From 01dd56f59e973e8de40946ea3aaee247ff5c87cd Mon Sep 17 00:00:00 2001
From: zzz <zzz@mail.i2p>
Date: Sat, 23 Jun 2018 15:52:14 +0000
Subject: [PATCH] 0.9.35 release notes

---
 .../blog/2018/06/26/0.9.35-Release.draft.rst  | 83 +++++++++++++++++++
 i2p2www/spec/proposals/111-ntcp-2.rst         | 34 ++++++--
 2 files changed, 108 insertions(+), 9 deletions(-)
 create mode 100644 i2p2www/blog/2018/06/26/0.9.35-Release.draft.rst

diff --git a/i2p2www/blog/2018/06/26/0.9.35-Release.draft.rst b/i2p2www/blog/2018/06/26/0.9.35-Release.draft.rst
new file mode 100644
index 000000000..3a8a2cb63
--- /dev/null
+++ b/i2p2www/blog/2018/06/26/0.9.35-Release.draft.rst
@@ -0,0 +1,83 @@
+{% trans -%}
+==============
+0.9.35 Release
+==============
+{%- endtrans %}
+.. meta::
+   :author: zzz
+   :date: 2018-06-26
+   :category: release
+   :excerpt: {% trans %}0.9.35 with SusiMail folders and SSL Wizard{% endtrans %}
+
+{% trans -%}
+Update details
+==============
+{%- endtrans %}
+
+{% trans -%}
+0.9.35 adds support for folders in SusiMail, and a new SSL Wizard for setting up HTTPS on your Hidden Service website.
+We also have the usual collection of bug fixes, especially in SusiMail.
+{%- endtrans %}
+
+{% trans -%}
+We're hard at work on several things for 0.9.36, including a new OSX installer and a faster, more secure transport protocol called NTCP2.
+{%- endtrans %}
+
+{% trans -%}
+I2P will be at HOPE in New York City, July 20-22. Find us and say hello!
+{%- endtrans %}
+
+{% trans -%}
+As usual, we recommend that you update to this release. The best way to
+maintain security and help the network is to run the latest release.
+{%- endtrans %}
+
+
+**{% trans %}RELEASE DETAILS{% endtrans %}**
+
+**{% trans %}Changes{% endtrans %}**
+
+- {% trans %}New Hidden Service SSL Wizard{% endtrans %}
+- {% trans %}SusiMail support for Folders, Drafts, background sending{% endtrans %}
+- Jetty 9.2.24, Tomcat 8.5.30
+
+
+**{% trans %}Bug Fixes{% endtrans %}**
+
+- {% trans %}Console: Fix changes to wrong tunnel on /configtunnels{% endtrans %}
+- {% trans %}CPUID: Fix TBM detection{% endtrans %}
+- {% trans %}i2psnark: Fix torrents ignoring priority settings when autostart enabled{% endtrans %}
+- {% trans %}i2ptunnel: Retry accept after server socket closed{% endtrans %}
+- {% trans %}NTCP: Fix bug causing initial latency for outbound connections{% endtrans %}
+- {% trans %}SusiMail: Include attachments in forwarded mail{% endtrans %}
+- {% trans %}SusiMail: Many other fixes{% endtrans %}
+- {% trans %}Tunnels: Prevent zero-hop even when no active peers{% endtrans %}
+
+
+**{% trans %}Other{% endtrans %}**
+
+- {% trans %}Add support for notes in Addressbook{% endtrans %}
+- {% trans %}Rewrite and new translations for eepsite help page (new installs only){% endtrans %}
+- {% trans %}DNSoverHTTPS (disabled by default){% endtrans %}
+- {% trans %}Prep for HTTPS console and eepsite{% endtrans %}
+- {% trans %}Prep for splitting up Debian package{% endtrans %}
+- {% trans %}NTCP refactoring in prep for NTCP2{% endtrans %}
+- {% trans %}Move SusiMail logging to router logs{% endtrans %}
+- {% trans %}SusiMail BCC-to-self feature replaced with Sent folder{% endtrans %}
+- {% trans %}Fix eepget handling of response line with no status text{% endtrans %}
+- {% trans %}i2psnark UI cleanups{% endtrans %}
+- {% trans %}New Azerbaijani translation{% endtrans %}
+- {% trans %}Translation updates{% endtrans %}
+- {% trans %}Update GeoIP data (new installs and PPA only){% endtrans %}
+
+
+`Full list of fixed bugs`_
+
+.. _{% trans %}`Full list of fixed bugs`{% endtrans %}: http://{{ i2pconv('trac.i2p2.i2p') }}/query?resolution=fixed&milestone=0.9.35
+
+
+**{% trans %}SHA256 Checksums:{% endtrans %}**
+
+::
+
+
diff --git a/i2p2www/spec/proposals/111-ntcp-2.rst b/i2p2www/spec/proposals/111-ntcp-2.rst
index 9f2b5a4f8..345f94376 100644
--- a/i2p2www/spec/proposals/111-ntcp-2.rst
+++ b/i2p2www/spec/proposals/111-ntcp-2.rst
@@ -6,7 +6,7 @@ NTCP 2
     :editor: manas, str4d, zzz
     :created: 2014-02-13
     :thread: http://zzz.i2p/topics/1577
-    :lastupdated: 2018-06-21
+    :lastupdated: 2018-06-26
     :status: Open
     :supercedes: 106
 
@@ -367,7 +367,7 @@ Noise_XK_25519_ChaChaPoly_SHA256.  These generally follow the guidelines in
    Message 3 part 1 AEAD frame is fixed length.
    Message 3 part 2 AEAD frame length is specified in message 1.
 
-4) The two-byte frame length field is obfuscated with SipHash,
+4) The two-byte frame length field is obfuscated with SipHash-2-4,
    as in obfs4.
 
 5) The payload format is defined for messages 1,2,3, and the data phase.
@@ -385,7 +385,7 @@ which are not required for current I2P protocols:
 
 2) AEAD_ChaCha20_Poly1305 (abbreviated as ChaChaPoly below)
 
-3) SipHash
+3) SipHash-2-4
 
 
 Processing overhead estimate
@@ -1660,6 +1660,7 @@ Note that the two directions have unique SipHash keys and IVs from the KDF.
   {% highlight lang='text' %}
       sipk1, sipk2 = The SipHash keys from the KDF.  (two 8-byte long integers)
       IV[0] = sipiv = The SipHash IV from the KDF. (8 bytes)
+      length is big endian.
       For each frame:
         IV[n] = SipHash-2-4(sipk1, sipk2, IV[n-1])
         Mask[n] = First 2 bytes of IV[n]
@@ -1674,6 +1675,13 @@ Decoding the length is done by deriving the mask used to obfsucate the length an
 digest to obtain the length of the frame.
 The frame length is the total length of the encrypted frame including the MAC.
 
+Notes
+`````
+- If you use a SipHash library function that returns an unsigned long integer,
+  use the least significant two bytes as the Mask.
+  Convert the long integer to the next IV as little endian.
+
+
 
 Raw contents
 ````````````
@@ -1814,15 +1822,17 @@ Options block will be variable length.
 
   {% highlight lang='dataspec' %}
 +----+----+----+----+----+----+----+----+
-  | 1  |  size   |tmin|tmax|rmin|rmax|    |
-  +----+----+----+----+----+----+----+    +
-  |            more_options               |
+  | 1  |  size   |tmin|tmax|rmin|rmax|tdmy|
+  +----+----+----+----+----+----+----+----+
+  |tdmy|  rdmy   |  tdelay |  rdelay |    |
+  ~----+----+----+----+----+----+----+    ~
+  |              more_options             |
   ~               .   .   .               ~
   |                                       |
   +----+----+----+----+----+----+----+----+
 
   blk :: 1
-  size :: 2 bytes, big endian, size of options to follow, 4 bytes minimum TBD
+  size :: 2 bytes, big endian, size of options to follow, 12 bytes minimum
 
   tmin, tmax, rmin, rmax :: requested padding limits
       tmin and rmin are for desired resistance to traffic analysis.
@@ -1841,6 +1851,11 @@ Options block will be variable length.
       Sender should honor receiver's maximum.
       Sender may or may not honor receiver's minimum, within bandwidth constraints.
 
+  tdmy: Max dummy traffic willing to send, 2 bytes big endian, bytes/sec average
+  rdmy: Requested dummy traffic, 2 bytes big endian, bytes/sec average
+  tdelay: Max intra-message delay willing to insert, 2 bytes big endian, msec average
+  rdelay: Requested intra-message delay, 2 bytes big endian, msec average
+
   Padding distribution specified as additional parameters?
   Random delay specified as additional parameters?
 
@@ -2015,8 +2030,9 @@ This must be the last non-padding block in the frame.
          15: RI signature verification fail
          16: s parameter missing, invalid, or mismatched in RouterInfo
          17: banned
-  addl data :: optional, 0 or more bytes, for future expansion or debugging,
-               format unspecified and may vary based on reason code
+  addl data :: optional, 0 or more bytes, for future expansion, debugging,
+               or reason text.
+               Format unspecified and may vary based on reason code.
 
 {% endhighlight %}
 
-- 
GitLab