mastodon{%- endtrans %}:
+   https://mastodon.social/@i2p <https://mastodon.social/@i2p>`__
+-  `{% trans -%}Medium{%- endtrans %}: https://i2p.medium.com/ <https://i2p.medium.com/>`__
+
+{% trans -%}Forks, Apps, and Third-Party Implementations are Not Evil.{%- endtrans %}
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+{% trans -%}
+This post attempts to provide ways of vetting the source for obtaining the Java I2P package represented by the source code contained in https://i2pgit.org/i2p-hackers/i2p.i2p and https://github.com/i2p/i2p.i2p, and which is available for download from the web site https://geti2p.net/.
+It is not intended to pass judgement on third-party forks, downstream projects, embedders, packagers, people experimenting in laboratories, or people who just disagree with us.
+You are all valued members of our community who are trying to protect, and not compromise, the privacy of others.
+Since we are aware of attempts to impersonate I2P project community members, you may wish to review the download, verification, and installation procedures which you recommend to your users in order to document your official sources and known mirrors.
+{%- endtrans %}
+
+{% trans -%}
+Authors Note: An earlier version of this blog post contained the TLS fingerprint of each of the services operated by the I2P Project.
+These were removed when a certificate renewal caused the fingerprints to become inaccurate.
+{%- endtrans %}

i2p2www/blog/2022/09/26/meet-your-maintainer-divaexchange.rst

@@ -0,0 +1,347 @@
+{% trans -%}
+==================================
+Meet your Maintainer: DivaExchange
+==================================
+{%- endtrans %}
+.. meta::
+    :author: sadie
+    :date: 2022-09-26
+    :category: general
+    :excerpt: {% trans %}A conversation with DivaExchange{% endtrans %}
+
+{% trans -%}
+*In this second installment of Meet Your Maintainer, I reached out to
+Konrad from DIVA.EXCHANGE to talk about DIVA’s research and services.
+DIVA.EXCHANGE is developing software with the goal of providing free
+banking technology for everyone. It is secure without a central
+infrastructure, and based on blockchain and I2P technology.*
+{%- endtrans %}
+
+**{% trans -%}What got you interested in I2P?{%- endtrans %}**
+
+{% trans -%}
+About 10 years ago I had a presentation for “Technologieforum Zug” - a
+very local technology network for business guys. I was introducing I2P
+and Tor as overlay networks to them - to show them that other
+interesting things exist out there.
+{%- endtrans %}
+
+{% trans -%}
+I was always very much interested in cryptography related technology. In
+general I can say that my core interests were and still are: networks,
+freedom and privacy on both a technical and social level, interesting
+algos, like HashCash between 2000 and 2010, which was a very well
+working Proof-of-Work algo created at Universities in the UK in the late
+90’s.
+{%- endtrans %}
+
+{% trans -%}
+I2P fascinated me because it is really carefully done - from the
+architecture to the implementation in Java and C++. Personally I prefer
+de-coupled and small programs doing one thing. Hence I was pretty
+fascinated by the C++ version, I2Pd, which is lean, fast and without
+dependencies. It works very well for me.
+{%- endtrans %}
+
+**{% trans -%}What are the qualities in its technical capacity that aligned with
+your own work or interests?{%- endtrans %}**
+
+{% trans -%}
+I adore craftsmanship. That’s art. And I2P is modern craftsmanship. I2P
+creates values for end users values which can’t be bought: autonomy,
+liberty and serenity.
+{%- endtrans %}
+
+{% trans -%}
+I2P fascinates me because it’s agnostic. Anyone can run anything on I2P
+as long as it talks TCP or UDP - and can handle some latency. Really:
+“the network is the computer” and the communication is truly private
+according to the current state of knowledge.
+{%- endtrans %}
+
+**{% trans -%}Who is DIVA for?{%- endtrans %}**
+
+{% trans -%}
+DIVA gets actively developed and therefore the project is for
+researchers, software developers, communicators (writers, illustrators…)
+and for people who want to learn really new stuff in the area of
+distributed technology.
+{%- endtrans %}
+
+{% trans -%}
+Once DIVA grows up - please don’t ask me when - DIVA will be a fully
+distributed, self-hosted bank for everyone.
+{%- endtrans %}
+
+**{% trans -%}Can you tell me about what DIVA does?{%- endtrans %}**
+
+{% trans -%}
+As said, DIVA will be a fully distributed, self-hosted bank for
+everyone. “Banking” means: savings, payments, investments, loans - so
+all that stuff everybody is doing everyday. Please note in this context:
+DIVA works without any central infrastructure and DIVA will never - as
+long as I have something to say - be a coin or token. There can’t be any
+central business model involved. If a transaction creates fees because a
+node of the distributed infrastructure did some work, then these fees
+remain at the node which did the work.
+{%- endtrans %}
+
+{% trans -%}
+Why a “bank”? Because financial liberty and autonomy is key to live a
+good and peaceful life and to be able to make all those smaller and
+larger daily decisions in freedom. Therefore people shall own their
+small and secure technology components to do whatever they like to do
+without being nudged.
+{%- endtrans %}
+
+{% trans -%}
+Well, say hello to DIVA, based on I2P.
+{%- endtrans %}
+
+**{% trans -%}What are your upcoming goals? What are your stretch goals?{%- endtrans %}**
+
+{% trans -%}
+There is a very close goal: understanding the impact of SSU2 which has
+been lately implemented in I2P. This is a technical goal for the next
+few weeks.
+{%- endtrans %}
+
+{% trans -%}
+Then, probably this year: some cryptocurrency transactions using DIVA on
+testnets. Please don’t forget: DIVA is a research project and people
+shall be motivated to do their own stuff with DIVA - the way they need
+it. We don’t run any infrastructure or alike for others except some
+transparent test networks to increase the knowledge and wisdom of
+everyone. It’s recommended to stay in touch with DIVA via social
+networks
+(`twitter.com/@DigitalValueX <http://twitter.com/@DigitalValueX>`__) or
+chats to be inspired what to do with DIVA.
+{%- endtrans %}
+
+{% trans -%}
+I also want to touch an important part for the I2P community: DIVA is
+based on divachain - which is then based on I2P. Divachain is a very
+generic fully distributed storage layer. So, just as an example: if some
+I2P developer believes that a fully distributed, trustless DNS would be
+a great idea - well, that’s yet another use case of divachain. Fully
+distributed - no trust needed - all anonymous.
+{%- endtrans %}
+
+**{% trans -%}What are some of the other services and contributions you are
+responsible for?{%- endtrans %}**
+
+{% trans -%}
+DIVA.EXCHANGE - which is the open association developing DIVA - runs a
+reseed server for I2P since a few years. So probably almost every I2P
+user got somehow in touch with us in the past. Just a note: the
+DIVA.EXCHANGE reseed server is also available as .onion service - so I2P
+bootstrapping can be done via the tor network - which is, at least from
+my perspective, an additional protection layer while entering the
+network.
+{%- endtrans %}
+
+{% trans -%}
+DIVA has also created an I2P SAM library. So developers can create any
+modern application based on I2P. It’s on github and getting more and
+more popular:
+`github.com/diva-exchange/i2p-sam/ <http://github.com/diva-exchange/i2p-sam/>`__.
+It’s complete, well documented and offers lots of examples.
+{%- endtrans %}
+
+**{% trans -%}What are some of the priorities you think that anyone who wants to
+contribute to the I2P network should consider?{%- endtrans %}**
+
+{% trans -%}
+Run your I2P node. Take a look at the different flavours, like Docker
+versions of I2Pd, or other installs available for multiple operating
+systems. There are several flavours available and it’s important to be
+comfortable with the local installation and configuration.
+{%- endtrans %}
+
+{% trans -%}
+Then: think about your skills - networking skills, programming skills,
+communication skills? I2P offers lots of interesting challenges: people
+with networking skills might want to run a reseed server - they are very
+important to the network. Programmers might help with the Go, C++ or
+Java version of I2P. And communicators are always needed: talking about
+I2P from an objective and realistic perspective is helping a lot. Every
+little bit is great.
+{%- endtrans %}
+
+{% trans -%}
+Last but not least: if you are a researcher or student - please get in
+touch with us at DIVA.EXCHANGE or the I2P team - research work is
+important for I2P.
+{%- endtrans %}
+
+**{% trans -%}Where do you see the conversation and outlook on tools like I2P now?{%- endtrans %}**
+
+{% trans -%}
+Probably I have to say something about the outlook: I2P is important to
+everyone. I hope that the I2P community - developers, communicators,
+etc. - remains motivated by the few which deeply appreciate their hard
+work on truly challenging technology.
+{%- endtrans %}
+
+{% trans -%}
+I hope that more and more developers see the benefit to develop software
+based on I2P. Because this would create more use cases for end users.
+Then I also hope, that the core I2P programs remain simple and become
+maybe even more de-coupled. Let me make an example what I mean with
+“de-coupled”: user interfaces probably should not be baked into
+applications by developers - because there are front end designers which
+do have great knowledge and years of experience. Developers should just
+create an API, like a unix or websocket or a REST interface, so that
+other services can use the program the way they want it. This makes
+developers and end users happy.
+{%- endtrans %}
+
+**{% trans -%}Can you tell me a bit about your own I2P workflow? What are your own
+use cases?{%- endtrans %}**
+
+{% trans -%}
+I am a developer, tester and researcher. So I need all my stuff in
+containers to remain flexible. I2Pd is running in 1..n containers on
+multiple systems to serve stuff like: feeding reseed requests, serving
+the diva.i2p test website, running parts of the DIVA I2P test network -
+see testnet.diva.exchange and I also have containers to serve my local
+browsers as a combined I2P and Tor proxy.
+{%- endtrans %}
+
+**{% trans -%}How can the I2P community support your work?{%- endtrans %}**
+
+{% trans -%}
+We are on social media, like
+`twitter.com/@DigitalValueX <http://twitter.com/@DigitalValueX>`__ - so
+follow us there. Additionally we would love to see even more involvement
+on `github.com/diva-exchange <http://github.com/diva-exchange>`__ - it
+already got more and more attention in the past months. Thanks a lot for
+that!
+{%- endtrans %}
+
+**{% trans -%}Glossary Of Key Terms{%- endtrans %}**
+
+**{% trans -%}I2P Terms{%- endtrans %}**
+
+**{% trans -%}Reseed Host{%- endtrans %}**
+
+{% trans -%}
+Reseed hosts are needed to for bootstrapping, that is, providing the
+initial set of I2P nodes for your I2P node to talk to. Depending on the
+status of your node it may need to bootstrap every now and then if many
+of the nodes it knows of aren’t contactable.
+{%- endtrans %}
+
+{% trans -%}
+Reseeding is done over an encrypted connection and all of the bootstrap
+information is signed by the reseed host you connect to, making it
+impossible for an unauthenticated source to provide you with false
+information.
+{%- endtrans %}
+
+**{% trans -%}Node/Peer{%- endtrans %}**
+
+{% trans -%}
+A node or peer is part of a network of computers sharing resources. When
+you download and install I2P, you participate in routing traffic for
+others. Every person using I2P is a node or peer. In some cases. people
+can supply more bandwidth or resources than others to the network.
+However, peer diversity is important and the more people who use I2P,
+the stronger the network becomes. When it comes to setting up your node,
+you can customize and configure your connection and workflow with the
+I2P network.
+{%- endtrans %}
+
+**I2Pd (I2Pdaemon)**
+
+{% trans -%}
+I2Pd is a C++ implementation of the I2P protocol is differs from the I2P
+Java software in the following ways:
+{%- endtrans %}
+
+{% trans -%}
+*Java I2P has built-in applications for torrents, e-mail and so on. i2pd
+is just a router which you can use with other software through I2CP
+interface.* *i2pd does not require Java. It’s written in C++.* *i2pd
+consumes less memory and CPU.* *i2pd can be compiled everywhere gcc or
+clang presented (including Raspberry and routers).* *i2pd has some major
+optimizations for faster cryptography which leads to less consumption of
+processor time and energy.*
+{%- endtrans %}
+
+{% trans -%}
+Citation: https://i2pd.readthedocs.io/en/latest/user-guide/FAQ/ Site:
+https://i2pd.website/
+{%- endtrans %}
+
+{% trans -%}
+In terms of the differences or benefits of using either the C++ or Java
+version of I2P, the question often comes up. Recently, idk responded to
+this question on the I2P subreddit. Ultimately, it depends on a persons
+own use case or desired workflow.
+{%- endtrans %}
+
+{% trans -%}
+*Easy-Install Bundle is the best way to use I2P on Windows for people
+just getting started. It will automatically get you from starting the
+router to successfully browsing, every time. However, it doesn’t
+register as a Windows service, so it’s not as good to use as a 24/7
+transit node yet. It contains everything you need to browse, but it’s
+designed around using I2P interactively and not running services,
+necessarily.*
+{%- endtrans %}
+
+{% trans -%}
+*i2pd on the other hand is very light and efficient and is designed
+expressly to run as a service. It’s great at being a 24/7 transit node,
+especially if you install it on your router, or on a Linux server
+somewhere. It’s got less tools built-in though, so if you want to
+torrent or browse, you will need to add those tools externally.*
+{%- endtrans %}
+
+**{% trans -%}Diva Terms{%- endtrans %}**
+
+{% trans -%}
+Konrad has provided insight into of some of the terms used during the
+conversation.
+{%- endtrans %}
+
+**{% trans -%}Bank for Everyone{%- endtrans %}**
+
+{% trans -%}
+The possibility to run locally installed software which is able to do
+everything a well-known bank can: send and receive payments for
+anything, give and receive loans, manage investments, etc. Such banking
+software shall neither be depending on any central software components
+nor supervised or censored by central components. It’s run and managed
+by its owner only with all its benefits and reliabilities. The network
+(see “Blockchain” and “Consensus”) tries to make sure that no network
+participant (a user running his own bank) is able to cheat.
+{%- endtrans %}
+
+**{% trans -%}Blockchain{%- endtrans %}**
+
+{% trans -%}
+A piece of software which is able to reliably store arbitrary data.
+Copies of the software and the storage space is distributed within a
+network of any size where the network participants do not necessarily
+trust each other (or maybe not even know each other). A synonym of
+“blockchain” is “Distributed Layer Technology (DLT)”. A blockchain has
+nothing to do with “coins” or “tokens”. These are just blockchain based
+applications. Blockchain is a base technology which mainly solves the
+problem of “trust & abuse” within a network.
+{%- endtrans %}
+
+**{% trans -%}Consensus{%- endtrans %}**
+
+{% trans -%}
+In a distributed system the majority of the participants need to agree
+on the state of data (the “truth, as defined by the majority” - from a
+data perspective). This is a continuous process driven by locally
+installed software and this is called consensus. There are multiple
+valid consensus algorithms available. Bottom line: all consensus
+algorithms cost something: CPU cycles, communication capacity etc. - in
+short: a bunch of data sets is the input and a single reliable, fully
+distributed data set valid for the majority in the network is the
+output.
+{%- endtrans %}

i2p2www/blog/2022/1/1/I2P-2021-in-Review.rst

@@ -0,0 +1,173 @@
+===============================================
+{% trans -%}Year in Review: 2021{%- endtrans %}
+===============================================
+
+.. meta::
+   :author: Sadie
+   :date: 2021-12-29
+   :category: general
+   :excerpt: {% trans %}I2P Turns 20, Faster Crypto and A Growing Network{% endtrans %}
+
+{% trans -%}
+Update details
+{%- endtrans %}
+============================================
+
+{% trans -%}Development Highlights{%- endtrans %}
+#################################################
+
+{% trans -%}
+The 0.9.49 release began the migration to the new, faster ECIES-X25519
+encryption for routers. It took many years of work on the specifications and
+protocols for new encryption, and this release, new installs and a very small
+percentage of existing installs (randomly selected at restart) began using the
+new encryption. This is the first time that the default encryption type has
+ever been changed, so the full migration would take place over several
+releases in order to minimize any issues.
+{%- endtrans %}
+
+{% trans -%}Full release notes{%- endtrans %}: https://geti2p.net/en/blog/post/2021/02/17/0.9.49-Release
+
+{% trans -%}
+0.9.50 enabled DNS over HTTPS for reseeding to protect users from passive DNS
+snooping. Additionally, work was done to protect the network from possible
+malicious and buggy routers, and numerous fixes and improvements for IPv6
+addresses, including new UPnP support were completed.
+{%- endtrans %}
+
+{% trans -%}Full release notes{%- endtrans %}: https://geti2p.net/en/blog/post/2021/05/17/0.9.50-Release
+
+{% trans -%}
+In recognition of almost 20 years of work to provide anonymity and security,
+the team decided to go straight from 0.9.50 to 1.5.0. The 1.5.0 release
+finished support for new build messages (proposal 157), and finished
+implementation of smaller tunnel build messages to reduce bandwidth. The
+transition of the network’s routers to X25519 encryption continued.
+{%- endtrans %}
+
+
+{% trans -%}Full release notes{%- endtrans %}: https://geti2p.net/en/blog/post/2021/08/23/1.5.0-Release
+
+{% trans -%}
+The rollout of two major protocol updates reached completed in 1.6.1. Almost
+all routers will be rekeyed by the end of the year. Also, short tunnel build
+messages were enabled for a significant bandwidth reduction. Progress on the
+design of the new UDP transport SSU2 began, and is expected to start
+implementation early next year.
+{%- endtrans %}
+
+
+{% trans -%}Full release notes{%- endtrans %}: https://geti2p.net/en/blog/post/2021/11/29/1.6.0-Release
+
+{% trans -%}Easier Installs: JPackage{%- endtrans %}
+****************************************************
+
+{% trans -%}
+With upwards of 30 steps required to install both the I2P software and Java,
+the process for new user onboarding has not been historically easy. Unfamiliar
+and unintuitive, it was a process that has created issues for usability for
+many years.
+{%- endtrans %}
+
+{% trans -%}
+However, in recent Java versions, a new option emerged that had the potential
+to solve this issue for the Java software. The tool is called “Jpackage” and
+would allow for the creation of a Jpackage powered I2P Router.
+{%- endtrans %}
+
+{% trans -%}
+We removed dozens of steps from the installation process by switching from an
+external JVM to a Jpackage, built standard packages for target operating systems,
+and signed them in a way the operating system would recognize to keep the user
+secure. Since then, the jpackage routers have reached a new milestone, they have
+recieved their first incremental updates. These updates will replace the JDK 16
+jpackage with an updated JDK 17 jpackage and provide fixes for some small bugs
+which we caught after the release.
+{%- endtrans %}
+
+{% trans -%}Improving I2P Adoption and Onboarding using Jpackage, I2P-Zero{%- endtrans %}: https://geti2p.net/en/blog/post/2021/09/15/i2p-jpackages
+{% trans -%}JPackages Get their First Update{%- endtrans %}: https://geti2p.net/en/blog/post/2021/11/2/i2p-jpackage-1.5.1
+
+{% trans -%}Bitcoin Core added Support for I2P{%- endtrans %}
+*************************************************************
+
+{% trans -%}
+Bitcoin-over-I2P nodes can now fully interact with the rest of the Bitcoin nodes,
+using the help of nodes that operate within both I2P and the clearnet.
+{%- endtrans %}
+
+{% trans -%}Read the full blog post{%- endtrans %}: https://geti2p.net/en/blog/post/2021/09/18/i2p-bitcoin
+
+{% trans -%}I2P Usability Lab{%- endtrans %}
+********************************************
+
+{% trans -%}
+This year, the I2P Usability Lab was created. The focus will be on user research,
+product development and tooling to support adoption. Additionally, better focus on
+localization efforts, protocol bridge building within the privacy community and
+sustainability considerations will be part of the ongoing effort to bring I2P to
+more people.
+{%- endtrans %}
+
+{% trans -%}New User Onboarding Research{%- endtrans %}
+*******************************************************
+
+{% trans -%}
+In 2020 the I2P UX team worked with Simply Secure on a usability sprint to assess
+user interaction with the I2P website. Many changes were applied, however, feedback
+has indicated that there are still issues with some aspects of new user onboarding.
+{%- endtrans %}
+
+{% trans -%}
+We have expanded our team thanks to the BASICS project (Building Analytical and
+Support Infrastructure for Critical Security tools), and not only revisiting the
+new user onboarding, but we are also expanding the scope to include onboarding for
+developers and researchers. The goal will be to present an improved information
+architecture.
+{%- endtrans %}
+
+{% trans -%}
+This year we focused on the massive overhaul of the new user onboarding for the
+download and browser configuration workflow and language. New wireframes for the
+I2P website have been created, and new information architecture put in place. This
+has been done in order to better support new users, maintainers, application 
+developers, I2P core contributors, and researchers. This work will continue into
+2022 as documentation is refined and the site changes are implemented.
+{%- endtrans %}
+
+{% trans -%}Read the full UX review here:{%- endtrans %} https://i2p.medium.com/i2p-ux-research-d2567aefd275
+
+{% trans -%}Forum on internet Freedom in Africa 2021{%- endtrans %}
+*******************************************************************
+
+{% trans -%}
+Working with our partners in Africa, the Invisible Internet Project was invited
+to participate in both a panel discussion, as well as work with a group of 
+journalists to explore what privacy and security mean to them. The goal for the
+outcome from this opportunity was to understand what establishes trust, the
+concept of privacy and what it means, and egin to evaluate I2P and its tooling
+through this lens.
+{%- endtrans %}
+
+{% trans -%}
+We saw that adoption results from efficiency, ease of use, and empowerment. All
+of these things result in a person not just wanting to use a privacy option, but to
+feel like they are actually taking control of their privacy. This is one of the
+most important aspects we have encountered during the past year when talking with
+new users: the emotional aspect of interacting with technology. Telling a person
+that something can technically provide a solution is one part of adoption. Providing
+a person with something that they can use with confidence is the other. 
+Meeting people where they are and asking about who they are ensures that we are
+creating for real needs and for the most people possible.
+{%- endtrans %}
+
+{% trans -%}Read the entire blog post here{%- endtrans %}: https://i2p.medium.com/i2p-usability-lab-b2098bf27d4d
+
+{% trans -%}
+Thank you to everyone who contributes to building the Invisible Internet!
+{%- endtrans %}
+
+{% trans -%}
+This post originally appeared on Sadie's blog. https://i2p.medium.com/4b926a488919
+Copied with permission.
+{%- endtrans %}

i2p2www/blog/2022/10/11/SSU2-Transport.rst

@@ -0,0 +1,386 @@
+===========================================
+{% trans -%}SSU2 Transport{%- endtrans %}
+===========================================
+
+.. meta::
+   :author: zzz
+   :date: 2022-10-11
+   :category: development
+   :excerpt: {% trans %}SSU2 Transport{% endtrans %}
+
+{% trans %}Overview{% endtrans %}
+------------------------------------
+
+{% trans -%}
+I2P has used a censorship-resistant UDP transport protocol "SSU" since 2005.
+We've had few, if any, reports of SSU being blocked in 17 years.
+However, by today's standards of security, blocking resistance,
+and performance, we can do better. Much better.
+{%- endtrans %}
+
+{% trans link1="https://i2pd.xyz/" -%}
+That's why, together with the `i2pd project <{{ link1 }}>`_, we have created and implemented "SSU2",
+a modern UDP protocol designed to the highest standards of security and blocking resistance.
+This protocol will replace SSU.
+{%- endtrans %}
+
+{% trans -%}
+We have combined industry-standard encryption with the best
+features of UDP protocols WireGuard and QUIC, together with the
+censorship resistance features of our TCP protocol "NTCP2".
+SSU2 may be one of the most secure transport protocols ever designed.
+{%- endtrans %}
+
+
+{% trans link1="/spec/proposals/159", link2="/en/docs/transport/ssu", link3="https://en.wikipedia.org/wiki/ElGamal_encryption" -%}
+The Java I2P and i2pd teams are finishing the `SSU2 transport <{{ link1 }}>`_ and we will enable it for all routers in the next release.
+This completes our decade-long plan to upgrade all the cryptography from the original
+Java I2P implementation dating back to 2003.
+SSU2 will replace `SSU <{{ link2 }}>`_, our sole remaining use of `ElGamal <{{ link3 }}>`_ cryptography.
+{%- endtrans %}
+
+- Signature types and ECDSA signatures (0.9.8, 2013)
+- Ed25519 signatures and leasesets (0.9.15, 2014)
+- Ed25519 routers (0.9.22, 2015)
+- Destination encryption types and X25519 leasesets (0.9.46, 2020)
+- Router encryption types and X25519 routers (0.9.49, 2021)
+
+{% trans link1="https://noiseprotocol.org/" -%}
+After the transition to SSU2,
+we will have migrated all our authenticated and encrypted protocols to standard `Noise Protocol <{{ link1 }}>`_ handshakes:
+{%- endtrans %}
+
+- `NTCP2 <{{ spec_url("ntcp2") }}>`_ (0.9.36, 2018)
+- `{% trans %}ECIES-X25519-Ratchet end-to-end protocol{% endtrans %} <{{ spec_url("ecies") }}>`_ (0.9.46, 2020)
+- `{% trans %}ECIES-X25519 tunnel build messages{% endtrans %} <{{ spec_url("tunnel-creation-ecies") }}>`_ (1.5.0, 2021)
+- `SSU2 <{{ proposal_url("159") }}>`_ (2.0.0, 2022)
+
+{% trans -%}
+All I2P Noise protocols use the following standard cryptographic algorithms:
+{%- endtrans %}
+
+- `X25519 <https://en.wikipedia.org/wiki/Curve25519>`_
+- `ChaCha20/Poly1305 AEAD <https://www.rfc-editor.org/rfc/rfc8439.html>`_
+- `SHA-256 <https://en.wikipedia.org/wiki/SHA-2>`_
+
+
+{% trans %}Goals{% endtrans %}
+------------------------------------
+
+- {% trans %}Upgrade the asymmetric cryptography to the much faster X25519{% endtrans %}
+- {% trans %}Use standard symmetric authenticated encryption ChaCha20/Poly1305{% endtrans %}
+- {% trans %}Improve the obfuscation and blocking resistance features of SSU{% endtrans %}
+- {% trans %}Improve the resistance to spoofed addresses by adapting strategies from QUIC{% endtrans %}
+- {% trans %}Improved handshake CPU efficiency{% endtrans %}
+- {% trans %}Improved bandwidth efficiency via smaller handshakes and acknowledgements{% endtrans %}
+- {% trans %}Improve the security of the peer test and relay features of SSU{% endtrans %}
+- {% trans %}Improve the handling of peer IP and port changes by adapting the "connection migration" feature of QUIC{% endtrans %}
+- {% trans %}Move away from heuristic code for packet handling to documented, algorithmic processing{% endtrans %}
+- {% trans %}Support a gradual network transition from SSU to SSU2{% endtrans %}
+- {% trans %}Easy extensibility using the block concept from NTCP2{% endtrans %}
+
+
+{% trans %}Design{% endtrans %}
+------------------------------------
+
+{% trans -%}
+I2P uses multiple layers of encryption to protect traffic from attackers.
+The lowest layer is the transport protocol layer, used for point-to-point links between two routers.
+We currently have two transport protocols:
+NTCP2, a modern TCP protocol introduced in 2018,
+and SSU, a UDP protocol developed in 2005.
+{%- endtrans %}
+
+
+{% trans link1="/spec/i2np" -%}
+SSU2, like previous I2P transport protocols, is not a general-purpose pipe for data.
+Its primary task is to securely deliver I2P's low-level `I2NP messages <{{ link1 }}>`_
+from one router to the next.
+Each of these point-to-point connections comprises one hop in an I2P tunnel.
+Higher-layer I2P protocols run over these point-to-point connections
+to deliver garlic messages end-to-end between I2P's destinations.
+{%- endtrans %}
+
+{% trans -%}
+Designing a UDP transport presents unique and complex challenges not present in TCP protocols.
+A UDP protocol must handle security issues caused by address spoofing,
+and must implement its own congestion control.
+Additionally, all messages must be fragmented to fit within the maximum packet size (MTU)
+of the network path, and reassembled by the receiver.
+{%- endtrans %}
+
+{% trans -%}
+We first relied heavily on our previous experience with our NTCP2, SSU, and streaming protocols.
+Then, we carefully reviewed and borrowed heavily from two recently-developed UDP protocols:
+{%- endtrans %}
+
+- QUIC (`RFC 9000 <https://www.rfc-editor.org/rfc/rfc9000.html>`_, `RFC 9001 <https://www.rfc-editor.org/rfc/rfc9001.html>`_, `RFC 9002 <https://www.rfc-editor.org/rfc/rfc9002.html>`_)
+- `WireGuard <https://www.wireguard.com/protocol/>`_
+
+{% trans -%}
+Protocol classification and blocking by adversarial on-path attackers such
+as nation-state firewalls is not an explicit part of the threat model for those protocols.
+However, it is an important part of I2P's threat model, as our mission is to
+provide an anonymous and censorship-resistant communications system to at-risk users around the world.
+Therefore, much of our design work involved combining the lessons learned from
+NTCP2 and SSU with the features and security supported by QUIC and WireGuard.
+{%- endtrans %}
+
+
+{% trans -%}
+Unlike QUIC, I2P transport protocols are peer-to-peer, with no defined server/client relationship.
+Identities and public keys are published in I2P's network database,
+and the handshake must authenticate participants to those identities.
+{%- endtrans %}
+
+
+{% trans -%}
+A complete summary of the SSU2 design is beyond the scope of this article.
+However, we highlight several features of the protocol below,
+emphasizing the challenges of UDP protocol design and threat models.
+{%- endtrans %}
+
+
+
+
+
+{% trans %}DoS Resistance{% endtrans %}
+`````````````````````````````````````````````````
+
+{% trans -%}
+UDP protocols are especially vulnerable to Denial of Service (DoS) attacks.
+By sending a large amount of packets with spoofed source addresses to a victim,
+an attacker can induce the victim to consume large amounts of CPU and bandwidth to respond.
+In SSU2, we adapt the token concept from QUIC and WireGuard.
+When a router receives a connection request without a valid token,
+it does not perform an expensive cryptographic DH operation.
+It simply responds with small message containing a valid token using inexpensive cryptographic operations.
+If the initiator was not spoofing his address, he will receive the token and the handshake may proceed normally.
+This prevents any traffic amplification attacks using spoofed addresses.
+{%- endtrans %}
+
+
+
+{% trans %}Header Encryption{% endtrans %}
+`````````````````````````````````````````````````
+
+{% trans -%}
+SSU2's packet headers are similar to WireGuard, and are encrypted in a manner similar to that in QUIC.
+{%- endtrans %}
+
+{% trans -%}
+Header encryption is vitally important to prevent traffic classification, protocol identification, and censorship.
+Headers also contain information that would make it easier for attackers to interfere with
+or even decrypt packet contents.
+While nation-state firewalls are mostly focused on classification and possible disruption of TCP traffic,
+we anticipate that their UDP capabilities will increase to meet the challenges of
+new UDP protocols such as QUIC and WireGuard.
+Ensuring that SSU2 headers are adequately obfuscated and/or encrypted was the first task we addressed.
+{%- endtrans %}
+
+{% trans link1="https://eprint.iacr.org/2019/624.pdf" -%}
+Headers are encrypted using a header protection scheme by XORing with data calculated from known keys,
+using ChaCha20, similar to QUIC RFC-9001_ and `Nonces are Noticed <{{ link1 }}>`_.
+This ensures that the encrypted headers will appear to be random, without any distinguishable pattern.
+{%- endtrans %}
+
+{% trans link1="https://eprint.iacr.org/2019/624.pdf" -%}
+Unlike the QUIC RFC-9001_ header protection scheme, all parts of all headers, including destination and source connection IDs, are encrypted.
+QUIC RFC-9001_ and `Nonces are Noticed <{{ link1 }}>`_ are primarily focused on encrypting the "critical" part of the header, i.e. the packet number (ChaCha20 nonce).
+While encrypting the session ID makes incoming packet classification a little more complex, it makes some attacks more difficult.
+{%- endtrans %}
+
+{% trans -%}
+Our threat model assumes that censorship firewalls do not have real-time access to I2P's network database.
+Headers are encrypted with known keys published in the network database or calculated later.
+In the handshake phase, header encryption is for traffic classification resistance only,
+as the decryption key is public and the key and nonces are reused.
+Header encryption in this phase is effectively just obfuscation.
+Note that the header encryption is also used to obfuscate the X25519 ephemeral keys in the handshake,
+for additional protection.
+{%- endtrans %}
+
+{% trans -%}
+In the data phase, only the session ID field is encrypted with a key from the network database.
+The critical nonce field is encrypted with a key derived from the handshake,
+so it may not be decrypted even by a party with access to the network database.
+{%- endtrans %}
+
+
+
+
+{% trans %}Packet Numbering, ACKS, and Retransmission{% endtrans %}
+```````````````````````````````````````````````````````````````````````
+
+{% trans link1="/en/docs/api/streaming" -%}
+SSU2 contains several improvements over SSU for security and efficiency.
+The packet number is the AEAD nonce, and each packet number is only used once.
+Acknowledgements (ACKs) are for packet numbers, not I2NP message numbers or fragments.
+ACKs are sent in a very efficient, compact format adapted from QUIC.
+An immediate-ack request mechanism is supported, similar to SSU.
+Congestion control, windowing, timers, and retransmission strategies are not fully specified,
+to allow for implementation flexibility and improvements,
+but general guidance is taken from the RFCs for TCP.
+Additional algorithms for timers are adapted from I2P's `streaming protocol <{{ link1 }}>`_ and SSU implementations.
+{%- endtrans %}
+
+
+
+
+
+{% trans %}Connection Migration{% endtrans %}
+`````````````````````````````````````````````````
+
+{% trans -%}
+UDP protocols are susceptible to breakage from peer port and IP changes
+caused by NAT rebinding, IPv6 temporary address changes, and mobile device address changes.
+Previous SSU implementations attempted to handle some of these cases with complex and brittle heuristics.
+SSU2 provides a formal, documented process to detect and validate peer
+address changes and migrate connections to the peer's new address without data loss.
+It prevents migration caused by packet injection or modification by attackers.
+The protocol to implement connection migration is adapted and simplified from QUIC.
+{%- endtrans %}
+
+
+
+
+
+{% trans %}Peer Test and Relay{% endtrans %}
+`````````````````````````````````````````````````
+
+
+{% trans -%}
+SSU provides two important services in addition to the transport of I2NP messages.
+First, it supports Peer Test, which is a cooperative scheme to determine local IP
+and detect the presence of network address translation (NAT) and firewall devices.
+This detection is used to update router state, share that state with other transports,
+and publish current address and state in I2P's network database.
+Second, it supports Relaying, in which routers cooperate to traverse firewalls
+so that all routers may accept incoming connections.
+These two services are essentially sub-protocols within the SSU transport.
+{%- endtrans %}
+
+{% trans -%}
+SSU2 updates the security and reliability of these services by
+enhancing them to add more response codes, encryption, authentication,
+and restrictions to the design and implementation.
+{%- endtrans %}
+
+
+
+
+
+{% trans %}Performance{% endtrans %}
+--------------------------------------------
+
+{% trans -%}
+The I2P network is a complex mix of diverse routers.
+There are two primary implementations running all over the world on
+hardware ranging from high-performance data center computers to
+Raspberry Pis and Android phones.
+Routers use both TCP and UDP transports.
+While the SSU2 improvements are significant, we do not expect them
+to be apparent to the user, either locally or in end-to-end transfer speeds.
+End-to-end transfers depend on the performance of 13 other routers
+and 14 point-to-point transport links, each of which could be
+SSU2, NTCP2, or SSU.
+{%- endtrans %}
+
+{% trans -%}
+In the live network, latency and packet loss vary widely.
+Even in a test setup, performance depends on configured latency and packet loss.
+The i2pd project reports that maximum transfer rates for SSU2 were over 3 times
+faster than SSU in some tests. However, they completely redesigned their
+SSU code for SSU2 as their previous implementation was rather poor.
+The Java I2P project does not expect that their SSU2 implementation will be any faster than SSU.
+{%- endtrans %}
+
+{% trans -%}
+Very low-end platforms such as Raspberry Pis and OpenWRT may see substantial improvements
+from the elimination of SSU.
+ElGamal is extremely slow and limits performance on those platforms.
+{%- endtrans %}
+
+{% trans -%}
+SSU2 data phase encryption uses ChaCha20/Poly1305, compared to AES with a MD5 HMAC for SSU.
+Both are very fast and the change is not expected to measurably affect performance.
+{%- endtrans %}
+
+{% trans -%}
+Here are some highlights of the estimated improvements for SSU2 vs. SSU:
+{%- endtrans %}
+
+- {% trans %}40% reduction in total handshake packet size{% endtrans %}
+- {% trans %}50% or more reduction in handshake CPU{% endtrans %}
+- {% trans %}90% or more reduction in ACK overhead{% endtrans %}
+- {% trans %}50% reduction in packet fragmentation{% endtrans %}
+- {% trans %}10% reduction in data phase overhead{% endtrans %}
+
+
+
+{% trans %}Transition Plan{% endtrans %}
+--------------------------------------------
+
+{% trans -%}
+I2P strives to maintain backward compatibility, both to ensure network stability,
+and to allow older routers to continue to be useful and secure.
+However, there are limits, because compatibility increases code complexity
+and maintenance requirements.
+{%- endtrans %}
+
+
+{% trans -%}
+The Java I2P and i2pd projects will both enable SSU2 by default in their next releases (2.0.0 and 2.44.0) in late November 2022.
+However, they have different plans for disabling SSU.
+I2pd will disable SSU immediately, because SSU2 is a vast improvement over their SSU implementation.
+Java I2P plans to disable SSU in mid-2023, to support a gradual transition
+and give older routers time to upgrade.
+Because Java I2P release 0.9.36 and i2pd release 2.20.0 (2018) were the first to support NTCP2,
+routers older than that will not be able to connect to i2pd routers 2.44.0 or higher,
+as they have no compatible transports.
+{%- endtrans %}
+
+
+
+
+
+{% trans %}Summary{% endtrans %}
+------------------------------------
+
+{% trans -%}
+The founders of I2P had to make several choices for cryptographic algorithms and protocols.
+Some of those choices were better than others, but twenty years later, most are showing their age.
+Of course, we knew this was coming, and we've spent the last decade planning and implementing cryptographic upgrades.
+As the old saying goes, upgrading things while maintaining backward compatibility
+and avoiding a "flag day" is quite challenging, like changing the tires on the bus while it's rolling down the road.
+{%- endtrans %}
+
+{% trans -%}
+SSU2 was the last and most complex protocol to develop in our long upgrade path.
+UDP has a very challenging set of assumptions and threat model.
+We first designed and rolled out three other flavors of Noise protocols,
+and gained experience and deeper understanding of the security and protocol design issues.
+Finally, we had to research and fully understand other modern UDP protocols - WireGuard and QUIC.
+While the authors of those protocols didn't solve all of our problems for us,
+their documentation of the UDP threat models and their designed countermeasures gave us the
+confidence that we too would be able to complete our task.
+We thank them as well as the creators of all the cryptography we rely on to keep our users safe.
+{%- endtrans %}
+
+
+{% trans -%}
+Expect SSU2 to be enabled in the i2pd and Java I2P releases scheduled for late November 2022.
+If the update goes well, nobody will notice anything different at all.
+The performance benefits, while significant, will probably not be measurable for most people.
+{%- endtrans %}
+
+
+{% trans -%}
+As usual, we recommend that you update to the new release when it's available.
+The best way to maintain security and help the network is to run the latest release.
+{%- endtrans %}
+
+
+.. _RFC-9000: https://www.rfc-editor.org/rfc/rfc9000.html
+.. _RFC-9001: https://www.rfc-editor.org/rfc/rfc9001.html
+.. _RFC-9002: https://www.rfc-editor.org/rfc/rfc9002.html

i2p2www/blog/2022/11/21/2.0.0-Release.rst

@@ -0,0 +1,87 @@
+===========================================
+{% trans -%}2.0.0 Release{%- endtrans %}
+===========================================
+
+.. meta::
+   :author: zzz
+   :date: 2022-11-21
+   :category: release
+   :excerpt: {% trans %}2.0.0 enables SSU2{% endtrans %}
+
+{% trans -%}
+Update details
+{%- endtrans %}
+============================================
+
+{% trans -%}
+I2P release 2.0.0 enables our new UDP transport SSU2 for all users, after completion of minor features, testing, and numerous bug fixes.
+{%- endtrans %}
+
+{% trans -%}
+We also have fixes all over, including for the installer, network database, adding to the private address book, the Windows browser launcher, and IPv6 UPnP.
+{%- endtrans %}
+
+{% trans -%}
+As usual, we recommend that you update to this release. The best way to
+maintain security and help the network is to run the latest release.
+{%- endtrans %}
+
+
+**{% trans %}RELEASE DETAILS{% endtrans %}**
+
+**{% trans %}Changes{% endtrans %}**
+
+- {% trans %}i2ptunnel: Support SHA-256 digest proxy authentication (RFC 7616){% endtrans %}
+- {% trans %}SSU2: Connection migration{% endtrans %}
+- {% trans %}SSU2: Immediate acks{% endtrans %}
+- {% trans %}SSU2: Enable by default{% endtrans %}
+
+
+
+
+**{% trans %}Bug Fixes{% endtrans %}**
+
+- {% trans %}i2ptunnel: Fix IRC USER line filtering{% endtrans %}
+- {% trans %}Installer: Fix path for Windows service, caused local eepsite to be broken{% endtrans %}
+- {% trans %}Installer: Fix error on Windows when username contains a space{% endtrans %}
+- {% trans %}NetDB: Database store message handling fixes{% endtrans %}
+- {% trans %}NetDB: Fix reseeding when clock is skewed{% endtrans %}
+- {% trans %}Router: Deadlock fix{% endtrans %}
+- {% trans %}SSU2: Fix packets exceeding MTU{% endtrans %}
+- {% trans %}SSU2: Fix ping packets less than minimum size{% endtrans %}
+- {% trans %}SSU2: Fix handling of termination acks{% endtrans %}
+- {% trans %}SusiDNS: Fix adding entry to empty address book{% endtrans %}
+- {% trans %}SusiMail: Fix dark theme button icons{% endtrans %}
+- {% trans %}UPnP: IPv6 fix{% endtrans %}
+- {% trans %}Windows: Fix launching preferred browser at startup{% endtrans %}
+
+
+
+
+
+**{% trans %}Other{% endtrans %}**
+
+- {% trans %}Deadlock detector improvements{% endtrans %}
+- {% trans %}Debian: Change dependency from libservlet3.1-java to libjsp-api-java and libservlet-api-java{% endtrans %}
+- {% trans %}i2psnark: Increase max pieces to 64K{% endtrans %}
+- {% trans %}i2psnark: Add links to additional instances in the console{% endtrans %}
+- {% trans %}Option to compress router logs{% endtrans %}
+- {% trans %}Translation updates{% endtrans %}
+
+
+
+`{% trans %}Full list of fixed bugs{% endtrans %}`__
+
+__ http://{{ i2pconv('git.idk.i2p') }}/i2p-hackers/i2p.i2p/-/issues?scope=all&state=closed&milestone_title=2.0.0
+
+
+**{% trans %}SHA256 Checksums:{% endtrans %}**
+
+::
+
+     df3cf4d7fc6c3ed06c7b9de5c8c7b9c692295ecddb0d780e31fc23107e045e5e  i2pinstall_2.0.0_windows.exe
+     b9fe281f28971de674f35cba8c483037bf8ac2d96578cb34f5ee627239d03890  i2pinstall_2.0.0.jar
+     1d50831e72a8f139cc43d5584c19ca48580d72f1894837689bf644c299df9099  i2psource_2.0.0.tar.bz2
+     053864a774470df66517826e10026787dc7a90ba871e6aded018d962ca3c068a  i2pupdate_2.0.0.zip
+     c221a9aadac400697cc79a2202130d766359518aab565ad6e99d64f29b92ff83  i2pupdate.su3
+

i2p2www/blog/2022/11/23/easy_install_bundle_2.0.0.rst

@@ -0,0 +1,34 @@
+==========================================================================================
+{% trans -%}Easy Install 2.0.0 for Windows, OSX delayed by 1 Month{%- endtrans %}
+==========================================================================================
+
+.. meta::
+   :author: idk
+   :date: 2022-11-23
+   :category: release
+   :excerpt: {% trans %}Bugfixes, Stability/Compatibility Improvements and 2.0.0{% endtrans %}
+
+{% trans -%}
+Update details
+{%- endtrans %}
+============================================
+
+{% trans %}
+The I2P Easy-Install bundle for Windows has been released.
+In this release, support has been added for most major browsers, including all major Firefox(Gecko) and Chromium forks.
+Compatibility with external I2P Service installs and un-bundled I2P user installs has been improved.
+The Easy-Install bundle can now detect other I2P routers and prompt the user to launch them instead, if they already have I2P.
+The browser extensions have been updated to the latest versions.
+The Easy-Install now has access to `i2p.plugins.firefox`'s usability mode via the `-usability` command-line flag.
+The default mode is the "Strict" mode where Javascript is disabled by NoScript.
+In usability mode, Javascript is restricted by JShelter.
+For more details, see the profile manager repository at i2pgit.org.
+{% endtrans %}
+
+{% trans %}
+It is recommended that you update to this release for the best security, privacy, and performance, and to help the network.
+{% endtrans %}
+
+{% trans %}
+Due to the departure of the developer/maintainer, the Easy-Install Bundle for OSX will be delayed by a month while we work out the maintainership.
+{% endtrans %}

i2p2www/blog/2022/2/21/1.7.0-Release.rst

@@ -0,0 +1,111 @@
+===========================================
+{% trans -%}1.7.0 Release{%- endtrans %}
+===========================================
+
+.. meta::
+   :author: zzz
+   :date: 2022-02-21
+   :category: release
+   :excerpt: {% trans %}1.7.0 with reliability and performance improvements{% endtrans %}
+
+{% trans -%}
+Update details
+{%- endtrans %}
+============================================
+
+
+{% trans -%}
+The 1.7.0 release contains several performance and reliability improvements.
+{%- endtrans %}
+
+{% trans -%}
+There are now popup messages in the system tray, for those platforms that support it.
+i2psnark has a new torrent editor.
+The NTCP2 transport now uses much less CPU.
+{%- endtrans %}
+
+{% trans -%}
+The long-deprecated BOB interface is removed for new installs.
+It will continue to work in existing installs, except for Debian packages.
+Any remaining users of BOB applications should ask the developers to convert to the SAMv3 protocol.
+{%- endtrans %}
+
+{% trans -%}
+We know that since our 1.6.1 release, network reliability has steadily deteriorated.
+We were aware of the problem soon after the release, but it took us almost two months to find the cause.
+We eventually identified it as a bug in i2pd 2.40.0,
+and the fix will be in their 2.41.0 release coming out about the same time as this release.
+Along the way, we've made several changes on the Java I2P side to improve the
+robustness of network database lookups and stores, and avoid poorly-performing peers in tunnel peer selection.
+This should help the network be more robust even in the presence of buggy or malicious routers.
+Additionally, we're starting a joint program to test pre-release i2pd and Java I2P routers
+together in an isolated test network, so we can find more problems before the releases, not after.
+{%- endtrans %}
+
+{% trans -%}
+In other news, we continue to make great progress on the design of our new UDP transport "SSU2" (proposal 159)
+and have started implementation.
+SSU2 will bring substantial performance and security improvements.
+It will also allow us to finally replace our last usage of the very slow ElGamal encryption,
+completing a full cryptography upgrade that started about 9 years ago.
+We expect to start joint testing with i2pd soon, and roll it out to the network later this year.
+{%- endtrans %}
+
+{% trans -%}
+As usual, we recommend that you update to this release. The best way to
+maintain security and help the network is to run the latest release.
+{%- endtrans %}
+
+
+**{% trans %}RELEASE DETAILS{% endtrans %}**
+
+**{% trans %}Changes{% endtrans %}**
+
+- {% trans %}BOB: Remove{% endtrans %}
+- {% trans %}i2psnark: New torrent editor{% endtrans %}
+- {% trans %}i2psnark standalone: Fixes and improvements{% endtrans %}
+- {% trans %}i2ptunnel: Support IRCv3 message tags{% endtrans %}
+- {% trans %}NetDB: Lookup/store reliability improvements{% endtrans %}
+- {% trans %}System tray: Add popup messages{% endtrans %}
+- {% trans %}Transport: NTCP2 performance improvements{% endtrans %}
+- {% trans %}Transport: NTCP2 clock skew handling improvements{% endtrans %}
+- {% trans %}Transport: Use priority in SSU sender queue{% endtrans %}
+- {% trans %}Tunnels: Remove outbound tunnel when can't connect to first hop{% endtrans %}
+- {% trans %}Tunnels: Fallback to exploratory for building after repeated build failure{% endtrans %}
+- {% trans %}Tunnels: Enable tunnel testing by default{% endtrans %}
+- {% trans %}Tunnels: Use tunnel builds as a tunnel test{% endtrans %}
+
+
+**{% trans %}Bug Fixes{% endtrans %}**
+
+- {% trans %}Plugins: Fixes for webapps named different from the plugin{% endtrans %}
+- {% trans %}Reseed: Fixes for IPv6-only{% endtrans %}
+- {% trans %}Router: Fix rare deadlock at startup{% endtrans %}
+- {% trans %}Tunnels: Restore IP restriction tests{% endtrans %}
+
+
+**{% trans %}Other{% endtrans %}**
+
+- {% trans %}API version{% endtrans %}: 0.9.53
+- {% trans %}i2pcontrol: Improved state mapping{% endtrans %}
+- {% trans %}i2ptunnel: Refactor UDP support{% endtrans %}
+- {% trans %}Plugins: Fixes for webapps{% endtrans %}
+- {% trans %}Router: Workarounds for i2pd 2.40.0 SSU bug{% endtrans %}
+- {% trans %}Translation updates{% endtrans %}
+
+
+
+`{% trans %}Full list of fixed bugs{% endtrans %}`__
+
+__ http://{{ i2pconv('git.idk.i2p') }}/i2p-hackers/i2p.i2p/-/issues?scope=all&state=closed&milestone_title=1.7.0
+
+
+**{% trans %}SHA256 Checksums:{% endtrans %}**
+
+::
+
+      a2206e2578e88aa08294b68df2c9dad4f9301a94dc3d00bfccfe4517555e226c  i2pinstall_1.7.0_windows.exe
+      23b80dd09bf4bb53edfde8e802bf0e428d89062f1232b3cdfeca04fccdbeb685  i2pinstall_1.7.0.jar
+      aa53591e89eacc3491ab472dc4df998780fb6747eea3b97ecb7a9f81ff2c9a5e  i2psource_1.7.0.tar.bz2
+      fcfd2e3685de8c0b79b2018638821c64411c66c61ab84d2bf74c149358c96dba  i2pupdate_1.7.0.zip
+      d8110d77efb9712d69b622df03b7c9cd7f492b516b71914efb6019d31541e771  i2pupdate.su3

i2p2www/blog/2022/4/21/Easy-Install-Updates.rst

@@ -0,0 +1,31 @@
+===========================================
+{% trans -%}Jpackage Update for Java CVE-2022-21449{%- endtrans %}
+===========================================
+
+.. meta::
+   :author: idk
+   :date: 2022-04-21
+   :category: release
+   :excerpt: {% trans %}Jpackage bundles released with fixes for Java CVE-2022-21449{% endtrans %}
+
+{% trans -%}
+Update details
+{%- endtrans %}
+============================================
+
+{% trans -%}
+New I2P Easy-Install bundles have been generated using the latest release of the
+Java Virtual Machine which contains a fix for CVE-2022-21449
+"Psychic Signatures." It is recommended that users of the easy-install bundles
+update as soon as possible. Current OSX users will recieve updates automatically,
+Windows users should download the installer from our downloads page and run the
+installer normally.
+{%- endtrans %}
+
+{% trans -%}
+The I2P router on Linux uses the Java Virtual Machine configured by the host
+system. Users on those platforms should downgrade to a stable Java version below
+Java 14 in order to mitigate the vulnerability until updates are released by
+the package maintainers. Other users using an external JVM should update the JVM
+to a fixed version as soon as possible.
+{%- endtrans %}

i2p2www/blog/2022/5/23/1.8.0-Release.rst

@@ -0,0 +1,95 @@
+===========================================
+{% trans -%}1.8.0 Release{%- endtrans %}
+===========================================
+
+.. meta::
+   :author: zzz
+   :date: 2022-05-23
+   :category: release
+   :excerpt: {% trans %}1.8.0 with bug fixes{% endtrans %}
+
+{% trans -%}
+Update details
+{%- endtrans %}
+============================================
+
+
+{% trans -%}
+This release includes bug fixes in i2psnark,
+the router, I2CP, and UPnP.
+Router fixes address bugs in soft restart, IPv6, SSU peer testing,
+network database stores, and tunnel building.
+Router family handling and Sybil classification have also been
+significantly improved.
+{%- endtrans %}
+
+{% trans -%}
+Together with i2pd, we are developing our new UDP transport, SSU2.
+SSU2 will bring substantial performance and security improvements.
+It will also allow us to finally replace our last usage of the very slow ElGamal encryption,
+completing the full cryptography upgrade we started about 9 years ago.
+This release contains a preliminary implementation which is disabled by default.
+If you wish to participate in testing, please look for current information
+on zzz.i2p.
+{%- endtrans %}
+
+{% trans -%}
+As usual, we recommend that you update to this release. The best way to
+maintain security and help the network is to run the latest release.
+{%- endtrans %}
+
+
+**{% trans %}RELEASE DETAILS{% endtrans %}**
+
+**{% trans %}Changes{% endtrans %}**
+
+- {% trans %}SSU2: Preliminary implementation{% endtrans %}
+- Tomcat 9.0.62
+
+
+**{% trans %}Bug Fixes{% endtrans %}**
+
+- {% trans %}Crypto: Fix handling of EdDSA certs with official OID{% endtrans %}
+- {% trans %}I2CP: Fix external connections when session ID is 0{% endtrans %}
+- {% trans %}I2PSnark: Fix size calculation causing tracker errors{% endtrans %}
+- {% trans %}I2PSnark standalone: More fixes and improvements{% endtrans %}
+- {% trans %}Router: Family fixes and improvements{% endtrans %}
+- {% trans %}Router: Fix database store logic{% endtrans %}
+- {% trans %}Router: Fix invalid store and rekeying at startup{% endtrans %}
+- {% trans %}Router: Don't use he.net addresses for GeoIP{% endtrans %}
+- {% trans %}Router: Soft restart fixes{% endtrans %}
+- {% trans %}SSU: Peer test fixes{% endtrans %}
+- {% trans %}SSU: Publish empty IPv6 address when missing introducers{% endtrans %}
+- {% trans %}SSU: Reduce ack delay to improve performance{% endtrans %}
+- {% trans %}Transport: Fix UPnP deadlock{% endtrans %}
+- {% trans %}Tunnels: Don't build client tunnels shorter than minimum length{% endtrans %}
+- {% trans %}UPnP: IPv6 fixes{% endtrans %}
+
+
+**{% trans %}Other{% endtrans %}**
+
+- {% trans %}API version{% endtrans %}: 0.9.54
+- {% trans %}Console: Setup wizard redesign{% endtrans %}
+- {% trans %}i2psnark: Load system mime types if available{% endtrans %}
+- {% trans %}I2PSnark standalone: Add system tray{% endtrans %}
+- {% trans %}Router: Reduce build reply timeout so we will retry faster{% endtrans %}
+- {% trans %}Router: Avoid Sybil penalty for trusted large families{% endtrans %}
+- {% trans %}Source: Remove BOB{% endtrans %}
+- {% trans %}Translation updates{% endtrans %}
+
+
+
+`{% trans %}Full list of fixed bugs{% endtrans %}`__
+
+__ http://{{ i2pconv('git.idk.i2p') }}/i2p-hackers/i2p.i2p/-/issues?scope=all&state=closed&milestone_title=1.8.0
+
+
+**{% trans %}SHA256 Checksums:{% endtrans %}**
+
+::
+
+      738b7608d7f2c6433dcde8a1cbd7ea025d281e90b45c8695385004625a4c88d1  i2pinstall_1.8.0_windows.exe
+      ee49cad06fd73e75ed25eaab342f8167e447b901205ee8593a31b5a599d892af  i2pinstall_1.8.0.jar
+      525f2ad3267f130b81296b3dd24102fdcf2adf098d54272da4e1be4abd87df04  i2psource_1.8.0.tar.bz2
+      446ac94969163bce514aca6bb408cb72d1b8d9bd65fe22e773ec3bcad142db21  i2pupdate_1.8.0.zip
+      3379fe757eecbf20688ee37685fe52f15ac04fd59e891c6a059a33d519c4ff19  i2pupdate.su3

i2p2www/blog/2022/8/22/1.9.0-Release.rst

@@ -0,0 +1,87 @@
+===========================================
+{% trans -%}1.9.0 Release{%- endtrans %}
+===========================================
+
+.. meta::
+   :author: zzz
+   :date: 2022-08-22
+   :category: release
+   :excerpt: {% trans %}1.9.0 with SSU2{% endtrans %}
+
+{% trans -%}
+Update details
+{%- endtrans %}
+============================================
+
+{% trans -%}
+We have spent the last three months working on our new UDP transport protocol "SSU2"
+with a small number of volunteer testers.
+This release completes the implementation, including relay and peer testing.
+We are enabling it by default for Android and ARM platforms, and a small percentage of other routers at random.
+This will allow us to do much more testing in the next three months, finish the connection migration feature,
+and fix any remaining issues.
+We plan to enable it for everyone in the next release scheduled for November.
+No manual configuration is necessary.
+Of course, there's the usual collection of bug fixes in this release as well.
+We also added an automatic deadlock detector that has already found a rare deadlock that is now fixed.
+{%- endtrans %}
+
+{% trans -%}
+As usual, we recommend that you update to this release. The best way to
+maintain security and help the network is to run the latest release.
+{%- endtrans %}
+
+
+**{% trans %}RELEASE DETAILS{% endtrans %}**
+
+**{% trans %}Changes{% endtrans %}**
+
+- {% trans %}Add deadlock detector{% endtrans %}
+- {% trans %}Periodically send our RI to connected peers{% endtrans %}
+- {% trans %}SSU MTU/PMTU improvements and fixes{% endtrans %}
+- {% trans %}SSU2 base protocol fixes and improvements{% endtrans %}
+- {% trans %}SSU2 peer test and relay implementation{% endtrans %}
+- {% trans %}SSU2 published address fixes{% endtrans %}
+- {% trans %}SSU2: Enable for Android, ARM, and a small portion of others at random{% endtrans %}
+
+**{% trans %}Bug Fixes{% endtrans %}**
+
+- {% trans %}Clock: Fix deadlock after clock shift{% endtrans %}
+- {% trans %}Debian: Apparmor profile fixes{% endtrans %}
+- {% trans %}Don't allow family key errors to crash router{% endtrans %}
+- {% trans %}Fix EC family key loading on Android{% endtrans %}
+- {% trans %}Fix EdDSA key loading on Java 15+{% endtrans %}
+- {% trans %}i2psnark: Fix DHT not restarting after router restart{% endtrans %}
+- {% trans %}OSX: Prevent hangs at shutdown after dock right-click quit{% endtrans %}
+- {% trans %}SSU: Fix publishing of MTU in addresses without IPs{% endtrans %}
+- {% trans %}SSU: Fix rare HMAC NPE{% endtrans %}
+- {% trans %}SusiDNS CSS fixes{% endtrans %}
+- {% trans %}Transport: Improve processing after message delivery failure{% endtrans %}
+- {% trans %}UPnP: Don't briefly bind to all addresses at startup{% endtrans %}
+
+
+**{% trans %}Other{% endtrans %}**
+
+- {% trans %}Set outproxy to exit.stormycloud.i2p (new installs only){% endtrans %}
+- {% trans %}Disable SSU introductions on Android{% endtrans %}
+- {% trans %}API version: 0.9.55{% endtrans %}
+- {% trans %}New translation: Spanish (Argentina){% endtrans %}
+- {% trans %}Translation updates{% endtrans %}
+
+
+
+`{% trans %}Full list of fixed bugs{% endtrans %}`__
+
+__ http://{{ i2pconv('git.idk.i2p') }}/i2p-hackers/i2p.i2p/-/issues?scope=all&state=closed&milestone_title=1.9.0
+
+
+**{% trans %}SHA256 Checksums:{% endtrans %}**
+
+::
+
+     fdb2e471fadfda33589697536180df966ec165ab59a0d9c8a623491cc2c8eae3  i2pinstall_1.9.0_windows.exe
+     124a1d917dec1f75dc17b5a062704d5abe259b874655c595a9d8f5fd9494eafd  i2pinstall_1.9.0.jar
+     57f61815098c35593d7ede305f98b9015c4c613c72231ad084e6806a3e2aa371  i2psource_1.9.0.tar.bz2
+     31b8798c7fa75242ed09f671028b85e6acc9d5d9d0a132138debf4cdfbb08f21  i2pupdate_1.9.0.zip
+     7959f1189c50fa8968e72023f614b610016c1d544a16315f05ea6ad4b18677bc  i2pupdate.su3
+

i2p2www/blog/2022/8/28/easy_install_bundle_1.9.0.rst

@@ -0,0 +1,43 @@
+====================================================================
+{% trans -%}Windows Easy-Install Bundle 1.9.0 Release{%- endtrans %}
+====================================================================
+
+.. meta::
+   :author: idk
+   :date: 2022-08-28
+   :category: release
+   :excerpt: {% trans %}Windows Easy-Install Bundle 1.9.0 - Major Stability/Compatibility Improvements{% endtrans %}
+
+{% trans -%}
+This update includes the new 1.9.0 router and major quality-of-life improvements for bundle users
+{%- endtrans %}
+=================================================================================================
+
+{% trans -%}
+This release includes the new I2P 1.9.0 router and is based on Java 18.02.1.
+{%- endtrans %}
+
+{% trans -%}
+The old batch scripts have been phased out in favor of a more flexible and stable solution in the jpackage itself.
+This should fix all bugs related to path-finding and path-quoting which were present in the batch scripts. After
+you upgrade, the batch scripts can be safely deleted. They will be removed by the installer in the next update.
+{%- endtrans %}
+
+{% trans -%}
+A sub-project for managing browsing tools has been started: i2p.plugins.firefox which has extensive capabilities
+for configuring I2P browsers automatically and stably on many platforms. This was used to replace the batch
+scripts but also functions as a cross-platform I2P Browser management tool. Contributions are welcome
+here: http://git.idk.i2p/idk/i2p.plugins.firefox at the source repository.
+{%- endtrans %}
+
+{% trans -%}
+This release improves compatibility with externally-running I2P routers such as those provided by the IzPack
+installer and by third-party router implementations such as i2pd. By improving external router discovery it
+requires less of a system's resources, improves start-up time, and prevents resource conflicts from occurring.
+{%- endtrans %}
+
+{% trans -%}
+Besides that, the profile has been updated to the latest version of the Arkenfox profile. I2P in Private
+Browsing and NoScript have both been updated. The profile has been restructured in order to allow for
+evaluating different configurations for different threat models.
+{%- endtrans %}

i2p2www/blog/2022/8/3/Apple-Silicon-Easy-Install.rst

@@ -0,0 +1,30 @@
+===========================================
+{% trans -%}Apple Silicon Easy Install{%- endtrans %}
+===========================================
+
+.. meta::
+   :author: zlatinb
+   :date: 2022-08-03
+   :category: beta
+   :excerpt: {% trans %}Easy Install bundle BETA for Apple Silicon Macs available{% endtrans %}
+
+{% trans -%}
+We are pleased to offer an Easy Install BETA bundle for Mac OS running on Apple Silicon hardware.  You can download it here:
+{%- endtrans %}
+
+`{% trans %}I2P Mac OS Easy Install bundles{% endtrans %}`__
+
+__ https://geti2p.net/en/download/mac
+
+
+**{% trans -%}Speed{%- endtrans %}**
+
+{% trans -%}In our internal benchmarks the cryptographic operations are between 2 and 2.5 times faster than when running the Intel bundle under Rosetta.{%- endtrans %}
+
+**{% trans -%}Known Issues{%- endtrans %}**
+
+ - {% trans -%}Quitting I2P by right-clicking on the dock icon causes I2P to freeze and a "Force Quit" is necessary.  This issue will be fixed for the 1.9 release.{%- endtrans %}
+ - {% trans -%}If you already had an Intel bundle installed on your Mac, you need to modify some settings to prevent in-network updates from reverting you to an Intel bundle.  Please see the instructions on the download page.{%- endtrans %}
+
+**{% trans -%}Thank you for testing!{%- endtrans %}**
+

i2p2www/blog/2022/8/4/Enable-StormyCloud.rst

@@ -0,0 +1,70 @@
+=================================================
+{% trans -%}How to Switch to the StormyCloud Outproxy Service{%- endtrans %}
+=================================================
+
+.. meta::
+   :author: idk
+   :date: 2022-08-04
+   :category: general
+   :excerpt: {% trans %}How to Switch to the StormyCloud Outproxy Service{% endtrans %}
+
+{% trans -%}
+How to Switch to the StormyCloud Outproxy Service
+{%- endtrans %}
+=================================================
+
+**{% trans %}A New, Professional Outproxy{% endtrans %}**
+
+{% trans -%}
+For years, I2P has been served by a single default outproxy, `false.i2p`
+whose reliability has been degrading. Although several competitors
+have emerged to take up some of the slack, they are mostly unable to
+volunteer to serve the clients of an entire I2P implementation by
+default. However, StormyCloud, a professional, non-profit organization
+which runs Tor exit nodes, has started a new, professional outproxy
+service which has been tested by members of the I2P community and which
+will become the new default outproxy in the upcoming release.
+{%- endtrans %}
+
+**{% trans %}Who are StormyCloud{% endtrans %}**
+
+In their own words, StormyCloud is:
+
+{% trans -%}
+  Mission of StormyCloud Inc
+  To defend Internet access as a universal human right. By doing so, the group protects users’ electronic privacy and builds community by fostering unrestricted access to information and thus the free exchange of ideas across borders. This is essential because the Internet is the most powerful tool available for making a positive difference in the world.
+{%- endtrans %}
+
+{% trans -%}
+  Hardware
+  We own all of our hardware and currently colocate at a Tier 4 data center. As of now have a 10GBps uplink with the option to upgrade to 40GBps without the need for much change. We have our own ASN and IP space (IPv4 & IPv6).
+{%- endtrans %}
+
+{% trans -%}
+To learn more about StormyCloud visit their `web site
+<https://www.stormycloud.org/>`_.
+{%- endtrans %}
+
+{% trans -%}
+Or, visit them on `I2P
+<http://stormycloud.i2p/>`_.
+{%- endtrans %}
+
+**{% trans %}Switching to the StormyCloud Outproxy on I2P{% endtrans %}**
+
+{% trans -%}
+To switch to the StormyCloud outproxy *today* you can visit `the Hidden Services Manager
+<http://127.0.0.1:7657/i2ptunnel/edit?tunnel=0>`_. Once you're there, you should change
+the value of **Outproxies** and **SSL Outproxies** to `exit.stormycloud.i2p`. Once you
+have done this, scroll down to the bottom of the page and click on the "Save" button.
+{%- endtrans %}
+
+.. class:: screenshot
+.. image:: /_static/images/stormycloudscreenshot.png
+
+**{% trans %}Thanks to StormyCloud{% endtrans %}**
+
+{% trans -%}
+We would like to thank StormyCloud for volunteering to provide high-quality outproxy
+services to the I2P network.
+{%- endtrans %}

i2p2www/blog/2023/01/09/2.1.0-Release.rst

@@ -0,0 +1,111 @@
+===========================================
+{% trans -%}2.1.0 Release{%- endtrans %}
+===========================================
+
+.. meta::
+   :author: zzz
+   :date: 2023-01-09
+   :category: release
+   :excerpt: {% trans %}2.1.0 with SSU2 and congestion fixes{% endtrans %}
+
+{% trans -%}
+Update details
+{%- endtrans %}
+============================================
+
+{% trans -%}
+We have learned several things since our 2.0.0 release in November.
+As routers have updated to that release, the network has gone from about 1% to over 60% support for our new SSU2 transport protocol.
+First, we have confirmed that SSU2 is a solid, well designed, and secure protocol.
+Second, however, we have found and fixed numerous minor or rarely-triggered bugs in the implementation of the protocol.
+Cumulatively, the effects of these bugs have reduced the performance of the network.
+{%- endtrans %}
+
+{% trans -%}
+Also, we are aware of increased tunnel count and reduced tunnel build success rate in the network,
+possibly triggered by Bitcoin's new I2P transient address feature,
+but made worse by our SSU2 bugs and other congestion control problems.
+We are working with Bitcoin and other non-Bitcoin projects to reduce I2P network demands.
+We have improved our algorithms to reduce network load during times of congestion.
+We are also collaborating with i2pd to develop common congestion control strategies.
+{%- endtrans %}
+
+{% trans -%}
+Therefore, we have accelerated this release by about six weeks, to get the fixes out to everybody.
+i2pd released their version 2.45.0 last week and the early results are encouraging.
+New protocols, and distributed networks, are difficult to develop.
+Congestion can arrive with little warning and with little clue of the cause.
+Thank you for your patience as we have diagnosed and hopefully fixed the problems.
+{%- endtrans %}
+
+{% trans -%}
+As usual, we recommend that you update to this release. The best way to
+maintain security and help the network is to run the latest release.
+{%- endtrans %}
+
+
+**{% trans %}RELEASE DETAILS{% endtrans %}**
+
+**{% trans %}Changes{% endtrans %}**
+
+- {% trans %}Console: New status and banned peers tabs on /peers{% endtrans %}
+- {% trans %}i2ptunnel: Add torsocks support{% endtrans %}
+- {% trans %}i2ptunnel: Add SOCKS tunnel conversion to CONNECT outproxy{% endtrans %}
+- {% trans %}i2ptunnel: Add SOCKS outproxy port configuration{% endtrans %}
+- {% trans %}i2ptunnel: Update encryption type defaults{% endtrans %}
+- {% trans %}Router: Improved congestion detection and handling{% endtrans %}
+- {% trans %}Router: Use compressible padding for destinations and router infos (proposal 161){% endtrans %}
+- {% trans %}SSU: Redesign symmetric NAT detection{% endtrans %}
+
+
+
+**{% trans %}Bug Fixes{% endtrans %}**
+
+- {% trans %}Console: Fix configuration for Argentinian Spanish{% endtrans %}
+- {% trans %}Crypto: Fix LS2 encrypted leasesets, broken since 1.8.0{% endtrans %}
+- {% trans %}i2psnark: Avoid OOM starting large number of torrents{% endtrans %}
+- {% trans %}i2ptunnel: Numerous SOCKS tunnel fixes{% endtrans %}
+- {% trans %}NTCP: Fix rare termination NPE{% endtrans %}
+- {% trans %}Profiles: Fix profile load stopping after hitting corrupt file{% endtrans %}
+- {% trans %}Router: Clock skew handling fixes and improvements{% endtrans %}
+- {% trans %}SSU: Don't publish IPv4 address when configured for IPv6-only{% endtrans %}
+- {% trans %}SSU: Fix handling of banned peers{% endtrans %}
+- {% trans %}SSU2: Peer Test fixes and improvements{% endtrans %}
+- {% trans %}SSU2: Termination fixes and improvements{% endtrans %}
+- {% trans %}SSU2: Token and handshake fixes and improvements{% endtrans %}
+- {% trans %}SSU2: Fix rare packet handling NPE{% endtrans %}
+- {% trans %}SSU2: Fix rare termination IAE{% endtrans %}
+- {% trans %}SSU2: Fix retransmission of session confirmed{% endtrans %}
+- {% trans %}SSU2: Fix attempted connection to ourselves as an introducer{% endtrans %}
+- {% trans %}UPnP: Catch rare assertion error{% endtrans %}
+
+
+
+
+
+**{% trans %}Other{% endtrans %}**
+
+- {% trans %}Console: Add leaseset lookup to advanced search form{% endtrans %}
+- {% trans %}i2psnark: Add partial Dutch translation{% endtrans %}
+- {% trans %}i2ptunnel: Allow IRCv3 ACCOUNT and CHGHOST through filter{% endtrans %}
+- {% trans %}SSU2: Preliminary support for disabling SSU1{% endtrans %}
+- {% trans %}Sybil: Add IPv6 address tests{% endtrans %}
+- {% trans %}Translation updates{% endtrans %}
+
+
+
+`{% trans %}Full list of fixed bugs{% endtrans %}`__
+
+__ http://{{ i2pconv('git.idk.i2p') }}/i2p-hackers/i2p.i2p/-/issues?scope=all&state=closed&milestone_title=2.1.0
+
+
+**{% trans %}SHA256 Checksums:{% endtrans %}**
+
+::
+
+      88e0d49090341f5bfa30299c3fa549c365da57a074ef694cf8201666687e583a  i2pinstall_2.1.0_windows.exe
+      153c7988e7a9f0c2affd1e001d554e2519dd439c08bd7c024643b749db1308c1  i2pinstall_2.1.0.jar
+      83098c1277204c5569284b32b37ef137656b27bfe15ef903eca2da7c269288d1  i2psource_2.1.0.tar.bz2
+      54cf3f146f3a630fc2486f79f24c9cfc59d4c9974df0c4479251624fa7bc12a1  i2pupdate_2.1.0.zip
+      28a6a2f95ba9a613a040976e6d30e6662fc90241f08607f2ce43c6332b9f71bf  i2pupdate.su3
+

i2p2www/blog/2023/01/13/i2p_easy_install_for_windows_2.1.0.rst

@@ -0,0 +1,41 @@
+=============================================================
+{% trans -%}Windows Easy-Install 2.1.0 Release{%- endtrans %}
+=============================================================
+
+.. meta::
+   :author: idk
+   :date: 2023-01-13
+   :category: release
+   :excerpt: {% trans %}Windows Easy-Install Bundle 2.1.0 released to improve stability, performance.{% endtrans %}
+
+{% trans -%}
+Update details
+{%- endtrans %}
+============================================
+
+{% trans -%}
+The I2P Easy-Install bundle for Windows version 2.1.0 has been released.
+As usual, this release includes an updated version of the I2P Router.
+This release of I2P provides improved strategies for dealing with network congestion.
+These should improve performance, connectivity, and secure the long-term health of the I2P network.
+{%- endtrans %}
+
+{% trans -%}
+This release features mostly under-the-hood improvements to the browser profile launcher.
+Compatibility with Tor Browser Bundle has been improved by enabling TBB configuration through environment variables.
+The Firefox profile has been updated, an the base versions of the extensions have been updated.
+Improvements have been made throughout the codebase and the deployment process.
+{%- endtrans %}
+
+{% trans -%}
+Unfortunately, this release is still an unsigned .exe installer.
+Please verify the checksum of the installer before using it.
+The updates, on the other hand are signed by my I2P signing keys and therefore safe.
+{%- endtrans %}
+
+{% trans -%}
+This release was compiled with OpenJDK 19.
+It uses i2p.plugins.firefox version 1.0.7 as a library for launching the browser.
+It uses i2p.i2p version 2.1.0 as an I2P router, and to provide applications.
+As always it is recommended that you update to the latest version of the I2P router at your earliest convenient opportunity.
+{%- endtrans %}

i2p2www/blog/2023/01/31/mac-easy-install-notarization.rst

@@ -0,0 +1,64 @@
+{% trans -%}
+=======================================
+Update on Mac Easy Install Notarization
+=======================================
+{%- endtrans %}
+.. meta::
+    :author: idk,sadie
+    :date: 2023-01-31
+    :category: release
+    :excerpt: {% trans %}{% endtrans %}
+
+{% trans -%}
+The I2P Easy-Install Bundle for Mac has been experiencing stalled updates for the past 2 releases due to the departure of its maintainer.
+For the time being, it is temporarily recommended that existing Easy-Install users delay updating and remain on 1.9.0 until the development team can successfully notarize the application and resume automatic updates.
+The updates will happen immediately once this has happened.
+For now, 1.9.0 is stable and has no known critical security issues.
+{%- endtrans %}
+
+{% trans -%}The Notarization Process For MacOS{%- endtrans %}
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+{% trans -%}
+There are many steps in the process of distributing an application to Apple users.
+In order to distribute an application as a .dmg securely, the application must pass a notarization process.
+In order to submit an application for notarization, a developer must sign the application using a set of certificates that includes one for code signing, and one for signing the application itself.
+This signing must take place at specific points during the build process, before the final .dmg bundle which is distributed to the end users can be created.
+{%- endtrans %}
+
+{% trans -%}
+I2P Java is a complex application, and because of this it is a process of trial and error to match the types of code used in the application to Apple's certificates, and where the signing takes place to produce a valid timestamp.
+It is due to this complexity that existing documentation for developers is falling short of helping the team understand the correct combination of factors that will result in successful notarization.
+{%- endtrans %}
+
+{% trans -%}
+These difficulties leave the timeline for completing this process difficult to predict.
+We won't know we're done until we are able to clean up the build environment and follow the process end-to-end.
+The good news is that we are down to only 4 errors during the notarization process from more than 50 during the first attempt and can reasonably predict that it will be competed before or in time for the next release in April.
+{%- endtrans %}
+
+{% trans -%}Options for New macOS I2P Installs and Updates{%- endtrans %}
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+{% trans -%}
+New I2P participants can still download the Easy Installer for the macOS 1.9.0 software.
+I hope to have a release ready near the end of April.
+Updates to the latest version will become available as soon as notarization is successful.
+{%- endtrans %}
+
+{% trans -%}
+The classic install options is also available.
+This will require downloading Java and the I2P software via the .jar based installer.
+{%- endtrans %}
+
+`{% trans -%}Jar Install Instructions are available here.{%- endtrans %} <https://geti2p.net/en/download/macos>`_
+
+{% trans -%}
+Easy-Install users can update to that latest version using a locally-produced development build.
+{%- endtrans %}
+
+`{% trans -%}Easy-Install Build Instructions are available here.{%- endtrans %} <https://i2pgit.org/i2p-hackers/i2p-jpackage-mac/-/blob/master/BUILD.md>`_
+
+{% trans -%}
+There is also the option to uninstall the software, remove the I2P configuration directory and reinstall I2P using the .jar installer.
+{%- endtrans %}

i2p2www/blog/2023/02/09/about_the_recent_denial_of_service_attacks.rst

@@ -0,0 +1,23 @@
+{% trans -%}
+==========================================
+About the recent Denial of Service attacks
+==========================================
+{%- endtrans %}
+.. meta::
+    :author: idk,sadie
+    :date: 2023-02-09
+    :category: release
+    :excerpt: {% trans %}I2P remains intact with impaired performance{% endtrans %}
+
+{% trans -%}
+The I2P network is currently being affected by a Denial of Service attack.
+The floodfill function of the network has been affected, resulting in responses being disrupted and tunnel build success rates dropping.
+Participants in the network have experienced difficulties connecting to I2P sites and using I2P services.
+Mitigation strategies are being investigated and implemented gradually.
+{%- endtrans %}
+
+{% trans -%}
+While the attack has degraded performance, the network remains intact and usable.
+Java I2P routers appear to be handling the issues better than i2pd routers for now.
+Various mitigations should begin to appear in dev builds of both Java and C++ routers in the next week.
+{%- endtrans %}

i2p2www/blog/2023/03/13/i2p-release-2.2.0.rst

@@ -0,0 +1,14 @@
+{% trans -%}
+=================
+I2P Release 2.2.0
+=================
+{%- endtrans %}
+.. meta::
+    :author: idk
+    :date: 2023-03-13
+    :category: release
+    :excerpt: {% trans %}{% endtrans %}
+
+{% trans -%}
+`This blog post has been moved here </en/blog/post/2023/03/13/new_release_2.2.0>`_
+{%- endtrans %}

i2p2www/blog/2023/03/13/new_release_2.2.0.rst

@@ -0,0 +1,89 @@
+{% trans -%}
+=================
+I2P Release 2.2.0
+=================
+{%- endtrans %}
+.. meta::
+    :author: idk
+    :date: 2023-03-13
+    :category: release
+    :excerpt: {% trans %}{% endtrans %}
+
+{% trans -%}
+We have elected to move forward the 2.2.0 release date, which will be occurring today, March 13, 2023.
+This release includes a changes across the NetDB, Floodfill, and Peer-Selection components which improve the ability of the router to survive DDOS attacks.
+The attacks are likely to continue, but the improvements to these systems will help to mitigate the risk of DDOS attacks by helping the router identify and de-prioritize routers that appear malicious.
+{%- endtrans %}
+
+{% trans -%}
+This release also adds replay protection to the Streaming subsystem, which prevents an attacker who can capture an encrypted packet from being able to re-use it by sending it to unintended recipients.
+This is a backward-compatible change, so older routers will still be able to use the streaming capabilities of newer routers.
+This issue was discovered and fixed internally, by the I2P development team, and is not related to the DDOS attacks.
+We have never encountered a replayed streaming packet in the wild and do not believe a streaming replay attack has ever taken place against the I2P network at this time.
+{%- endtrans %}
+
+{% trans -%}
+As you may have noticed, these release notes and the release itself have been signed by idk, and not zzz.
+zzz has chosen to step away from the project and his responsibilities are being taken on by other team members.
+As such, the project is working on replacing the network statistics infrastructure and moving the development forum to i2pforum.i2p.
+We thank zzz for providing these services for such a long time.
+{%- endtrans %}
+
+{% trans -%}
+As usual, we recommend that you update to this release.
+The best way to maintain security and help the network is to run the latest release.
+{%- endtrans %}
+
+
+
+**DETAILS**
+
+*Changes*
+
+- {% trans %}i2psnark: New search feature{% endtrans %}
+- {% trans %}i2psnark: New max files per torrent config{% endtrans %}
+- {% trans %}NetDB: Expiration improvements{% endtrans %}
+- {% trans %}NetDB: More restrictions on lookups and exploration{% endtrans %}
+- {% trans %}NetDB: Store handling improvements{% endtrans %}
+- {% trans %}NTCP2: Banning improvements{% endtrans %}
+- {% trans %}Profiles: Adjust capacity estimates{% endtrans %}
+- {% trans %}Profiles: Expiration improvements{% endtrans %}
+- {% trans %}Router: Initial support for congestion caps (proposal 162){% endtrans %}
+- {% trans %}Transports: Add inbound connection limiting{% endtrans %}
+- {% trans %}Tunnels: Refactor and improve peer selection{% endtrans %}
+- {% trans %}Tunnels: Improve handling of "probabalistic" rejections{% endtrans %}
+- {% trans %}Tunnels: Reduce usage of unreachable and floodfill routers{% endtrans %}
+
+
+*Bug Fixes*
+
+- {% trans %}Docker: Fix graphs not displaying{% endtrans %}
+- {% trans %}i2psnark: Fix torrents with '#' in the name{% endtrans %}
+- {% trans %}i2psnark standalone: Fix running from outside directory{% endtrans %}
+- {% trans %}i2psnark standalone: Remove "Start I2P" menu item from systray{% endtrans %}
+- {% trans %}i2ptunnel: Fix typo in HTTPS outproxy hostname{% endtrans %}
+- {% trans %}i2ptunnel: Interrupt tunnel build if stop button clicked{% endtrans %}
+- {% trans %}i2ptunnel: Return error message to IRC, HTTP, and SOCKS clients on failure to build tunnels{% endtrans %}
+- {% trans %}NTCP2: Ensure an IPv6 address is published when firewalled and IPv4 is not{% endtrans %}
+- {% trans %}Ratchet: Don't bundle wrong leaseset with ack{% endtrans %}
+- {% trans %}Router: Fixes for symmetric NAT errors on 'full cone' NAT{% endtrans %}
+- {% trans %}SAM: Interrupt tunnel build if client times out{% endtrans %}
+- {% trans %}SSU2: Fix rare peer test NPE{% endtrans %}
+- {% trans %}Sybil: Don't blame i2pd publishing ::1{% endtrans %}
+- {% trans %}Sybil: Memory usage and priority reduction{% endtrans %}
+- {% trans %}Transports: More IP checks{% endtrans %}
+
+
+*Other*
+
+- {% trans %}Blocklist efficiency improvements{% endtrans %}
+- {% trans %}Bundles: Identify Win and Mac bundles in version info{% endtrans %}
+- {% trans %}Console: Identify service installs, revision, and build time in version info{% endtrans %}
+- {% trans %}Console: NetDB search form and tunnels page improvements (advanced only){% endtrans %}
+- {% trans %}Router: Reduce stats memory usage{% endtrans %}
+- {% trans %}Tunnels: Reduce "grace period"{% endtrans %}
+- {% trans %}Translation updates{% endtrans %}
+
+
+
+Full list of fixed bugs: http://git.idk.i2p/i2p-hackers/i2p.i2p/-/issues?scope=all&state=closed&milestone_title=2.2.0

i2p2www/blog/README

@@ -24,24 +24,106 @@ index page). The following metadata is used:
 - **excerpt**: Summary of the post (generally the same as the first line for
   translation purposes). Required, it is displayed on the blog index.
 
+Please use the following standard categories:
+
+- android
+- beta
+- community
+- conferences
+- development
+- general
+- news
+- release
+- security
+
+
 How to use the blog
 -------------------
 
 1. Create a directory path matching the date of the blog post, e.g.
-   'mkdir -p 2014/01/01'
+   'mkdir -p 2014/01/01'. Day and month directories MUST be two digits!
 2. Create a file in that directory with suffix '.rst'. The name of the file and
    the directory path will together be the URL that the post will be visible at
-   e.g. '2014/01/01/Happy-New-Year.rst' -> '/lang/blog/post/2014/01/01/Happy-New-Year'
+   e.g. '2014/01/01/Happy-New-Year.rst' -> '/lang/blog/post/2014/01/01/Happy-New-Year'.
+   Use - for spaces in the file name.
 3. Write the blog post in reStructuredText format, taking note of the custom
    format notes above.
 
+Translations
+-------------
+
+Write your post so it may be easily translated.
+Inside {% trans -%}...{%- endtrans %} blocks, put line breaks after long sentences
+or phrases. Do not put line breaks at random places.
+
+
+Links
+-------------
+
+The goal is to keep as much formatting out of the tagged string as possible,
+so that the translators are less likely to inadvertently break the formatting,
+and we can change the link later without breaking translations.
+This also allows us to use macros for converting to .i2p links.
+
+External links:
+
+For full untranslated link text:
+
+`QUIC <https://www.rfc-editor.org/rfc/rfc9000.html>`_
+
+For full translated link text:
+
+`{% trans %}I2P Mac OS Easy Install bundles{% endtrans %}`__
+
+__ https://geti2p.net/en/download/mac
+
+or:
+
+`{% trans %}I2P Mac OS Easy Install bundles{% endtrans %} <https://geti2p.net/en/download/mac>`_
+
+
+For partial translated link text:
+
+{% trans link1="https://...", link2="..." -%}
+Blah blah `link text <{{ link1 }}>`_ more text.
+<%- endtrans %>
+
+Internal links:
+
+As above but use, e.g.
+   `NTCP2 <{{spec_url("ntcp2")}}>`_
+   `SSU2 <{{proposal_url("159")}}>`_
+   This does not work: {% trans link1="{{spec_url('i2np')}}" -%}
+
+
+Multiple links to the same thing:
+
+{% trans -%}
+Blah blah RFC-9001_
+and RFC-9001_ again.
+<%- endtrans %>
+
+.. _RFC-9001: https://www.rfc-editor.org/rfc/rfc9001.html
+
+
+RST guide: https://docutils.sourceforge.io/docs/user/rst/quickref.html#hyperlink-targets
+
+
+
 Writing draft posts
 -------------------
 
 To write a draft post, create the file with the suffix '.draft.rst'. Post files
 with this suffix will be visible at their post URL, but will not be shown in
 the blog index. To publish the draft post, change the filename to remove the
-'.draft' in the suffix (e.g. mtn mv foo.draft.rst foo.rst).
+'.draft' in the suffix (e.g. git mv foo.draft.rst foo.rst).
+
+Review your formatting before checking in with the linux tool rst2html.
+This will not process translation blocks, of course.
+
+After checking in the draft, navigate to it in your browser and verify
+the formatting is correct, including translation blocks.
+
 
 Creating shortlinks
 -------------------

i2p2www/blog/helpers.py

@@ -30,13 +30,13 @@ def get_blog_feed_items(num=0, category=None):
     for post in posts:
         meta = post[1]
         parts = post[2]
-        a = {}
-        a['title'] = meta['title']
-        a['content'] = meta['excerpt'] if len(meta['excerpt']) > 0 else parts['fragment']
-        a['author'] = meta['author']
-        a['url'] = url_for('blog_post', lang=g.lang, slug=post[0])
-        a['updated'] = datetime.datetime.strptime(meta['date'], '%Y-%m-%d')
-        items.append(a)
+        items.append({
+            'title': meta['title'],
+            'content': meta['excerpt'] if len(meta['excerpt']) > 0 else parts['fragment'],
+            'author': meta['author'],
+            'url': url_for('blog_post', lang=g.lang, slug=post[0]),
+            'updated': datetime.datetime.strptime(meta['date'], '%Y-%m-%d')
+            })
     return items
 
 def get_blog_posts(num=0, return_parts=False, category=None):
@@ -67,7 +67,8 @@ def get_blog_slugs(num=0):
     # walk over all directories/files
     for v in os.walk(BLOG_DIR):
         # iterate over all files
-        slugbase = os.path.relpath(v[0], BLOG_DIR)
+        slugbase = slug_base_datevalidate(os.path.relpath(v[0], BLOG_DIR))
+        
         for f in v[2]:
             # ignore all non-.rst files and drafts
             if not f.endswith('.rst') or f.endswith('.draft.rst'):
@@ -79,7 +80,38 @@ def get_blog_slugs(num=0):
         return slugs[:num]
     return slugs
 
+def _slug_base(slugbase, func):
+    parts = slugbase.split('/')
+    slugParts = []
+    for p in parts:
+        slugParts.append(func(p))
+    return "/".join(slugParts)
+
+# reads a date and if it finds a one-digit representation of a day or month,
+# lengthens it to two
+def slug_base_datevalidate(slugbase):
+    return _slug_base(slugbase, datevalidate)
+
+# turns a one-digit date unit into a two-digit date unit
+def datevalidate(slugfrag):
+    slug = str(slugfrag)
+    if len(slug) == 1:
+        slug = "0" + slug
+    return slug
+
+# turns a two-digit date unit into a one-digit date unit
+def dedatevalidate(slugfrag):
+    slug = str(slugfrag)
+    if len(slug) == 2:
+        return slug.lstrip("0")
+    return slug
+
+# reverses slug_base_datevalidate
+def slug_base_dedatevalidate(slugbase):
+    return _slug_base(slugbase, dedatevalidate)
+
 def get_date_from_slug(slug):
+    slug = slug_base_datevalidate(slug)
     parts = slug.split('/')
     return "%s-%s-%s" % (parts[0], parts[1], parts[2])
 
@@ -96,7 +128,12 @@ def render_blog_post(slug):
         # check for drafts
         path = safe_join(BLOG_DIR, slug + ".draft.rst")
         if not os.path.exists(path):
-            abort(404)
+            slug = slug_base_dedatevalidate(slug)
+            path = safe_join(BLOG_DIR, slug+".rst")
+            if not os.path.exists(path):
+                path = safe_join(BLOG_DIR, slug + ".draft.rst")
+                if not os.path.exists(path):
+                    abort(404)
 
     # read file
     with codecs.open(path, encoding='utf-8') as fd:

i2p2www/browser.py

@@ -1,6 +1,8 @@
 from flask import redirect, render_template, request
 from i2p2www import CURRENT_I2P_VERSION, MIRRORS_FILE
 
+temp = lambda a: 'site/browser/' + a + '.html'
+
 def browser_frontpage():
   useragent = request.headers.get('User-Agent')
   osname = "unknown"
@@ -10,41 +12,39 @@ def browser_frontpage():
     osname = "windows"
   elif 'Linux' in useragent:
     osname = "linux"
-  return render_template('site/browser/_front.html', user_agent=useragent, detected_os=osname)
+  return render_template(temp('_front'), user_agent=useragent, detected_os=osname)
 
+deftemp = lambda a: render_template(temp(a))
 def browser_intro():
-  return render_template('site/browser/intro.html')
+  return deftemp('intro')
 
 def browser_download():
-  return render_template('site/browser/download.html')
+  return deftemp('download')
 
 def browser_releasenotes():
-  return render_template('site/browser/releasenotes.html')
+  return deftemp('releasenotes')
 
 def browser_roadmap():
-  return render_template('site/browser/roadmap.html')
+  return deftemp('roadmap')
 
 #def browser_known_issues():
-#  return render_template('site/browser/known_issues.html')
+#  return deftemp('known_issues')
 
 #def browser_troubleshooting():
-#  return render_template('site/browser/troubleshooting.html')
+#  return deftemp('troubleshooting')
 
 #def browser_updating():
-#  return render_template('site/browser/updating.html')
+#  return deftemp('updating')
 
 def browser_develop():
-  return render_template('site/browser/develop.html')
+  return deftemp('develop')
 
 def browser_donate():
-  return render_template('site/browser/donate.html')
+  return deftemp('donate')
 
 
 def browser_faq():
-  if request.headers.get('X-I2P-Desthash') and not request.headers.get('X-Forwarded-Server'):
-    show_i2p_links = True
-  else:
-    show_i2p_links = False
-  return render_template('site/browser/faq.html', is_i2p_internal=show_i2p_links)
+  show_i2p_links = request.headers.get('X-I2P-Desthash') and not request.headers.get('X-Forwarded-Server')
+  return render_template(temp('faq'), is_i2p_internal=show_i2p_links)
 
 

i2p2www/downloads.py

@@ -8,9 +8,29 @@ from random import randint
 from i2p2www import CURRENT_I2P_VERSION, MIRRORS_FILE
 
 DEFAULT_MIRROR = {
+    "net": "clearnet", 
+    "protocol": "https", 
+    "domain": "files.i2p-projekt.de", 
+    "path": "/%(version)s/%(file)s", 
+    "org": "i2p-projekt", 
+    "org_url": "https://files.i2p-projekt.de", 
+    "country": "de",
+}
+
+#DEFAULT_MIRROR = {
+#    "net": "clearnet",
+#    "protocol": "https",
+#    "domain": "download.i2p2.no",
+#    "path": "/releases/%(version)s/%(file)s",
+#    "org": "sigterm.no",
+#    "org_url": "https://download.i2p2.no", 
+#    "country": "no",
+#}
+
+DEFAULT_MIRROR= {
     'net': 'clearnet',
     'protocol': 'https',
-    'domain':   'download.i2p2.de',
+    'domain':   'download.i2p2.no',
     'org':      'sigterm.no',
     'country':  'no',
 }
@@ -18,8 +38,8 @@ DEFAULT_MIRROR = {
 DEFAULT_I2P_MIRROR = {
     'net': 'i2p',
     'protocol': 'http',
-    'domain':   'whnxvjwjhzsske5yevyokhskllvtisv5ueokw6yvh6t7zqrpra2q.b32.i2p',
-    'org':      'sigterm.no',
+    'domain':   'mgp6yzdxeoqds3wucnbhfrdgpjjyqbiqjdwcfezpul3or7bzm4ga.b32.i2p',
+    'org':      'eyedeekay.github.io',
     'country':  'i2p',
 }
 
@@ -29,10 +49,8 @@ DEFAULT_I2P_MIRROR = {
 
 # Read in mirrors from file
 def read_mirrors():
-    file = open(MIRRORS_FILE, 'r')
-    dat = file.read()
-    file.close()
-    lines=dat.split('\n')
+    with open(MIRRORS_FILE, 'r') as file:
+        lines = file.read().split('\n')
     ret={}
     for line in lines:
         try:
@@ -53,53 +71,71 @@ def read_mirrors():
         ret[net][protocol][domain]=obj
     return ret
 
-# List of downloads
-def downloads_list():
+def get_mirror(request):
     # TODO: read mirror list or list of available files
     if request.headers.get('X-I2P-Desthash') and not request.headers.get('X-Forwarded-Server'):
-        def_mirror = DEFAULT_I2P_MIRROR
+        return DEFAULT_I2P_MIRROR
     else:
-        def_mirror = DEFAULT_MIRROR
-    return render_template('downloads/list.html', def_mirror=def_mirror)
+        return DEFAULT_MIRROR
+
+deflist = lambda a: render_template('downloads/' + a + '.html')
+deflist2 = lambda a: render_template('downloads/' + a + '.html', def_mirror=get_mirror(request))
+
+# List of downloads
+def downloads_list():
+    return deflist2('list')
 
 # Debian-specific page
 def downloads_debian():
-    return render_template('downloads/debian.html')
+    return deflist('debian')
 
 # Windows-specific page
 def downloads_windows():
-    return render_template('downloads/windows.html')
+    return deflist('windows')
+
+# MacOS-specific page
+def downloads_macos():
+    return deflist('macos')
+
+# AIO-Windows-specific page
+def downloads_easyinstall():
+    return deflist2('easyinstall')
+
+# Docker-specific page
+def downloads_docker():
+    return deflist('docker')
 
 # Firefox-specific page
 def downloads_firefox():
-    # TODO: read mirror list or list of available files
-    if request.headers.get('X-I2P-Desthash') and not request.headers.get('X-Forwarded-Server'):
-        def_mirror = DEFAULT_I2P_MIRROR
-    else:
-        def_mirror = DEFAULT_MIRROR
-    return render_template('downloads/firefox.html', def_mirror=def_mirror)
+    return deflist2('firefox')
 
 # The Lab
 def downloads_lab():
-    return render_template('downloads/lab.html')
+    return deflist2('lab')
+
+# Mac DMG page
+def downloads_mac():
+    return deflist2('mac')
 
 def downloads_config():
-    return render_template('downloads/config.html')
+    return deflist('config')
 
 # Specific file downloader
 def downloads_select(version, file):
     mirrors=read_mirrors()
     obj=[]
     for net in mirrors.keys():
-        a={}
-        a['key']=net
-        a['name']=net
-        a['protocols']=[]
+        a = {
+            'key': net,
+            'name': net,
+            'protocols': []
+        }
         for protocol in mirrors[net].keys():
-            b={}
-            b['key']=protocol
-            b['name']=protocol
-            b['domains']=mirrors[net][protocol]
+            b = {
+                'key': protocol,
+                'name': protocol,
+                'domains': mirrors[net][protocol]
+            }
             a['protocols'].append(b)
         obj.append(a)
     return render_template('downloads/select.html', mirrors=obj, version=version, file=file)

i2p2www/extensions.py

@@ -113,9 +113,7 @@ class HighlightExtension(Extension):
                     lang = g.lang
                 parameters['tagurlformat'] = '/spec/%(path)s%(fname)s'
 
-        if formatter == 'textspec':
-            formatter = TextSpecFormatter(**parameters)
-        else:
-            formatter = I2PHtmlFormatter(**parameters)
+        func = TextSpecFormatter if formatter == 'textspec' else I2PHtmlFormatter
+        formatter = func(**parameters)
         code = highlight(Markup(body).unescape(), lexer, formatter)
         return code

i2p2www/formatters.py

@@ -376,17 +376,19 @@ class I2PHtmlFormatter(Formatter):
 
     def __init__(self, **options):
         Formatter.__init__(self, **options)
+        dec = lambda t, d='': self._decodeifneeded(options.get(t, d))
+        getbool = lambda key, d=False: get_bool_opt(options, key, d)
         self.title = self._decodeifneeded(self.title)
-        self.nowrap = get_bool_opt(options, 'nowrap', False)
-        self.noclasses = get_bool_opt(options, 'noclasses', False)
+        self.nowrap = getbool('nowrap')
+        self.noclasses = getbool('noclasses')
         self.classprefix = options.get('classprefix', '')
-        self.cssclass = self._decodeifneeded(options.get('cssclass', 'highlight'))
-        self.cssstyles = self._decodeifneeded(options.get('cssstyles', ''))
-        self.prestyles = self._decodeifneeded(options.get('prestyles', ''))
-        self.cssfile = self._decodeifneeded(options.get('cssfile', ''))
-        self.noclobber_cssfile = get_bool_opt(options, 'noclobber_cssfile', False)
-        self.tagsfile = self._decodeifneeded(options.get('tagsfile', ''))
-        self.tagurlformat = self._decodeifneeded(options.get('tagurlformat', ''))
+        self.cssclass = dec('cssclass', 'highlight')
+        self.cssstyles = dec('cssstyles')
+        self.prestyles = dec('prestyles')
+        self.cssfile = dec('cssfile')
+        self.noclobber_cssfile = getbool('noclobber_cssfile')
+        self.tagsfile = dec('tagsfile')
+        self.tagurlformat = dec('tagurlformat')
 
         if self.tagsfile:
             if not ctags:
@@ -405,7 +407,7 @@ class I2PHtmlFormatter(Formatter):
         self.linenostart = abs(get_int_opt(options, 'linenostart', 1))
         self.linenostep = abs(get_int_opt(options, 'linenostep', 1))
         self.linenospecial = abs(get_int_opt(options, 'linenospecial', 0))
-        self.nobackground = get_bool_opt(options, 'nobackground', False)
+        self.nobackground = getbool('nobackground')
         self.lineseparator = options.get('lineseparator', '\n')
         self.lineanchors = options.get('lineanchors', '')
         self.linespans = options.get('linespans', '')
@@ -841,8 +843,9 @@ class TextSpecFormatter(Formatter):
 
     def __init__(self, **options):
         Formatter.__init__(self, **options)
-        self.tagsfile = self._decodeifneeded(options.get('tagsfile', ''))
-        self.tagurlformat = self._decodeifneeded(options.get('tagurlformat', ''))
+        dec = lambda t, d='': self._decodeifneeded(options.get(t, d))
+        self.tagsfile = dec('tagsfile', '')
+        self.tagurlformat = dec('tagurlformat', '')
 
         if self.tagsfile:
             if not ctags:
@@ -878,17 +881,14 @@ class TextSpecFormatter(Formatter):
                                                'fext': extension}
                     refs[value] = '\n[%s]: %s#%s-%s' % (value, url, kinds[kind], value.lower())
                     value = '[%s]' % value
-
             if enc:
-                outfile.write(value.encode(enc))
-            else:
-                outfile.write(value)
+                value = value.encode(enc)
+            outfile.write(value)
 
         for ref in refs.values():
             if enc:
-                outfile.write(ref.encode(enc))
-            else:
-                outfile.write(ref)
+                ref = ref.encode(enc)
+            outfile.write(ref)
 
     def _lookup_ctag(self, token):
         entry = ctags.TagEntry()

i2p2www/legacy.py

@@ -19,6 +19,11 @@ LEGACY_FUNCTIONS_MAP={
     'debian':        {'function': 'downloads_debian', 'params': {}},
     'firefox':        {'function': 'downloads_firefox', 'params': {}},
     'lab':           {'function': 'downloads_lab',    'params': {}},
+    'mac':           {'function': 'downloads_mac',    'params': {}},
+    'easyinstall':           {'function': 'downloads_easyinstall',    'params': {}},
+    'nsis':           {'function': 'downloads_easyinstall',    'params': {}},
+    'windows':           {'function': 'downloads_windows',    'params': {}},
+    'macos':           {'function': 'downloads_macos',    'params': {}},
     'download':      {'function': 'downloads_list',   'params': {}},
     'installation':  {'function': 'downloads_list',   'params': {}},
     'meetings':      {'function': 'meetings_index',   'params': {}},
@@ -201,16 +206,20 @@ def legacy_show(f):
         lang = g.lang
     if lang == 'zh':
         lang = 'zh_CN'
-    if f in SHORTLINKS:
-        return redirect(url_for(SHORTLINKS[f]['function'], lang=lang, **SHORTLINKS[f]['params']), 301)
-    elif f in LEGACY_FUNCTIONS_MAP:
-        return redirect(url_for(LEGACY_FUNCTIONS_MAP[f]['function'], lang=lang, **LEGACY_FUNCTIONS_MAP[f]['params']), 301)
-    elif f in LEGACY_PAGES_MAP:
-        return redirect(url_for('site_show', lang=lang, page=LEGACY_PAGES_MAP[f]), 301)
-    elif f in LEGACY_BLOG_POSTS_MAP:
+    mapit = True
+    if f in LEGACY_BLOG_POSTS_MAP:
         return legacy_blog(lang, LEGACY_BLOG_POSTS_MAP[f]['date'], LEGACY_BLOG_POSTS_MAP[f]['title'])
+    elif f in SHORTLINKS:
+        a = SHORTLINKS[f]
+    elif f in LEGACY_FUNCTIONS_MAP:
+        a = LEGACY_FUNCTIONS_MAP[f]
     else:
-        return redirect(url_for('site_show', lang=lang, page=f), 301)
+        a = 'site_show'
+        b = LEGACY_PAGES_MAP[f] if f in LEGACY_PAGES_MAP else f
+        mapit = False
+    if mapit:
+        return redirect(url_for(a['function'], lang=lang, **a['params']), 301)
+    return redirect(url_for(a, lang=lang, page=b), 301)
 
 def legacy_meeting(id):
     return redirect(url_for('meetings_show', id=id, lang='en'), 301)

i2p2www/meetings/helpers.py

@@ -15,12 +15,12 @@ def get_meetings_feed_items(num=0):
     meetings = get_meetings(num)
     items = []
     for meeting in meetings:
-        a = {}
-        a['title'] = meeting['parts']['title']
-        a['content'] = meeting['parts']['fragment']
-        a['url'] = url_for('meetings_show', lang=g.lang, id=meeting['id'])
-        a['updated'] = (meeting['date'] if meeting['date'] else datetime.datetime(0))
-        items.append(a)
+        items.append({
+            'title': meeting['parts']['title'],
+            'content': meeting['parts']['fragment'],
+            'url': url_for('meetings_show', lang=g.lang, id=meeting['id']),
+            'updated': (meeting['date'] if meeting['date'] else datetime.datetime(0))
+            })
     return items
 
 def get_meetings(num=0):
@@ -36,11 +36,11 @@ def get_meetings(num=0):
                     date = datetime.datetime.strptime(parts['title'], 'I2P dev meeting, %B %d, %Y')
                 except ValueError:
                     date = None
-            a = {}
-            a['id'] = id
-            a['date'] = date
-            a['parts'] = parts
-            meetings.append(a)
+            meetings.append({
+                'id': id,
+                'date': date,
+                'parts': parts
+                })
     return meetings
 
 def get_meetings_ids(num=0):
@@ -54,6 +54,7 @@ def get_meetings_ids(num=0):
         # iterate over all files
         for f in v[2]:
             # ignore all non-.rst files
+            print("Meeting file found", f)
             if not f.endswith('.rst'):
                 continue
             try:

i2p2www/meetings/logs/297.log

@@ -0,0 +1,158 @@
+(08:01:02 PM) eyedeekay: Hi everyone and welcome to the March 2 Meeting, please let me know if you're here
+(08:01:27 PM) eyedeekay: zzz zlatinb eche|on eche|off
+(08:01:42 PM) eyedeekay: Agenda
+(08:01:42 PM) eyedeekay: 1) Hi 
+(08:01:42 PM) eyedeekay: 2) 0.9.49 remaining items 
+(08:01:42 PM) eyedeekay: 3) Mac Launcher Status 
+(08:01:42 PM) eyedeekay: 5) 0.9.50 release 
+(08:01:42 PM) eyedeekay: 6) Trac migration summary
+(08:01:46 PM) Irc2PGuest1578 [kilian@xvbemdlawzj2qlt3cgjgaclevziobxvwmipcvecbla4xqkmwjd2q.b32.i2p] entered the room.
+(08:01:46 PM) zzz: hi
+(08:01:55 PM) zlatinb: hi
+(08:01:55 PM) eyedeekay: 4) 1.0.0 vs 0.9.50
+(08:03:04 PM) eyedeekay: hi zzz, hi zlatinb, timeout 30s anyone else?
+(08:03:39 PM) eyedeekay: Thanks everyone, starting right in with 2) 0.9.49 remaining items
+(08:03:51 PM) eyedeekay: The only one I know of is the .dmg version of the Mac installer
+(08:04:20 PM) zzz: the others are official debian and ubuntu
+(08:04:45 PM) zzz: I'll explain a little more
+(08:04:50 PM) eyedeekay: Ok thanks.
+(08:05:06 PM) zzz: unfortunately, debian bullseye just hit a freeze
+(08:05:29 PM) zzz: our debian maintainer either wasn't aware of the schedule or didn't advise us to hurry
+(08:05:51 PM) zzz: so while we did pull in the schedule to for ubuntu hirsute 21.04, the debian deadline was earlier
+(08:06:09 PM) zzz: since ubuntu pulls from debian, ubuntu didn't get it either
+(08:06:45 PM) zzz: this is a once every two year thing, but still, would have been nice to know
+(08:06:54 PM) zzz: as it was, we hurried up about ubuntu, all for nothing
+(08:07:25 PM) zzz: so, at some point, debian will unfreeze, and 49 should show up in sid. but bullseye is 48
+(08:07:27 PM) zzz: eot
+(08:07:59 PM) eyedeekay: Thanks zzz. So for the time being the recommendation for Debian users to get an up-to-date router should be via our repository
+(08:08:17 PM) zzz: yup. ditto ubuntu.
+(08:08:32 PM) zzz: oh, if I may, a brief report on the network:
+(08:08:41 PM) eyedeekay: Sure go ahead
+(08:08:48 PM) zzz: 52% updated to 49; 6% rekeyed to ECIES. All looks good so far
+(08:09:03 PM) zzz: very few bugs found or reported
+(08:09:05 PM) zzz: eot
+(08:09:21 PM) eyedeekay: Excellent to hear, thanks for the report
+(08:09:49 PM) eyedeekay: And I guess I can work on figuring out what mailing list we need to be subscribed to to get word earlier on when Debian will freeze
+(08:10:02 PM) eyedeekay: 3) Mac Launcher Status
+(08:10:14 PM) eyedeekay: This is the DMG based installer, not the .jar
+(08:10:54 PM) eyedeekay: I dropped the ball on this one, by failing to notify people that the previous maintainer was no longer building the installer
+(08:11:15 PM) eyedeekay: As a result I removed the Mac installer from the site
+(08:11:39 PM) zzz: iirc the last one built was .45 a year ago, and it probably was a broken link for most of last year
+(08:11:41 PM) eyedeekay: I have since aquired a Mac with the intent to take up maintenance of the product
+(08:12:00 PM) eyedeekay: zzz you are correct
+(08:12:04 PM) zlatinb: there is a problem with the dmg installer - at least on my mac I can't get the router to stop.  Some daemon keeps restarting it
+(08:12:09 PM) zzz: so it was actually a longstanding issue. you were correct to remove it, thanks for that
+(08:13:16 PM) zlatinb: so if other mac users are in the same situation we should come up with some sort of guide for cleaning up
+(08:13:28 PM) zzz: have you figured out if there's some auto-update or notification built in? and if so is that broken also? or is it just the news entry in the console?
+(08:13:57 PM) zlatinb: auto-update does work, strangely enough
+(08:13:57 PM) eyedeekay: It can't auto-update, at least not successfully
+(08:14:04 PM) eyedeekay: Oh well that's weird
+(08:14:09 PM) zlatinb: I just can't kill it and make sure it stays dead
+(08:14:28 PM) eyedeekay: Well sounds like some of the behavior is pretty erratic
+(08:14:56 PM) zzz: eyedeekay, last we discussed it, there was some debate as to the value of this installer product to our users, compared to the effort required to maintain it
+(08:15:15 PM) zzz: how do we nvestigate and evaluate those two factors?
+(08:15:58 PM) zzz: and zlatinb do you have any thoughts on the value of a "mac way" installer today?
+(08:16:36 PM) zlatinb: I still think a Mac way and Win way installers are far superior than the izpack monstrocity
+(08:16:37 PM) eyedeekay: I think zlatinb and I will need to compare notes, I'm seeing different behavior than he is and if I don't know why continuing to build and support it becomes much more intimidating
+(08:17:16 PM) zlatinb: but I think we need to re-evaluate the complexity in light of jpackage coming out with Java 14+
+(08:18:02 PM) zlatinb: either way, a  Mac-way installer would/should be lower priority than Win-way installer
+(08:18:05 PM) zzz: I'm not a mac person, but "far superior" was the consensus at the time we started development of the installer
+(08:18:43 PM) zzz: if the consensus is different now, I'd like to understand why
+(08:19:24 PM) zlatinb: to my knowledge it's still the same consensus, just the ecosystem has changed (i.e. jpackage exists)
+(08:20:26 PM) eyedeekay: IIRC my experience with Mac at the time was basically nil and my favor for the idea was based on the idea that working with familiar packaging systems makes our packages easier to trust
+(08:20:39 PM) eyedeekay: jpackage does the runtime image/eliminate the need to install Java thing right? the dmg to my knowledge didn't do that?
+(08:20:51 PM) zzz: right
+(08:21:18 PM) zlatinb: right
+(08:21:30 PM) zlatinb: jpackage builds dmgs supposedly, I haven't tried it
+(08:21:38 PM) zzz: so jpackage would be some 100MB thing. since it's only for one OS, it's feasible to do it for mac. 
+(08:21:47 PM) zzz: yeah dmgs would have to be tested for sure
+(08:22:14 PM) zlatinb: it builds windows installers too, I haven't used that functionality though
+(08:22:26 PM) zlatinb: and rpms and debs but I'm pretty sure we don't want those
+(08:22:52 PM) zzz: one of our failings as a project is that the dmg was always labeled 'experimental' on our d/l page. We never paid it enough attention to remove the label or even notice that nobody was building it
+(08:22:57 PM) Irc2PGuest1578 left the room (quit: Read error).
+(08:24:06 PM) zzz: as with all our other official products, if we're going to support it we need enough resources for a competent maintainer
+(08:25:15 PM) zzz: at this point I propose that we continue the evaluation of both user demand and effort required, both for existing dmg and jpackage.
+(08:25:29 PM) zzz: interim report in one month, final decision in two months, in time for .50
+(08:25:52 PM) zlatinb: any thoughts how to go about that?  survey? 
+(08:26:32 PM) eyedeekay: I could set up a Reddit survey after the meeting
+(08:26:42 PM) zzz: forum posts
+(08:27:11 PM) eyedeekay: Works for me, I'll add it to next month's meeting agenda
+(08:28:06 PM) eyedeekay: Anything else on 3)?
+(08:28:32 PM) eyedeekay: 4) 1.0.0 vs 0.9.50
+(08:29:02 PM) zzz: this was my item
+(08:29:10 PM) eyedeekay: Take it away zzz
+(08:29:28 PM) zzz: I don't feel strongly either way, but I think we should go to 1.0.0 in the next year or so
+(08:29:49 PM) zzz: as we don't have a separate stable branch, 1.0.0 is not a particular guarantee of stability
+(08:30:23 PM) Irc2PGuest1578 [kilian@xvbemdlawzj2qlt3cgjgaclevziobxvwmipcvecbla4xqkmwjd2q.b32.i2p] entered the room.
+(08:30:27 PM) zzz: so my question is what people think, and can the PR team accomplish messaging on what 1.0.0 is or isn't, on some timeline?
+(08:30:29 PM) zzz: eot
+(08:31:14 PM) zlatinb: so I have two points regarding 1.0.0:
+(08:31:41 PM) zlatinb: 1) RED needs tuning and I will die on that hill if I must.  Tunning it properly may require more than one release
+(08:32:19 PM) zlatinb: 2) Back to the installers issue - if we can build much smoother installers for the major platforms, a 1.0.0. release will have much greater impact
+(08:32:20 PM) zlatinb: eot
+(08:33:40 PM) eyedeekay: I think we can devise and accomplish messaging and PR for 1.0.0, if 1.0.0 coincides with migration of cryptography away from Elgamal, and I agree with zab on 2)
+(08:34:30 PM) zzz: we can always pick some headline feature to brag about, any release. It's fairly arbitrary. We could pick any release this year and claim it's when we're ditching elgamal. It's happening already
+(08:35:44 PM) zzz: as I'm not hearing any strong consensus, I propose that the next release is 0.9.50, and we discuss it again after that release, in 3 months
+(08:35:51 PM) eyedeekay: Then 2) remains pretty important to me, installers are a pain point as strange as that seems
+(08:36:15 PM) eyedeekay: I agree that the next one should be 0.9.50
+(08:36:27 PM) anonymousmaybe left the room (quit: Read error).
+(08:36:31 PM) T3s|4 left the room (quit: Read error).
+(08:37:36 PM) eyedeekay: Anything else on 4)?
+(08:38:16 PM) T3s|4 [~T3s4@573a4z46ixhpfeuej2hggtzg2wvsllq6nurtha5dzpd7l42awaeq.b32.i2p] entered the room.
+(08:38:16 PM) mode (+v T3s|4) by ChanServ
+(08:38:18 PM) eyedeekay: 5) 0.9.50 release
+(08:38:42 PM) anonymousmaybe [anonymousm@zvezcslfl5ndd6ciniqp2ei3cm6kvcovceeu3nzheqe7rqcj3rra.b32.i2p] entered the room.
+(08:38:42 PM) mode (+v anonymousmaybe) by ChanServ
+(08:39:19 PM) zzz: I'll let you go first, then I'll list what I've been up to
+(08:41:28 PM) eyedeekay: It's been about 2 weeks since the 0.9.49 release, in that time I've been working on style bugs, moving the configuration of X-I2P-Location into the application instead of requiring a reverse proxy or specific configuration, and have been working on finding ways to improve gitlab
+(08:42:17 PM) eyedeekay: In particular a way to migrate trac tickets to gitlab en-masse and a way to create tickets anonymously are on my gitlab list
+(08:43:06 PM) eyedeekay: Those are actually largely accomplished and part of the next agenda item, so I won't waste time on that now
+(08:43:56 PM) eyedeekay: EOT
+(08:44:06 PM) zzz: super
+(08:44:26 PM) zzz: I fixed NTP for the year 2036 issue
+(08:44:33 PM) zzz: implemented UPnP for IPv6
+(08:44:45 PM) zzz: reduced memory usage by the profiles
+(08:44:55 PM) zzz: added support for IPv6 introducers
+(08:45:17 PM) zzz: added "4/6" caps support for better tracking of who can connect to who
+(08:45:39 PM) zzz: did some work on smaller tunnel build messages (prop. 157), although that work is going a lot slower than the #ls2 team would like
+(08:46:26 PM) zzz: and I reported a major SSU bug to i2pd. they've fixed it. I'm hopeful they will cut a release for it this month, as I think it's really affecting network performance for some subset of connections
+(08:46:35 PM) zzz: eot
+(08:46:44 PM) eyedeekay: Thanks zzz
+(08:47:25 PM) zlatinb: I would like to do some experiments wrt tuning RED in the testnet.  Current theory is that it's way too aggressive and slows down single-stream connections to an unnecessary degree.  Will report as usual.  EOT
+(08:47:36 PM) eyedeekay: Thanks zlatinb
+(08:48:17 PM) eyedeekay: 6) Trac migration summary
+(08:48:17 PM) zzz: re: roadmap. I updated it today on the website to reflect what was in .49 and moved other stuff to .50. eyedeekay please do the same for the items you know about
+(08:48:32 PM) eyedeekay: Ack zzz, will do that this evening
+(08:51:18 PM) wodencafe left the room (quit: Read error).
+(08:51:37 PM) wodencafe [wodencafe@4qx5zjj3rypztq5h4kc2clviwid5cir7cm6iqrqa2l2npvlgt7ta.b32.i2p] entered the room.
+(08:51:51 PM) eyedeekay: Re: trac I am in a rock and a hard place here. I'm admin on trac and not the box that trac runs on. I can't do anything to update it or make it better on my own, all I can do is chase time-consuming issues.
+(08:51:51 PM) eyedeekay: I really want to get rid of it, but we obviously can't blow away all those tickets or the rest of the information here.
+(08:51:51 PM) eyedeekay: I'm proposing that we migrate trac tickets to gitlab tickets and encourage the use of gitlab for issue-tracking purposes
+(08:52:51 PM) eyedeekay: Trac tickets don't map 1:1 onto gitlab tickets, tickets for I2P applications will need to be added to the i2p.i2p issue tracker and tagged on gitlab with the corresponding application
+(08:54:04 PM) eyedeekay: I've finally figured out how to do it using some of the corresponding material from Tor
+(08:54:37 PM) zzz: that's probably the right answer, but we should probably do a quick evaluation of the alternatives, for example just copying over everything to trac on a box we control
+(08:54:51 PM) zzz: and again, an estimate of the one-time and ongoing resources required
+(08:55:18 PM) zzz: we were going to have a meeting a couple months ago on it, so perhaps now it's time
+(08:55:54 PM) lithium left the room (quit: Quit: leaving).
+(08:56:02 PM) eyedeekay: Instinctively, running 2 services(Trac and Gitlab) will probably be higher effort over time, but maybe less effort initially
+(08:56:05 PM) zzz: i just want to be clear on what we're trying to accomplish
+(08:56:05 PM) lithium [lithium@f25fchfdvktukmhg2rkz5es4mlrroyywcou27bpr4mxzfuf3jgya.b32.i2p] entered the room.
+(08:56:38 PM) zzz: a full migration to gitlab is an enormous fix for the problem of somebody not responding to emails
+(08:56:50 PM) zzz: so the question is what else do we get for it
+(08:57:58 PM) zlatinb: tight integration with git, MRs, code review, all that
+(08:58:02 PM) zzz: and we need a short list of our requirements, esp. for registration and anti-spam
+(09:00:01 PM) zzz: I also think we should take lessons from the git migration last year, and have clear milestones and schedule and status
+(09:00:36 PM) eyedeekay: Registration has become a difficult point. I estimate roughly 1/3 of registrations are spam, but it's so difficult to tell the difference because I do not ask for very much information from git users
+(09:01:37 PM) eyedeekay: Tor's solution re: anonymous registration is neat, and potentially very useful, but the more I look at it the more I think it may be overkill for us
+(09:02:35 PM) zzz: I propose that we find out who wants to be in a meeting about this, and then we'll schedule the meeting later
+(09:03:29 PM) eyedeekay: I can work with that. I'll start a new forum thread for the Trac Migration.
+(09:04:49 PM) zzz: zlatinb, would you like to be in on it?
+(09:05:03 PM) zlatinb: sure
+(09:05:21 PM) zzz: super
+(09:07:56 PM) eyedeekay: That's everything from the agenda, anything else to add?
+(09:08:00 PM) eyedeekay: Timeout 60s
+(09:09:32 PM) eyedeekay: That closes the meeting *baffs*
+(09:09:32 PM) eyedeekay: Thanks zzz zlatinb for coming, I'll post the meeting log to the site shortly
+(09:10:09 PM) zzz: thank you
+(09:11:05 PM) devcron left the room (quit: Quit: leaving).
+(09:11:11 PM) eyedeekay: no problem zzz

i2p2www/meetings/logs/297.rst

@@ -0,0 +1,11 @@
+I2P dev meeting, March 2, 2021 @ 20:00 UTC
+==========================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb

i2p2www/meetings/logs/298.log

@@ -0,0 +1,264 @@
+(04:02:03 PM) eyedeekay: Hi everyone, zzz, zlatinb, community members, welcome to the April 6, 2020 meeting
+(04:02:09 PM) eyedeekay: A lot to discuss today:
+(04:02:12 PM) eyedeekay: 1) Hi
+(04:02:12 PM) eyedeekay: 2) Mac Launcher Report, jpackage/dmg
+(04:02:12 PM) eyedeekay: 3) Mac user interest survey results
+(04:02:12 PM) eyedeekay: 4) Windows all-in-one installer
+(04:02:12 PM) eyedeekay: 5) Update channels - http://git.idk.i2p/i2p-hackers/i2p.i2p/-/wikis/...
+(04:02:12 PM) eyedeekay: 6) Trac Migration Report/Evaluation
+(04:02:12 PM) eyedeekay: 7) 0.9.50 release
+(04:02:39 PM) eyedeekay: 1) Hi is everybody here?
+(04:02:43 PM) zzz: hi
+(04:02:46 PM) eyedeekay: Hi zzz
+(04:02:54 PM) zlatinb: hi
+(04:02:59 PM) eyedeekay: Hi zlatinb
+(04:03:08 PM) eyedeekay: Anybody else?
+(04:03:40 PM) eyedeekay: OK On to 2) then Mac Launcher Report
+(04:04:13 PM) eyedeekay: This was my topic but I think zlatinb and I should share it a bit, I have more to add to the User Interest Survey section
+(04:04:54 PM) zlatinb: ok
+(04:05:24 PM) eyedeekay: The current situation as I understand it is that we've decided that the old launcher is not the way, reflected in zzz removing the code from the main git branch this morning
+(04:07:04 PM) eyedeekay: And that we can deal with the issue of doing updates in the background in order to avoid making the update process more complicated while making the install process less
+(04:08:42 PM) eyedeekay: That "real" service installs probably won't be part of the jpackaged version of the router, because auto-starting apps start when the user logs in and not when the system is ready
+(04:08:53 PM) zlatinb: I think that is accurate.  I have verified that the sequence of steps in the script that is on the wiki page is completely "silent"
+(04:08:53 PM) zlatinb: the end-to-end flow needs to be tested ofc
+(04:08:53 PM) zzz: yeah I think the install experience is better, the update experience could be a little to a lot worse, TBD
+(04:09:25 PM) zzz: although if you include java updates in the izpack update experience, maybe we wouldn't be any worse
+(04:09:28 PM) mode (+v anonymousmaybe) by ChanServ
+(04:09:39 PM) zzz: thats the part we need to investigate further
+(04:09:58 PM) zzz: and decide how to make those tradeoffs
+(04:11:17 PM) eyedeekay: I think I think the Java nagware makes it almost the same
+(04:11:34 PM) eyedeekay: But I haven't actually had to do a Java update on my Mac yet either
+(04:12:35 PM) zzz: do we have any quantitative sense of how much better JRE 16 is over 8?
+(04:12:37 PM) eyedeekay: There was a slightly surprising result on the user-interest survey, a slim majority of users found installing Java to be easy, including one user who marked him or herself as a beginnger
+(04:13:37 PM) zlatinb: 16 vs 8? not atm, can google for benchmarks ofc, but the new apis are useful
+(04:14:01 PM) zlatinb: such as getting the pid from inside java, dock badges and notifications, etc.
+(04:15:14 PM) zlatinb: regarding an investigation of the full update process, it will organically be done as part of the work on the new update process, to be discussed later in this meeting
+(04:16:19 PM) zlatinb: I'm confident it can be very smooth; the implementation question is AppleScript vs bash script vs ?? 
+(04:16:57 PM) zzz: I thought it was just exec 'open xxx.dmg'?
+(04:17:54 PM) zlatinb: someone hasn't been following the wiki page tsk tsk :)  no it's a quite involved process of converting the .dmg to another format.  That avoids any visual promopts and license agreement
+(04:19:12 PM) zlatinb: basically 1. convert the .dmg to .cdr 2. mount cdr 3. move the existing AppBundle out of the way 4. cp -R new AppBundle 5. clean up, unmount .cdr 6. launch new app bundle
+(04:20:12 PM) zlatinb: I tested and verified the conversion and mounting are entirely "silent".  If we do not want to be silent but want the user to see what is happening, we can use AppleScript
+(04:20:20 PM) zlatinb: no idea why we would want that but it's on the table
+(04:21:14 PM) eyedeekay: Neat. Not that I think it matters that much, but is that how .dmg bundles are "supposed" to update? Is there a chance that would be disabled in the future without a path to fix it?
+(04:22:03 PM) zlatinb: the official way of updating is to use a Mac OS facility that relies on the existence of a clearnet server.  VLC updates that way for example.
+(04:22:30 PM) zzz: given the size of the agenda, I suggest we move on to find out if the survey says anybody wants this at all
+(04:22:49 PM) eyedeekay: Can do
+(04:23:49 PM) eyedeekay: The results of the survey summarized as follows:
+(04:23:49 PM) eyedeekay:  - Most of the people surveyed did not have Java installed when they were first  attempting to install I2P.
+(04:23:49 PM) eyedeekay:  - Users found installing Java easy, with a slim majority(3/5) of respondents saying that installing Java was not difficult. This included people who marked themselves as "beginner" computer user. This actually surprised me quite a bit.
+(04:23:49 PM) eyedeekay:  - 6 of 12 users skipped some or all of the Yes/No questions.
+(04:23:49 PM) eyedeekay:  - We had several users who skipped multiple Yes/No questions who left free-response answers. They were universally not complimentary to the install process.
+(04:23:49 PM) eyedeekay:  - All but one of the Yes/No respondents who answered the question were users of the .dmg bundle. Of these, there were 5/13. All others were non-responses. This  could indicate the overwhelming popularity of the .dmg approach.
+(04:23:49 PM) eyedeekay:  - The one non-user of the old .dmg bundle answered "Yes" to would use a new one if it emerged
+(04:24:31 PM) eyedeekay: That's copied directly from a longer summary I'll post to zzz.i2p later today
+(04:25:16 PM) zzz: we didn't ask directly if people want a dmg installer vs izpack? Or how can we infer that?
+(04:26:02 PM) eyedeekay: We referred to the izpack as the ".jar" installer since end users don't know what packaging tools we use
+(04:26:09 PM) zzz: or, an even simpler question: does the survey tell us we should do a dmg installer or not?
+(04:26:25 PM) eyedeekay: I believe the survey supports doing a .dmg installer
+(04:26:52 PM) zzz: strongly? weakly? "overwhelmingly"?
+(04:27:25 PM) eyedeekay: Pretty strongly, the only counterpoint to the .dmg installer was that people found installing Java easy
+(04:27:41 PM) eyedeekay: Thereby recommending the incumbent in that case
+(04:27:51 PM) zzz: ok
+(04:28:03 PM) eyedeekay: Everybody who answered the question said ".dmg installer"
+(04:28:47 PM) zlatinb: but that hasn't even been available for download for a while.  Do we know if they refer to the experimental one we just built or to the old one?
+(04:29:08 PM) eyedeekay: I specifically asked "The .dmg installer which lost support earlier this year"
+(04:29:17 PM) zlatinb: ok
+(04:29:51 PM) eyedeekay: Also I asked about whether they were able to transition from the old .dmg installer back to an IzPack installer
+(04:30:16 PM) eyedeekay: No one was able, but I think we knew that because of the unstoppable restarts issue
+(04:30:18 PM) mode (+v subatomic) by ChanServ
+(04:31:20 PM) zlatinb: that issue may have been specific to my system, I have no way of knowing.  I may have helped meeh run an interim build that may have been broken... many possibilities.
+(04:32:50 PM) eyedeekay: I remember seeing it on my old Mac that was a lemon so same
+(04:32:59 PM) eyedeekay: I'll have an extended summary with the raw anonymized results to post to zzz.i2p this evening
+(04:33:03 PM) eyedeekay: EOT #3
+(04:34:22 PM) zlatinb: I would ask that we go back to #2 for a bit
+(04:34:32 PM) zlatinb: and at least decide on a deadline for making a decision
+(04:35:05 PM) zlatinb: because with the lack of notarization the current izpack installer is pretty hideous.  Sadie posted on medium the full workflow and it's something like 35 steps
+(04:35:24 PM) zlatinb: that include the user turning off some OS protections which are on by default
+(04:35:53 PM) zlatinb: fyi I asked orignal and some guy from the ilita irc what they do for i2pd
+(04:36:10 PM) zlatinb: and the short answer was: disarm all assemssments and roll with it
+(04:36:32 PM) zzz: I'm not hearing any objections, so I think we keep working toward a solution. I'm not sure we need a deadline, especially if the effort is modest
+(04:36:33 PM) zlatinb: I really don't think we can expect our users to do that
+(04:37:20 PM) zlatinb: effot is modest if we do not count the update system overhaul which we'll discuss separately
+(04:37:33 PM) zlatinb: eot
+(04:37:55 PM) zzz: ok, then we'll find out what the deadline is to resolve the update stuff
+(04:38:53 PM) zlatinb: ok
+(04:40:25 PM) eyedeekay: Are we deciding that here and now? Because my vote would go to having it all ready to phase in at 0.9.51.
+(04:40:58 PM) zlatinb: we'll discuss it as part of 5), right?
+(04:41:09 PM) eyedeekay: Sure sounds good
+(04:41:21 PM) eyedeekay: On to 4) then Windows all in one installer
+(04:41:49 PM) eyedeekay: zlatinb added this to the agenda, but I'll probably have a lot to add here too. Do you want to get us started zlatinb?
+(04:42:40 PM) zlatinb: well eyedeekay did most of the hard work on combining the firefox profile installer with a JRE image and a router and making sure it installs and runs.  There's ofc some rough edges atm.
+(04:42:59 PM) zlatinb: There's also a wiki page that can be used for questions
+(04:43:30 PM) zlatinb: I think it's worth giving it some attention and spending the time to do a proper product definition with requirements and all that, similar to what was done for the .dmg
+(04:43:58 PM) zlatinb: We're working with users on r/i2p who have helped us greatly and continue to help us
+(04:44:15 PM) zlatinb: but ofc atm this is a PoC
+(04:44:15 PM) zlatinb: eot
+(04:45:38 PM) zzz: there seems to be no wikis listed on the index page at http://git.idk.i2p/i2p-hackers/i2p.i2p/-/wikis/home so ppl need the full url?
+(04:45:41 PM) eyedeekay: Yes despite being an early POC, most of the feedback I've received has been positive. One unfortunate thing is that apparently NSIS goes crazy if the user has a different character set than the administrator, the hardest part has been avoiding this pitfall so far
+(04:46:01 PM) eyedeekay: Right-hand side for me, I'll get you the full URL
+(04:46:29 PM) eyedeekay: https://i2pgit.org/i2p-hackers/i2p.firefox/-/wikis/All-in-One-I2P-Installer-for-Windows
+(04:47:08 PM) zzz: hmm if not logged in it says 'no wiki pages'. if logged in it gives you a 'create new wiki' page.
+(04:47:57 PM) zlatinb: check that you're in i2p.firefox project, not i2p.i2p
+(04:48:07 PM) zzz: oh ok
+(04:49:19 PM) psi: hi (lurking)
+(04:49:42 PM) zlatinb: hi psi
+(04:49:52 PM) eyedeekay: Hi psi
+(04:50:07 PM) eyedeekay: And here's the branch in case you need it: https://i2pgit.org/i2p-hackers/i2p.firefox/-/tree/EXPERIMENTAL-jpackage
+(04:50:34 PM) psi: wasn't there talk about using nsis for windows packaging?
+(04:50:56 PM) eyedeekay: Yes this is some of that talk
+(04:50:56 PM) psi: (that's item 4 nvm)
+(04:51:27 PM) psi: oh
+(04:51:30 PM) psi: i see we are on that
+(04:51:55 PM) psi: so if you are using cmake/cpack nsis is great because you cross compile for windows from linux trivially
+(04:52:04 PM) psi: not sure how it works in java land
+(04:52:23 PM) zzz: I've raised a few objections about this windows proposal over the last month, none fatal, but I don't think they've been adequately addressed
+(04:52:29 PM) zzz: I'll list 3 here
+(04:52:47 PM) eyedeekay: Unfortunately we might to this to take advantage of jpackage builds, which do require us to build on the target platform at this time
+(04:53:03 PM) zzz: 1) it's all a distraction from the mac installer that got us started and is probably higher priority and we'll learn from doing it first
+(04:53:15 PM) psi: point 1 is enough there
+(04:53:24 PM) zzz: 2) almost all the justifications listed or theorized are weaker than that for the mac installer
+(04:53:34 PM) psi: i'd say focus on the mac infra before wandering out into the packaging aybss
+(04:53:55 PM) psi: you'll find a way to have scope creep
+(04:53:57 PM) zzz: 3) the so-far-unofficial firefox profile is assumed included, but hasn't been justified or reviewed separately
+(04:54:02 PM) zzz: eot
+(04:54:31 PM) psi: for now macos packaging is plenty of a task and you need not increase scope
+(04:54:47 PM) psi: once you get the macos infra working come back to windows nsis 
+(04:55:03 PM) psi: i for one want to drop macos support at work becuase it's just bad
+(04:55:12 PM) psi: the whole target is getting worse with each release
+(04:55:33 PM) psi: and apple is actively hostile to free software projects
+(04:55:51 PM) psi: if you dont mind bending over to let apple in then it's probably fine
+(04:56:10 PM) zlatinb: well that's a picturesque way of putting it psi :)
+(04:56:12 PM) psi: it's all a question of how much time you want to burn dealing with them
+(04:56:29 PM) psi: if the number of users is low enough it's just not worth it
+(04:56:39 PM) eyedeekay: I can definitely live with waiting for Mac to be ready to take Windows further, I think everyone sees my point re: the installer and it's relationship to onboarding
+(04:57:00 PM) zlatinb: but I've already gone through the joys of notarization so that part's taken care of
+(04:57:10 PM) zlatinb: (that's the most unpleasant part btw)
+(04:57:33 PM) psi: so this is a kind of high level directional question, windows is actually getting a bit better and apple is getting worse, the projected direction each are going is pretty clear to me
+(04:57:52 PM) psi: if we dont have a dedicate mac guy then the mac parts will rot
+(04:58:00 PM) psi: dedicated mac guy*
+(04:58:05 PM) psi: that is what happened at work D:
+(04:58:34 PM) zlatinb: well I try to document everything that I do, but you're right, one of the requirements is an Apple Id which means de-anoning
+(04:58:44 PM) psi: that's probably fine
+(04:58:50 PM) psi: the real problem is the everything else part
+(04:58:57 PM) zlatinb: it's not that bad
+(04:59:05 PM) psi: it is if you need eleveated privs
+(04:59:05 PM) zlatinb: we can discuss after the meeting if you're interested
+(04:59:16 PM) psi: for i2p is fine
+(04:59:16 PM) zlatinb: we don't for I2P, it's a slide install
+(04:59:19 PM) zzz: the thing I still don't understand is that we had a broken link to the old dmg installer for a year and nobody complained. during that time we thought we had a dedicated mac guy, but he vanished
+(04:59:19 PM) psi: and yea we can talk later
+(04:59:30 PM) psi: yea
+(04:59:44 PM) psi: if a mac users tries it and it's broken they'll just uninstall
+(04:59:48 PM) psi: they wont report a bug
+(04:59:52 PM) zlatinb: exactly
+(05:00:03 PM) psi: and with i2pd being a thing they can just try that
+(05:00:12 PM) psi: if i2pd works they'll use that
+(05:00:16 PM) eyedeekay: I bet if I really combed I could find a reddit question
+(05:00:25 PM) zlatinb: it doesn't, requires disarming all assessments
+(05:00:53 PM) eyedeekay: But another factor is that until a few months ago the .dmg installer would have installed and may have updated, because the signature on it hadn't expired yet
+(05:02:24 PM) zlatinb: there is like one mac guy on ilita and he is a very advanced mac user
+(05:02:33 PM) zlatinb: anyway, we're drifting
+(05:02:33 PM) psi: yea
+(05:02:33 PM) zlatinb: psi is right that mac users won't complain and just give up
+(05:02:33 PM) psi: are there regular project level UX aditing for each platform?
+(05:02:33 PM) zzz: not true, the link was broken as of 0.9.44, because the last dmg release was .43
+(05:02:33 PM) psi: i.e. seeing if platform X is broken?
+(05:02:33 PM) zlatinb: sadly no
+(05:02:33 PM) psi: thinking out loud i see a common overaching theme
+(05:02:33 PM) psi: over arching theme
+(05:02:34 PM) zzz: correction .45 was the last, broken as of .46
+(05:03:03 PM) zlatinb: we had the windows installer broken for two days until parg complained about it, just a data point
+(05:03:27 PM) zzz: one hour in, eyedeekay can you keep things moving please?
+(05:03:35 PM) eyedeekay: Yes
+(05:03:52 PM) eyedeekay: I think we've done enough on #4 for now anyway
+(05:03:58 PM) psi: yea
+(05:04:07 PM) eyedeekay: 5) update channels
+(05:04:21 PM) eyedeekay: This one is yours zlatinb
+(05:04:56 PM) zlatinb: right, so the main purpose of update channels is to support the new installers, but of course it can turn out to be useful in other situations as well.
+(05:04:57 PM) zlatinb: such as:
+(05:05:16 PM) zlatinb: if we decide to transition to stable-vs-beta releases after 1.0.0
+(05:05:46 PM) zlatinb: to summarize what's on the wiki page:
+(05:06:09 PM) zlatinb: we introduce the notion of an update channel which is platform X readiness tuple
+(05:06:29 PM) psi: i2p has been effectively rolling release for a decade right?
+(05:06:57 PM) zlatinb: to do it in backwards-compatible way with least amount of work the update url will be constructed http://...b32.i2p/<platform>/<readiness>/news.su3
+(05:07:25 PM) zlatinb: no changes to news.xml format
+(05:08:08 PM) zlatinb: So very little modifications to the workflow of the su3 generators
+(05:08:33 PM) zlatinb: small changes to the backend of the router, and small-to-medium changes to the console ui
+(05:09:04 PM) zlatinb: for more detailed discussion see the wiki page
+(05:09:36 PM) zlatinb: at this meeting I would like to agree on what priority this should be, when do we want it done, who will do which part ideally too
+(05:09:38 PM) zlatinb: eot
+(05:10:04 PM) zzz: the issues are who runs and manages and translates the new feeds and their backups ... same as now, or different
+(05:10:11 PM) zzz: if it's option 1 then it's almost no dev effort
+(05:10:35 PM) zlatinb: oh yeah option 2 (from the wiki page) is out, ignore it completely
+(05:10:59 PM) zzz: so are you proposing the same news hosts as now for the new feeds? (ech and idk), if so, need their buyin, if not, need to know who
+(05:11:44 PM) zlatinb: I would say start with the same hosts for now
+(05:12:08 PM) eyedeekay: I'm absolutely happy to host the new feeds on my end
+(05:12:27 PM) zlatinb: I'll reach out to ech sometime soon about it
+(05:13:51 PM) eyedeekay: Since option 2 is out by extension option 3 is as well, right?
+(05:13:59 PM) zlatinb: yeah
+(05:14:36 PM) zlatinb: option 1 achieves everything and is very little effort relative to the other options
+(05:15:31 PM) zlatinb: so... 
+(05:16:23 PM) zlatinb: since this is a prerequisite for enabling in-network updates of a .dmg installer and we seem to be in agreement that we're going ahead with that, shall we say 0.9.51 for this item?
+(05:16:49 PM) eyedeekay: +1
+(05:17:08 PM) zzz: oh I thought you wanted a deadline for deciding. thats a deadline for finishing
+(05:17:24 PM) zzz: but sure, that's a reasonable target
+(05:17:50 PM) zlatinb: I wanted a deadline for deciding on the .dmg installer.. but I can retreat if there are reasonable arguments against deciding now :)
+(05:18:03 PM) mode (+v val) by ChanServ
+(05:18:26 PM) zzz: sounds good
+(05:19:10 PM) zlatinb: ok... we have one more meeting before the 0.9.51 cycle starts in earnest, right?
+(05:19:17 PM) eyedeekay: Yes we do
+(05:19:44 PM) zlatinb: we can then expand on the details on the wiki, including specific code locations that need to change by then
+(05:19:56 PM) zlatinb: I'm reluctant to start actual coding even if on a branch
+(05:20:18 PM) zzz: there shouldn't be any coding really, or very little
+(05:20:37 PM) zlatinb: I'll try to scope it out by the next meeting
+(05:21:18 PM) zlatinb: ok, that's eot from me on 5)
+(05:21:26 PM) eyedeekay: Ok then moving on to 6) Trac Migration Report/Evaluation
+(05:22:30 PM) eyedeekay: I've made a chart, it's been approved, I've done a dry run on a server at home, it worked. There are hundreds of tickets to migrate, almost all of which will be added to i2p.i2p with tags corresponding to the "component" they were on trac.
+(05:23:54 PM) eyedeekay: I think I can do the whole migration this month and have it done by the start of the next meeting. I'm going to go from small-to-large like I did with mtn->git. I'm going to go much faster this time, most of these can expected to take one day or less to complete. I'll be starting with i2p.www
+(05:24:21 PM) zzz: have we definitely decided to do it, or are there open issues e.g. registration for tickets, spam, etc. ?????
+(05:24:29 PM) mode (+v anonymousmaybe) by ChanServ
+(05:24:59 PM) eyedeekay: Spam has dropped considerably over the past month, user registrations are now open without my approval. Anyone who can confirm an email can register.
+(05:25:32 PM) eyedeekay: I can still "approve" users who cannot or do not wish to use a real e-mail.
+(05:25:35 PM) zzz: iirc we know where we're headed but we haven't made the final decision yet, especially because of the reg. issue
+(05:25:53 PM) zzz: but I don't have last month's meeting logs in front of me
+(05:26:14 PM) eyedeekay: The biggest issue, approval-only for registration, is no longer the case
+(05:26:48 PM) zzz: ok so that and the migration tech issues were the biggest. anything else that's a blocker, or are you recommending we proceed?
+(05:27:35 PM) eyedeekay: I am believe that I should proceed this month with the ticket migration
+(05:27:45 PM) mode (+v dr|z3d) by ChanServ
+(05:27:51 PM) zzz: sounds good
+(05:28:02 PM) eyedeekay: OK I'll get started probably at the end of this week
+(05:28:26 PM) eyedeekay: Last but not least the 7) 0.9.50 release update
+(05:28:29 PM) zzz: oh I remember
+(05:28:29 PM) zzz: notifications
+(05:28:40 PM) zzz: on tickets, MRs, etc. seem completely broken
+(05:29:04 PM) zzz: ofc they are on trac also...
+(05:29:44 PM) zzz: so maybe not a blocker but def. an annoyance
+(05:29:47 PM) eyedeekay: Are you not getting them? I thought I had them fixed, I started getting mine. I'll figure out why it is and deal with it ASAP
+(05:30:19 PM) zzz: nope. zlatinb how about you?
+(05:30:28 PM) zlatinb: nada
+(05:30:34 PM) zlatinb: did get a few at one point but after the update or downtime nothing
+(05:30:55 PM) zlatinb: but I check the activity feeds obsessively :)
+(05:31:19 PM) eyedeekay: Shoot. OK I must have missed it when I put the server back up after the thing in December. I'll fix it soon.
+(05:31:38 PM) eyedeekay: Wait no I have an email from zzz on the X-i2p-location issue...
+(05:31:46 PM) eyedeekay: Can't be that. Anyway, I'll find it
+(05:32:14 PM) zzz: thanks
+(05:32:16 PM) zzz: re: 7)
+(05:32:23 PM) zzz: I'll be very brief
+(05:32:37 PM) zzz: we're 7 weeks into a nominal 12 wk cycle, target mid-to-late May
+(05:32:45 PM) zzz: all big changes should be in
+(05:32:49 PM) zzz: lots of SSU and IPv6 stuff
+(05:33:08 PM) zzz: doing testing w/ i2pd on prop. 158 (ipv6 introducers)
+(05:33:18 PM) zzz: for draft release announcement see zzz.i2p
+(05:33:20 PM) zzz: EOT
+(05:33:52 PM) zlatinb: I just want to chime in re: bandwidth utilisation
+(05:34:04 PM) zlatinb: this release has the potential to improve throughput by a LOT
+(05:34:40 PM) zlatinb: so with the changes to RED and CDQ tuning we should keep an eye on whatever network metrics we can get
+(05:34:50 PM) zzz: let's hope. also lots of i2pd fixes in their mid-cycle release a couple weeks ago, and more in the next one, will help network performance
+(05:35:38 PM) zlatinb: I'm just worried we'll hit some bottlenecks that we never hit before
+(05:35:50 PM) zlatinb: but that's growing pains I guess
+(05:36:09 PM) zzz: same story different day
+(05:36:48 PM) eyedeekay: Thanks zzz, thanks zlatinb.
+(05:37:53 PM) eyedeekay: I've got very little to add here, and I think we've been here long enough, so unless there's anything else you want to discuss I'm going to call us to a close
+(05:38:03 PM) eyedeekay: Timeout 1m
+(05:39:19 PM) eyedeekay: Thanks everyone for coming, see around IRC
+(05:39:31 PM) eyedeekay: I will post meeting logs in a few minutes

i2p2www/meetings/logs/298.rst

@@ -0,0 +1,12 @@
+I2P dev meeting, April 6, 2021 @ 20:00 UTC
+==========================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb,
+psi

i2p2www/meetings/logs/299.log

@@ -0,0 +1,113 @@
+(04:01:04 PM) eyedeekay: Hi everyone, it's time for the May 4th meeting
+(04:01:13 PM) zlatinb: hi
+(04:01:21 PM) zzz: hello
+(04:01:39 PM) eyedeekay: 1) Hi 
+(04:01:39 PM) eyedeekay: 2) Mac Launcher Report, Follow-up 
+(04:01:39 PM) eyedeekay: 3) Trac Migration Report, Post-op 
+(04:01:39 PM) eyedeekay: 4) 0.9.50 release
+(04:01:39 PM) eyedeekay: 5) Update Channels Report
+(04:01:39 PM) eyedeekay: 6) Docker Improvements
+(04:01:39 PM) eyedeekay: 7) Bote Plugin Keys
+(04:02:17 PM) eyedeekay: zab are 2) and 5) likely to overlap, should I put them together?
+(04:02:26 PM) zlatinb: sure
+(04:02:56 PM) eyedeekay: OK so let's swap 3 and 5 from that list above, and do update channels right after Mac Launcher
+(04:03:11 PM) eyedeekay: 2) Mac Launcher Report
+(04:03:59 PM) zlatinb: so far I've received one positive report by an unknown user, and know at least a few people have tried the .dmg
+(04:04:28 PM) zlatinb: so for the installer part I think we're in a very good shape.  I can't think of any changes required that are not related to the update functionality
+(04:04:49 PM) zlatinb: s/installer/app bundle/
+(04:05:24 PM) zlatinb: that's all on stricly-2) from me
+(04:06:10 PM) eyedeekay: Excellent. I don't have anything to add right, so we can move on to 3) Update Channels
+(04:06:24 PM) eyedeekay: Unless zzz has something?
+(04:06:36 PM) zzz: no
+(04:07:00 PM) eyedeekay: Ok then zlatinb update channels are also your topic
+(04:07:22 PM) zlatinb: zzz and I did some initial analysis/scoping of what needs to happen to enable update channels
+(04:08:05 PM) zlatinb: the consensus (I think) is that there will be some changes to code in i2p.i2p as well as some code residing in the mac-jpackage repo
+(04:08:36 PM) zlatinb: we're still enumerating all the corner cases but so far haven't come upon a dealbreaker
+(04:09:24 PM) zzz: agreed, sounds pretty straightforward and not too much effort. testing is probably more of the work than coding
+(04:09:36 PM) zlatinb: I'm very busy until the release but after that will focus on this.  Can get more technical but it gets very low-level for this meeting
+(04:09:39 PM) zlatinb: eot
+(04:10:05 PM) eyedeekay: Thanks for the report
+(04:10:12 PM) eyedeekay: That brings us to 4) 0.9.50 release
+(04:11:08 PM) dr|z3d: you missed Trac migration.
+(04:11:26 PM) eyedeekay: I was going to do it as 5, not 4
+(04:11:40 PM) dr|z3d: ok, as you were!
+(04:11:45 PM) eyedeekay: We're 11 days away from the release now
+(04:12:09 PM) eyedeekay: Tags are set to be frozen tomorrow
+(04:12:22 PM) eyedeekay: I have no more string changes for i2p.i2p
+(04:13:43 PM) eyedeekay: zzz, zlatinb what would you like to add?
+(04:14:08 PM) zzz: not much... I'll push the strings to transifex at 4 PM UTC tomorrow
+(04:14:26 PM) zlatinb: orignal made an interesting point just 30 minutes ago about NTCP queue capacity, might be worth looking into b4 the release
+(04:14:27 PM) zzz: I'm done with 50. already working on the next one
+(04:15:18 PM) zzz: I didn't see it, but I'd be reluctant to make any changes now. I am testing some NTCP queue changes for the next release
+(04:15:29 PM) zzz: eot
+(04:15:38 PM) zlatinb: eot from me too
+(04:15:53 PM) eyedeekay: 5) Trac Migration Report, Post-op
+(04:16:35 PM) eyedeekay: Trac migration was sticky mostly for the reasons I felt it needed to happen, in particular trac xmlrpc broke on our instance at about the same time as last months meeting
+(04:17:34 PM) eyedeekay: After trying and failing to fix it for a couple weeks I just decided it would be easier to (carefully) scrape our trac issues down and migrate them to gitlab using the gitlab API
+(04:18:20 PM) eyedeekay: Otherwise, it was successful, and as a by-product created a readable static archive of all our trac tickets at this time
+(04:18:32 PM) eyedeekay: eot
+(04:18:44 PM) zzz: so whats the status? done?
+(04:19:16 PM) eyedeekay: For the purposes of tracking tickets, trac migration is done. Trac still has wiki articles of some interest to back up but the tickets are done.
+(04:19:43 PM) zzz: ok. I changed the urls in our code to point to gitlab
+(04:20:14 PM) eyedeekay: I changed most of the ones on the website, but am still grepping through .rst files for the last few
+(04:20:28 PM) zzz: can you please add notes and links on trac home page and ticket page and login page and wherever else, with new i2p and clearnet links?
+(04:20:42 PM) eyedeekay: Sure, will do
+(04:21:49 PM) zzz: this now makes us reliant on gitlab (when it was just code, we could always use github) ... do we have any backup admin?
+(04:21:49 PM) eyedeekay: I will also go through all the README's and make sure they reference the correct places too
+(04:22:50 PM) eyedeekay: echelon has an admin account on gitlab, but no one else has SSH access to the server underneath right now
+(04:22:50 PM) mode (+v anonymousmaybe) by ChanServ
+(04:23:30 PM) eyedeekay: I can look into syncing the issues with github using a bot, it's not that different than the second half of the migration process
+(04:23:39 PM) zzz: ok, you two may want to review who can do what to make sure we're covered
+(04:23:45 PM) zzz: good job
+(04:24:09 PM) eyedeekay: Thanks
+(04:24:22 PM) eyedeekay: That brings us to 6) Docker Improvements
+(04:24:42 PM) eyedeekay: zlatinb do you want to fill the people who haven't tried them yet in here :)
+(04:25:10 PM) zlatinb: lol yes, the new docker image is smaller and supports persistent volumes for configuration and snark downloads
+(04:25:35 PM) zlatinb: documentation is in the source, the Docker.md file.  I would like to add a page to the website with that same content
+(04:26:03 PM) zlatinb: that's really it
+(04:26:30 PM) eyedeekay: Good call about the site, right now we advertise it but don't document how to use it at all
+(04:26:40 PM) zzz: who is in charge of the geti2p docker account and who else has access?
+(04:26:48 PM) zzz: or does it not work like that?
+(04:27:35 PM) zzz: does it just auto-build every checkin and that's it?
+(04:27:37 PM) eyedeekay: I'm in charge of the geti2p docker account, I can grant access to people from gitlab, it was started by Ace Barry or hkparker IIRC but I'm the admin now
+(04:28:04 PM) eyedeekay: It builds the `latest` every checkin and builds an image for every tag beginning in `i2p-*`
+(04:28:50 PM) zzz: ok so whatever changes zlatinb did are already in there
+(04:28:52 PM) zzz: got it
+(04:29:00 PM) zlatinb: yes
+(04:29:30 PM) zlatinb: eyedeekay: I saw you just dockerized the android build process?
+(04:30:50 PM) eyedeekay: Yeah I did, it was a way of bundling up all the release requirements into a re-usable form
+(04:31:35 PM) zzz: eyedeekay, speaking of android, I saw something about google adding more rules and bumping requirements effective later this year. You may wish to put aside some time before this release to get ahead of it
+(04:33:10 PM) eyedeekay: I'm double-checking all my Android release stuff this week to make sure that all goes smoothly
+(04:34:18 PM) zzz: as I said the new rules aren't effective for a few months but wouldn't hurt to address them now
+(04:34:41 PM) zzz: or, it might hurt, but better sooner than later
+(04:34:42 PM) zzz: eot
+(04:35:14 PM) eyedeekay: Well depends on F-Droid, sometimes they lag behind GPlay in requirements in a way which is somewhat mutually-exclusive, but it'll be better to know about it if it's going to happen
+(04:36:02 PM) eyedeekay: I think we're ready for number 7) Bote Plugin Keys
+(04:36:20 PM) eyedeekay: This one came up for me in conversation with some redditors last week
+(04:37:06 PM) eyedeekay: People are trying to use mhatta's fork of Bote but they are not able to do so because they are not able to install the plugin keys easily
+(04:37:30 PM) eyedeekay: They also mostly don't know how to intepret the certificate error in the sidebar to troubleshoot the issue
+(04:38:17 PM) eyedeekay: s/keys/certificates/
+(04:38:41 PM) eyedeekay: I would like us to consider adding mhatta's to the default so people no longer encounter this error
+(04:39:17 PM) zzz: 1) he should provide better instructions to his users; 2) he needs to make the request of us
+(04:40:22 PM) eyedeekay: Fair enough.
+(04:40:46 PM) eyedeekay: That brings us to the end of the listed topics, anything else to add?
+(04:41:06 PM) zlatinb: yes, I'd like us to think about making it easier to build testnets
+(04:41:08 PM) zzz: and I'd ask that he get .49 into debian, which never happened
+(04:41:55 PM) zlatinb: we've had two people build LXC testnets and one person build Docker, all three use quite different approaches
+(04:42:14 PM) zlatinb: so is there any interest in figuring out what the pain points are and making things easier?
+(04:42:51 PM) zzz: I have interest in finding out if there's interest :)
+(04:43:10 PM) eyedeekay: Yes there is from my side, I would like to get a testnet running, preferably a docker one
+(04:44:13 PM) zlatinb: cool.. so we should look into it.. of the top of my head initial seeding is the worst part
+(04:45:14 PM) eyedeekay: Are there any Docker testnet instructions written down yet or are they all LXC-based?
+(04:45:18 PM) zzz: my solution to seeding worked well for me, it's roughly solved for lxc
+(04:45:47 PM) zlatinb: LoveIsGrief may have something in his repos on gitlab 
+(04:47:55 PM) zlatinb: eot from me
+(04:49:07 PM) eyedeekay: I guess then if I want a Docker testnet I should probably look into their work, and fill in whatever blanks I encounter based on the process for LXC
+(04:49:43 PM) zzz: I checked all my horrible lxc shell scripts into i2p.scripts
+(04:50:29 PM) eyedeekay: Thanks zzz, horrible or not I'm sure they'll tell me what I need to know
+(04:51:32 PM) eyedeekay: Anything else for the meeting?
+(04:51:50 PM) eyedeekay: timeout 1m
+(04:51:50 PM) zzz: no
+(04:51:58 PM) zlatinb: not from me
+(04:52:19 PM) eyedeekay: OK then thanks everyone for coming
+(04:52:44 PM) eyedeekay: I'll post the logs to the site shortly, see you around IRC

i2p2www/meetings/logs/299.rst

@@ -0,0 +1,11 @@
+I2P dev meeting, May 4, 2021 @ 20:00 UTC
+========================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb

i2p2www/meetings/logs/300.log

@@ -0,0 +1,136 @@
+(04:01:11 PM) eyedeekay: Hi everyone, welcome to the Tuesday, June 1 Community meeting
+(04:01:25 PM) eyedeekay: 1) Hi
+(04:01:25 PM) eyedeekay: 2) 300 logged community meetings
+(04:01:25 PM) eyedeekay: 3) 0.9.51
+(04:01:25 PM) eyedeekay: 4) go-i2p
+(04:01:25 PM) eyedeekay: 5) reproducible build status
+(04:01:25 PM) eyedeekay: 6) update channels report / Mac bundle report
+(04:01:25 PM) eyedeekay: 7) Next release number, deferred item from April 6 meeting
+(04:01:25 PM) eyedeekay: 8) 0.9.50 status / remaining release items
+(04:01:42 PM) eyedeekay: 1) hi
+(04:01:50 PM) eyedeekay: Hi everybody
+(04:02:08 PM) zzz: hi
+(04:02:10 PM) zlatinb: hi
+(04:02:31 PM) eyedeekay: Hi zzz, hi zlatinb.
+(04:02:31 PM) eyedeekay: Anybody else with us today?
+(04:03:00 PM) eyedeekay: OK 2) 300 logged community meetings
+(04:03:45 PM) eyedeekay: Congratulations everybody, the first meeting we have recorded on the web site was 19 years ago, nearly 20 now, and now we're 300 meeting later
+(04:04:18 PM) eyedeekay: Thanks to all I2P contributors in the past as well as in the present
+(04:04:54 PM) zzz: yes
+(04:05:16 PM) zzz: any eepsites from back then still work
+(04:05:44 PM) zzz: and some bugs from back then are still to be found and fixed! I fixed a bug from 2004 today
+(04:06:58 PM) eyedeekay: I saw that over in #ls2 earlier, especial thanks to zzz who has been the heart and soul of this project for longer than most of us have even been around :)
+(04:07:20 PM) zzz: can't do it alone, never could
+(04:08:11 PM) zzz: but that's all the time you get for reminiscing, let's get on with the work
+(04:08:24 PM) eyedeekay: Again thanks and congratulations to everybody, on to 3) 0.9.51
+(04:09:34 PM) eyedeekay: We're about 2 weeks into this release, for my part I'm working on my X-I2P-Location feature in the default site and thinking about options for integrating a browser profile with a main installer at the moment
+(04:09:59 PM) eyedeekay: What is everyone else working on for this release at this time?
+(04:10:41 PM) zzz: I'd like to remind everyone to update the website roadmap with your plans for the next release. There's not a lot there right now
+(04:11:05 PM) eyedeekay: Ack, thanks for reminding us, I will do mine this evening after the meeting
+(04:11:27 PM) zlatinb: I will be starting the Mac-specific side of the Mac bundle updater, unless we decide to split the work otherwise.  I'm happy to work on the i2p.i2p side as well, will discuss more in point 6)
+(04:11:32 PM) zzz: the #ls2 team is continuing to work on proposal 157 (new tunnel build messages), it's going slower than planned. Not clear right now how much will get into the next release
+(04:12:09 PM) zzz: the proposal is still incomplete, so until we do that, we can't finish the code
+(04:12:42 PM) zzz: SSU2 is still not started. We had hoped to have it done this year... that seems unlikely at this point. We could use some more help
+(04:12:56 PM) zzz: EOT
+(04:14:15 PM) eyedeekay: Thanks zzz, zlatinb. I'll do what I can to contribute as my understanding grows. Speaking of that, 4) go-i2p
+(04:15:41 PM) eyedeekay: I've written a cursory proposal for go-i2p in the proposal branch on gitlab.
+(04:15:41 PM) eyedeekay: Besides that, I've nearly completed migrating the common structures from the old distro off of using byte-slice representation to using objects(structs) for representation, and re-written the tests to accomodate this change
+(04:16:07 PM) eyedeekay: That means I'm at the point where I'm writing new code instead of just updating what's there, which is pretty exciting
+(04:16:29 PM) eyedeekay: No transport yet, but that will be the next thing on the roadmap
+(04:16:35 PM) eyedeekay: EOT
+(04:16:41 PM) zzz: are you still over in a separate branch and if so why haven't you merged back?
+(04:17:39 PM) eyedeekay: I've got ~4 tests to finish up before I do
+(04:18:30 PM) eyedeekay: Once all the existing tests pass again or I can be sure they are redundant I'll merge it back
+(04:18:34 PM) zzz: ok. and where are we with the full-go vs. go wrapper around i2pd? If the latter is really only 2 hours of work, as orignal claimed, shouldn't that be the next step?
+(04:18:55 PM) zzz: as a proof of concept, or MVP, or to judge demand from go projects
+(04:19:22 PM) zzz: then you could later just swap it out with the go router via the same API
+(04:20:53 PM) eyedeekay: I've got it started but I'm having some issues figuring out exactly how to create the C wrapper for api.h, probably just because the process is new to me
+(04:22:34 PM) zzz: ok. I still don't understand if the i2pd wrapper is a) an alternative to be evaluated; b) something definitely to be done first but we're doing both; c) low-priority/TBD
+(04:22:53 PM) zzz: or d) we've rejected it
+(04:24:04 PM) eyedeekay: IMO it should be b), because I should learn how to write a C wrapper for C++ code, and because the ability to easily embed i2pd in anything that SWIG supports would be very useful to have in general
+(04:25:18 PM) zzz: ok you have an estimated date for that?
+(04:27:52 PM) eyedeekay: Orignal's right, it's 2 hours of work for someone who knows how to do it already. The hard part to guess is how long I have to read examples to know what I'm doing. The 15th seems safe.
+(04:28:14 PM) zzz: thanks, EOT
+(04:28:40 PM) eyedeekay: OK that's everything I have for it too
+(04:28:41 PM) eyedeekay: 5) reproducible build status
+(04:28:57 PM) eyedeekay: zlatinb this one is yours
+(04:29:21 PM) zlatinb: So, there's something that is reproducible on Mac and Linux with English locale and JDK 11 and sort of works
+(04:29:44 PM) zlatinb: I know how to fix it for all Locales and to build on Windows too, there are a few small tweaks necessary for that
+(04:30:31 PM) zlatinb: Despite it's PoC status I think we should have a web page with instructions for others interested in trying it out
+(04:31:04 PM) zlatinb: as it uses the gradle build system it doesn't add to the release load and I'm happy to own it
+(04:31:35 PM) zlatinb: that's about it
+(04:31:38 PM) zzz: I said this on my forum already but I think it's important. We already have reproducible builds for Debian/Ubuntu. This is for gradle, which is not a supported build product now
+(04:32:13 PM) zzz: I question the value of it, and the ability to support it when we're lacking all the repro. build infrastructure of debian
+(04:33:05 PM) zzz: and announcements that 'i2p is now reproducible' is misleading/wrong. we need to be very clear about what it is
+(04:35:01 PM) zzz: I don't think our testing is sufficient to claim reproucibility, and we don't publish our tool versions anyway.
+(04:35:34 PM) zzz: eot
+(04:37:23 PM) zlatinb: The only tool that matters is the JDK, and that is published to be 11.  I am very skeptical that our Debian/Ubuntu builds are truly reproducible, and doubt that anyone will be able to reproduce the .deb packages on their own.  Just because it passes the build bot doesn't mean it's reproducible, but that's another point.
+(04:37:55 PM) zlatinb: There is value added to certain class of users even from an incomplete PoC that "strives" towards reproducibility or however we want to word it.
+(04:38:38 PM) zlatinb: If nothing else it shows that we're aware that there is demand and are making effort (albeight low priority) to address that demand
+(04:38:43 PM) zzz: the build bot has a lot of tests in it, more than we're testing, including changing username, PWD, locale, time, timezone
+(04:39:02 PM) psi: doesn't debian have a bunch of hooks and shims that normalize timestamps and directories?
+(04:39:08 PM) zlatinb: but it's clearly not changing the timestamps of the checked out code, otherwise it would break right away
+(04:39:14 PM) psi: (for deterministic builds, also hi)
+(04:39:25 PM) zzz: there may be 'demand' but not clear it's enough to justify the effort
+(04:40:01 PM) zzz: yes psi, that's the build infrastructure we rely on for our reproducible debian builds
+(04:40:08 PM) eyedeekay: I can confirm that zlatinb and I did not compare notes on what tools we were using, other than that we were on the same JDK, we certainly didn't compare individual libraries
+(04:40:21 PM) zlatinb: the effort falls on me, as I said I'm happy to own it, and most of the work is already done
+(04:40:31 PM) zzz: we have an answer now, 'use debian'
+(04:40:53 PM) zlatinb: no, the answer is "use the debian toolchain and build environment to build your .deb"
+(04:41:09 PM) zzz: I'm not convinced your testing is thorough enough to claim 'mostly done'
+(04:41:55 PM) zlatinb: There are no known issues remaining, and the unknown ones we'll bump into as more and more people use it
+(04:42:00 PM) zzz: and I'm not convinced we need another release product solely for those demanding non-debian reproducibility
+(04:43:06 PM) zzz: I don't think we want to rely on users to discover reproducibility issues. we need some testing harness or build bot to confirm it given various permutations listed above and others
+(04:43:13 PM) zlatinb: it doesn't need to be a release-quality product, I keep saying it is work-in-progress and will remain so for the foreseeable future.
+(04:44:00 PM) psi: is the purpose an end user ready package or is it to appase the intellecuals?
+(04:44:01 PM) zzz: in that case, no objections
+(04:44:30 PM) zlatinb: clearly to appease the intellectuals, 100%
+(04:45:22 PM) psi: gotcha, just catching up
+(04:46:15 PM) zlatinb: what's wrong with having the users help find reproducibility issues?
+(04:47:14 PM) zzz: 1) because most users won't actualy try to reproduce; but 2) if it's not an official release-quality product, nevermind
+(04:47:34 PM) eyedeekay: Moving right along to 6) update channels report / Mac bundle report
+(04:48:14 PM) eyedeekay: Unless we need to keep going on 5)?
+(04:48:37 PM) zzz: I'm done with 5)
+(04:48:51 PM) eyedeekay: OK, 6 then
+(04:49:24 PM) eyedeekay: zlatinb this is also your topic
+(04:50:20 PM) zlatinb: not much to report since the last meeting on the Mac bundle side of things; I've been dogfooding it a bit
+(04:51:15 PM) zlatinb: I will probably have time this month to look into update channels properly.  At least the part that will live in the mac-jpackage repo
+(04:51:30 PM) zlatinb: can also look into the changes required to i2p.i2p unless someone else wants to have a stab at those?
+(04:51:33 PM) zlatinb: eot
+(04:52:07 PM) zzz: I'm happy to do the other side, let's coordinate this week
+(04:52:30 PM) zlatinb: ok sounds good
+(04:52:52 PM) zlatinb: that's all from me on 6)
+(04:52:56 PM) zzz: I believe there's a few choices we have discussed but haven't fully decided on, but shouldn't be hard
+(04:52:57 PM) zzz: eot
+(04:53:08 PM) eyedeekay: 7) Next release number, deferred item from April 6 meeting
+(04:53:57 PM) eyedeekay: 1.0.0? 9.51.0? There were several choices in the thread
+(04:54:26 PM) zzz: yes. 2 months ago, I presented 0.9.50 vs. 1.0.0
+(04:54:44 PM) zzz: since then, I noted that bitcoin core is going from 0.22 to 23.0
+(04:54:54 PM) zzz: if a number is just a number, it can be anything
+(04:55:18 PM) zzz: 0.9.51, 1.0.0, 2.0, 9.51, 10.0. whatever we want
+(04:55:54 PM) zzz: if "1.0.0" brings up too much anxiety or implicit promise of perfection, we can avoid that by jumping right over it
+(04:56:15 PM) zzz: or, we can just keep doing 0.9.x forever, or until some particular goal we haven't agreed to yet.
+(04:56:18 PM) zzz: EOT. thoughts?
+(04:56:55 PM) eyedeekay: I think a number is a number as long as the one we choose is on top when standard tools sort it, and in light of that, 9.51 has some appeal.
+(04:57:52 PM) zlatinb: If we had a roadmap for installers I would put a nice round 1.0.0 after those are finished, but we don't have such a roadmap, so I'd rather avoid 1.0.0 altogether.  Other than that 0.9.51 or 9.51 are the same to me.
+(04:58:27 PM) zzz: don't necessarily need consensus today either, we have two more meetings before the next release
+(04:59:04 PM) zzz: could always do a reddit poll although that may be counterproductive
+(05:01:40 PM) zzz: let's discuss again next month eyedeekay 
+(05:01:41 PM) zzz: eot
+(05:02:15 PM) eyedeekay: I do agree with zlatinb, if we were to use "1.0.0" as PR to seek new users, improving the installers would probably make such an effort more successful. If we wanted to preserve the opportunity to do do a 1.0.0 when that is done then we'd need to do 0.9.51, eot
+(05:02:28 PM) eyedeekay: 8) 0.9.50 status / remaining release items
+(05:03:16 PM) eyedeekay: zzz added this, but there's at least two of these I should probably answer for, GPlay and F-Droid
+(05:04:27 PM) eyedeekay: There was a bit of a mess with GPlay during release time, I had to migrate us to an Android app bundle which requires me to generate a key and upload it to Google so that they could confirm I was the one uploading the app
+(05:05:16 PM) eyedeekay: I failed at this process the first time which required me to contact google support, which caused a delay in the Android releases
+(05:05:47 PM) eyedeekay: For reasons related to the release process, this also delayed F-Droid builds.
+(05:06:33 PM) eyedeekay: From now on, F-Droid will be an apk, and Google Play will be an .aab, and the release process for one will not depend on the other. EOT.
+(05:06:46 PM) eyedeekay: Anything to add zzz?
+(05:07:20 PM) zzz: debian is the big issue. anybody heard from mhatta? he completely missed .49, now we're waiting on 50
+(05:09:01 PM) eyedeekay: Not in quite a while unfortunately, I can reach out again
+(05:09:08 PM) zzz: as far as net status, about 35-45% of net updated, about 25% have rekeyed, very smooth, no major complaints
+(05:09:08 PM) zzz: please keep this item on the agenda for next month, since we're not done yet
+(05:09:08 PM) zzz: eot
+(05:09:34 PM) eyedeekay: Will do
+(05:09:47 PM) eyedeekay: Anything else for 8?
+(05:10:00 PM) eyedeekay: Or in general? timeout 1m
+(05:11:26 PM) eyedeekay: All right then, thanks for coming everybody, next meeting will be July 6

i2p2www/meetings/logs/300.rst

@@ -0,0 +1,12 @@
+I2P dev meeting, June 1, 2021 @ 20:00 UTC
+=========================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb,
+psi

i2p2www/meetings/logs/301.log

@@ -0,0 +1,69 @@
+(04:01:20 PM) eyedeekay: Hi everyone, it's time for the monthly community meeting, but as I forgot to make the announcement I will not be surprised if no one is here. In case anyone else is here, I'm open to having the meeting now. If no one else is here, I'll announce a new one on zzz.i2p so we can re-schedule
+(04:01:37 PM) zzz: hi
+(04:01:47 PM) eyedeekay: Hi zzz
+(04:02:10 PM) eyedeekay: zlatinb, anybody else here?
+(04:03:39 PM) eyedeekay: Ok that's my bad. Well zzz, I've got a short 2-item agenda for us if you've got time:
+(04:03:39 PM) eyedeekay: 2) Next Version Number
+(04:03:39 PM) eyedeekay: 3) Jpackage Updates
+(04:03:39 PM) eyedeekay: But I was hoping to have zlatinb for 3)
+(04:04:06 PM) zzz: 4) remaining 0.9.50 release items
+(04:04:31 PM) eyedeekay: Ack
+(04:05:10 PM) eyedeekay: 2) Next version number
+(04:06:27 PM) eyedeekay: I'm less and less reluctant about 1.0.0 now
+(04:07:31 PM) eyedeekay: zlatinb had some ideas about where performance could be improved, and what we both agreed on was that we needed something more onboardable for 1.0.0, i.e. the jpackage things
+(04:08:05 PM) zzz: I think an arbitrary jump to something like 1.5.0 or 2.5.0 or 5.1 avoids the 1.0.0 angst
+(04:10:04 PM) mode (+v zlatinb) by ChanServ
+(04:11:37 PM) eyedeekay: 1.5.0 seems right somehow? or maybe 1.51
+(04:12:22 PM) zzz: small numbers seem better
+(04:12:48 PM) eyedeekay: Yeah you're right
+(04:13:36 PM) eyedeekay: 1.5.0 works for me if it works for you
+(04:15:13 PM) zzz: I'll put it in a post on my forum and see what the reaction is
+(04:15:30 PM) eyedeekay: Sounds good
+(04:16:05 PM) eyedeekay: 3) Jpackage Updates
+(04:17:24 PM) eyedeekay: On my end I've got a WIP jpackage+Windows Installer+Firefox profile bundle which should be self-updating as of this morning. It's still untested and a draft PR, I'm sure I'll find something broken about it tonight, but so far, so good
+(04:17:35 PM) mode (+v anonymousmaybe) by ChanServ
+(04:18:55 PM) eyedeekay: It works by starting the installer just before the router shuts down, sleeping until the router shuts down, then allowing the installer to re-start the router when it completes
+(04:19:25 PM) zlatinb: not much on my end, I'm still a little stuck on figuring out how to an end-to-end test that starts from checking news.xml, fetching the update.dmg, performing the update, restarting the router
+(04:19:41 PM) zlatinb: but the concept is the same as on windows
+(04:22:35 PM) zlatinb: just quite a bit of infrastructure to set up I guess
+(04:23:01 PM) eyedeekay: I don't have much else to add, except that I'm going to try to figure out how to test it against a test news server tonight, which should help figure out the infrastructure
+(04:24:13 PM) eyedeekay: 4) Remaining 0.9.50 release items
+(04:24:27 PM) eyedeekay: Oops, pasted that too soon
+(04:24:37 PM) eyedeekay: Anything else on 3)?
+(04:25:02 PM) eyedeekay: 4) Remaining 0.9.50 release items
+(04:25:10 PM) zzz: still no debian/ubuntu, who's in charge of bugging mhatta?
+(04:25:40 PM) eyedeekay: I've been bugging him as much as I can, opened a PR on bote to get his attention, not sure what's up there. No response
+(04:26:11 PM) eyedeekay: Maybe I'm just not looking in the right place anymore
+(04:26:25 PM) zzz: it's now been 7 months since he cut a release
+(04:27:40 PM) zzz: anyway, I believe that's the only remaining item
+(04:28:12 PM) eyedeekay: I heard Debian accepts anonymous maintainers if they have a portfolio and a GPG key now, I could reach out and apply? I hate to make myself even more of a bus factor, but at least I pretty much know how to go from i2p.i2p->deb
+(04:30:17 PM) zzz: the problem is that I think he has several changes he never upstreamed back to us, so those differences would have to be resolved
+(04:31:53 PM) eyedeekay: If he does then I think they'd have to be reflected in the debian/patches, maybe I can find a way
+(04:31:53 PM) zzz: thats all I got, put it on the list for next month
+(04:32:00 PM) eyedeekay: Will do
+(04:32:16 PM) zlatinb: for this item I want to ask about the streaming buffer overflow
+(04:32:43 PM) zlatinb: is that something we want addressed for the next release?
+(04:32:50 PM) zzz: huh?
+(04:32:57 PM) zlatinb: s/overflow/choke/
+(04:33:14 PM) zzz: what item?
+(04:33:23 PM) zlatinb: oh sorry, thought we were discussing 0.9.51
+(04:33:27 PM) zlatinb: nvm
+(04:33:32 PM) zzz: but no, not a pressing problem, more of a test issue, low priority
+(04:34:01 PM) zzz: we were discussing .50 debs
+(04:34:32 PM) eyedeekay: I've got time, if zzz's got time I'm happy to make that item 5)
+(04:34:44 PM) zlatinb: yes please
+(04:34:49 PM) eyedeekay: Go for it
+(04:35:11 PM) zlatinb: I think it happens in the live net on short tunnels, not 0 but 1-hop
+(04:35:41 PM) zlatinb: at least I've seen suspicious behavior in muwire when configured with 1-hop tunnels on both nodes
+(04:36:24 PM) eyedeekay: I have a bunch of 1-hop services, is there anything I can look for in the logs to help you confirm it?
+(04:37:12 PM) zlatinb: at this early stage it can be debugged in a testnet, logging is too verbose for a live server
+(04:37:58 PM) zlatinb: I would like to spend some time on that and if there is a problem and a fix for it aim to put it in the next release
+(04:39:21 PM) zzz: to answer your question, it's a known issue for many years, presumed very rare in live net, the impacts are transient and possibly unfixable... so it's worth investigating (and I asked for help doing that), but for those reasons I wouldn't put it as a must-fix for the next release
+(04:39:56 PM) zlatinb: I think the recent speed improvements have made it less rare
+(04:40:31 PM) zzz: sure. maybe, maybe not
+(04:41:17 PM) zlatinb: ok I'll investigate and see what comes out
+(04:41:35 PM) eyedeekay: It'll be interesting to see what you find
+(04:42:10 PM) eyedeekay: Anything else for the meeting?
+(04:43:09 PM) eyedeekay: All right then that's it for today
+(04:43:18 PM) eyedeekay: Thanks zlatinb and zzz for being and bearing with me, I'll post the logs shortly and make sure I get the announcement up on zzz.i2p this time
+(04:43:24 PM) eyedeekay: being *here

i2p2www/meetings/logs/301.rst

@@ -0,0 +1,11 @@
+I2P dev meeting, July 6, 2021 @ 20:00 UTC
+=========================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb

i2p2www/meetings/logs/302.log

@@ -0,0 +1,95 @@
+(04:00:31 PM) eyedeekay: 1) Hi 
+(04:00:31 PM) eyedeekay: 2) 0.9.51/1.5.0 
+(04:00:31 PM) eyedeekay: 3) Remaining 0.9.50 items 
+(04:00:31 PM) eyedeekay: 4) Streaming choke findings 
+(04:00:31 PM) eyedeekay: 5) Jpackage Updates 
+(04:00:52 PM) eyedeekay: Hi everybody, time for the Tuesday meeting, who else is here?
+(04:00:58 PM) zlatinb: hi
+(04:01:05 PM) zzz: yo
+(04:01:24 PM) eyedeekay: Cool let's get started
+(04:01:34 PM) eyedeekay: 2) 0.9.51/1.5.0
+(04:01:45 PM) eyedeekay: zzz posted on the forum about the numbering change
+(04:02:06 PM) Irc2PGuest39607: hi!
+(04:02:24 PM) eyedeekay: Hi IRC2PGuest39607
+(04:02:38 PM) zzz: yeah, we preliminary-decided on 1.5.0 last month, how does everybody feel about it a month later?
+(04:02:40 PM) mode (+v anonymousmaybe) by ChanServ
+(04:03:08 PM) eyedeekay: It looks like we didn't get any opninions on it, I'm still OK with 1.5.0 as the next release
+(04:03:45 PM) X: I like moving towards a 1.x.x
+(04:03:47 PM) zzz: me too. will take time to get used to, but it feels like a good idea
+(04:04:17 PM) zlatinb: questions: are the maven jars going to stay at api version?  are plugins going to be checked against api versions?
+(04:05:36 PM) zzz: my guess is no for both
+(04:06:06 PM) zlatinb: ok, as long as it's consistent
+(04:06:51 PM) zzz: think of the API version as the "network version". Anything visible to the user should be release version
+(04:07:30 PM) eyedeekay: That makes sense to me, and I know 1.5.0 will work with our maven releases
+(04:07:42 PM) zzz: idk, may I also give a quick status report here?
+(04:07:50 PM) eyedeekay: Yes go ahead
+(04:08:00 PM) mode (+v anonymousmaybe) by ChanServ
+(04:08:09 PM) zzz: everything is pretty much done for the next release. 10k lines of diff
+(04:08:28 PM) zzz: tag freeze aug 11, checkin deadline aug. 20, release week of aug. 23
+(04:08:31 PM) zzz: EOT
+(04:08:40 PM) eyedeekay: Thanks zzz
+(04:09:02 PM) eyedeekay: Are we ready for 3) Remaining 0.9.50 items?
+(04:09:52 PM) eyedeekay: Right now the remaining release items are the same as the remaining release items for last month, which are Debian package releases
+(04:10:53 PM) zzz: sad story, but at this point all we can do is encourage people to switch to the PPA
+(04:11:08 PM) eyedeekay: I've still not received a response from our maintainer so for current debian packages, the only options are deb.i2p2.de/no and the PPA
+(04:11:49 PM) eyedeekay: I'll go ahead and make it clear on the website that those are the recommended packages
+(04:12:07 PM) eyedeekay: 4) Streaming Choke Findings
+(04:12:55 PM) eyedeekay: This was zlatinb's topic, please share your findings when you are ready zlatinb
+(04:13:20 PM) zlatinb: Choking does happen on the live network, probably due to some miscalculation of receive buffer size (125 vs 128), probably due to ecies MTU changes, dunno
+(04:13:56 PM) zlatinb: I haven't looked into more detail other than to try doubling the receive buffer and verifying that choking no longer occurs
+(04:14:42 PM) zlatinb: in general there are other streaming angles I would like to look into more detail but that will be for the next release. 
+(04:14:45 PM) zlatinb: eot
+(04:14:54 PM) zlatinb: s/next/after next/
+(04:14:57 PM) eyedeekay: Interesting. Thanks for looking into that. Should I include this as a topic for next month as well?
+(04:15:10 PM) zzz: definitely a topic for further research, but I don't think it rises to the level of needing to be an agenda item
+(04:15:30 PM) eyedeekay: OK thanks
+(04:16:11 PM) eyedeekay: Last is 5) jpackage updates
+(04:16:16 PM) zzz: but lets make sure zlatinb agrees?
+(04:16:16 PM) zlatinb: i agree
+(04:16:48 PM) eyedeekay: Ack. I'll leave it off the next agenda then
+(04:17:50 PM) eyedeekay: jpackage updates: zlatinb and I both have been working on jpackage bundles, zab's is for Mac OSX and is a signed DMG based package, mine is for Windows and is an NSIS based EXE that works like the Firefox Profile Installer
+(04:18:30 PM) eyedeekay: We've both been working on getting them to be self-updating and stable, I had a look at zab's work last night and did some catching-up
+(04:19:57 PM) eyedeekay: We've been doing releases of the experimental bundles at the same time as the regular releases before, the 1.5.0 AIO bundle and DMG bundle should be self-updating by then
+(04:20:17 PM) zzz: AIO?
+(04:20:37 PM) eyedeekay: All-in-One, the Windows/jpackage/profile bundle
+(04:21:43 PM) eyedeekay: Anything to add from your side on this zlatinb?
+(04:22:12 PM) zlatinb: the dmg is done and tested, I'm happy to have it as a download option when 1.5.0 comes out
+(04:22:20 PM) zzz: let's be clear what the plan is. We're going to have both of these on the download page, roughly on the same schedule as the rest of the 1.5.0 release? And labeled as what? Alpha? Beta?
+(04:23:11 PM) zlatinb: I would prefer "Alternative download option" rather than an alpha/beta label
+(04:23:35 PM) zlatinb: dmg is definitely not alpha, beta might be ok
+(04:24:19 PM) zzz: I'd also like to have a clear understanding of how we're going to steer people to one or the other. e.g., if you want it to run as a service, don't use this one.
+(04:24:34 PM) zzz: don't need to figure it all out at this meeting but sometime before the release
+(04:25:22 PM) eyedeekay: We've got a separate page for them where we call them "Experimental" for now. I intend to consider the AIO EXE installer "experimental" for one more cycle. For adding it as an alternative download option for Windows users on the lang/download page I intend to label it as such
+(04:25:35 PM) zzz: zlatinb, if it's only been tested by one person so far, then I think we need baby steps and a beta label
+(04:26:05 PM) zlatinb: ok
+(04:26:17 PM) zzz: "alternative" doesn't mean anything, we need to steer people one way or another. Those instructions can change as we get more testing
+(04:27:23 PM) zzz: eyedeekay, last time I peeked at yours, which was a couple weeks ago, you had a long way to go, so you're going to have to hustle, and tell us when it's time to take a look
+(04:28:18 PM) zzz: there's also no particular reason to hit the Aug. 23 mark, or have the same schedule as the dmg, if it's not ready
+(04:28:48 PM) eyedeekay: Sure, I won't be pushing a new version out until I'm pretty sure it will work every single time
+(04:29:38 PM) eyedeekay: I checked in a lot last night after looking through zab's changes but I haven't done a new update test yet
+(04:30:42 PM) zzz: I've spent hours and hours helping zab, and 5 minutes skimming yours... maybe you're getting more help from him, or are just grabbing most of his code, but you need to holler when you're ready
+(04:31:57 PM) eyedeekay: I borrowed a chunk of zab's code and adapted it but otherwise I've just been figuring it out as I go
+(04:32:25 PM) eyedeekay: I'll update the gitlab merge thread shortly to explain where it's the same and where it differs though
+(04:32:49 PM) eyedeekay: *this evening
+(04:33:53 PM) zzz: this goes for anytime we add an "official" release product on our download page or anywhere. It's a big step to add something new and stand behind it, and I don't ever want to add something without a lot of thought, and full consensus
+(04:35:15 PM) eyedeekay: Agreed
+(04:35:43 PM) zzz: :)
+(04:36:40 PM) eyedeekay: I think that we should settle the remaining alpha/beta and download page issues to reach that consensus in one of the jpackage threads on zzz.i2p then
+(04:37:56 PM) eyedeekay: That's all I had on 5, which brings us to the end of the agenda unless anyone has anything to add?
+(04:38:29 PM) zlatinb: an item for next meeting or the one after that:
+(04:38:44 PM) zlatinb: changes to the news.xml generation workflow to accomodate dmg and exe bundles
+(04:39:07 PM) zlatinb: eot
+(04:39:16 PM) zzz: last thing on 5) is that you two and echelon must have an agreed plan for the news, yes.
+(04:40:12 PM) eyedeekay: I'll put it on the agenda for the next month announcement and get in touch with ech on my side
+(04:40:12 PM) eyedeekay: Last minute addition from me, I'll be at Def Con from late Thursday until Monday, spending a most of the time at the CryptoCurrency village, I'll be helping people figure out Bitcoin and Monero I2P integrations
+(04:40:43 PM) zzz: what that probably means in practice is zlatinb telling idk and echelon some of the preliminary decisions and going from there
+(04:40:53 PM) zzz: eot, sorry slow typing
+(04:41:30 PM) eyedeekay: That sounds like good place to start
+(04:41:51 PM) zzz: great, have fun, good luck. You have a guess on the best time for people to find you, or clues how to track you down?
+(04:43:36 PM) eyedeekay: Crypto Village table is probably the best place to look, I marked 1-3 every day on the form but it'll probably be a little before 1, a little after 3
+(04:44:29 PM) eyedeekay: I'll get myself an ActivityPub account so people can toot at me other times
+(04:44:44 PM) zzz: ok, haven't seen any PR yet, about time to spin up sadie on twitter, and/or some reddit and forum posts
+(04:45:16 PM) eyedeekay: Will do
+(04:46:22 PM) eyedeekay: Anything else for the meeting? timeout 1m
+(04:47:38 PM) eyedeekay: All right thanks everybody
+(04:48:31 PM) eyedeekay: See you around IRC, next month's meeting will be September 7

i2p2www/meetings/logs/302.rst

@@ -0,0 +1,11 @@
+I2P dev meeting, August 3, 2021 @ 20:00 UTC
+===========================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb

i2p2www/meetings/logs/303.log

@@ -0,0 +1,115 @@
+(04:02:11 PM) eyedeekay: Hi everyone, sorry for the short notice, welcome to the September 7th meeting
+(04:02:11 PM) eyedeekay: 1) Hi
+(04:02:11 PM) eyedeekay: 2) Remaining 0.9.50/1.5.0 items
+(04:02:11 PM) eyedeekay: 3) Debian Repository Changes
+(04:02:11 PM) eyedeekay: 4) Jpackage Distributions
+(04:02:11 PM) eyedeekay: 5) 1.6.0 plans
+(04:03:12 PM) zlatinb: hi
+(04:03:21 PM) eyedeekay: Hi zlatinb
+(04:04:21 PM) eyedeekay: OK we can just get started, if anybody else joins us mid meeting please chime in and let us know you're here
+(04:04:49 PM) zzz: hi
+(04:04:54 PM) eyedeekay: Hi zzz
+(04:05:03 PM) eyedeekay: I'll take 2) remaining 0.9.50 items and 1.5.0 items
+(04:05:41 PM) serempa: hi
+(04:05:55 PM) eyedeekay: Hi serempa, welcome to the community meeting
+(04:06:19 PM) serempa: oh lucky me :)
+(04:06:20 PM) eyedeekay: It's the usual story, our Debian upstream package maintained by mhatta is not up to date, at this point we recommend that you use the project debian repository, newly under my administration at http(s)://deb.i2p2.de
+(04:06:54 PM) eyedeekay: First Tuesday of every month, 8PM UTC, tell your friends :)
+(04:07:19 PM) serempa: hmm actually I'm using i2pd 
+(04:07:28 PM) zzz: looks like our f-droid and official f-droid still todo eyedeekay ?
+(04:07:41 PM) eyedeekay: Yes I was just coming to that
+(04:09:26 PM) eyedeekay: I am still getting the F-Droid repository updated, I have no control over when official F-Droid gets updated so the recommendation will be similar, our F-Droid will be updated before the official F-Droid repository is
+(04:10:23 PM) eyedeekay: So for up-to-date packages our self-hosted F-Droid is likely required
+(04:10:48 PM) zzz: I don't see anything else that's missing
+(04:11:42 PM) eyedeekay: Those are the only two release products remaining
+(04:12:35 PM) serempa: sorry to ask but any arm packages maintained by someone?
+(04:13:16 PM) zzz: we work on any platform that has java
+(04:13:20 PM) serempa: in rpi repos its 0.9.38-3.1
+(04:13:47 PM) eyedeekay: That's raspbian without adding deb.i2p2.de to the sources.list?
+(04:14:01 PM) eyedeekay: Just to be clear serempa?
+(04:14:05 PM) zzz: you can follow the instructions on geti2p.net/debian to use our repo serempa
+(04:14:21 PM) serempa: ooh gotcha sorry
+(04:14:23 PM) eyedeekay: Yes it should have up-to-date pi packages
+(04:14:37 PM) eyedeekay: Which brings us to 3) Debian repository changes
+(04:14:37 PM) eyedeekay: We had a DNS issue with the old http://deb.i2p2.no repository
+(04:15:43 PM) eyedeekay: The server we used to use for it is no longer being used for anything, it's been retired. From now on, deb.i2p2.de and deb.i2p2.no are available using both HTTP and HTTPS
+(04:16:40 PM) eyedeekay: Please let us know if you run into any issues using the new setup, which should have fewer issues overall
+(04:17:22 PM) eyedeekay: Anything to add on 3)?
+(04:18:07 PM) eyedeekay: 4) Jpackage Distributions
+(04:19:29 PM) eyedeekay: Zab had a successful jpackage release so far, at least, some people are using it
+(04:20:29 PM) eyedeekay: We've got a better idea of how to adapt the news server now so that the jpackages can retrieve news and updates for their distributions
+(04:20:45 PM) eyedeekay: I'm delaying my release until I am able to release a new version of I2P In Private Browsing which includes a few bugfixes and which will set the home page a and search engine
+(04:21:31 PM) eyedeekay: That should be about another week
+(04:21:49 PM) eyedeekay: Anything else on 4) zlatinb? zzz?
+(04:22:06 PM) zlatinb: oops wait
+(04:22:06 PM) zlatinb: lag lag
+(04:22:37 PM) eyedeekay: Not a problem, go ahead zlatinb
+(04:22:39 PM) zlatinb: yes, the mac dmg is getting ~25 downloads/day on average
+(04:22:44 PM) eyedeekay: Nice!
+(04:23:10 PM) zlatinb: the /en/download/mac page gets good traffic too.  A lot of people visit it after trying to download the .jar
+(04:23:50 PM) zzz: back sorry, computer issues
+(04:24:12 PM) eyedeekay: (04:22:39 PM) zlatinb: yes, the mac dmg is getting ~25 downloads/day on average
+(04:24:12 PM) eyedeekay: (04:22:44 PM) eyedeekay: Nice!
+(04:24:12 PM) eyedeekay: (04:23:10 PM) zlatinb: the /en/download/mac page gets good traffic too.  A lot of people visit it after trying to download the .jar
+(04:24:24 PM) eyedeekay: In case you need it^
+(04:25:09 PM) zzz: have you three resolved the news server URL issues yet?
+(04:25:39 PM) zlatinb: which doesn't work at all on recent Mac OS versions because notarization
+(04:25:39 PM) zlatinb: eot
+(04:25:39 PM) zlatinb_ is now known as zlatinb
+(04:25:47 PM) zlatinb: bad lag, sorry
+(04:27:00 PM) eyedeekay: Not yet, zlatinb when would be a good time for us to meet and talk about the remaining news URL issues? I have one or two questions for you about requirements for that, if we could meet this week that would be enough
+(04:27:42 PM) zlatinb: yes, I'm happy to do the python changes once we agree on how to handle things
+(04:27:56 PM) zlatinb: the big question is do we want separate news feeds for the different products or just different metadata
+(04:28:05 PM) zlatinb: we need to decide on that
+(04:29:45 PM) eyedeekay: Then I'd like to do a quick voice meeting for that sometime this week, we can schedule later, I'm not sure which pros and cons I care about yet
+(04:30:01 PM) zlatinb: sure
+(04:30:08 PM) eyedeekay: Sounds good
+(04:30:21 PM) eyedeekay: Anything else for 4)?
+(04:30:30 PM) zzz: you'll need a different feed the first time you do an in-between update, e.g. for java
+(04:31:17 PM) zzz: be sure to include echelon as he may have his own issues
+(04:32:19 PM) eyedeekay: In-between like from non-jpackage to jpackage? On my side that's "disabled" the NSIS installer won't over-write an IzPack installer if it finds one
+(04:33:01 PM) zzz: couldn't think of the right word. I mean an intermediate release, between the upstream releases, e.g. 1.5.1
+(04:33:10 PM) eyedeekay: Oh I see
+(04:33:20 PM) eyedeekay: That makes sense, thanks for pointing that out
+(04:33:50 PM) eyedeekay: I'll send out a group email so we're all looped in
+(04:34:12 PM) eyedeekay: And we'll definitely need those because of OpenJDK releases
+(04:34:34 PM) eyedeekay: So we definitely care
+(04:35:13 PM) eyedeekay: OK anything else for 4)?
+(04:36:21 PM) eyedeekay: That brings us to 5) 1.6.0 plans
+(04:37:45 PM) eyedeekay: We should probably just take a moment to write out our plans down, timeout 3min
+(04:38:23 PM) zzz: I've updated the roadmap on the website for 1.5.0 and 1.6.0 - eyedeekay please review and fixup your items
+(04:38:45 PM) zlatinb: I'm going to see if there is a quick fix for the SSU slowness that I've observed in the testnet.  If it's something simple like a delayed ack taking too long I think we can put it in 1.6.0
+(04:39:04 PM) zlatinb: if it turns out to be more complicated then it's not really worth it as we're working on replacement
+(04:39:40 PM) zzz: I don't have a lot on my list for 1.6.0... at this point my main priority is SSU2, which is very early days, I don't expect it to be completed before mid next year
+(04:39:52 PM) eyedeekay: Ack, zzz, I will do this evening
+(04:39:52 PM) eyedeekay: I brought copypasta, this is the list taped to my bookshelf:
+(04:39:52 PM) eyedeekay: Code/Packaging:
+(04:39:52 PM) eyedeekay: 1) Eliminate the class of "Unmanaged" plugins, make Fork-and-Exec plugins manageable.
+(04:39:52 PM) eyedeekay: 2) Add support for Client-Side of X-I2P-Location to HTTP Proxy
+(04:39:52 PM) eyedeekay: 3) Debianize the I2P Browser Profile
+(04:39:52 PM) eyedeekay: 4) Pluginize the I2P Browser Profile
+(04:39:52 PM) eyedeekay: 5) Move goSam and sam3 to i2pgit.org instead of Github
+(04:39:52 PM) eyedeekay: 6) Clean up sam-forwarder UDP tunnels and move to go-i2p namespace
+(04:39:52 PM) eyedeekay: 7) Finally fix and merge go-i2p changes upstream
+(04:39:52 PM) eyedeekay: Web/Documentation:
+(04:39:52 PM) eyedeekay: 1) Document "How to Use" I2P for Android Browsing, Mail, Bittorrent
+(04:39:52 PM) eyedeekay: 2) Split download page into managable chunks, redirect to page by OS
+(04:39:52 PM) eyedeekay: 3) Document Jpackage install processes on Web Site
+(04:39:52 PM) eyedeekay: Misc:
+(04:39:52 PM) eyedeekay: 1) Migrate i2p.keyring.i2p to i2pgit.org
+(04:39:52 PM) eyedeekay: 2) Pluginize my other apps(BRB, Railroad, reseed-tools)
+(04:39:52 PM) eyedeekay: 3) Go rewrite of News Server(newsxml-tools)
+(04:39:52 PM) eyedeekay: 4) Generic Go SU3 Signing tool
+(04:40:33 PM) zzz: eyedeekay, I need misc #1 this week please
+(04:40:47 PM) eyedeekay: Absolutely
+(04:40:54 PM) zzz: super, thx
+(04:41:10 PM) eyedeekay: No problem
+(04:42:03 PM) eyedeekay: Anything else on 5)?
+(04:43:21 PM) eyedeekay: Anything else for the meeting? Timeout 2m in case of lag
+(04:43:53 PM) zlatinb: hmm yes has anyone noticed terrible lag today?  I'm also having to try up to 10 times to push something to git.idk.i2p
+(04:46:39 PM) eyedeekay: I have noticed some inconsistent difficulties pushing to git.idk.i2p in the past week
+(04:48:07 PM) eyedeekay: Usually gone in a few minutes but requiring multiple retries
+(04:49:37 PM) eyedeekay: I have it configured for 6 tunnels and 2 backup tunnels using one hop right now
+(04:54:59 PM) eyedeekay: It isn't multihomed but I could make it so
+(04:55:08 PM) eyedeekay: If there's anything else for the meeting? timeout 1m
+(04:57:26 PM) eyedeekay: All right thanks for coming everyone, same time next month, I'll post the meeting minutes to the site shortly

i2p2www/meetings/logs/303.rst

@@ -0,0 +1,11 @@
+I2P dev meeting, September 7, 2021 @ 20:00 UTC
+==============================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb

i2p2www/meetings/logs/304.log

@@ -0,0 +1,74 @@
+(04:00:04 PM) eyedeekay: Hi everyone welcome to the community meeting
+(04:00:04 PM) eyedeekay: 1) Hi
+(04:00:04 PM) eyedeekay: 2) Remaining 0.9.50/1.5.0 items
+(04:00:04 PM) eyedeekay: 3) Jpackage Distributions
+(04:00:04 PM) eyedeekay: 4) 1.6.0 Development Status
+(04:00:15 PM) mode (-m ) by zzz
+(04:00:16 PM) eyedeekay: 1) Hi who is here today?
+(04:00:24 PM) zlatinb: hi
+(04:00:24 PM) zzz: here
+(04:00:48 PM) eyedeekay: Hi zzz, hi zlatinb
+(04:01:30 PM) eyedeekay: 2) Remaining 0.9.50/1.5.0 items
+(04:02:21 PM) eyedeekay: It's the same story here as last meeting, we currently cannot reach mhatta, and our debian main packages are therefore not updated
+(04:02:55 PM) eyedeekay: The official recommendation for installing I2P on Debian and Ubuntu will be changing in the next release to use our own .deb repository/PPA
+(04:03:26 PM) eyedeekay: We're also updating the instructions to reflect some recommendations which will make usage of our repository more secure
+(04:03:52 PM) eyedeekay: In the new setup, our .deb package signing keys will only be valid for our packages, instead of across all packages
+(04:04:04 PM) eyedeekay: Current deb/ubuntu users will not need to change anything
+(04:05:04 PM) eyedeekay: That's all I have for 2) anything from anyone else?
+(04:05:23 PM) T3s|4: eyedeekay:  ^all noted, and I am also present
+(04:06:21 PM) eyedeekay: Thanks T3s|4
+(04:06:21 PM) eyedeekay: Timeout 1m for 2)
+(04:07:36 PM) eyedeekay: OK 3) Jpackage Distributions
+(04:08:02 PM) zlatinb: I have two items for this topic, both not good
+(04:08:18 PM) eyedeekay: OK maybe you should start us off then
+(04:08:42 PM) zlatinb: 3.1 - the Mac DMG was not deployed properly to the sigterm.no mirror and I discovered it two weeks after release
+(04:09:11 PM) zlatinb: which is a major fail, we need to understand why it happened and how can we prevent it in future
+(04:09:30 PM) zlatinb: 3.2 - I just tried the windows AIO on a fresh windows 10 VM with just Firefox installed, and the .bat couldn't launch the I2P.exe
+(04:09:50 PM) zlatinb: launching I2P.exe manually worked fine, but something in the connection between the two failed
+(04:09:50 PM) zzz: what is AIO?
+(04:09:55 PM) eyedeekay: Easy-Install
+(04:09:56 PM) zlatinb: All-In-One
+(04:10:17 PM) zlatinb: EOT
+(04:11:42 PM) eyedeekay: The sigterm.no fail was partly my fault, I've resolved the issue there which had to do with the way I used to do mirror-syncing.
+(04:12:13 PM) eyedeekay: Re the Windows bundle, that should definitely not be the case, not good. I'll follow up with it on i2p.firefox as soon as the meeting is over, thanks for bringing it to my attention.
+(04:12:50 PM) zlatinb: ok, happy to help debug in any way
+(04:14:54 PM) eyedeekay: OK on my side I'm testing the changes to i2p.newsxml for us to do updates with, should be ready to review this week, there are some minor changes to the instructions for running the news server I'll need to go over with ech but we're already in communication about that
+(04:16:03 PM) zzz: 3.3 re: bundles for OSX, I recommend we advertise that they are untested on ARM Macs, that performance is unknown, and we should solicit testers
+(04:16:17 PM) eyedeekay: Yes agreed, I can make that change to the web site tonight
+(04:16:19 PM) zzz: and from that, decide when to start making ARM builds
+(04:17:17 PM) eyedeekay: Will do
+(04:17:20 PM) zzz: note that Java 17 in theory supports OSX ARm native, but I don't know if any of the openjdk-type sites have the JRE builds yet
+(04:18:26 PM) zzz: EOT, thx
+(04:18:38 PM) zlatinb: building for Mac aarch64 needs to happen on Mac aarch64 because jpackage
+(04:18:55 PM) zlatinb: so that means I need to get an ARM Mac at some point
+(04:19:12 PM) zlatinb: or someone else needs to get an Apple dev account
+(04:19:31 PM) zlatinb: eot
+(04:20:35 PM) eyedeekay: My Mac is also x86_64 unfortunately or I'd offer to do it
+(04:21:17 PM) eyedeekay: Anything else for 3)?
+(04:22:19 PM) eyedeekay: OK then 4) is 1.6.0 Development Status
+(04:25:17 PM) eyedeekay: zzz's been keeping us up to date with his developments and status here: http://zzz.i2p/topics/3170-1-6-0-release-summary           
+(04:25:20 PM) eyedeekay: 6 weeks in, approx. 7 weeks to go
+(04:25:40 PM) eyedeekay: One of my two big planned changes for the router console isn't likely to go in, X-I2P-Locations in the HTTP proxy
+(04:26:10 PM) eyedeekay: The other, managing fork-and-forget plugins are going to be ready this week
+(04:27:10 PM) eyedeekay: Work on SSU2 continues in #LS2
+(04:27:10 PM) eyedeekay: zlatinb and zzz have also been identifying and debugging performance issues in SSU1
+(04:27:26 PM) eyedeekay: Anything to add zzz, zlatinb
+(04:27:28 PM) eyedeekay: ?
+(04:28:07 PM) zzz: so far there's not a lot of big things in this release
+(04:28:21 PM) zzz: very small diff as of now
+(04:28:50 PM) zzz: let's get any other big changes in soon
+(04:29:36 PM) eyedeekay: I'm not letting anything big or drastic go past this weekend for me. If I can't get it done by Monday I'll stick to small stuff.
+(04:29:40 PM) zzz: should be on track for a late Nov. release
+(04:30:43 PM) zzz: eot
+(04:30:45 PM) zzz: oh, also awaiting a post-EOL Jetty 9.3.30 release with some CVE backports. They've tagged it but not posted the builds yet, that's typical for them
+(04:31:43 PM) eyedeekay: If they wait to long to post the builds would it require delaying the release?
+(04:32:37 PM) zzz: should only be a week or so. if for some reason they don't do it, we can just take their patches
+(04:33:02 PM) eyedeekay: OK, thanks for clarifying
+(04:33:35 PM) eyedeekay: Is there anything else for 4) and if not, is there anything anyone else would like to discuss while we're here?
+(04:35:03 PM) eyedeekay: Timeout 1m
+(04:35:04 PM) zzz: if anybody with a registered nick wants voice, let me know before I click the 'm' button. sorry for the inconvenience
+(04:37:10 PM) eyedeekay: OK everybody thanks for coming to the meeting
+(04:37:10 PM) eyedeekay: See you around IRC and at the meeting next month
+(04:37:20 PM) eyedeekay: I've got some website updates to make
+(04:37:59 PM) eyedeekay: Please note zzz's ^ statement about voice on the IRC server
+(04:40:00 PM) eyedeekay: Oh one other thing, I'm going to be out-of-town Thursday and Friday, I'll be working offline those days. Message idk_afk if I'm not online and I will see it by the evening

i2p2www/meetings/logs/304.rst

@@ -0,0 +1,12 @@
+I2P dev meeting, October 5, 2021 @ 20:00 UTC
+============================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb,
+T3s|4

i2p2www/meetings/logs/305.log

@@ -0,0 +1,74 @@
+(04:00:16 PM) eyedeekay: Hi everybody, welcome to the November 2 Community Meeting
+(04:00:16 PM) eyedeekay: 1) Hi
+(04:00:16 PM) eyedeekay: 2) 1.6.0 Development Status / Upcoming Release
+(04:00:16 PM) eyedeekay: 3) mac/win jpackage beta status, user test reports, in-net 17.0.2 update status, plans for 1.6.0 update ?
+(04:00:35 PM) zzz: hi
+(04:00:38 PM) zlatinb: hi
+(04:00:55 PM) eyedeekay: Hi zzz, zlatinb
+(04:01:25 PM) eyedeekay: 2) 1.6.0 Development Status / Upcoming Release
+(04:02:25 PM) eyedeekay: Release thread is here: http://zzz.i2p/topics/3170-1-6-0-release-summary and we still haven't picked a date, I should have replied on that thread, do we want to do that here?
+(04:02:43 PM) zzz: yes please
+(04:03:18 PM) zzz: 3 weeks from now would be 13 weeks. +/- 1 week ok with me also
+(04:03:19 PM) eyedeekay: OK then in my case I am in favor of the week of the 29th, after US Thanksgiving
+(04:04:12 PM) zlatinb: I'm afk from my main workstation until early Dec, so can't build or sign jpackage installers.  But I can still give an OTP for the signtool as that's on my phone.
+(04:05:34 PM) zzz: ok, so tentatively the week of the 28th then? eche|off eche|on any objections?
+(04:07:30 PM) eyedeekay: Week of the 28th sounds good to me for now. 
+(04:08:34 PM) eyedeekay: Anything else for topic 2)?
+(04:08:45 PM) zzz: yeah, quick status
+(04:09:02 PM) zzz: looking like a fairly modest release as measured by amount of changes
+(04:09:27 PM) zzz: some SSU speedups are perhaps the headline
+(04:09:48 PM) zzz: zlatinb, if you have time to squeeze in the unit test deprecation fixes that would be good
+(04:09:52 PM) zzz: EOT
+(04:10:02 PM) eyedeekay: Thanks zzz
+(04:10:28 PM) zlatinb: yeah, no promises on the unit test :)
+(04:10:42 PM) eyedeekay: 3) mac/win jpackage beta status, user test reports, in-net 17.0.2 update status, plans for 1.6.0 update?
+(04:12:18 PM) zlatinb: I assume that is jdk 17.0.1, there's no 17.0.2 out yet afaik
+(04:12:21 PM) zzz: yeah I added that item just to give you two a chance to give the community an update
+(04:12:32 PM) eyedeekay: zlatinb and I discussed it a few days ago and evaluated the prospect of doing an OpenJDK 17 update for the jpackage installs
+(04:12:43 PM) zzz: ignore any typos :)
+(04:13:36 PM) Ryemantis__ is now known as Ryemantis_
+(04:14:08 PM) eyedeekay: Right now we're prepared to do in-network updates of the jpackage installs but we are going to wait for the main release to do our jpackage releases which will update to either 17.0.1 or 17.0.2
+(04:14:55 PM) zlatinb: 17.0.2 isn't due until mid-january, so we should definitely have a 1.6.0 jpackage release
+(04:15:32 PM) zlatinb: my view is that I would really like to do a dry-run of the in-network update process to shake out any insects, but that needs to happen in the next 7 days cause I'm afk afterwards
+(04:16:03 PM) zlatinb: to summarize, the following needs to happen:
+(04:16:12 PM) zzz: eyedeekay, that wasn't very clear... you're 'prepared' but you're not going to do it, you're going to wait?
+(04:16:28 PM) zlatinb: 1. update of the i2p.newsxml repo to produce entries.html per platform
+(04:16:50 PM) zlatinb: 2. Make sure idk and ech's news http servers can serve the new news.su3 files
+(04:17:17 PM) zlatinb: 3. branch i2p.i2p from the i2p-1.5.0 tag, bump CoreVersion/RouterVersion, tag i2p-1.5.1
+(04:17:27 PM) zlatinb: 4. build jpackage installers, sign/notarize as necessary
+(04:17:47 PM) zlatinb: 5. build new entries.html with new release.json
+(04:17:50 PM) zlatinb: 6. deploy
+(04:17:51 PM) zlatinb: eot
+(04:18:03 PM) zlatinb: so I don't know if that can happen in 7 days, but it would be very nice if it could
+(04:19:10 PM) eyedeekay: By prepared I mean the i2p.newsxml changes produce valid feeds that can be used to distribute in network updates and they work on my lighttpd news setup
+(04:20:00 PM) eyedeekay: I need to add platform-specific entries.html support, right now everybody gets all the news but a different torrent
+(04:20:38 PM) zzz: even bigger picture, since it's beta, is it going well, are you getting downloads and/or complaints?
+(04:21:16 PM) zlatinb: downloads - ~25/day for mac, ~100/day for windows according to matomo
+(04:21:44 PM) eyedeekay: No major complaints, there was an issue with detecting the path to the installed package depending on architecture and whether windows was installed which affects some fraction of the Windows users but *only* when the launcher is run from the installer
+(04:22:03 PM) eyedeekay: So after the installer is run the bug goes away, and it's fixed in the new version
+(04:22:11 PM) eyedeekay: Well, will be
+(04:22:15 PM) zzz: great
+(04:22:21 PM) eyedeekay: That's the thing zab reported last month
+(04:22:40 PM) eyedeekay: *installed or updated from an earlier edition
+(04:24:34 PM) Ryemantis_: Hi everyone. Just wanted to also quickly check in and apologize for being quite the last few weeks. October was a very busy month for me and also had a hardware failure mixed in. After this week I should have some time to get my workstation back together and continue work on Android I2P. Currently working on LiveData, Remote-starting I2P, and UPnP fix. Will also update on the forums once I am back at 
+(04:24:35 PM) Ryemantis_: it. Please let me know too if anything else needs more immediate attention.
+(04:25:04 PM) eyedeekay: Excellent to hear from you Ryemantis_ and welcome to the meeting
+(04:25:28 PM) eyedeekay: Thanks for the update on what you're working on, hardware failures and life happen to all of us
+(04:27:01 PM) eyedeekay: So back to 3) for a moment, for right now it's incumbent on me to add support for entries.html in data/platform/branch/entries.html instead of only in data/entries.html so we can have platform-specific newsfeeds
+(04:27:13 PM) Ryemantis_: Definitely appreciate the understanding and thank you all for you hard work
+(04:28:23 PM) eyedeekay: As opposed to one feed where everybody gets everybody's news
+(04:29:00 PM) eyedeekay: After that, we can start at step 3. in zlatinb's description
+(04:29:37 PM) eyedeekay: Anything for 3)?
+(04:30:20 PM) zlatinb: no I think that captures everything
+(04:30:46 PM) eyedeekay: Cool anything else for the meeting zzz zlatinb Ryemantis_ ?
+(04:31:04 PM) zzz: nope
+(04:31:30 PM) Ryemantis_: nope
+(04:31:49 PM) zlatinb: yeah quick one - next meeting is it on the 1st?
+(04:31:54 PM) ***zlatinb checks calendar
+(04:32:12 PM) eyedeekay: I think the 7th zlatinb
+(04:32:20 PM) zlatinb: ok nvm then
+(04:32:33 PM) eyedeekay: The first is a Wednesday by my calendar
+(04:33:28 PM) eyedeekay: Oh right that reminds me, DST. I've always scheduled the meetings on UTC, but does anyone want to adjust the time of the meeting for DST?
+(04:33:36 PM) zzz has changed the topic to: 1.5.0-4 | Tag freeze Wed. Nov. 17
+(04:35:30 PM) eyedeekay: I'll take that as a no then. Unless someone brings it up in a forum thread, meetings will continue to be scheduled at the same time UTC
+(04:36:05 PM) eyedeekay: Thanks everybody for coming to the meeting, I'll post the logs in a few minutes.

i2p2www/meetings/logs/305.rst

@@ -0,0 +1,12 @@
+I2P dev meeting, November 2, 2021 @ 20:00 UTC
+=============================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb,
+Ryemantis_

i2p2www/meetings/logs/306.log

@@ -0,0 +1,75 @@
+(03:00:21 PM) eyedeekay: Hi everybody, welcome to the December 7 meeting
+(03:00:28 PM) eyedeekay: 1) Hi 
+(03:00:28 PM) eyedeekay: 2) 1.6.1 Release Status 
+(03:00:28 PM) eyedeekay: 3) jpackage Update Status 
+(03:00:28 PM) eyedeekay: 4) Monero Integrations 
+(03:00:28 PM) eyedeekay: 5) New SAM Library 
+(03:00:37 PM) zzz: hi
+(03:00:41 PM) zlatinb: hi
+(03:01:05 PM) eyedeekay: Hi zzz, hi zlatinb
+(03:01:12 PM) eyedeekay: Anybody else here today?
+(03:01:16 PM) mode (-m ) by zzz
+(03:01:31 PM) eyedeekay: 2) 1.6.1 release status
+(03:02:32 PM) eyedeekay: Release 1.6.1 is available, the torrent is live, as are Debian/Ubuntu/Launchpad, Maven, GPlay, and our F-Droid
+(03:03:10 PM) eyedeekay: F-Droid's repository is still out of date, one of my tasks this week is to get our app working with their auto-build system again
+(03:04:01 PM) eyedeekay: Debian's repositories, as far as we know, aren't going to recieve our updates at this time, people who are using Debian packages should switch to deb.i2p2.de or deb.i2p2.no
+(03:05:18 PM) eyedeekay: The DMG bundle built by zlatinb has also been updated to 1.6.1 and is available on the mirrors and as an update
+(03:06:01 PM) eyedeekay: The exe bundle built by me is going to be up today, I had planned to do it yesterday but got bogged down in Windows updates so I'll do it this evening.
+(03:06:40 PM) eyedeekay: According to stats.i2p about 20% of the network has updated
+(03:06:47 PM) eyedeekay: Anything to add zzz, zlatinb?
+(03:09:13 PM) eyedeekay: Hello?
+(03:11:26 PM) eyedeekay: OK I'm back
+(03:11:40 PM) eyedeekay: (03:06:40 PM) eyedeekay: According to stats.i2p about 20% of the network has updated
+(03:11:40 PM) eyedeekay: (03:06:47 PM) eyedeekay: Anything to add zzz, zlatinb?
+(03:11:50 PM) zzz: yes
+(03:12:05 PM) zzz: no sign of a biglybt update yet, hopefully that will come soon
+(03:12:10 PM) zzz: no user complaints yet
+(03:12:26 PM) zzz: echelon had trouble with a 1.6.1-2 dev build but we don't know why
+(03:13:03 PM) zzz: also, users of any i2p package version (current or older) may have a problem due to changing jetty9 dependencies
+(03:13:24 PM) zzz: if so, sudo apt install libservlet3.1-java manually
+(03:14:44 PM) zlatinb: re biglybt I heard from Parg earlier today regarding an unrelated matter so he is ok.
+(03:15:52 PM) zzz: may also affect bleeding-edge ubuntu jammy, not sure
+(03:15:52 PM) zzz: eot
+(03:16:12 PM) zlatinb: eot
+(03:16:22 PM) zzz: I mean debian/ubuntu package
+(03:16:22 PM) zzz: eot2
+(03:16:22 PM) zzz: this is on debian sid and maybe jammy only
+(03:16:22 PM) zzz: eot3
+(03:16:22 PM) zzz: will give him a few more days and then bug him
+(03:16:31 PM) eyedeekay: Thanks zzz, the package/dependency thing will probably bubble up on Reddit if it's a problem
+(03:16:58 PM) eyedeekay: I run sid on the day-to-day basis and haven't hit this one so far
+(03:17:01 PM) zzz: ref: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=997213
+(03:18:40 PM) eyedeekay: 3) jpackage Update Status
+(03:19:36 PM) eyedeekay: Partly covered this one already, zlatinb's dmg packages are up on the mirrors and listed on the site
+(03:20:29 PM) eyedeekay: I had some updates I needed to do to my Windows laptop so didn't get the exe builds done last night, got it out for after the meeting
+(03:21:08 PM) eyedeekay: I've flipped my news server over to publish zlatinb's new packages
+(03:21:59 PM) eyedeekay: I haven't heard from any users so far
+(03:22:27 PM) zlatinb: The dmg jpackage is at this point well-streamlined.  We did an end-to-end test of the in-network update with 1.5.0->1.5.1 and that worked (but from the second try)
+(03:23:02 PM) zlatinb: 1 person has downloaded the torrent according to snark
+(03:23:27 PM) zlatinb: not much else to report on the mac jpackage, it basically works
+(03:23:28 PM) zlatinb: eot
+(03:24:04 PM) eyedeekay: Thanks zlatinb
+(03:24:41 PM) eyedeekay: 4) Monero Integrations
+(03:25:55 PM) eyedeekay: There was some renewed interest in getting Monero-over-I2P working automatically in the GUI wallets(like Feather in particular) over the thanksgiving holiday
+(03:26:38 PM) eyedeekay: We're doing some design mockups and analysis of the tradeoffs of different configurations over here:
+(03:26:39 PM) eyedeekay: https://github.com/monero-project/monero-gui/issues/2274
+(03:27:15 PM) eyedeekay: They're interested in adopting several things from us, including eventually our model for distributing software updates in-network
+(03:27:53 PM) eyedeekay: If anybody wants to participate in that discussion we're having it there mostly, and also on the Monero Matrix channel
+(03:28:06 PM) eyedeekay: Monero-Community
+(03:28:20 PM) eyedeekay: EOT
+(03:29:05 PM) eyedeekay: 5) New SAM library
+(03:29:14 PM) zzz: cool, I assume they've already looked at what bitcoin did for the low-level address protocols
+(03:29:17 PM) zzz: eot
+(03:30:31 PM) eyedeekay: Yes they have
+(03:31:24 PM) eyedeekay: The other cool thing that happened last week is the folks at diva.exchange have created a new SAM library for node.js/javascript in general
+(03:32:02 PM) eyedeekay: It's much more thoroughly and recently documented than the old one which is now unmaintained
+(03:32:07 PM) eyedeekay: Source is here: https://codeberg.org/diva.exchange/i2p-sam
+(03:32:23 PM) eyedeekay: NPM package is here https://www.npmjs.com/package/@diva.exchange/i2p-sam
+(03:33:00 PM) eyedeekay: Given how popular node is I'm giving it a bit of a signal boost, seems like everybody writes their webapps in node these days
+(03:33:15 PM) eyedeekay: eot
+(03:34:21 PM) eyedeekay: Anything else for the meeting?
+(03:35:13 PM) zlatinb: not from me
+(03:36:01 PM) eyedeekay: timeout 1,
+(03:36:04 PM) eyedeekay: 1m
+(03:37:03 PM) eyedeekay: OK then thanks zzz, zlatinb, next meeting will be Jan 4, 2022
+(03:37:03 PM) eyedeekay: I will post the logs shortly

i2p2www/meetings/logs/306.rst

@@ -0,0 +1,11 @@
+I2P dev meeting, December 7, 2021 @ 20:00 UTC
+=============================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb

i2p2www/meetings/logs/307.log

@@ -0,0 +1,104 @@
+(03:00:39 PM) eyedeekay: Hi everyone and welcome to the January 4, 2022 meeting
+(03:00:39 PM) eyedeekay: 1. Hi
+(03:00:39 PM) eyedeekay: 2. Meeh services/Outproxy requirements http://zzz.i2p/topics/3218-meeh-services-going-down-soon
+(03:00:39 PM) eyedeekay: 3. Promoting Mac DMG JPackage to stable https://geti2p.net/en/download/mac
+(03:00:39 PM) eyedeekay: 4. NetDB research (Sim/Model) http://zzz.i2p/topics/3227-netdb-simulator-proposal
+(03:01:13 PM) zlatinb: hi
+(03:01:23 PM) zzz: hello
+(03:01:55 PM) eyedeekay: Hi zzz, zlatinb, anybody else here today?
+(03:02:20 PM) eyedeekay: Outproxy operators?
+(03:02:59 PM) eyedeekay: OK then on to 1, they can chime in if they want :)
+(03:03:38 PM) eyedeekay: So we're losing all of meeh's non-static services, for us that's mostly trac, which we've already replaced, and false.i2p, the default outproxy
+(03:04:07 PM) eyedeekay: Neither have worked well for a long time, but not having an outproxy tends to have a bad UX so we need to replace it
+(03:04:59 PM) eyedeekay: We discussed some options last week, one of which was  finding a new volunteer-run outproxy to make it the default.
+(03:06:30 PM) eyedeekay: If that is to happen, then we'll need it to meet some basic requirements. Obviously a privacy policy is important.
+(03:06:30 PM) eyedeekay: If they aren't passing everything to Tor directly, we'll also need a description of what filtering, if any, occurs
+(03:07:34 PM) eyedeekay: Other options are to run one ourselves, which is of limited appeal at best, another is local SOCKS support, which requires a local SOCKS proxy to be available.
+(03:08:07 PM) eyedeekay: If anyone wants to volunteer to be an outproxy, the place to reach out is at zzz's forum
+(03:09:05 PM) zzz: right
+(03:09:12 PM) eyedeekay: I have not been able to get statistics about false.i2p usage from meeh yet. EOT
+(03:09:40 PM) zzz: first of all we want to be very careful not to publicly recommend an alternate or set a new default without approval, as that might impose a large burden, financial or otherwise
+(03:10:06 PM) zzz: as a tiny baby step, we're looking to get alternates registered on stats.i2p and get approval to add them to our default hosts.txt
+(03:10:16 PM) zzz: as that at least makes it easier for people to configure and use them
+(03:10:55 PM) zzz: we have approval for that step for two outproxies, however only one is currently registered on stats.i2p
+(03:11:05 PM) zzz: so I'm awaiting for that second registration
+(03:11:05 PM) zzz: eot
+(03:11:35 PM) eyedeekay: Thanks zzz, I'll remind him btw
+(03:11:47 PM) dr|z3d: I've had some preliminary discussions with you, zzz, and on that basis I think it should be fairly clear that I'm not interested in offering an official service. Informal is fine, but nothing official.
+(03:12:52 PM) zzz: thanks for making it clear, and also thanks for your time and expertise in thoes discussions
+(03:12:59 PM) dr|z3d: I'm also of the view that a single outproxy is doomed to failure the moment it becomes official.
+(03:14:13 PM) eyedeekay: Certainly can see why that would be the case. Anything else on 1?
+(03:14:28 PM) zzz: perhaps. it certainly requires adequate capacity and competent administration
+(03:14:29 PM) zzz: eot
+(03:14:59 PM) eyedeekay: 3. Promoting Mac DMG Jpackage to stable
+(03:15:15 PM) eyedeekay: s/1/2/
+(03:15:42 PM) eyedeekay: So this topic was added by zlatinb, take it away
+(03:16:21 PM) zlatinb: thanks.  Basically, the non-DMG (jar) package is not notarized and the last 2 (or 3?) versions of Mac OS refuse to execute it unless the user changes some advanced settings
+(03:16:52 PM) zlatinb: at the same time, the DMG jpackage has been very stable and in-net updates have been tested end-to-end
+(03:17:10 PM) zlatinb: so I propose we make it the default mac download and get rid of the .jar option altogether
+(03:17:55 PM) zlatinb: since we already have a nice /mac page dedicated to the package, I suggest we keep that, removing the BETA modifier
+(03:18:14 PM) zlatinb: and on the Mac div in /download, just have a link to the /mac page, nothing else
+(03:18:19 PM) zlatinb: eot
+(03:19:22 PM) eyedeekay: I support it.
+(03:20:42 PM) eyedeekay: Do we need to wait for release or just do it now?
+(03:21:51 PM) anonymousmaybe is now known as Irc2PGuest95343
+(03:22:35 PM) mode (+ao zzz zzz) by ChanServ
+(03:22:37 PM) zlatinb: no need to wait for a release
+(03:22:54 PM) zzz: did you see my 3 questions before I dropped?
+(03:23:01 PM) eyedeekay: No I missed them
+(03:23:03 PM) zlatinb: no, sorry, pls repost
+(03:23:11 PM) zzz: I'll ask a few easy questions:
+(03:23:15 PM) zzz: 1) The user base is sufficient that we are confident it's been well-tested?
+(03:23:17 PM) zzz: 2) The release process is documented and in theory somebody else could build it if they had the right keys?
+(03:23:20 PM) zzz: 3) We're confident we have the resources to continue maintaining it and doing releases?
+(03:23:23 PM) zzz: eot
+(03:24:08 PM) zlatinb: 1) - according to matomo it gets 20-25 downloads a day.  We've had users of M1 Macs report that it works as expected.  No negative reports at all
+(03:24:28 PM) eyedeekay: 2) and 3) IMO the answers are definitely yes. I can build everything up to the notary part and can teach someone else to
+(03:24:53 PM) zlatinb: 2) is yes but requires de-anoning because Apple Inc.
+(03:24:54 PM) eyedeekay: So with zlatinb and I there are at least 2 people who know how to build it
+(03:25:08 PM) zzz: 2) but it is _documented_ ?
+(03:25:33 PM) zlatinb: yes, step by step incl. the notary process in the README.md
+(03:25:41 PM) zzz: super
+(03:26:16 PM) zzz: 1) does "working" include the update process? have we seen the torrent swarm actually fire off when the news updates?
+(03:26:29 PM) zlatinb: http://git.idk.i2p/i2p-hackers/i2p-jpackage-mac
+(03:26:43 PM) zzz: (because I think the windows version hasn't actually been seen to work yet)
+(03:27:26 PM) zlatinb: 1) yes, the swarm picks up, it's quite small but it's there.  I've seen it both at the 1.5.1 and 1.6.1 releases
+(03:27:49 PM) zzz: ok great, thanks for the answers, no objections
+(03:28:14 PM) eyedeekay: Cool I'll make the site changes tonight after I post the meeting logs
+(03:28:26 PM) zlatinb: awesome thanks!
+(03:29:05 PM) eyedeekay: Re: Windows, yes but appears it's an issue in the config file I shipped and not the updater itself
+(03:29:05 PM) eyedeekay: So Windows needs 1 more manual update to work with automatic updates, which I think I might have known ahead of time but forgot
+(03:30:07 PM) eyedeekay: 4. NetDB research (Sim/Model) http://zzz.i2p/topics/3227-netdb-simulator-proposal
+(03:30:44 PM) eyedeekay: Also zlatinb's topic, let us know what you're thinking
+(03:31:28 PM) zlatinb: So, in the last two weeks or so there has been a noticeable deterioration in the accessibility of sites like zzz.i2p, postman, event major.acetone.i2p... basically sites I know are up
+(03:31:57 PM) zlatinb: I've done some debugging and had situations where the LS of zzz.i2p gets fetched fine, but then the RI of the IBGW must be failing to fetch
+(03:32:03 PM) zlatinb: (I'm speculating here ofc)
+(03:32:47 PM) zlatinb: in a nutshell, there are many unknowns in the functioning of the NetDB and we have to place our faith in the Kad algorithm, which is fine, but I would rather have more confidence via some research
+(03:33:33 PM) zlatinb: just like the testnet helped improve the streaming and ssu and ntcp code a lot, I believe a model or a sim can help improve the functioning of the netDB
+(03:34:44 PM) zlatinb: and the reason I want to discuss it here is that if we go with a sim that runs the actual code that will be in the router, some refactoring will be necessary of the NetDB code, possibly some of the *Job classses too
+(03:34:52 PM) zlatinb: Note, I haven't looked into the multi-router jvm and JVMCommSystem yet
+(03:35:03 PM) zlatinb: maybe those can be an answer up to a given number of nodes
+(03:35:37 PM) zlatinb: but my goal is to simulate at least a few thousand nodes, which means abstracting away most of the router components
+(03:35:42 PM) zlatinb: eot-checkpoint
+(03:36:28 PM) major left the room (quit: Ping timeout: 320 seconds).
+(03:36:32 PM) zzz: I'm lukewarm at best, due to how hard it would be, and how long before we got any useful results
+(03:37:20 PM) zzz: for starters, I made a series of changes recently to make things more reliable
+(03:37:27 PM) zzz: in 1.6.1-6 dev build
+(03:37:46 PM) zzz: but I don't know if any of the popular servers (besides mine) are running it
+(03:38:17 PM) zzz: I would like to see echelon's and eyedeekay's servers try it. Those are two batches that I've had trouble with for months
+(03:38:20 PM) zzz: eot
+(03:38:44 PM) eyedeekay: Most of my servers just track the PPA, I'll get git.idk.i2p updated
+(03:39:17 PM) zzz: git and gitssh are two that frequently shun me. If they get better, I'll notice
+(03:40:07 PM) zzz: echelon's servers are another mystery. they seem to have IP-level issues frequently
+(03:42:11 PM) eyedeekay: I can do that soon then
+(03:43:37 PM) eyedeekay: My questions about the netDB test harness are probably ill-conceived, for instance, does the existing testnet have the ability to simulate a netDB between the routers within it?
+(03:44:08 PM) eyedeekay: And if so, is there a way to use it?
+(03:44:44 PM) The account has disconnected and you are no longer in this chat. You will automatically rejoin the chat when the account reconnects.
+(03:49:14 PM) The topic for #i2p-dev is: 1.6.1-7 | next dev meeting 8 PM UTC Tuesday, January 4, 2022
+(03:49:14 PM) Topic for #i2p-dev set by zzz at 09:08:14 AM on 01/03/2022
+(03:49:20 PM) zzz: gosh no not pspice. it was some sort of queueing/behavioral network model
+(03:50:31 PM) zzz: EOT and out, gotta run, thanks everybody
+(03:50:46 PM) eyedeekay: Later zzz
+(03:51:41 PM) eyedeekay: Anything else on 4? zlatinb
+(03:51:50 PM) zlatinb: no, that's all
+(03:52:08 PM) eyedeekay: All right that covers it for the meeting then, have a good week everybody

i2p2www/meetings/logs/307.rst

@@ -0,0 +1,11 @@
+I2P dev meeting, January 4, 2022 @ 20:00 UTC
+=============================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb

i2p2www/meetings/logs/308.log

@@ -0,0 +1,72 @@
+(03:01:32 PM) eyedeekay: Hi everyone welcome to the Feburary 8th dev meeting
+(03:01:38 PM) eyedeekay: Sorry about last week, hopefully the message dropping issues will not recur
+(03:01:45 PM) eyedeekay: Topics:
+(03:01:45 PM) eyedeekay: 1. Hi
+(03:01:45 PM) eyedeekay: 2. Outproxy Requirements(ongoing)
+(03:01:45 PM) eyedeekay: 3. 1.7.0/0.9.53 status / release schedule
+(03:02:13 PM) zzz: hi
+(03:02:15 PM) mode (-m ) by zzz
+(03:02:16 PM) zlatinb: hi
+(03:02:30 PM) eyedeekay: hi everybody
+(03:02:54 PM) eyedeekay: Let's start right in 2) Outproxy requirements
+(03:04:08 PM) eyedeekay: zzz found us a bunch of old lists of requirements, which we should either A) choose one or B) collate into a new list
+(03:04:51 PM) eyedeekay: I've been trying to do some research into which requirements are feasible and get some guidance from what Tor does
+(03:06:18 PM) eyedeekay: At the same time, some groups and some individuals have emerged to volunteer to help with outproxies, one of which is also a multiple Tor exit node operator operating a non-profit, so hopefully we can benefit from their experience
+(03:08:04 PM) eyedeekay: In some cases I find the rules a little murky:  - Optional allowlist/blocklist of hosts/IPs? for instance, seems straightforward at once but what we suggest blocking/allowing on a host/IP basis might open operators up to request to block things they don't want to block?
+(03:08:45 PM) eyedeekay: Seems like the advice may have been that it's safe to block "ports" but maybe not hostnames?
+(03:09:05 PM) zzz: I think there's two categories of requirements
+(03:09:57 PM) zzz: 1) Things that we as a project would want to see (header requirements, small error page, link to additional info)
+(03:10:48 PM) zzz: 2) Things that any rational outproxy operator would want, especially admin tools, but we don't have the expertise to offer much guidance
+(03:11:40 PM) zzz: we should focus on 1)
+(03:12:14 PM) eyedeekay: OK that's easier, approaching it from the other direction was like cramming for a test
+(03:12:40 PM) zzz: and we should not attempt to offer a turnkey packaged solution for 2), only perhaps suggest some best practices
+(03:13:00 PM) eyedeekay: But I think it implies we'll need to be flexible, i.e. things we want will need to be subordinate to the things they'll be able to offer
+(03:13:09 PM) eyedeekay: That's probably a given though
+(03:13:43 PM) zzz: I'm thinking everything in 1) is pretty basic
+(03:14:38 PM) zzz: 1a) filter out any X-I2P headers outbound. Do or don't add an X-forwarded headers in either direction?
+(03:14:54 PM) zzz: 1b) have a small error page with a link to more info
+(03:15:07 PM) zzz: 1c) have a privacy policy on the more info page
+(03:15:13 PM) zzz: stuff like that
+(03:16:24 PM) eyedeekay: Yeah I agree, that shouldn't be difficult
+(03:17:14 PM) eyedeekay: So I'll avoid trying to figure out what people "should" do re: category 2) for the time being and focus on 1)
+(03:18:19 PM) eyedeekay: Anything else for topic 2)?
+(03:18:36 PM) zzz: The other thing in 1) is http vs. standard tunnel. I _think_ http is the right choice, and the choice affects the header issues
+(03:19:04 PM) zzz: eot for 2)
+(03:19:37 PM) eyedeekay: The standard tunnel doesn't add the X-I2P-* headers at all does it?
+(03:19:55 PM) zzz: no, it doesn't know about header
+(03:20:09 PM) zzz: *headers
+(03:20:39 PM) zzz: so the choice affects what the external proxy software "sees"
+(03:21:47 PM) eyedeekay: So why http? Wouldn't it be better if the server software didn't have to strip/re-add/keep track of the X-I2P headers to keep them from leaking?
+(03:22:23 PM) zzz: any proxy needs to deal with headers
+(03:22:49 PM) zzz: the proxy standard specifies that some headers are "hop-by-hop" and need to be stripped/added
+(03:23:56 PM) zzz: and of course there's both the HTTP and HTTPS (CONNECT) cases to deal with
+(03:27:13 PM) eyedeekay: So in the HTTP tunnel case we would be actually using the X-I2P headers
+(03:28:39 PM) zzz: they could be used e.g. for rate limiting by a competent outproxy admin
+(03:29:09 PM) eyedeekay: Makes sense
+(03:29:57 PM) eyedeekay: Anything else on 2)?
+(03:30:05 PM) zzz: no
+(03:30:12 PM) eyedeekay: 3. 1.7.0/0.9.53 status / release schedule
+(03:30:59 PM) eyedeekay: We're exactly 13 days from release on the 21st
+(03:31:10 PM) eyedeekay: Tags are freezing tomorrow
+(03:31:39 PM) zzz: yup, checkin deadline Fri. Feb. 18
+(03:32:26 PM) zzz: i2pd will be releasing on the 19th or 20th with a fix for the nasty SSU bug that's been causing network reliability issues the last couple of months
+(03:32:55 PM) zzz: our release will also have some related workarounds and improvements
+(03:33:09 PM) eyedeekay: Good to hear, that's been a rough ride for a lot of folks especially on mobile
+(03:33:20 PM) zzz: I'm hopeful that conditions will improve pretty rapidly once people start upgrading
+(03:34:10 PM) zzz: other than that, the cycle has been pretty smooth, things are quieting down
+(03:35:26 PM) zzz: we're at 14,000 lines of diff, pretty good size
+(03:36:00 PM) zzz: eot for 3)
+(03:37:45 PM) eyedeekay: I don't have much to add, I'll still be making tiny CSS changes for the next week or so to deal with some quirks on extra-small or extra-wide screens and some contrast issues in the dark theme, but other than that my time will be spent trying to review and test
+(03:37:55 PM) zlatinb: I would like to run some tests in the testnet after both i2p and i2pd freeze the code for the release.  I've documented them on the gitlab wiki.
+(03:38:05 PM) zlatinb: eyedeekay: what about end-to-end test for the windows aio?
+(03:38:58 PM) eyedeekay: I got one working yesterday, I had a couple issues to deal, one on the build-config side and one on the router.config side but they should both be gone now as long as I'm extra-careful with my release build
+(03:41:18 PM) eyedeekay: Turns out I had built the package without incrementing the router version number so even if a download happened(which would not have happened because the URL in router.config was wrong) it would not trigger an update
+(03:42:16 PM) eyedeekay: Both those issues are fixed now and I've set up to test the package after I get it built
+(03:42:49 PM) eyedeekay: So my updates were badly broken, but now they should be fixed, EOT
+(03:44:07 PM) eyedeekay: Anything else for the meeting? Questions, comments, concerns?
+(03:46:02 PM) zzz: aio == "bundle" or "easy install bundle". Let's not use "aio" as the name for it anywhere
+(03:46:27 PM) zzz: I always think async i/o
+(03:46:36 PM) zzz: nothing else for me
+(03:47:06 PM) eyedeekay: OK yeah AIO is ambiguous means different things to different people
+(03:47:28 PM) eyedeekay: I'll stick to Bundle or Easy-Install Bundle
+(03:48:01 PM) eyedeekay: All right thanks everybody for coming to the meeting, see you next month on the 5th, looks like

i2p2www/meetings/logs/308.rst

@@ -0,0 +1,11 @@
+I2P dev meeting, February 8, 2022 @ 20:00 UTC
+=============================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb

i2p2www/meetings/logs/309.log

@@ -0,0 +1,83 @@
+(03:01:40 PM) eyedeekay: Hi everyone, welcome to the dev meeting
+(03:01:40 PM) eyedeekay: 1. Hi 
+(03:01:40 PM) eyedeekay: 2. Release Status (1.7.0 / 0.9.53)
+(03:02:10 PM) zlatinb: hi
+(03:02:12 PM) zzz: hello
+(03:02:39 PM) eyedeekay: Anything else to add to the agenda today before we start the release status?
+(03:03:01 PM) zlatinb: I have two small items that could fall into a "wishlist for 1.8.0" item
+(03:03:25 PM) eyedeekay: 3) 1.8.0 wishlist
+(03:04:24 PM) eyedeekay: 2. Release Status(1.7.0/0.9.53)
+(03:05:37 PM) eyedeekay: On my end I do have one remaining item, there is an issue with the .aab bundle build process where static resources that are included from the `i2p.i2p` build are deleted and from the final .aab
+(03:06:06 PM) eyedeekay: For the time being, GPlay is delayed, I'm working on it today and should be done soon.
+(03:07:53 PM) eyedeekay: F-Droid and Freestanding are both .apk's that use the old build process that isn't broken, so it still works.
+(03:07:53 PM) eyedeekay: Are there any other outstanding release processes to finish?
+(03:10:03 PM) eyedeekay: zzz anything to add to the release status topic from your end? I understand BiglyBT released their plugin today, is that correct?
+(03:10:22 PM) zzz: yes
+(03:10:48 PM) zzz: based on expl. build success stats, we've rapidly recovered from i2pd's regression in the last release
+(03:10:52 PM) zzz: http://stats.i2p/docs/buildsuccess.png
+(03:11:11 PM) zzz: and are now at a higher point than any time in the last few years iirc
+(03:12:11 PM) zzz: things should settle out in another week and we'll see where we are
+(03:12:13 PM) zzz: eot
+(03:12:21 PM) eyedeekay: That's really excellent news. Glad things are looking good so far.
+(03:12:32 PM) eyedeekay: Thanks zzz
+(03:12:50 PM) eyedeekay: 3. 1.8.0 wishlist
+(03:13:17 PM) eyedeekay: zlatinb take it away
+(03:13:44 PM) zlatinb: hi, 1) is speeding up initial exploratory build time and 2) JNA
+(03:14:05 PM) zlatinb: 1: I've been doing some analysis, 75% of the exploratory tunnels that do build do so in less than 500ms
+(03:14:29 PM) zlatinb: out of ~30 samples the slowest successful build was less than 2500ms
+(03:14:46 PM) zlatinb: whereas the timeout we have now is 13000 ms, I think reducing that will get the router to RUNNING state faster
+(03:15:07 PM) zlatinb: we don't have to decide now, just floating the idea out there
+(03:15:12 PM) zlatinb: eot on 1
+(03:15:33 PM) zzz: no objections on 1
+(03:15:56 PM) eyedeekay: Sounds like an interesting experiment to try at least, it doesn't seem like it could do any harm
+(03:16:12 PM) eyedeekay: If all the successful builds are so short
+(03:16:13 PM) zlatinb: 2: JNA - we'll definitely need to add JNA to the windows easy install bundle in order to elevate priviledge during auto-update.  ProcessBuilder fails if the process requires elevation.
+(03:16:20 PM) zzz: although I'd like to see data over a longer time period before we pick the new number
+(03:16:25 PM) zlatinb: sure
+(03:16:42 PM) zzz: please back up and define JNA
+(03:16:43 PM) zlatinb: (back to 1) I'll leave a router running with logging enabled
+(03:17:12 PM) zlatinb: (back to 2): JNA is Java Native A-something but it's basically a Java wrapper of native windows linux and mac libraries
+(03:17:27 PM) zlatinb: so instead of writing native code you write java code
+(03:17:52 PM) zlatinb: two jars combined size 3MB, compressed with LZMA down to 2MB
+(03:18:11 PM) zzz: please back up and elaborate on the problem and how prevalent it is
+(03:18:38 PM) zlatinb: while testing silent updates in muwire I saw that ProcessBuilder fails to launch an installer with an "priviledge elevation required" or some such
+(03:19:07 PM) zzz: windows-only problem?
+(03:19:12 PM) zlatinb: googling revealed that it is not possible to do so with ProcessBuilder
+(03:19:36 PM) zlatinb: yes windows-only for now
+(03:19:40 PM) eyedeekay: It doesn't seem to be happening on the Windows Easy-Install to me, is that because NSIS is asking for the elevated privileges and not Java?
+(03:20:02 PM) zlatinb: NSIS is asking
+(03:20:16 PM) zlatinb: if you already run the java with priviledge then it won't ask
+(03:20:22 PM) zlatinb: privilege*
+(03:20:28 PM) zzz: yeah that's my question, windows easy-install has been in beta for months and months, is this a muwire-only problem?
+(03:20:48 PM) eyedeekay: Oh OK, then it will start happening before the next update with ShellExecAsUser
+(03:21:15 PM) zlatinb: do you elevate if launched not from installer eyedeekay?
+(03:21:48 PM) zlatinb: I don't remember seeing an elevation prompt
+(03:22:12 PM) zlatinb: so it should be happening with windows easy-install if launched from desktop shortcut, not as a last step of an installer
+(03:22:14 PM) eyedeekay: No I don't, it runs as the user running the batch script, but only if I2P isn't already running, presumably as an admin
+(03:22:52 PM) zzz: so, before we can start talking about a solution for our easy-install windows bundle, let's verify there is a problem
+(03:22:57 PM) eyedeekay: It does not shut down the router with the browser
+(03:23:35 PM) eyedeekay: I'm inclined to believe that there will be, but will confirm later this week
+(03:23:36 PM) zlatinb: so if the user doesn't uncheck the "launch i2p now" checkbox and leave the router running, it will run as privileged and not prompt on update
+(03:23:43 PM) zlatinb: ok
+(03:24:22 PM) zlatinb: either way, with 1.7.0 the router is launched as non-privileged even if launched from the installer
+(03:24:39 PM) zzz: and while you can follow your own rules in muwire, any solution in our official products will have to be vetted for suitability, maintenance, license compatibility, etc
+(03:24:57 PM) zlatinb: Apache 2.0
+(03:25:45 PM) zlatinb: looking forward JNA allows us to do anything we like with windows APIs really.. register shell extensions, URI handlers, all that good stuff
+(03:25:57 PM) zlatinb: eot on 2
+(03:26:35 PM) zzz: let's get a couple cycles in on the easy-install auto-updater, which apparently has never worked?
+(03:27:13 PM) zzz: you don't have to wait for a i2p release, just put in a new java, or change something else. let's work out the bugs a little faster
+(03:27:14 PM) eyedeekay: It was broken, then fixed, now apparently it will break again on the next update
+(03:27:55 PM) eyedeekay: But the other solution from my side would be to change the installer so it no longer uses %ProgramFiles% and installs somewhere unprivileged
+(03:28:09 PM) zzz: do a release every week until it's working smoothly. obviously the 3-month pace isn't fast enough to converge on something that works
+(03:28:32 PM) eyedeekay: Can do
+(03:29:53 PM) eyedeekay: Thanks for bringing these up for us zlatinb, anything else on 3?
+(03:29:58 PM) zzz: and that will give us data on the extent of the privileges problem, if any
+(03:30:00 PM) zzz: eot
+(03:30:21 PM) zlatinb: no, eot from me
+(03:30:57 PM) eyedeekay: All right anything else for the meeting? timeout 1m
+(03:31:16 PM) zzz: also, use the news to tell your beta testers if the update is broken and they need to re-download
+(03:31:35 PM) eyedeekay: will do
+(03:32:05 PM) zzz: you both have your own news feeds, but aren't using it to talk to your users, you're just relying on my news entries? you should start testing/using that feature
+(03:32:11 PM) zzz: eot
+(03:34:07 PM) eyedeekay: Can do, in the past I added the i2p.firefox changelog
+(03:34:54 PM) eyedeekay: Thanks for coming to the meeting everybody, looks like I've got a lot of work to do, see you all around IRC

i2p2www/meetings/logs/309.rst

@@ -0,0 +1,11 @@
+I2P dev meeting, March 1, 2022 @ 20:00 UTC
+==========================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb

i2p2www/meetings/logs/310.log

@@ -0,0 +1,90 @@
+(04:00:32 PM) eyedeekay: Hi everyone welcome to the April dev meeting, agenda for today:
+(04:00:32 PM) eyedeekay: 1. Hi
+(04:00:32 PM) eyedeekay: 2. Release Status (1.7.0 / 0.9.53)
+(04:00:32 PM) eyedeekay: 3. Development Status (1.8.0 / 0.9.54)
+(04:00:32 PM) eyedeekay: 4. JNA in easy-install bundles, what doors does it open?
+(04:00:42 PM) eyedeekay: 1. Hi
+(04:00:47 PM) zlatinb: hi
+(04:00:50 PM) zzz: hi
+(04:01:18 PM) eyedeekay: Hi zlatinb, hi zzz
+(04:01:27 PM) eyedeekay: Anybody else here today?
+(04:01:45 PM) eyedeekay: 2. Release Status (1.7.0 / 0.9.53)
+(04:02:52 PM) eyedeekay: 1.7.0 has been out for about 6 weeks now, updates from last month for me are that all the Android packages are successfully deployed and the bug that was discovered at release time is now fixed
+(04:03:28 PM) eyedeekay: As usual, the packages in Debian's main repositories haven't seen an update, if you're still using them please switch to deb.i2p2.de/.no as soon as possible
+(04:04:23 PM) zzz: re: Debian, I did find a volunteer to get 0.9.48 fixed and reinstated into Sid. that's done
+(04:04:46 PM) zzz: whether it will automatically trickle back into bullseye and ubuntu, no idea
+(04:05:00 PM) zzz: still no luck finding a new maintainer
+(04:05:01 PM) zzz: eot
+(04:05:08 PM) eyedeekay: Thanks
+(04:05:51 PM) eyedeekay: I have one more, this overlaps 2 and 3 and 4 actually but Easy-install bundles for Windows will still require one more manual update
+(04:06:25 PM) zzz: have you made progress since last meeting?
+(04:06:30 PM) eyedeekay: Considerable yes
+(04:07:15 PM) eyedeekay: Most of it is part of this MR, : https://i2pgit.org/i2p-hackers/i2p.firefox/-/merge_requests/6/diffs#10d851887651eddb01e5952f08999080b019da2e
+(04:07:35 PM) zzz: great. you have a target date for when you will propose transition out of beta?
+(04:08:02 PM) eyedeekay: As soon as users receive an automatic update I will consider it ready
+(04:08:22 PM) zzz: thanks
+(04:08:47 PM) eyedeekay: Anything else on 2?
+(04:09:33 PM) eyedeekay: 3. Development Status (1.8.0 / 0.9.54)
+(04:10:03 PM) zzz: (no, all good, haven't heard any complaints on 1.7.0)
+(04:10:21 PM) eyedeekay: Me either, people seem to be pretty happy with it so far
+(04:12:12 PM) eyedeekay: As for 3. Development Status (1.8.0 / 0.9.54) Unfortunately I've been a lot slower at some things than I expected, I'm stuck on UDP tunnels but almost ready for an MR on SAM authentication
+(04:12:38 PM) eyedeekay: Besides that I'm doing some revisions to the complicated bandwidth wizard pages to make the selection process more understandable and the notifications more noticable
+(04:12:52 PM) eyedeekay: We're about 6 weeks in with 7 weeks to go, right zzz?
+(04:13:02 PM) zzz: right
+(04:13:31 PM) eyedeekay: Do you want to update us on SSU2 or anything else you've been working on?
+(04:13:46 PM) zzz: 13 weeks would be a May 23 release
+(04:13:53 PM) zzz: yes, thanks
+(04:14:01 PM) zzz: enormous progress with i2pd on SSU 2
+(04:14:03 PM) mode (+v anonymousmaybe) by ChanServ
+(04:14:17 PM) zzz: live testing happening in the network now
+(04:14:40 PM) zzz: other things coming in the release: snark standalone improvements, router family fixes
+(04:14:49 PM) zzz: an SSU 1 performance fix
+(04:15:15 PM) zzz: things should slow down soon on SSU 2, and I'll be turning to some more bug fixes all over
+(04:15:23 PM) zzz: eot
+(04:16:04 PM) eyedeekay: Awesome, thanks for the updates zzz
+(04:16:37 PM) eyedeekay: zlatinb anything you want to talk about for this topic before we get to 4?
+(04:16:55 PM) zlatinb: I guess the reduction in tunnel build timeout should result in faster bootup
+(04:17:11 PM) zlatinb: or faster 0-to-Router.isRunning()
+(04:17:20 PM) zlatinb: that's all eot
+(04:17:38 PM) eyedeekay: Thanks zlatinb, that will make people happy :)
+(04:17:56 PM) eyedeekay: 4. JNA in easy-install bundles, what doors does it open?
+(04:18:15 PM) eyedeekay: zlatinb this was your topic but I have a lot of notes on it too, do you want to start?
+(04:18:24 PM) zlatinb: sure.
+(04:18:34 PM) zlatinb: Basically MR 6 adds the JNA libraries to the windows easy-install bundle
+(04:18:49 PM) zlatinb: which just today I learned wasn't necessary because of JEP 419 (which is built-in JNA replacement)
+(04:19:12 PM) zlatinb: but the overall point is the same: since we need to do some native things, what other native things do we want to do?
+(04:19:33 PM) eyedeekay: Sometimes we need to talk to power/batter management
+(04:19:36 PM) eyedeekay: *battery
+(04:19:57 PM) zlatinb: In MuWire I've implemented a "background priority" on windows, which according to the MSDN docs guarantees the process never interferes with foreground processes
+(04:20:05 PM) zlatinb: yes, battery power management is another such thing
+(04:20:17 PM) eyedeekay: I need to ask for admin rights in a conditional way, which isn't supported by NSIS itself
+(04:20:21 PM) zlatinb: so yeah that's from me, just invitation to think native :)
+(04:20:21 PM) zlatinb: eot
+(04:21:22 PM) eyedeekay: So yeah we definitely have a few cases in mind where it might be useful to have something JNA-like
+(04:22:41 PM) zlatinb: ok.. then the question is do we add any/all such functionality in the easy-install bundle and keep it outside of the core router package
+(04:22:45 PM) zzz: sorry to be the party-pooper, but at last month's meeting, JNA was a possible solution to a single problem (privilege) on Windows only
+(04:23:08 PM) zzz: and today we're at "it's definitely the solution for many problems, what other fun stuff can we do with it" ?
+(04:23:18 PM) zlatinb: yeah that's the party theme lol
+(04:23:34 PM) zzz: which is both a leap and typical solution-looking-for-a-problem
+(04:24:31 PM) zlatinb: that's one way to look at it, I think it (JNA / JEP 419) can make I2P better in many ways
+(04:25:14 PM) zlatinb: on many platforms
+(04:25:14 PM) zlatinb: I've just scratched the surface on windows tbh
+(04:25:28 PM) zzz: so JNA has not been decided on?
+(04:25:28 PM) zlatinb: JNA has the benefit of being backwards compatible down to java 1.4, JEP 419 is only in JDK 18
+(04:25:51 PM) zlatinb: I would say both are on the table, with JNA having some headstart
+(04:26:37 PM) zzz: 419 is "incubator" status meaning it could vanish, don't count on it
+(04:27:07 PM) eyedeekay: I'm pro-JNA because being able to control installer privs solves at least 2 problems for me and gives me the power to install to/run entirely from flash drives
+(04:27:46 PM) eyedeekay: I don't want to lose that to a project being unready or abandoned
+(04:29:03 PM) eyedeekay: So I guess pro-JNA, hesitant on 419 from me
+(04:29:54 PM) zlatinb: well 419 with a slightly different api is already in JDK 17 which is LTS, but I won't have a strong opinion until it's out of incubation
+(04:30:00 PM) zzz: we should continue to keep an eye out for the best tools to solve the problems we have now... daydreaming what else we could do with it isn't so important
+(04:31:10 PM) zzz: going out of the JVM is always going to be messy and less maintainable, to be used only if really necessary, no matter what mechanism is used
+(04:33:14 PM) zlatinb: Nobody disagrees with that, but I think we shouldn't stop ourselves from dreaming big
+(04:33:38 PM) zlatinb: integrating with the windows shell or power management on laptops sounds awfully nice to me
+(04:34:18 PM) zlatinb: that should be possible on linux laptops as well btw
+(04:34:33 PM) eyedeekay: I'm still dreaming small TBH, flash-drive-portables were just a by-product of supporting adminless installs
+(04:36:24 PM) eyedeekay: But if there's a non-JNA way of doing something then yeah we should probably try that first
+(04:38:54 PM) eyedeekay: Anything else on 4?
+(04:39:07 PM) zlatinb: not from me, eot
+(04:40:26 PM) eyedeekay: Anything else for the meeting? timeout 1m
+(04:41:43 PM) eyedeekay: All right thanks everybody for coming, looks like next month meeting will be May 3rd

i2p2www/meetings/logs/310.rst

@@ -0,0 +1,11 @@
+I2P dev meeting, April 5, 2022 @ 20:00 UTC
+==========================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb

i2p2www/meetings/logs/311.log

@@ -0,0 +1,28 @@
+(03:48:58 PM) eyedeekay: It would seem not, I'll have a look at gitlab's bugtracker and see if I can find an explanation
+(04:00:03 PM) eyedeekay: Hi everyone, welcome to the development meeting
+(04:00:03 PM) eyedeekay: 1. Hi 
+(04:00:03 PM) eyedeekay: 2. Release Date
+(04:00:03 PM) eyedeekay: 3. Development Status (1.8.0 / 0.9.54)
+(04:00:05 PM) eyedeekay: hi
+(04:00:13 PM) zlatinb: hi
+(04:00:17 PM) zzz: hello
+(04:00:45 PM) eyedeekay: 2. Release date
+(04:01:16 PM) eyedeekay: We need to decide on one, tentatively it's been the 23rd for a while, that works for me if it works for everybody else?
+(04:01:43 PM) zzz: that would be 13 weeks, fine with me
+(04:02:01 PM) zzz: need approval from eche|off eche|on if he's here
+(04:03:04 PM) eyedeekay: looks like not but I can email him after the meeting
+(04:04:00 PM) eyedeekay: looking like the 23rd pending email to ech
+(04:04:09 PM) eyedeekay: Anything else for 2?
+(04:04:58 PM) eyedeekay: 3. Development Status (1.8.0 / 0.9.54)
+(04:07:41 PM) eyedeekay: We're definitely less than a month from releasing 1.8.0/0.9.54 in any case, with lots of it being preparation/implementation for SSU2 by zzz
+(04:08:42 PM) eyedeekay: Big changes should be done soon, and tag freeze is on the 11th so translations must be in by then
+(04:09:28 PM) eyedeekay: /translations/strings
+(04:09:58 PM) eyedeekay: zzz, zlatinb anything to add on this topic?
+(04:10:44 PM) zzz: not much, I'm pretty much done, will be chasing a few minor things on my list in the next couple weeks
+(04:11:02 PM) zlatinb: nothing from me
+(04:11:03 PM) zzz: any new ssu2 stuff I'll probably either hold off or stick in a branch
+(04:11:11 PM) zzz: eot
+(04:12:05 PM) eyedeekay: thanks guys
+(04:12:49 PM) eyedeekay: Anything else for the meeting? Last-minute topics? timeout 1m
+(04:14:13 PM) eyedeekay: All right, quick meeting today
+(04:14:33 PM) eyedeekay: Thanks everyone for coming, I'll email echelon then post the logs

i2p2www/meetings/logs/311.rst

@@ -0,0 +1,11 @@
+I2P dev meeting, May 3, 2022 @ 20:00 UTC
+========================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb

i2p2www/meetings/logs/312.log

@@ -0,0 +1,60 @@
+(04:00:41 PM) eyedeekay: Hi everybody and welcome to the June 7 meeting
+(04:00:41 PM) eyedeekay: 1. Hi 
+(04:00:41 PM) eyedeekay: 2. 1.8.0 release status 
+(04:00:41 PM) eyedeekay: 3. 1.9.0 development status
+(04:00:41 PM) eyedeekay: 4. MoneroKon 2022
+(04:01:23 PM) zzz: hi
+(04:01:27 PM) zlatinb: hi
+(04:01:52 PM) eyedeekay: Hi guys, anybody else here or any topics to add?
+(04:03:26 PM) eyedeekay: I'll get us started on 1.8.0 release status then
+(04:04:29 PM) eyedeekay: Maven and I2P Easy-Install bundle for Windows were released shortly after the main 1.8.0 release occurred without incident, the I2P Easy-Install bundle got it's first successful automatic update as well
+(04:05:12 PM) eyedeekay: The Android release was delayed by about 5 days because I had to change it to avoid asking for a new gated permission from google to release on gplay
+(04:05:37 PM) eyedeekay: zzz do you want to apprise us of the main release and debian and then zlatinb, OSX easy install bundle?
+(04:06:37 PM) zzz: two weeks since the release, all looks good, haven't heard any complaints
+(04:07:01 PM) zzz: about 25% of the network has updated. BiglyBT release should be out shortly, that will give us a big jump
+(04:07:01 PM) zzz: that's all I have unless anybody has questions
+(04:07:03 PM) mode (-m ) by zzz
+(04:07:07 PM) zlatinb: same here, only difference from earlier release is that the Mac bundle includes GPLv2+Classpath license
+(04:07:29 PM) eyedeekay: Thanks guys, anything else on this topic?
+(04:08:26 PM) eyedeekay: 3. 1.9.0 development status
+(04:11:01 PM) eyedeekay: 2 weeks from release we're also 2 weeks into 1.9.0, zzz has been hard at work on ssu2 with orignal, if he wants to give us an update on that
+(04:11:22 PM) zzz: thanks
+(04:11:31 PM) zzz: we're getting wider testing of SSU2
+(04:11:50 PM) zzz: I encourage people who are willing and able, to enable it, and keep up to date with development builds
+(04:11:58 PM) anonymousmaybe is now known as Irc2PGuest25323
+(04:12:00 PM) zzz: we're still finding bugs in the basic protocol
+(04:12:20 PM) zzz: and we're continuing implementation of relay and peer test, which are like sub-protocols
+(04:12:41 PM) zzz: fixing other non-ssu2 bugs along the way
+(04:12:54 PM) zzz: eyedeekay, you and I need to update the roadmap both for the past release and the next one
+(04:13:13 PM) zzz: EOT unless there's any questions
+(04:13:23 PM) eyedeekay: Yes indeed, I've got some stuff to move to 1.9.0
+(04:13:50 PM) eyedeekay: for me my main goal in Java is to finish UDP tunnels in HSM, that's one of the things that moves to 1.9.0
+(04:14:10 PM) eyedeekay: otherwise my immediate goal is to work on NTCP2 in go-i2p, which will probably be hard work but I'm excited to get started
+(04:14:18 PM) eyedeekay: EOT for me as well
+(04:14:48 PM) zzz: ok, as usual, target big changes to go in early in the cycle please
+(04:15:06 PM) eyedeekay: Will do
+(04:15:13 PM) eyedeekay: Anything else for 3?
+(04:15:35 PM) zzz: nope, let's plan for a release in late August
+(04:15:44 PM) eyedeekay: 4. MoneroKon 2022
+(04:16:36 PM) eyedeekay: This one is just an announcement, there is going to be quite a bit of I2P related stuff happening at Monero Konferenco 2022 in less than 2 weeks, the 18th and 19th
+(04:17:10 PM) zzz: Lisbon, correct?
+(04:17:22 PM) eyedeekay: Yes Lisbon
+(04:17:54 PM) eyedeekay: But people who aren't in Lisbon are able to stream it from the web site for the conference, https://monerokon.com
+(04:17:58 PM) zzz: I'd like to plug the two students sponsored by diva.exchange that will be giving a presentation on their research there
+(04:18:17 PM) zzz: you have a workshop also? what about?
+(04:18:35 PM) eyedeekay: I'm going to be there to run a workshop on adapting applications to the I2P network
+(04:19:29 PM) eyedeekay: I'm going to present on the decisions people need to make when selecting an API, how to find a router, how to build an I2P plugin
+(04:19:40 PM) zzz: fantastic. there's going to be a lot of I2P brainpower there to help people and answer questions, I hope you get a good turnout
+(04:19:51 PM) anonymousmaybe is now known as Irc2PGuest29437
+(04:20:28 PM) eyedeekay: I hope so too, it's my favorite topic :)
+(04:21:45 PM) eyedeekay: zlatinb is going to be there as well, so if you can please come see us
+(04:22:28 PM) eyedeekay: That's all I've got for 4, anything else for the meeting?
+(04:23:55 PM) eyedeekay: All right thanks everybody for coming, same time next month
+(04:24:59 PM) obscuratus: eyedeekay: Are they going to stream your workshop?
+(04:25:53 PM) eyedeekay: I'm not sure, I'll make all the materials open/permissively licensed regardless
+(04:26:24 PM) obscuratus: Neat topic.  If they stream it, or if you can post a video later, I'll watch it.
+(04:26:32 PM) eyedeekay: I believe the box I marked on the form was that I did consent to be streamed
+(04:27:34 PM) zzz: eyedeekay, the times on your reddit post are lisbon local?
+(04:27:58 PM) eyedeekay: Yes the schedule on the monerokon website are UTC+1 which is Lisbon Local
+(04:28:39 PM) eyedeekay: *times on the monerokon website
+(04:29:07 PM) zzz: ok so 5 hours ahead of eastern, so the students are on at 5:30 AM 

i2p2www/meetings/logs/312.rst

@@ -0,0 +1,11 @@
+I2P dev meeting, June 7, 2022 @ 20:00 UTC
+=========================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb

i2p2www/meetings/logs/313.log

@@ -0,0 +1,119 @@
+(04:00:14 PM) eyedeekay: Hi everybody, welcome to the July 5 Meeting
+(04:00:14 PM) eyedeekay: 1. Hi
+(04:00:14 PM) eyedeekay: 2. 1.9.0 development status
+(04:00:14 PM) eyedeekay: 3. Support for Apple Silicon in the Mac easy-install bundle
+(04:00:14 PM) eyedeekay: 4. Windows easy-install bundle - out of beta?
+(04:00:32 PM) zzz: hi
+(04:00:35 PM) zlatinb: hi
+(04:00:44 PM) mode (-m ) by zzz
+(04:00:55 PM) eyedeekay: Hi guys, anybody else here today?
+(04:01:30 PM) eyedeekay: Moving right into 2. 1.9.0 development status
+(04:04:27 PM) eyedeekay: We are at a little less than 6 weeks in  I think, approx. 7 to go
+(04:04:27 PM) eyedeekay: zzz and orignal have been working hard on the implementation of SSU2 in i2p.i2p and i2pd
+(04:04:27 PM) eyedeekay: It won't be activated in 1.9.0 but if I understand correctly it's nearly done
+(04:04:27 PM) eyedeekay: I've been working on UDP tunnels again, mostly there but something's broken still, I'll probably need to ask zzz for help this week
+(04:04:50 PM) eyedeekay: zzz zlatinb anything else to add
+(04:05:09 PM) zzz: that's right, ssu2 is mostly working
+(04:05:17 PM) zzz: still fixing small bugs
+(04:06:03 PM) zzz: right now I'm working on making tunnel peer selection more efficient (unrelated to ssu2)
+(04:06:03 PM) zzz: other than that, just doing the usual bug fixing
+(04:06:06 PM) zzz: targeting a late august release
+(04:06:08 PM) zzz: EOT
+(04:06:48 PM) eyedeekay: Anyone interested in helping test should visit zzz's forum for instructions and to give feedback: http://zzz.i2p/topics/3314-how-to-enable-ssu2-in-i2p-1-8-0
+(04:07:00 PM) eyedeekay: 3. Support for Apple Silicon in the Mac easy-install bundle
+(04:07:27 PM) eyedeekay: zlatinb this is your topic, take your time
+(04:08:11 PM) zlatinb: hi, the big issue was jbigi but that is now solved via backporting the x18 register patch
+(04:08:59 PM) eyedeekay: So the easy-install bundle no longer needs to run on the emulated x86_64 mode?
+(04:09:15 PM) zlatinb: I would like to put up an official and notarized beta around end of july
+(04:09:42 PM) zlatinb: it has to be a separate download
+(04:09:46 PM) zzz: this would be a second bundle. we'd have two, one for x86 and one for arm
+(04:10:29 PM) zzz: I'm in favor, as it appears the extra dev effort would be small, and the speedup is large. Right?
+(04:10:37 PM) zlatinb: there is a caveat with updates when switching between bundle4s 
+(04:12:21 PM) zzz: sure, as long as there's instructions on how to switch, even if it's as simple as uninstall and reinstall, that should be fine
+(04:13:01 PM) zlatinb: i'll put them on /download/mac
+(04:13:23 PM) zlatinb: the news url needs to be changed manually
+(04:13:51 PM) zzz: the dev effort is small and the speedup is large, correct?
+(04:14:36 PM) zlatinb: speedup is there, also looks good to keep up with the times :)  dev effort except for notarization is small
+(04:14:48 PM) zzz: great. +1
+(04:14:54 PM) eyedeekay: +1
+(04:15:07 PM) zlatinb: thx EOT
+(04:16:02 PM) eyedeekay: Thanks zlatinb
+(04:16:02 PM) eyedeekay: 4. Windows easy-install bundle - out of beta?
+(04:16:35 PM) eyedeekay: I said ~3 months ago that I would be ready to move the easy-install bundle out-of-beta when I had a successful end-to-end update
+(04:18:05 PM) eyedeekay: I got that at 1.7.2 IIRC, but between 1.7.2 and 1.8.0 there were a number of bugs in how it worked when used with an external I2P router(i.e. a non-jpackaged router) in this situation the bundle is intended to work as a firefox-launcher only but this functionality was broken from 1.7.3-1.7.6
+(04:18:30 PM) eyedeekay: So I pushed it back again, but now I'm sure that all of the issues with running in both bundled and non-bundled modes are resolved
+(04:19:38 PM) eyedeekay: So I think it's finally ready to move out of beta, all the core functionality I thought was necessary has been established
+(04:20:49 PM) zzz: here's some things that may still need to be resolved:
+(04:21:18 PM) zzz: - is it just you that is successfully updating or are there other users that are also?
+(04:21:43 PM) zzz: - license requirements all met now?
+(04:22:27 PM) zzz: - are the windows bundle and the mac bundle now on the same JRE and roughly same release schedules?
+(04:22:58 PM) zzz: -- i.e. prepared for the 3-monthly JRE releases
+(04:23:22 PM) zzz: - and the usual question, do we have the resources to support this as an official product
+(04:23:49 PM) zzz: - also, are we removing the non-bundle download like we did for mac? or not?
+(04:23:51 PM) zzz: eot
+(04:25:46 PM) eyedeekay: License requirements are now fixed
+(04:25:46 PM) eyedeekay: I don't get a lot of feedback but at least 2 non-me updaters
+(04:25:46 PM) eyedeekay: I am sticking to LTS JRE, I think zlatinb is doing 18, but yes we are on the same schedule more-or-less
+(04:25:46 PM) eyedeekay: I do not think the resources required to work on the bundle are extensive, the hardest part is getting the build set up and it's not that hard, small investment now that it all works
+(04:25:46 PM) eyedeekay: I kind of want to remove the non-bundled download or possibly make it an "advanced installation" procedure
+(04:28:14 PM) zzz: - I don't think 2 non-you updaters is enough testers to declare it non-beta. Can you pimp it more on reddit or something?
+(04:28:25 PM) eyedeekay: Sure can do
+(04:28:43 PM) eyedeekay: I'm not in a hurry to rush it out
+(04:29:18 PM) zzz: - I'd like to see win and mac on the same JRE. Let's consolidate. I don't know which of you is right, but one of you is
+(04:29:29 PM) zzz: can you two come to an agreement?
+(04:29:43 PM) zzz: or are there reasons to be different?
+(04:30:01 PM) eyedeekay: I'm not married to my decision, I chose LTS strictly because of the statement "LTS"
+(04:30:57 PM) zzz: to be clear, not just the same version, but the same JRE supplier
+(04:31:10 PM) zzz: this will reduce the CVE review required every 3 months
+(04:31:14 PM) eyedeekay: We're both using Oracle right now to my knowledge
+(04:31:34 PM) eyedeekay: The only vendor with a similar update cycle is Amazon
+(04:31:49 PM) eyedeekay: I'd rather use Oracle than Amazon I think
+(04:33:16 PM) zzz: you two should be making these decisions together and in sync. I don't know why you're not and it sounds like you don't know either? :)
+(04:35:22 PM) eyedeekay: No I don't know. We did discuss vendors and update cycles at a couple points which is when we landed on Oracle due to releases being very quick compared to CVE's, but I don't know why I'm on 17 and zlatinb's on 18 now
+(04:36:27 PM) zlatinb: I don't remember the exact reason either
+(04:36:59 PM) zlatinb: maybe I wanted to test the ram reductions
+(04:37:28 PM) zzz: ok. I'm in favor of it coming out of beta, but let's get on the same JRE, get some more testing first and come back to us in a month or two
+(04:38:11 PM) zzz: I also want to think more about whether to remove the standard installer, maybe even worth a separate meeting about that
+(04:40:28 PM) zzz: eot
+(04:40:28 PM) eyedeekay: Re: actual reasons, perhaps a discussion for another time but I know the reason I'm on Oracle/17 is because I needed to pick a vendor who would respond to CVE's in less than 24 hours and because I wanted to ensure that I would have stability in terms of what I could expect from the API's and the JVM. I didn't really consider other reasons
+(04:40:28 PM) eyedeekay: Based on a sample of 1 event, I assessed that Oracle and Amazon were the fastest to release an update.
+(04:40:28 PM) eyedeekay: I considered Amazon because they are packaged in chocolatey which makes life on Windows a lot easier, but decided on Oracle instead
+(04:41:54 PM) eyedeekay: So that's how I landed on Oracle/17, basically out of caution
+(04:41:56 PM) eyedeekay: eot
+(04:41:57 PM) zlatinb: I can go down to 17 but really prefer to stick to oracle
+(04:42:18 PM) eyedeekay: So would I, so we're agreed
+(04:42:48 PM) zlatinb: on a related note i'll be afk until a week after the next jre release
+(04:43:28 PM) eyedeekay: Will we/can we make any arrangement for signing the bundles?
+(04:43:32 PM) zzz: I think you need 18 for the best apple arm support? if so then let's drag windows up to 18 also. But again, you two shouldn't be doing JRE vendor research and selection in separate silos. work together and decide together
+(04:43:32 PM) zlatinb: hopefully there won't be any urgent fixes
+(04:44:22 PM) zzz: we have limited resources, let's not do stuff twice for no reason
+(04:44:23 PM) zlatinb: signing requires deanon
+(04:44:28 PM) eyedeekay: I can push an unsigned bundle and tell people that they'll need to click through the pop-up in the news if need be
+(04:44:52 PM) eyedeekay: Still signed `su3` just not signed `exe`
+(04:45:21 PM) zlatinb: can't "click-through" on mac
+(04:45:31 PM) zlatinb: oh the exe signing is fine 
+(04:45:50 PM) zlatinb: we'\ll do it as  usual
+(04:46:41 PM) eyedeekay: OK then. Let me know if there's anything I can do(less rapidly deanoning) to help
+(04:47:39 PM) zlatinb: Nothing really other than take down the mac download page in the worst case
+(04:47:55 PM) eyedeekay: Well you have my signal number if you need me to do it
+(04:48:23 PM) zlatinb: ok.  it would be for a week at most
+(04:48:52 PM) zzz: eyedeekay, you're not setting the news URL in the feed, search for CHANGEME_URL_HERE :)
+(04:49:19 PM) eyedeekay: OMG I can't believe I missed that
+(04:49:29 PM) eyedeekay: Will do
+(04:49:32 PM) zzz: i put that in there a while back so you'd remember, I guess it didn't work (((
+(04:50:20 PM) eyedeekay: Re: Java 18 and Apple hardware, zzz just mentioned that 18 may have better support? If that's the case than that would be a thing I didn't know before and a reason to use 18 instead, can you confirm that?
+(04:51:39 PM) zlatinb: haven't done my homework on that sorry
+(04:51:53 PM) zzz: maybe a wild guess on my part, but don't need to decide in this meeting
+(04:52:17 PM) zlatinb: but if linux arm support is any indication it's very likely
+(04:52:34 PM) zlatinb: history of*
+(04:52:45 PM) zzz: but in general, newer is better, so isn't the point of bundling the JRE in a "easy bundle" is to have the latest?
+(04:53:19 PM) eyedeekay: I don't know, sometimes stable is better, and sometimes "easy" is somewhere in between
+(04:53:55 PM) zzz: that's why putting a LTS in a bundle doesn't make sense to me. 
+(04:58:29 PM) eyedeekay: Probably won't settle it today, but maybe I'm wrong about 17. zlatinb do you have a time that would be good this week to hammer out the 17/18 debate?
+(05:00:05 PM) zlatinb: generally any time is good and also bad because of my injury unless you want to get on a call
+(05:01:05 PM) eyedeekay: I'm happy to get on a call, we can figure out a time in private
+(05:01:18 PM) zlatinb: ack
+(05:01:43 PM) eyedeekay: Anything else for 4?
+(05:01:48 PM) eyedeekay: Or for the meeting?
+(05:01:53 PM) eyedeekay: Timeout 1m
+(05:03:46 PM) eyedeekay: All right thanks everybody for coming

i2p2www/meetings/logs/313.rst

@@ -0,0 +1,11 @@
+I2P dev meeting, July 5, 2022 @ 20:00 UTC
+=========================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb

i2p2www/meetings/logs/314.log

@@ -0,0 +1,230 @@
+(04:18:08 PM) eyedeekay: 1. Hi 
+(04:18:08 PM) eyedeekay: 2. 1.9.0 development status
+(04:18:08 PM) eyedeekay: 3. Apple silicon bundle status 
+(04:18:08 PM) eyedeekay: 4. Letter to EFF to clarify what "running" a network means
+(04:18:08 PM) eyedeekay: 5. New Outproxy ref: http://zzz.i2p/topics/3254 
+(04:18:08 PM) eyedeekay: a) Organizational and infrastructure overview (StormyCloud) 
+(04:18:08 PM) eyedeekay: b) Technical review and test results (zzz and others) 
+(04:18:08 PM) eyedeekay: c) ToS and log policy review http://stormycloud.i2p/outproxy.html (all) 
+(04:18:08 PM) eyedeekay: d) Vote to approve (all) 
+(04:18:08 PM) eyedeekay: e) Rollout plan (if approved) (zzz, StormyCloud)
+(04:19:11 PM) eyedeekay: zzz zlatinb you guys here?
+(04:19:24 PM) zzz: hi
+(04:19:27 PM) zlatinb: hi yes
+(04:20:11 PM) eyedeekay: Sorry about that again, had a cooking accident
+(04:20:12 PM) eyedeekay: 2. 1.9.0 development status
+(04:21:23 PM) eyedeekay: We're 3 weeks from release, we pretty much settled on a date for it at ls2 meeting yesterday, it's going to be the 22nd. i2pd and/or Java I2P may enable SSU2 for new installs, or a small percentage of the network on restart like for router rekeying
+(04:22:21 PM) eyedeekay: 3 weeks left for bug reports and bug fixes
+(04:22:47 PM) eyedeekay: Anything else to add zzz, zlatinb?
+(04:23:54 PM) eyedeekay: 3. Apple silicon bundle status
+(04:23:54 PM) eyedeekay: zlatinb this one is your, please start when you are ready
+(04:24:23 PM) not_bob_afk is now known as not_bob
+(04:25:23 PM) zzz: let me add a little on 2) please
+(04:25:30 PM) SilicaRice: is SSU2 officially stable? :o
+(04:25:35 PM) eyedeekay: Ok go ahead, sorry did not mean to rush
+(04:25:46 PM) zzz: lag
+(04:25:59 PM) zzz: tag freeze will be Aug. 10, a week from tomorrow
+(04:26:17 PM) zzz: the SSU2 testers have been very helpful, about 50-75 of them on the network
+(04:26:36 PM) zzz: our goal is to enable it for a few hundred to a thousand routers in the this release
+(04:26:53 PM) zzz: to help us shake out the remaining bugs, while avoiding any chance of disaster
+(04:27:19 PM) zzz: and we'll enable it for everybody in the November release
+(04:27:33 PM) SilicaRice: ahh :3
+(04:27:47 PM) zzz: everything else is going smoothly as well, just the usual bug fixes all over
+(04:28:13 PM) zzz: SSU2 is mostly finished, that doesn't mean it's mostly perfect yet
+(04:28:30 PM) zzz: shout out also to the i2pd team, they're working hard also
+(04:28:42 PM) zzz: I guess that's it unless there's any questions
+(04:28:56 PM) not_bob: Will the update also effect the android build?
+(04:29:46 PM) eyedeekay: I don't change any settings, SSU2 will technically be available but there won't be a UI to enable it
+(04:30:34 PM) eyedeekay: It just inherits defaults from i2p.i2p except where it has to to run on the Android environment
+(04:30:36 PM) zzz: sure. We may also just enable SSU2 for all Android, since it's so much less CPU than SSU1 w/ ElGamal
+(04:30:36 PM) not_bob: Good, good.
+(04:30:36 PM) zzz: that's what i2pd is thinking, we may do the same
+(04:30:36 PM) zzz: yeah, we're not going to put an option in the UI and then lobby like crazy for people to enable it
+(04:30:36 PM) zzz: we'd never get the numbers we want
+(04:30:36 PM) not_bob: Can we get an option to enable it if desired?  Better battery life would be better.
+(04:30:46 PM) zzz: there's an advanced config, see zzz.i2p for info
+(04:30:53 PM) not_bob: Thank you.
+(04:30:55 PM) zzz: not sure if Android has access to advanced cnofig?
+(04:31:32 PM) eyedeekay: No it doesn't, you have to do weird stuff to make it work
+(04:31:51 PM) eyedeekay: Pretty much devs-only to manually edit non-i2ptunnel config files on Android
+(04:32:03 PM) not_bob: :(
+(04:32:26 PM) zzz: ok. anyway, might be good to enable it for android anyway, because one of the last features we need to implement is handling IP changes, so mobile routers  will help us develop and test test
+(04:32:43 PM) not_bob: I vote for that.
+(04:33:25 PM) zzz: ok. to be clear, nobody's going to notice any difference with SSU2. It's mostly the same feature set, and currently a little slower than SSU1, at least on Java. It's faster for i2pd
+(04:33:47 PM) eyedeekay: Battery life is a huge deal if SSU2 will make a difference at that
+(04:34:18 PM) eyedeekay: We could be worse about how much battery we use, but we could also be better
+(04:34:37 PM) zzz: the benefits are more security, less CPU, more reliable firewall detection
+(04:34:44 PM) zzz: I may write up a whole blog post about it, I think it's one of the most censorship-resistant protocols ever designed. We'll see
+(04:35:01 PM) zzz: eot
+(04:36:20 PM) eyedeekay: Thanks zzz. I think people are hearing "Less CPU" and instantly making an association "Easier on battery for Androids" which may be part of the interest
+(04:36:35 PM) eyedeekay: 3. Apple silicon bundle status
+(04:37:15 PM) eyedeekay: zlatinb this one's yours, go ahead when you're ready
+(04:37:26 PM) zlatinb: Hi, I made the bundle available for download about 6 days ago and there have been almost 100 downloads since
+(04:37:55 PM) zlatinb: about 30% of the mac users download the arm64 bundle which surprises me
+(04:40:58 PM) zlatinb: No feedback anywhere yet, but with the last known bug fixed I think this should be ready for promotion to stable
+(04:40:58 PM) zzz: the only thing I'd suggest is making sure the news feeds are up and working on both servers, by putting up a 'thanks for testing' news entry
+(04:40:58 PM) zlatinb: I'm thinking to upgrade the 1.8 bundle to 1.9 when that becomes available to test the update channel although don't expect any issues
+(04:40:58 PM) zlatinb: yes, can do that tomorrow after my right hand will be fully functional again (hopefully)
+(04:40:58 PM) zlatinb: that's about it
+(04:40:58 PM) zlatinb: eot
+(04:42:08 PM) eyedeekay: Thanks zlatinb, if you choose to do a news entry let me know and I'll update the servers
+(04:42:48 PM) eyedeekay: 4. Letter to EFF to clarify what "running" a network means
+(04:43:28 PM) zzz: so I'd say after a successful update or news entry, stable is fine. I don't expect any issues either, but we've had plenty of news glitches before 
+(04:43:48 PM) zzz: but willing to hear other opinions ofc
+(04:43:48 PM) zlatinb: the only real action for promoting to stable really is removing the "BETA" label from the website
+(04:43:48 PM) uis is now known as Irc2PGuest3854
+(04:43:48 PM) zzz: sure, it's more the principle than anything actually being different
+(04:43:48 PM) zzz: let's be purposeful in our labeling, that's all
+(04:44:07 PM) zlatinb: Yes, some background on that:
+(04:44:10 PM) mode (+v T3s|4) by ChanServ
+(04:44:34 PM) mode (+v albat) by ChanServ
+(04:44:48 PM) mode (+v polistern) by ChanServ
+(04:44:53 PM) zlatinb: eyedeekay and I met Kurt Opsahl from EFF at HOPE few weeks ago and asked him about legality of working on something like I2P
+(04:45:43 PM) zlatinb: He said that writing code is fine because "code == speech", however "running" the network may be a different story
+(04:46:21 PM) zlatinb: we didn't dig into what running the network means at HOPE
+(04:46:56 PM) zlatinb: but I think it's a good idea to reach out and clarify the topic as much as possible 
+(04:47:41 PM) zzz: what would we do differently, based on conceivable responses?
+(04:48:38 PM) zlatinb: I'm having very hard time conceiving the responses as it's a very broad topic
+(04:48:44 PM) eyedeekay: It may inform who is able to run what services
+(04:48:50 PM) zzz: whatever "running" we're doing, it's much less than their darling Tor, and how might we do even less?
+(04:49:32 PM) eyedeekay: But I think one likely response is that running services to support a network is probably speech too
+(04:49:53 PM) eyedeekay: That may be optimistic, but it's also the one that involves the least leaps
+(04:50:20 PM) zzz: in my experience, ask a lawyer an informal question, you'll get good information. Send them a letter, they'll say they aren't licensed in your state, go hire somebody
+(04:50:51 PM) zlatinb: no idea, maybe reseeds are fine and addressbooks are not, who knows,  Too many possible permutations
+(04:51:26 PM) zzz: if you want to follow up, follow up, but I've asked EFF for legal advice before, their answer is "we're not set up to be general purpose legal counsel. We litigate cases of interest"
+(04:51:59 PM) eyedeekay: Maybe I can track down somebody for an informal question next week then. Can't hurt to try both
+(04:52:38 PM) eyedeekay: Writing the letter would help inform the question
+(04:53:14 PM) zzz: email Kurt. He gave you a vague answer, following up is reasonable. He's always been quite nice every time I talk to him
+(04:54:00 PM) eyedeekay: Can do
+(04:54:30 PM) zzz: I just wouldn't expect anything actionable, but who knows?
+(04:54:32 PM) zlatinb: well it's worth structuring any such letter properly; also may be wise to build up the engagement gradually rather than dump a giant letter from the blue
+(04:55:31 PM) eyedeekay: zlatinb do you want to set up a time to sync up and write that letter this week?
+(04:55:34 PM) zlatinb: I suggest we start with a simple follow-up like "was nice to meet you" and then expand from there
+(04:56:32 PM) zlatinb: currently I'm thinking we should not write a giant letter describing how i2p works until we get an ack that eff is willing to work with us
+(04:56:42 PM) eyedeekay: OK
+(04:56:59 PM) zlatinb: they may decide they want a retainer, who knows
+(04:57:10 PM) zzz: see above. they don't do that
+(04:57:48 PM) zzz: you're misunderstanding how they work
+(04:58:06 PM) zlatinb: I'll shoot him a "was nice to meet you" follow up and cc you guys and take it from there.
+(04:58:18 PM) zlatinb: if they can't help at all that's fine too
+(04:59:15 PM) eyedeekay: Anything else for 4?
+(04:59:23 PM) zlatinb: no, eot
+(04:59:38 PM) eyedeekay: 5. New Outproxy ref: http://zzz.i2p/topics/3254 
+(04:59:38 PM) eyedeekay: a) Organizational and infrastructure overview (StormyCloud) 
+(04:59:38 PM) eyedeekay: b) Technical review and test results (zzz and others) 
+(04:59:38 PM) eyedeekay: c) ToS and log policy review http://stormycloud.i2p/outproxy.html (all) 
+(04:59:38 PM) eyedeekay: d) Vote to approve (all) 
+(04:59:38 PM) eyedeekay: e) Rollout plan (if approved) (zzz, StormyCloud)
+(04:59:51 PM) eyedeekay: a) Organizational and infrastructure overview (StormyCloud)
+(05:00:10 PM) zzz: StormyCloud, you here?
+(05:00:21 PM) StormyCloud: Yes 
+(05:00:41 PM) zzz: this is a proposal to replace false.i2p, which was unreliable for years and is now dead
+(05:00:56 PM) zzz: thanks for volunteering to support a replacement
+(05:01:18 PM) zzz: please go ahead and give us a brief overview of your organization and your infrastructure
+(05:01:45 PM) StormyCloud: Who we are: We are a 501(c)(3) non-profit organization based out of Texas. Our mission is to provide privacy-based tools to allow everyone access to an unfiltered and unregulated Internet. We started this organization in 2021 and have been working closely with the TOR community by deploying exit nodes.
+(05:02:37 PM) StormyCloud: We own all of our hardware and currently colocate at a Tier 4 data center. As of now have a 10GBps uplink with the option to upgrade to 40GBps without the need for much change. We have our own ASN and IP space (IPv4 & IPv6).
+(05:02:55 PM) StormyCloud: Outproxy Infrastructure: Outproxies are run on Ubuntu 22.04 and have been optimized for I2P. The backend proxy software is TinyProxy and supports HTTP, HTTPS, I2P, and TOR onion links. Currently, the outproxy is multi-homed on two servers. We can increase this number of servers as needed. 
+(05:04:03 PM) zzz: I want to invite everyone to ask questions of StormyCloud at any point as we go through the agenda
+(05:04:15 PM) zzz: any questions at this time?
+(05:04:26 PM) not_bob: Yes
+(05:04:39 PM) not_bob: How do you deal with users who try to use your service for "really nasty stuff"?
+(05:05:46 PM) StormyCloud: Nothing, we do not filter any requests. While that does invite "bad" users we feel the internet should be a free and open place.
+(05:06:12 PM) R4SAS: And one from me: will be here SOCKS5 proxies in future?
+(05:06:48 PM) StormyCloud: R4SAS: If there is a need for a SOCKS5 proxy I am sure we can get one deployed.
+(05:07:01 PM) R4SAS: Thanks
+(05:07:45 PM) zzz: any other questions on 5a) ?
+(05:08:02 PM) not_bob: http://notbob.i2p/graphs/stormycloud.i2p.yearly.svg
+(05:08:14 PM) not_bob: I just want to note that stormycloud has been great for uptime.
+(05:08:56 PM) SilicaRice: the backend supports I2P links uh huh?
+(05:08:57 PM) not_bob: And performance is great.
+(05:09:29 PM) zzz: that brings us to 5b, yes
+(05:09:29 PM) zzz: the outproxy has been in beta for quite a while
+(05:09:29 PM) zzz: testing should ensure that the service is reliable, meets applicable standards, and is secure 
+(05:10:00 PM) zzz: we've encountered several issues over the last few months, and StormyCloud has always been responsive
+(05:10:13 PM) SilicaRice: (why would you run i2p links through an outproxy?)
+(05:10:29 PM) zzz: at this time my test results are good, and I'm recommending it to be our official outproxy
+(05:10:38 PM) dr|z3d: StormyCloud misspoke. there is no .i2p support.
+(05:10:40 PM) zzz: but let's hear any other test reports or questions
+(05:10:43 PM) StormyCloud: SilicaRice: My apologies I wrote that wrong
+(05:11:03 PM) SilicaRice: oh okay
+(05:12:00 PM) R4SAS: > We do not cooperate with any requests for information except where compelled by law, and in that event our ability to assist is limited by our logging policy.
+(05:12:19 PM) R4SAS: Will be here transparency reports in such situations?
+(05:12:45 PM) zzz: also, to be clear, this meeting is about Java I2P's default and recommendations. Any other project including i2pd may have their own processes and requirements and negotiations with the outproxy operator
+(05:13:03 PM) StormyCloud: R4SAS: Yes, we public a report quarterly on our clearnet website. That is something I can also do on our i2p site.
+(05:13:48 PM) zzz: ok, looks like we're on 5c) review of ToS and logging policies. The goal here is to ensure our users are protected.
+(05:14:00 PM) R4SAS: also, please, create in-i2p mail for contacting =)
+(05:14:03 PM) zzz: any comments or questions about the Tos?
+(05:15:41 PM) R4SAS: ah, btw, about 5b: StormyCloud, what tunnel settings are you using?
+(05:16:06 PM) R4SAS: length, amount, etc
+(05:16:11 PM) dr|z3d: 0 hop.
+(05:16:17 PM) eyedeekay: Everything it says looks pretty clear to me, although to follow up on what R4S4S it might be good to put a link to the transparency report in or after that > We do not... unless compelled by law section
+(05:16:34 PM) zzz: an outproxy operator is in a position to view all traffic, or at least all non-https traffic, so it's important that we trust the operator to protect our users
+(05:17:01 PM) StormyCloud: eyedeekay: Makes sense, ill get this added to the website
+(05:17:09 PM) zzz: it's currently two multihomed 0-hop servers, right StormyCloud ?
+(05:17:19 PM) StormyCloud: Correct
+(05:17:42 PM) not_bob: But, just to clarify, with the way i2p tunnels work, my 2-3 hops are still there.  You are just not adding any more, right?
+(05:18:07 PM) dr|z3d: the client can configure as many hops as they wish, not_bob.
+(05:18:12 PM) zzz: I also saw on zzz.i2p that it's ipv4-only but that may get fixed soon, right?
+(05:18:13 PM) anonymousmaybe is now known as Irc2PGuest54486
+(05:18:15 PM) not_bob: Yep, that's what I thought.  Thank you.
+(05:18:48 PM) StormyCloud: zzz: Correct, our upstream provider finished their upgrade. I didnt want to mess with IPv6 until all testing was done
+(05:19:49 PM) zzz: would you please elaborate on your experience running tor exits and the capacity of your tor exits?
+(05:21:00 PM) StormyCloud: Sure, we have been running tor exit since late last year, currently sitting at 130ish exits with about 1.6% of TOR exit traffic going through our servers.
+(05:21:49 PM) StormyCloud: Everything is virtualized and the process to setup has become pretty automated
+(05:22:06 PM) zzz: have you ever received any DMCA or other legal processes w.r.t. your tor exits? if so, how was it handled?
+(05:23:33 PM) StormyCloud: No legal requests and surprisingly no DMCA requests. We do get abuse complaints, we just respond and let them know this is a TOR exit and there is nothing further that can be done on our end.
+(05:23:47 PM) major: No legal requests and surprisingly no DMCA requests. We do get abuse complaints, we just respond and let them know this is a TOR exit and there is nothing further that can be done on our end.
+(05:24:27 PM) R4SAS: huh, acetone's bot has bug
+(05:24:33 PM) zzz: any other questions sor StormyCloud before we go to 5d) appproval ?
+(05:24:34 PM) R4SAS: I'll PM him
+(05:25:33 PM) zzz: normally major doesn't have +v, but I turned +m off for the meeting, no big deal
+(05:26:36 PM) zzz: ok, if there's no more questions, everybody please indicate your approval / disapproval for making StormyCloud our official outproxy
+(05:26:45 PM) not_bob: Approve
+(05:26:58 PM) zzz: approve
+(05:27:05 PM) zlatinb: approve
+(05:27:05 PM) eyedeekay: approve
+(05:27:18 PM) SilicaRice: approve (if users count for anything)
+(05:27:54 PM) R4SAS: no objections, approve
+(05:28:32 PM) zzz: ok, great
+(05:28:39 PM) zzz: 5e) rollout
+(05:28:50 PM) zzz: the two major steps are:
+(05:29:08 PM) zzz: 1) setting it as default for new installs (as early as the next release in 3 weeks)
+(05:29:23 PM) zzz: 2) recommending to existing users to change their config (probably via console news, any time)
+(05:29:30 PM) zzz: these can happen in either order
+(05:29:41 PM) zzz: and we have no idea how much traffic either would generate
+(05:29:59 PM) zzz: other products (Android, bundles), probably aren't big enough to worry about timing
+(05:30:14 PM) zzz: StormyCloud, what is your request or recommendation on when and how we proceed?
+(05:31:36 PM) StormyCloud: If the console news can be set/sent anytime then we can let existing users know to switch now (if they want) and that gives us three weeks to monitor and spin up new servers if needed.
+(05:32:12 PM) dr|z3d: console news generally published with a new release.
+(05:32:13 PM) not_bob: StormyCloud: How much traffic are you handeling for the outproxy currently?
+(05:33:10 PM) zzz: ok. it would be nice to point to a howto page with screenshots for editing the hidden services manager config. That could be hosted on stormycloud.i2p, or a i2p-projekt.i2p blog post? Any volunteers to put that together?
+(05:33:35 PM) eyedeekay: I can do it
+(05:33:35 PM) StormyCloud: Difficult to say at this time, since we dont log anything. I am monitoring network activity, but that too doesnt tell a full picture since its also passing i2p traffic.
+(05:34:18 PM) dr|z3d: StormyCloud: we keep an eye on exit traffic via graphs..
+(05:34:41 PM) dr|z3d: in short, notbob, nothing worth getting excited about.
+(05:34:59 PM) zzz: dr|z3d, you have a guess on current % utilization of your two nodes? probably very small?
+(05:35:21 PM) dr|z3d: utilization in what sense?
+(05:35:28 PM) dr|z3d: capacity-wise?
+(05:35:33 PM) zzz: yes
+(05:35:50 PM) zzz: or maybe you don't really know until you hit it...
+(05:35:51 PM) dr|z3d: very small is about right.
+(05:36:18 PM) dr|z3d: throw a few thousand concurrent users at the outproxy, we'll then know :)
+(05:36:33 PM) zzz: yeah, apologies to StormyCloud, we were unable to get any historical estimates of false.i2p bandwidth
+(05:37:06 PM) zzz: so it's a little bit of a crap shoot, as long as you're monitoring things and have an expansion plan, we should be fine
+(05:37:37 PM) StormyCloud: All good, we will adjust as more and more people start to use the outproxy
+(05:38:11 PM) dr|z3d: well, as configured, the outproxies combined can handle up to 8192 concurrent streams. so there's plenty of capacity there, and StormyCloud has plenty of stuff in the wings if required.
+(05:38:21 PM) zzz: and StormyCloud re: new installs, should we plan to make it the default in the next release late this month as well?
+(05:39:01 PM) StormyCloud: Yes, that would be fine
+(05:39:29 PM) zzz: ok then. eyedeekay let me know when you have a blog post up, and then I'll write the news entry
+(05:39:39 PM) zzz: anything else on 5e) rollout ?
+(05:39:43 PM) eyedeekay: OK, expect it tonight or tomorrow
+(05:40:14 PM) eyedeekay: Nothing from me
+(05:40:14 PM) zzz: thanks again StormyCloud 
+(05:40:18 PM) zzz: back to you eyedeekay 
+(05:41:07 PM) eyedeekay: All right that's it for the listed items, I'll be at Def Con next week in case anybody who's watching wants to meet me there lol
+(05:41:49 PM) eyedeekay: If anybody else has anything else for the meeting, please speak up, otherwise timeout 1m
+(05:42:59 PM) R4SAS: I have one question, but it is out of meeting scope
+(05:43:34 PM) zzz: oh, also thanks to dr|z3d for vital technical assistance over the testing period
+(05:43:41 PM) eyedeekay: All right thanks everybody for coming to the meeting, I've got a kind of crazy section in the middle of my log but once I fix that I'll post the logs to the web site
+(05:43:44 PM) eyedeekay: Thanks for coming
+(05:43:59 PM) not_bob: Thank you for having us.

i2p2www/meetings/logs/314.rst

@@ -0,0 +1,15 @@
+I2P dev meeting, August 2, 2022 @ 20:00 UTC
+===========================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb,
+StormyCloud,
+R4S4S,
+SilicaRice,
+not_bob

i2p2www/meetings/logs/315.log

@@ -0,0 +1,106 @@
+(04:01:46 PM) eyedeekay: Hi everybody
+(04:01:50 PM) eyedeekay: welcome to the Tuesday September 6 meeting
+(04:02:02 PM) zzz: hi
+(04:02:07 PM) mode (-m ) by zzz
+(04:02:13 PM) zlatinb: hi
+(04:02:26 PM) eyedeekay: 1. Hi 
+(04:02:26 PM) eyedeekay: 2. 1.9.0 release status 
+(04:02:26 PM) eyedeekay: 3. 1.10.0 development status
+(04:02:26 PM) eyedeekay: 4. next release 2.0.0?                                          
+(04:02:26 PM) eyedeekay: 5. Mac arm64 bundle out of beta if 1.9.0 update was successful? (followup from last meeting)                               
+(04:02:51 PM) eyedeekay: Anything else to add before we get started?
+(04:03:19 PM) eyedeekay: hi zzz, hi zlatinb
+(04:03:46 PM) eyedeekay: 2. 1.9.0 release status
+(04:05:11 PM) eyedeekay: We released about 2 weeks ago, there was a slight delay getting Android and the Easy-Install bundle out now
+(04:05:11 PM) eyedeekay: F-Droid builds are now fixed as well so people who wish to can install from F-Droid main if they choose to and the app will work
+(04:05:37 PM) not_bob: Thank you for that.
+(04:05:43 PM) eyedeekay: No problem
+(04:06:41 PM) eyedeekay: I'm going to be doing a point release for the Windows Easy-Install bundle, zlatinb found a very hard-to-spot bug which sees to affect easy-install bundle on Windows 11 slightly more than other places
+(04:07:17 PM) eyedeekay: zzz do you want to talk Debian or anything else?
+(04:07:51 PM) zzz: sure
+(04:07:53 PM) zzz: about 40% of net is updated which is typical for 2 weeks in
+(04:08:10 PM) zzz: we have a few hundred SSU2-enabled routers now, as desired/expected
+(04:08:41 PM) zzz: no major issues so far
+(04:09:06 PM) zzz: although zlatinb's bug is maybe medium-major :)
+(04:09:07 PM) zzz: EOT
+(04:10:01 PM) eyedeekay: Yeah and what I don't understand is how it went without happening much for so long, and then it hits the easy bundle twice in quick succession
+(04:10:17 PM) zlatinb: well its kind of by accident that I have to use a windows 11 laptop for a few days, itś discovered a lot of issues
+(04:11:08 PM) zlatinb: I guess the reseed problem either caused people to try again or give up on i2p off the bat
+(04:11:09 PM) zzz: that's usually the way it goes... dev gets new setup... all hell breaks loose
+(04:11:59 PM) zlatinb: there is still an unresolved forking issue with firefox on first launch
+(04:12:48 PM) zlatinb: so ideally we should try and do something about it
+(04:13:30 PM) eyedeekay: Indeed, it only happens the very first time the browser launcher is run, every subsequent time it works fine
+(04:13:36 PM) zlatinb: maybe launch headless or play with the launch options, idk
+(04:14:10 PM) eyedeekay: Yeah I could launch it headless on the first run, let it fork and close, then subsequently run with the window open
+(04:14:58 PM) eyedeekay: That's a good idea thanks zlatinb
+(04:15:15 PM) eyedeekay: Anything else on 2?
+(04:16:03 PM) goingpostal is now known as Irc2PGuest14444
+(04:16:29 PM) eyedeekay: 3. 1.10.0 development status
+(04:18:30 PM) eyedeekay: Sorry I'm a little less prepared than usual, stuck in somebody else's office all day, bear with me
+(04:21:00 PM) eyedeekay: 2 weeks in, I've been working on a number of improvements to the Windows bundle to make it more stable and intuitive to use and to help track down this clock-skew bug
+(04:21:37 PM) eyedeekay: I've also been porting the profile and launcher parts of it(less the jpackaged router) to non-Windows platforms to hopefully provide automatic browser configuration there
+(04:22:06 PM) eyedeekay: zzz has been working on SSU2, fixing bugs with the help of orignal, would you like to update us on that zzz
+(04:22:16 PM) zzz: yes, thanks. early days, but a summary of changes and fixes so far is at http://zzz.i2p/topics/3377
+(04:22:32 PM) zzz: SSU2 - added the ack-immediate flag and connection migration
+(04:22:47 PM) zzz: which are the last two things we wanted to get in before enabling for all
+(04:24:07 PM) eyedeekay: Cool so you're right on track then?
+(04:24:30 PM) zzz: the larger user base has us finding corner cases and more rare bugs, nothing too serious, fixing as we go
+(04:24:30 PM) zzz: the plans for months has been for us to enable SSU2 for everybody in the November release and we are still on track
+(04:24:30 PM) zzz: EOT
+(04:24:42 PM) zzz: yes
+(04:24:51 PM) eyedeekay: Awesome thanks for the update
+(04:25:09 PM) eyedeekay: Anything else for 3?
+(04:25:41 PM) eyedeekay: 4) next release 2.0.0?
+(04:25:52 PM) eyedeekay: zzz you added this topic, would you like to get us started?
+(04:26:12 PM) zzz: this was a suggestion from dr|z3d so if he's around I'll ask him to make his pitch
+(04:26:50 PM) zzz: but if he's not, I'll say it's not a bad idea
+(04:27:05 PM) zzz: linux is about to go from 5.19 to 6.0
+(04:27:25 PM) zzz: tor's arti just went to 1.0.0
+(04:27:26 PM) zzz: ssu2 as good an excuse as any
+(04:27:45 PM) RightNow: and I2P is going from SSU to SSU2
+(04:27:47 PM) zzz: EOT - thoughts everyone? and we don't need to decide today, we have 11 more weeks
+(04:28:30 PM) not_bob: I have no issue with it so long it works.
+(04:29:18 PM) zzz: anybody hate it? anybody love it?
+(04:29:21 PM) eyedeekay: Sure, I think it makes sense, both transports will have been modernized, it's a big milestone
+(04:29:43 PM) zlatinb: I kind of wish we had something bigger of a bang to go to 2.0
+(04:29:48 PM) RightNow is now known as RN
+(04:30:34 PM) eyedeekay: Use it for 3.0.0 maybe?
+(04:30:38 PM) zzz: there's nothing bigger on the roadmap. frankly, I hope we don't ever do anything bigger, I'm tired...
+(04:30:56 PM) zlatinb: also I have to leave now sorry, on the last topic yes I think the mac arm bundle is ready to go out of beta.  I will have the windows laptop for another day or two for testing.  Gotta bolt now, sorry
+(04:30:59 PM) zlatinb: ttyl
+(04:31:05 PM) RN: zzz, you are also thanked.
+(04:32:26 PM) eyedeekay: Yes zzz, your dedication and hard work are appreciated
+(04:32:34 PM) zzz: tell you what eyedeekay let me post in the 1.10 thread on my forum and will come back next month with a report, stick it on the agenda for next month
+(04:32:44 PM) eyedeekay: Will do zzz
+(04:33:18 PM) zzz: wasn't trying to elicit thanks, just pointing out this was the last - and hardest - of the crypto migration we've been on for about a decade
+(04:33:36 PM) eyedeekay: Didn't need to elicit it, you deserve it :)
+(04:33:52 PM) eyedeekay: But point taken, it's a huge effort
+(04:33:58 PM) RN: it is a milestone worth celebration, and yeah, you deserve it!
+(04:34:14 PM) zzz: if we'd tried to do SSU2 first it would have killed us all. we only managed due to the experience of all the rest of it
+(04:34:26 PM) zzz: shared credit to the i2pd project of course
+(04:35:01 PM) eyedeekay: Indeed. Back on track though, anything else on 4?
+(04:35:15 PM) RN: but you led the charge.
+(04:35:21 PM) zzz: if we want to do post-quantum that can be 3.0.0 :)
+(04:35:43 PM) eyedeekay: Good idea, that will be exciting
+(04:35:53 PM) zzz: nope, nothing else
+(04:36:05 PM) eyedeekay: Well 5) was: Mac arm64 bundle out of beta if 1.9.0 update was successful? (followup from last meeting)
+(04:36:43 PM) eyedeekay: Which zlatinb gave us a status update for on his way out the door, with the update being successful I see no reason against it
+(04:37:38 PM) eyedeekay: Anybody else have anything to add to this topic?
+(04:38:06 PM) zzz: I assume zlatinb meant the update worked; if so, he can remove the beta label on the web page
+(04:38:32 PM) zzz: that was the only reservation I had at the last meeting
+(04:38:33 PM) zzz: eot
+(04:39:45 PM) eyedeekay: OK. One of us should ping us when we see him online
+(04:39:52 PM) eyedeekay: Anything else for the meeting?
+(04:40:04 PM) eyedeekay: ping *him 
+(04:41:14 PM) eyedeekay: Well I guess without his git creds I may as well remove the label
+(04:41:27 PM) eyedeekay: So I'll do it
+(04:41:43 PM) zzz: do you have confirmation the update worked?
+(04:42:11 PM) zzz: because he didn't say that above
+(04:42:53 PM) eyedeekay: I don't think I do
+(04:43:01 PM) eyedeekay: Nope
+(04:43:14 PM) eyedeekay: No I've not strictly speaking heard anyone say those exact words yet
+(04:43:21 PM) eyedeekay: So I'll wait
+(04:43:26 PM) eyedeekay: And ask him
+(04:43:32 PM) zzz: ok
+(04:44:19 PM) eyedeekay: Anything else for the meeting timeout 1m?
+(04:45:44 PM) eyedeekay: All right thanks everyone for coming

i2p2www/meetings/logs/315.rst

@@ -0,0 +1,14 @@
+I2P dev meeting, September 6, 2022 @ 20:00 UTC
+==============================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb,
+not_bob,
+RightNow,
+RN

i2p2www/meetings/logs/316.log

@@ -0,0 +1,165 @@
+(04:00:08 PM) eyedeekay: Hi everyone, welcome to the October 4 2022 meeting
+(04:00:08 PM) eyedeekay: 1. Hi
+(04:00:18 PM) zlatinb: hi
+(04:00:28 PM) zzz: hi
+(04:00:51 PM) eyedeekay: 1. Hi
+(04:00:51 PM) eyedeekay: 2. 1.10.0 development status
+(04:00:51 PM) eyedeekay: 3. next release 2.0.0?
+(04:00:51 PM) eyedeekay: 4. Publish source tarballs for bundle releases
+(04:00:51 PM) eyedeekay: 5. Free stickers for translators
+(04:00:51 PM) eyedeekay: 6. Windows Easy-Install Update/Out-of-Beta
+(04:01:05 PM) eyedeekay: 2. 1.10.0 development status
+(04:01:15 PM) eyedeekay: About 7 weeks to go
+(04:01:24 PM) eyedeekay: My big priority this month has been to get the Windows Easy-Install bundle ready to go out of beta
+(04:01:31 PM) eyedeekay: Lots of stuff on the forum about that, targeting stable updates, compatibility with existing/unbundled routers, and a more stable and flexible way to manage and launch browser profiles, more on all that in item 6
+(04:01:38 PM) eyedeekay: Also working on a "Split Tunneling" or "Per-App VPN" tool in Android(on the roadmap).
+(04:01:47 PM) eyedeekay: The utility is that it allow users to configure their browsers more easily, in a way which prevents WebRTC escapes by putting them onto an interface which corresponds to an I2P connection and not to their network provider
+(04:02:05 PM) eyedeekay: zzz, zlatinb what would you like to add that you're working on
+(04:02:30 PM) zzz: not a lot to report... SSU2 testing continues to go well...
+(04:02:53 PM) zzz: put up proposal 161 about compressible padding, we'll be discussing it in #ls2 meetings...
+(04:03:06 PM) zlatinb: Nothing specific I'm working on, just want to let everyone know that I'll be afk from 22nd Nov to 10th Dec so if the next release gets tagged on the 21st I may be able to build the mac bundles but will most likely not be able to seed the torrents
+(04:03:29 PM) eyedeekay: If you send me the files I'll seed them for you
+(04:03:32 PM) zzz: I have some peer selection efficiency improvements I'm going to try to get in soon, may or may not make it
+(04:03:43 PM) zzz: EOT
+(04:04:21 PM) eyedeekay: Thanks zzz, zlatinb, I don't want to rush anybody but we do have a long agenda today, anything else to add on 2?
+(04:04:59 PM) eyedeekay: 3. next release 2.0.0?
+(04:04:59 PM) eyedeekay: My vote is yes to 2.0.0
+(04:05:19 PM) zzz: yeah I put it up for comments on my forum and got I think 1 yes and no no's
+(04:05:36 PM) eyedeekay: I was a yes at the last meeting too I think
+(04:05:46 PM) zzz: I'd like to decide today because I have a SSU2 blog post ready to go and it would be helpful to refer to the next release by number
+(04:06:22 PM) zzz: yeah I didn't hear any strong opinions one way or the other last meeting which is why we pushed it a month
+(04:06:34 PM) zzz: I think it's a good idea
+(04:06:51 PM) zzz: so if there's no objections, let's call it 2.0.0!
+(04:07:30 PM) eyedeekay: Timeout 1m for objections
+(04:07:47 PM) zzz: make it 30 seconds :)
+(04:07:54 PM) eyedeekay: Yeah I already burned 30
+(04:08:04 PM) eyedeekay: OK there it is
+(04:08:06 PM) eyedeekay: 2.0.0
+(04:08:17 PM) eyedeekay: 4. Publish source tarballs for bundle releases
+(04:08:31 PM) zzz: yeah this was my item
+(04:08:53 PM) zzz: standard open source practice is to post source tarballs, even if we can point to a git tag
+(04:09:06 PM) zzz: I understand that the Mac source doesn't change release to release?
+(04:09:10 PM) zzz: but the windows source does?
+(04:09:46 PM) zlatinb: well the mac bundle has evolved to enable arm64 but in general it doesn't change
+(04:10:02 PM) eyedeekay: What we both do is clone a copy of the repo and check out a specific release tag, ant distclean, generate our jars, and copy them into the bundle trees
+(04:10:15 PM) zzz: anyway, my recommendation is that we generate source tarballs as part of the build process and link to them on the respective download pages
+(04:10:36 PM) zzz: if they don't change, then I guess they can be unversioned
+(04:10:50 PM) zzz: so the windows source doesn't change release-to-release either?
+(04:11:01 PM) zlatinb: I would rather just tag and then fetch the tarball from github.  I expect at least for a while the only thing changing in the mac bundle will be the changelog file
+(04:11:50 PM) zzz: you all can work out the details, but the goal is to have source and instructions so anybody can build it themselves
+(04:12:00 PM) eyedeekay: The i2p jars that get included don't change except to get updated, but the Windows source has changed in the launcher quite a lot since it started
+(04:12:12 PM) zzz: are you two willing to do that and add it to your release processes?
+(04:12:21 PM) eyedeekay: Yes absolutely
+(04:12:31 PM) eyedeekay: My release scripts and daily scripts now include tarball every time
+(04:12:36 PM) zzz: you don't need to include dependencies such as i2p, and probably shouldn't
+(04:12:37 PM) eyedeekay: zab's too IIRC
+(04:12:54 PM) zlatinb: the question is where to put the tarballs, should they be available on the site, etc.
+(04:13:25 PM) zzz: somewhere on the download server with everything else, with links on the bundle pages. You two can work out the details to be consistent
+(04:13:59 PM) zlatinb: well that's the thing, if we can just point to a gitlab tag then there's no need for any extraneous links
+(04:14:31 PM) zzz: disagree, I think it's good open source practice to publish source tarballs
+(04:14:55 PM) zlatinb: github and maybe gitlab allow tarball download off of a tag
+(04:14:57 PM) eyedeekay: It's not much more effort, I'm not against it, I tag in the same script I generate tarballs in
+(04:15:05 PM) zzz: here's the binary, here's the source, here's the gpg sigs, here's the build instructions
+(04:15:29 PM) zzz: it's also consistent with our mainline release to have tarballs
+(04:16:15 PM) zzz: sounds like zlatinb is not in agreement? should we push this off to next month?
+(04:16:38 PM) zlatinb: yeah I think it's unnecessary
+(04:16:57 PM) zlatinb: but don't mind doing it if that's what the decision is
+(04:17:11 PM) zzz: if it never changes, you only have to do it once and you're done
+(04:17:47 PM) zlatinb: it has changed very rarely historically
+(04:18:03 PM) eyedeekay: Kicking it down the road for now is fine with me, zlatinb and I can work out what we're going to do or not do in the meantime
+(04:18:33 PM) eyedeekay: This might be a situation where we have to be a little different because my bundle has been a little more rapidly-changing than his
+(04:19:27 PM) zzz: if we don't want to decide today I'll start a forum thread to solicit more opinions
+(04:20:44 PM) zlatinb: ok
+(04:20:44 PM) zzz: ok = you're oppposed for now?
+(04:21:02 PM) eyedeekay: Probably a good idea, and I'm pro tarballs
+(04:21:31 PM) zlatinb: yeah
+(04:21:31 PM) zzz: no problem, eyedeekay put it on the list for next month
+(04:21:37 PM) eyedeekay: OK can do
+(04:21:52 PM) eyedeekay: Anything else for 4?
+(04:22:38 PM) eyedeekay: 5. Free stickers for translators
+(04:22:55 PM) eyedeekay: zzz this one was also yours, take it away whenever you're ready
+(04:23:16 PM) zzz: yeah, credit sarah jamie lewis on twitter
+(04:23:32 PM) zzz: for her project which I've forgotten the name... cwtch?
+(04:24:02 PM) eyedeekay: That's the one
+(04:24:02 PM) zzz: anyway, thought it was a good idea, but we'd need a) stickers and b) people to mail them
+(04:24:17 PM) zzz: both of which we used to have but are now out of both people and stickers?
+(04:24:40 PM) zzz: so, do we want to do it, and should we order stickers (even if we don't)
+(04:24:45 PM) zzz: EOT
+(04:25:26 PM) zzz: sadie and eche|on used to be the sticker people I think
+(04:25:38 PM) eyedeekay: I went through and counted mine up, I've got maybe 35 of the old ones(Toopie) and 91 left of the run I ordered in the spring, but I'd be fine with ordering more
+(04:25:41 PM) zzz: anyway, comments please... yes/no/maybe?
+(04:26:00 PM) eyedeekay: I can mail them within the US and Canada but the EU isn't great for me
+(04:26:21 PM) zzz: we have hundreds of translators registered. only a few are probably active
+(04:26:41 PM) zzz: who is the sticker-orderer-person?
+(04:27:54 PM) eyedeekay: The last person to order stickers was probably me, but I did them on my own time/out of pocket so I would have them for conventions
+(04:28:19 PM) zzz: who's in charge of PR?
+(04:28:48 PM) zzz: who has an opinion about stickers for translators?
+(04:28:48 PM) zzz: well, you could have / should have gotten reimbursed... echelon used to be the sticker guy
+(04:29:54 PM) zzz: we're going to need his buyin both for the cost, and to make him the EU mail person, and to send half to you and half to him
+(04:30:15 PM) zzz: since he's not around, put this on the list for next month, I'll try to get his attention
+(04:30:22 PM) eyedeekay: I think that if translators request stickers we should be able to get them some stickers, but that it should be contingent on request
+(04:30:59 PM) zzz: sure, we don't have anybody's address, they have to ask. but we would have to tell them to ask
+(04:31:17 PM) uis is now known as Irc2PGuest33729
+(04:31:48 PM) zzz: if anybody's going to CCC then you need to hop on more stickers, independent of translators
+(04:32:42 PM) zzz: EOT, push it to next month, no answers today
+(04:32:47 PM) eyedeekay: Ack, I do plan to go so I'll make sure I have some stickers
+(04:32:47 PM) eyedeekay: So next step is start an email chain with Ech about it
+(04:33:09 PM) eyedeekay: EOT from me, anything else on 5?
+(04:33:50 PM) eyedeekay: 6. Windows Easy-Install Update/Out-of-Beta
+(04:33:58 PM) eyedeekay: This one's mine obviously
+(04:34:26 PM) eyedeekay: So 1.9.5 point release happened technically because of the reseed application context timer obviously
+(04:34:45 PM) eyedeekay: But it was a convenient time to also keep an eye on how the updates performed
+(04:35:54 PM) zlatinb: and how did it behave?
+(04:35:55 PM) eyedeekay: It wasn't without complications, people who were using fell into 3 groups
+(04:36:56 PM) eyedeekay: 1. People for whom it worked perfectly
+(04:36:56 PM) eyedeekay: 2. People for whom it resulted in corrupted router.config files for un-bundled routers
+(04:36:56 PM) eyedeekay: 3. People for whom it it did not update because the router.config files were from un-bundled routers
+(04:37:22 PM) eyedeekay: 2 and 3 were problems, I followed up with the fix in a forum post on zzz.i2p
+(04:37:43 PM) eyedeekay: I believe they are fixed now and cannot recur in the future
+(04:37:57 PM) eyedeekay: Therefore I think the update process will be ready by what is now 2.0.0
+(04:38:08 PM) eyedeekay: I actually think it's ready now but 7 weeks to test
+(04:38:53 PM) eyedeekay: So I would like to move it out of beta in November
+(04:39:09 PM) zzz: we don't have documented criteria for out-of-beta, really
+(04:39:17 PM) zzz: but for me it's that the release processes are solid, things aren't getting missed
+(04:39:27 PM) zzz: we're not doing point releases a week later to fix stuff
+(04:39:45 PM) zzz: but you may wish to list your own feature goals
+(04:40:21 PM) zzz: for example, are you two solid on reviewing the java updates every three months and jointly deciding to release or not?
+(04:40:40 PM) zzz: I didn't see any on-IRC discussion. did it happen off-IRC perhaps?
+(04:41:31 PM) zlatinb: the last discussion happened here, there has been no off-IRC discussion regarding jre point releases since
+(04:42:21 PM) eyedeekay: Didn't we talk about it on Whereby a little after that?
+(04:42:36 PM) eyedeekay: IIRC we only release in the Java cycle if there's a CVE which affects the last release?
+(04:42:46 PM) zzz: just to take an example, 18.0.2.1 August 18 2022 fixes a JIT bug that crashes the JRE. Are you two both on that, or did you jointly decide it wasn't necessary?
+(04:43:33 PM) zlatinb: I'm not on that I don't think
+(04:43:43 PM) zlatinb: and don't remember discussing that bug; I usually look only at the CVEs
+(04:44:08 PM) zlatinb: 21:43:29 zlatinb: I'm not on that I don't think
+(04:44:08 PM) zlatinb: 21:43:42 zlatinb: and don't remember discussing that bug; I usually look only at the CVEs
+(04:44:12 PM) zzz: back
+(04:45:12 PM) eyedeekay: I am on 18.0.2.1 but because I pushed back my release to try and make sure I addressed some stability issues and by that time Java had updated
+(04:45:24 PM) eyedeekay: Also my point release was built with an updated JDK
+(04:45:35 PM) eyedeekay: So that's got us out-of-sync again I think
+(04:45:54 PM) zzz: that's what I'm getting at about processes. If the build and release processes aren't yet stable and being reliably followed, these procucts aren't ready to graduate
+(04:46:01 PM) zzz: so when you updated, to 18.0.2.1, did you tell zlatinb you were doing it and suggest he do the same?
+(04:47:04 PM) eyedeekay: No I didn't, I simply let it auto-update and built with the latest version
+(04:48:13 PM) eyedeekay: So... there's another process to revise on my side
+(04:49:31 PM) zzz: I'd suggest you work on a solid bug-free release in november (together with whatever feature goals you have) and if that goes well put yourself on the agenda for december
+(04:50:00 PM) eyedeekay: OK can do
+(04:50:56 PM) zzz: or january because the release is likely to be late nov., may not have enough info by 1st week in dec.
+(04:52:02 PM) eyedeekay: If there's not enough to go on by then I'll move it
+(04:52:15 PM) eyedeekay: Anything else for 6?
+(04:52:27 PM) zzz: a brief 6a)
+(04:52:30 PM) eyedeekay: Sure
+(04:52:52 PM) zzz: zlatinb, reported that the mac arm update went well, so as far as I'm concerned it's out of beta as discussed on my forum
+(04:53:28 PM) zzz: zlatinb, you need to update your page to remove the beta label
+(04:53:28 PM) zzz: eot
+(04:53:28 PM) zlatinb: ok
+(04:53:29 PM) zlatinb: will do soon
+(04:54:24 PM) eyedeekay: All right that puts us at just shy of an hour, anything else for the meeting?
+(04:54:26 PM) eyedeekay: timeout 1m
+(04:54:41 PM) zlatinb: yes
+(04:54:57 PM) zlatinb: if StormyCloud reads the logs, I encourage them to address the concerns raised on reddit
+(04:56:15 PM) zlatinb: the longer that question stays unanswered the worse it looks
+(04:56:18 PM) eyedeekay: agreed, they do sometimes come to reddit and it would be good to hear from them
+(04:56:36 PM) zlatinb: eot
+(04:56:43 PM) eyedeekay: Thanks zlatinb
+(04:57:37 PM) eyedeekay: Anything else for the meeting(again)? timeout 30s this time
+(04:58:21 PM) eyedeekay: Thanks everyone for coming, I'll post the logs tonight, see you around IRC and same time next month

i2p2www/meetings/logs/316.rst

@@ -0,0 +1,11 @@
+I2P dev meeting, October 04, 2022 @ 20:00 UTC
+=============================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz,
+zlatinb

i2p2www/meetings/logs/317.log

@@ -0,0 +1,93 @@
+(03:00:31 PM) eyedeekay: Hi everyone, welcome to the November 8 meeting
+(03:00:31 PM) eyedeekay: 1. Hi 
+(03:00:31 PM) eyedeekay: 2. 2.0.0 development status 
+(03:00:31 PM) eyedeekay: 3. Publish source tarballs for bundle releases 
+(03:00:31 PM) eyedeekay: 4. Free Stickers for Translators
+(03:00:31 PM) eyedeekay: Anything else for the agenda?
+(03:00:39 PM) mode (-m ) by zzz
+(03:01:19 PM) zzz: hi
+(03:01:58 PM) eyedeekay: hi zzz
+(03:02:03 PM) eyedeekay: Anybody else here today?
+(03:02:08 PM) eche|on: hi
+(03:02:18 PM) eyedeekay: Hi eche|on
+(03:02:39 PM) eyedeekay: 2. 2.0.0 development status
+(03:02:58 PM) eyedeekay: We're 2 weeks from release with a tag freeze tomorrow, IIRC
+(03:03:49 PM) eyedeekay: Yes that's exactly when
+(03:04:38 PM) eyedeekay: zzz and orignal have been hard at work getting ssu2 ready, the plan is still to enable it
+(03:05:08 PM) eyedeekay: I'll be doing an unsigned release of the I2P Easy-Install for Windows
+(03:05:50 PM) eyedeekay: I don't know the Mac release status, though, are Mac users stuck on 1.9.0 until we can find a new Mac maintainer/signer?
+(03:06:25 PM) zzz: yes. There's a pretty good summary of the release at http://zzz.i2p/topics/3377
+(03:07:02 PM) zzz: the SSU2 testing in the last 3 months with 2% enabled has been a tremendous success
+(03:07:17 PM) zzz: haven't found any major issues, but we've fixed countless minor ones
+(03:08:19 PM) eche|on: go ahead with SSU2
+(03:08:35 PM) eche|on: about mac: I got a dev account and a MAC, but no idea howto currently
+(03:08:39 PM) eche|on: and less time
+(03:09:03 PM) zzz: interesting
+(03:09:31 PM) zzz: do you think you _could_ do it at some point? If so, when?
+(03:09:39 PM) eche|on: I do have the git repo of the mac inclusions, but currently not yet looked into
+(03:09:54 PM) eche|on: IF I find out howto, rather soon (tm)
+(03:10:05 PM) zzz: even if it's a month or two late, that would be fantastic
+(03:10:08 PM) eche|on: but the howto may fail in shorter terms
+(03:10:41 PM) eche|on: also no idea about whats apple going to do, but those are parts to find out
+(03:11:10 PM) eyedeekay: I'll see if I can help you, building the mac jpackages is pretty straightforward, I've never signed them but it's all in the scripts zab wrote
+(03:11:25 PM) zzz: when I do the 2.0.0 news.xml, I'll also put a news entry in the mac feed saying it will be delayed
+(03:11:42 PM) zzz: eyedeekay, do you have a mac?
+(03:11:57 PM) eyedeekay: I have an Intel Mac but no dev account
+(03:12:04 PM) eche|on: sadie has a mac, but neither idk nor sadie do want to go public with their names
+(03:12:25 PM) eche|on: getting a dev account is rather simple : give out your name and pay 100$ a year
+(03:12:28 PM) eyedeekay: I can make a dmg but it gets signed with local keys that aren't allowed on other Macs
+(03:12:32 PM) zzz: I understand. The idea is you could walk thru everything but the notarization
+(03:12:32 PM) eche|on: more or like thats it
+(03:13:12 PM) eche|on: bb 2min
+(03:13:25 PM) zzz: afaik it's the notarization that's the real pita. Hopefully the howto is clear...
+(03:14:14 PM) eyedeekay: I think the only pitfall really is getting the Java dev environments set up, there's a tool you install through brew that switches version that makes it very easy though
+(03:14:25 PM) zzz: eyedeekay, let's put this on the agenda for next month
+(03:14:36 PM) eyedeekay: Can do
+(03:15:19 PM) zzz: in the mean time, please run thru the howto as it currently exists as far as you can w/o notarization, just to test the howto and see if it needs any fixes for ech
+(03:16:10 PM) zzz: esp. to check if the arm64 side is documented
+(03:16:45 PM) eyedeekay: I will do everything I can, although I won't be able to run through the arm64 process because I do not have an arm64 Mac
+(03:16:53 PM) eche|on: I will check howto get the certs with notarization,
+(03:16:55 PM) eyedeekay: I'll do everything up to that though
+(03:17:18 PM) eche|on: eyedeekay: just order a arm64 mac. refund as usual
+(03:17:28 PM) eche|on: no need to stop at that
+(03:17:30 PM) zzz: do you need an ARM mac to build ARM? 
+(03:17:41 PM) zzz: probably...
+(03:17:59 PM) eyedeekay: I'm not quite sure on the subtleties of it all re: cross-compilation
+(03:18:02 PM) zzz: there's also a possible workflow where idk builds and ech notarizes
+(03:18:23 PM) zzz: but we don't need to work it all out here
+(03:18:44 PM) eyedeekay: But jpackage is pretty picky about architecture/OS combinations
+(03:19:28 PM) SoniEx2: raspberry pi?
+(03:19:39 PM) zzz: let's move on to next topic
+(03:19:40 PM) eyedeekay: ELF not Mach-O
+(03:19:42 PM) eyedeekay: But yes
+(03:19:45 PM) eyedeekay: 3. Publish source tarballs for bundle releases
+(03:20:24 PM) eyedeekay: Since it's just me now and I wanted to publish source tarballs the whole time, 2.0.0 Windows getting source tarballs
+(03:20:36 PM) eyedeekay: One for the bundle itself and one for the profile manager component
+(03:21:17 PM) eyedeekay: As part of going through the scripts from the Mac bundle I'll add source tarball generation as part of the process
+(03:21:18 PM) zzz: ok, and since the mac objector has left, let's add one to the mac page also
+(03:21:28 PM) eyedeekay: Will do
+(03:21:41 PM) zzz: great, I'm happy
+(03:22:38 PM) eyedeekay: 4. Free Stickers for Translators
+(03:23:27 PM) eche|on: yeah
+(03:23:49 PM) eyedeekay: eche|on and I talked about this briefly after last month's meeting by email
+(03:23:49 PM) eyedeekay: I think we were each in favor of doing it? I don't have my mail open
+(03:24:23 PM) eche|on: sure we can do this, one for each part of the wolrd
+(03:24:28 PM) zzz: it was my proposal, but it requires a) stickers and b) somebody to mail them
+(03:24:30 PM) eche|on: but my sticker ressources are limited
+(03:24:47 PM) zzz: as I understand we're essentially out of stickers
+(03:24:59 PM) eche|on: sadie/idk still do have several
+(03:25:05 PM) eche|on: I got around 400 or alike only
+(03:25:23 PM) eche|on: should be enough for 1year+, but plan ahead
+(03:25:26 PM) eyedeekay: Oh I ran myself down to like, 8 at All Things Open last week
+(03:25:30 PM) eyedeekay: I'll need to order more
+(03:25:53 PM) eche|on: ah, ok
+(03:26:10 PM) zzz: can you two coordinate on who is ordering, what the design is, and make sure each of you gets half?
+(03:26:16 PM) eyedeekay: Yes we can
+(03:26:34 PM) zzz: super
+(03:27:05 PM) zzz: when you have them in hand, holler and I'll announce on TX
+(03:27:11 PM) eche|on: good
+(03:27:22 PM) zzz: thanks guys
+(03:27:46 PM) eyedeekay: No problem
+(03:27:56 PM) eyedeekay: Anything else on 4 or for the meeting?
+(03:28:25 PM) eche|on: nope
+(03:29:14 PM) eyedeekay: All right thanks everybody for coming, I'll post the meeting in a few minutes

i2p2www/meetings/logs/317.rst

@@ -0,0 +1,12 @@
+I2P dev meeting, November 08, 2022 @ 20:00 UTC
+==============================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+echelon,
+eyedeekay,
+zzz
+

i2p2www/meetings/logs/318.log

@@ -0,0 +1,83 @@
+(08:00:09 PM) eyedeekay: Hello everyone, welcome to the rescheduled dev meeting
+(08:00:09 PM) eyedeekay: 1. Hi 
+(08:00:09 PM) eyedeekay: 2. 2.0.0 Release Status, 2.0.0 Mac Release Status 
+(08:00:09 PM) eyedeekay: 3. 2.1.0 Development Status 
+(08:00:09 PM) eyedeekay: 4. Stickers for Translators
+(08:00:50 PM) zzz: hi
+(08:02:55 PM) eyedeekay: Doesn't seem like he's here? going to move along for now.
+(08:04:04 PM) eyedeekay: 2. 2.0.0 release status: *most* targets of 2.0.0 were released about 3 weeks ago now, including i2p.i2p, Android, Debian and Easy-Install Windows, with Easy-Install for Mac delayed by zlatinb's departure
+(08:04:04 PM) eyedeekay: Ech and I have been working on a plan to replace him in terms of maintenance, signing, and notarization of the OSX bundle, that is still expected for close to the end of this month
+(08:06:01 PM) eyedeekay: Everybody knows how to build everything, has a good idea of the signing requirements, the last remaining thing to do is notarization in practice, and we don't know everything we should expect here but I think we have a good idea
+(08:07:10 PM) eyedeekay: Android needed a point release due to a bug related to compatibility with a new API on newer devices, so Android users should make sure they've upgraded to 2.0.1
+(08:07:10 PM) eyedeekay: eot for me on 2, anything to add zzz
+(08:07:20 PM) zzz: lots
+(08:07:50 PM) uis is now known as Irc2PGuest69907
+(08:08:04 PM) zzz: I had to release a 2.0.0-2ubunutu1 debian/ubuntu build to fix an embarrassing but ultimately harmless bunch of stray symlinks in root
+(08:08:38 PM) zzz: root cause was a typo, deb lint didn't catch it, not sure what the post mortem lesson is other than be more careful, we're root on install...
+(08:09:12 PM) zzz: as far as the network, after 3 weeks, half of it has updated and is using ssu2
+(08:09:39 PM) zzz: exploratory build success has been trending straight down since the release
+(08:09:56 PM) zzz: we're concerned, and monitoring closely
+(08:10:47 PM) zzz: at this point we think it's some combination of ssu-to-ssu2 migration, ssu2 bugs on both our side and in i2pd, and a couple of routers that are spamming the network with tunnel builds
+(08:11:05 PM) zzz: i2pd is considering a mid-cycle january point release to get their fixes out
+(08:11:33 PM) zzz: for now I don't think that's necessary on our side but it's always an option should we choose to
+(08:12:18 PM) zzz: I think that's EOT but I'll have more info in a moment as a part of 3)
+(08:13:09 PM) eyedeekay: Thank you zzz
+(08:13:43 PM) eyedeekay: 3. 2.1.0 Development Status
+(08:17:12 PM) eyedeekay: We're 3 weeks in to this cycle, in this time I've been working on getting Android migrated fully over to the modern gradle plugin, I stopped short of migrating from maven to maven-push before release, after that, what's on the list for Android is orbot-style split tunneling for configuring apps without a proxy(Sort of the Android version of torsocks)
+(08:17:12 PM) eyedeekay: For desktop I've been working on getting our integration into Whonix fixed and have been work related to getting the Easy-Install for Windows out of beta
+(08:18:43 PM) eyedeekay: That's what I'm working on, zzz would you like to continue with your information or 3)?
+(08:19:43 PM) dr|z3d: ... intermission ...
+(08:23:56 PM) anonymousmaybe is now known as Irc2PGuest40130
+(08:24:03 PM) eyedeekay: Welcome back
+(08:25:17 PM) eyedeekay: What was the last thing you got?
+(08:26:28 PM) zzz: back
+(08:26:28 PM) zzz: is it my turn yet? :)
+(08:26:28 PM) dr|z3d: you need to put on an apron and wheel the confectionery tray around the theater :)
+(08:26:28 PM) dr|z3d: did you go out to get us all ice cream? :)
+(08:26:28 PM) dr|z3d: recap:
+(08:26:28 PM) dr|z3d: <eyedeekay> We're 3 weeks in to this cycle, in this time I've been working on getting Android migrated fully over to the modern gradle plugin, I stopped short of migrating from maven to maven-push before release, after that, what's on the list for Android is orbot-style split tunneling for configuring apps without a proxy(Sort of the Android version of torsocks)
+(08:26:28 PM) dr|z3d: <eyedeekay> For desktop I've been working on getting our integration into Whonix fixed and have been work related to getting the Easy-Install for Windows out of beta
+(08:26:28 PM) dr|z3d: <eyedeekay> That's what I'm working on, zzz would you like to continue with your information or 3)?
+(08:26:48 PM) zzz: thanks
+(08:27:04 PM) zzz: drz gave it to me
+(08:27:12 PM) zzz: ok, my turn!
+(08:27:33 PM) zzz: about a week and a half after the release, when a lot of the net had updated, I started chasing SSU2 problems
+(08:27:42 PM) zzz: and found a whole lot
+(08:27:56 PM) zzz: both ours and helped i2pd find some of theirs
+(08:27:58 PM) zzz: so it's been quite busy
+(08:28:14 PM) zzz: as a result, we're at almost 7000 lines of diff, more than the whole 2.0.0 release
+(08:28:38 PM) zzz: and whatever else I had planned for 2.1.0 I haven't gotten to yet, including promised peer selection improvements
+(08:29:50 PM) zzz: I plan to bump to -7 after the meeting
+(08:29:50 PM) zzz: while the "big changes in" deadline is early January, let's stay flexible, as we don't want a bunch of WIP in there if we're going to do a 2.0.1 release
+(08:29:59 PM) zzz: so let's try not to break things with "big changes" if possible. Big changes are fine, as long as they're isolated
+(08:30:40 PM) zzz: but things are going well and we're working closely with i2pd to track down and fix issues
+(08:31:02 PM) zzz: including one-in-a-million ones that are now popping up
+(08:31:16 PM) zzz: and one-in-a-zillion ones that dr|z3d is finding on his high speed routers
+(08:31:30 PM) zzz: that's it! EOT, any questions?
+(08:32:27 PM) eyedeekay: I'm slightly curious how often a "Million" of some things happens in in the real world but possibly a question for another time
+(08:33:17 PM) eyedeekay: Thanks zzz
+(08:34:12 PM) eyedeekay: It seems like once you get a whole bunch of routers doing a thing the odds of a rare event happening somewhere would go up very fast
+(08:35:11 PM) zzz: yeah. perhaps we should have been more cautious, and not go from 2% to 100% in one release. But we'll get through it
+(08:35:17 PM) uis is now known as Irc2PGuest38853
+(08:37:15 PM) eyedeekay: 4. Stickers for Translators
+(08:37:15 PM) eyedeekay: Only real news here is that I now have stickers for mailing, I've got a ton of them so if you're in the Americas then I am prepared to mail them
+(08:37:58 PM) zzz: would you please post something on my forum, saying who is eligible and how to request
+(08:38:17 PM) eyedeekay: Can do
+(08:38:29 PM) zzz: then I will copy paste over to transifex announcement
+(08:38:48 PM) zzz: what's the status of the euro side?
+(08:39:44 PM) eyedeekay: Don't know if he has his yet, will request an update from him tonight
+(08:40:07 PM) zzz: ok, guess I need to wait for that part of it before transifex
+(08:40:43 PM) zzz: please whack him with your baffer for making us reschedule and then not showing :)
+(08:41:07 PM) eyedeekay: Well it was my fault too but I'll make sure to let him know :)
+(08:41:32 PM) zzz: I mean yesterday to today. you're not off the hook for last week :)
+(08:42:41 PM) eyedeekay: That's all I've got for 4 and/or today, anything else for the meeting?
+(08:42:50 PM) zzz: nope
+(08:43:02 PM) zzz: are we on or off for Jan. 3?
+(08:44:26 PM) eyedeekay: All right then thanks zzz for coming, I was going to say "On" for Jan 3 but we could do the 10th instead since IIRC LS2 will be the 9th
+(08:45:01 PM) zzz: doesn't matter, your call
+(08:45:35 PM) eyedeekay: Let's have it on the 9th in January and return to first-Tuesday in February
+(08:45:52 PM) zzz: you mean 10th?
+(08:45:59 PM) eyedeekay: Yes the 10th
+(08:46:07 PM) zzz: ok
+(08:46:15 PM) zzz: meeting over?
+(08:46:25 PM) eyedeekay: Yes

i2p2www/meetings/logs/318.rst

@@ -0,0 +1,11 @@
+I2P dev meeting, December 14, 2022 @ 20:00 UTC
+==============================================
+
+Quick recap
+-----------
+
+* **Present:**
+
+eyedeekay,
+zzz
+