diff --git a/www.i2p2/README b/www.i2p2/README
new file mode 100644
index 0000000000000000000000000000000000000000..1b8ba45db61cb967cb7b23d24c18eba37879b623
--- /dev/null
+++ b/www.i2p2/README
@@ -0,0 +1,14 @@
+To run locally (for testing purposes):
+
+$ python app.py
+This will run a webserver on http://localhost:5009/
+
+If you get python import errors when trying to run the local web server, you
+might need to install required dependencies: jinja and werkzeug. If you are
+using Linux, they might be in the repository of your distribution. Otherwise
+you will have to install them yourself. Please see the homepages of these
+projects:
+
+http://jinja.pocoo.org/
+http://werkzeug.pocoo.org/
+
diff --git a/www.i2p2/i2p2www/__init__.py b/www.i2p2/i2p2www/__init__.py
new file mode 100644
index 0000000000000000000000000000000000000000..477c4c87999f6348f997f802d6e6431f5d55bbac
--- /dev/null
+++ b/www.i2p2/i2p2www/__init__.py
@@ -0,0 +1,313 @@
+from jinja2 import Environment, FileSystemLoader, environmentfilter
+from flask import Flask, request, session, g, redirect, url_for, abort, render_template, flash, send_from_directory, safe_join
+from docutils.core import publish_parts
+import os.path
+import os
+import fileinput
+import codecs
+
+
+TEMPLATE_DIR = os.path.join(os.path.dirname(__file__), 'pages')
+STATIC_DIR = os.path.join(os.path.dirname(__file__), 'static')
+
+BLOG_DIR = os.path.join(os.path.dirname(__file__), 'blog')
+MEETINGS_DIR = os.path.join(os.path.dirname(__file__), 'meetings')
+
+app = application = Flask(__name__, template_folder=TEMPLATE_DIR, static_url_path='/_static', static_folder=STATIC_DIR)
+app.debug = bool(os.environ.get('APP_DEBUG', 'False'))
+
+
+##########################
+# Hooks - helper functions
+
+def after_this_request(f):
+ if not hasattr(g, 'after_request_callbacks'):
+ g.after_request_callbacks = []
+ g.after_request_callbacks.append(f)
+ return f
+
+
+###########################
+# Hooks - url preprocessing
+
+@app.url_value_preprocessor
+def pull_lang(endpoint, values):
+ if not values:
+ return
+ g.lang=values.pop('lang', None)
+
+@app.url_defaults
+def set_lang(endpoint, values):
+ if not values:
+ return
+ if 'lang' in values:
+ return
+ if hasattr(g, 'lang'):
+ values['lang'] = g.lang
+
+
+########################
+# Hooks - before request
+
+# Detect and store chosen theme
+@app.before_request
+def detect_theme():
+ theme = 'light'
+ if 'style' in request.cookies:
+ theme = request.cookies['style']
+ if 'theme' in request.args.keys():
+ theme = request.args['theme']
+ if not os.path.isfile(safe_join('static/styles', '%s.css' % theme)):
+ theme = 'light'
+ g.theme = theme
+ @after_this_request
+ def remember_theme(resp):
+ if g.theme == 'light' and 'style' in request.cookies:
+ resp.delete_cookie('style')
+ elif g.theme != 'light':
+ resp.set_cookie('style', g.theme)
+ return resp
+
+
+############################
+# Hooks - request processing
+
+@app.template_filter('restructuredtext')
+def restructuredtext(value):
+ parts = publish_parts(source=value, writer_name="html")
+ return parts['html_body']
+
+
+#######################
+# Hooks - after request
+
+@app.after_request
+def call_after_request_callbacks(response):
+ for callback in getattr(g, 'after_request_callbacks', ()):
+ response = callback(response)
+ return response
+
+
+###############
+# Error handlers
+
+@app.errorhandler(404)
+def page_not_found(error):
+ return render_template('global/error_404.html'), 404
+
+
+#######################
+# General page handlers
+
+# Index - redirects to en homepage
+@app.route('/')
+def main_index():
+ return redirect(url_for('site_show', lang='en'))
+
+# Site pages
+@app.route('/<string:lang>/site/')
+@app.route('/<string:lang>/site/<path:page>')
+def site_show(page='index'):
+ if page.endswith('.html'):
+ return redirect(url_for('site_show', page=page[:-5]))
+ name = 'site/%s.html' % page
+ page_file = safe_join(TEMPLATE_DIR, name)
+
+ # bah! those damn users all the time!
+ if not os.path.exists(page_file):
+ abort(404)
+
+ # hah!
+ return render_template(name, page=page)
+
+
+##################
+# Meeting handlers
+
+# Meeting index
+@app.route('/<string:lang>/meetings/')
+def meetings_index():
+ return render_template('meetings/index.html')
+
+# Renderer for specific meetings
+@app.route('/<string:lang>/meetings/<int:id>')
+def meetings_show(id, log=False, rst=False):
+ """
+ Render the meeting X.
+ Either display the raw IRC .log or render as html and include .rst as header if it exists
+ """
+ # generate file name for the raw meeting file(and header)
+ lname = str(id) + '.log'
+ hname = str(id) + '.rst'
+ lfile = safe_join(MEETINGS_DIR, lname)
+ hfile = safe_join(MEETINGS_DIR, hname)
+
+ # check if meeting file exists and throw error if it does not..
+ if not os.path.exists(lfile):
+ abort(404)
+
+ # if the user just wanted the .log
+ if log:
+ # hmm... maybe replace with something non-render_template like?
+ # return render_template('meetings/show_raw.html', log=log)
+ return send_from_directory(MEETINGS_DIR, lname, mimetype='text/plain')
+
+ log=''
+ header=None
+
+ # try to load header if that makes sense
+ if os.path.exists(hfile):
+ # if the user just wanted the .rst...
+ if rst:
+ return send_from_directory(MEETINGS_DIR, hname, mimetype='text/plain')
+
+ # open the file as utf-8 file
+ with codecs.open(hfile, encoding='utf-8') as fd:
+ header = fd.read()
+ elif rst:
+ abort(404)
+
+ # load log
+ with codecs.open(lfile, encoding='utf-8') as fd:
+ log = fd.read()
+
+ return render_template('meetings/show.html', log=log, header=header, id=id)
+
+# Just return the raw .log for the meeting
+@app.route('/<string:lang>/meetings/<int:id>.log')
+def meetings_show_log(id):
+ return meetings_show(id, log=True)
+
+# Just return the raw .rst for the meeting
+@app.route('/<string:lang>/meetings/<int:id>.rst')
+def meetings_show_rst(id):
+ return meetings_show(id, rst=True)
+
+
+###################
+# Download handlers
+
+# List of downloads
+@app.route('/<string:lang>/download')
+def downloads_list():
+ # TODO: read mirror list or list of available files
+ return render_template('downloads/list.html')
+
+# Specific file downloader
+@app.route('/<string:lang>/download/<path:file>')
+def downloads_select(file):
+ # TODO: implement
+ pass
+
+@app.route('/download/<string:protocol>/any/<path:file>')
+@app.route('/download/<string:protocol>/<string:mirror>/<path:file>')
+def downloads_redirect(protocol, file, mirror=None):
+ # TODO: implement
+ pass
+
+
+#####################
+# Blog helper methods
+
+def get_blog_index():
+ """
+ Returns list of valid slugs sorted by date
+ """
+ ret=[]
+
+ # list of slugs(not sorted in any way)
+ entries=[]
+ # walk over all directories/files
+ for v in os.walk(BLOG_DIR):
+ # iterate over all files
+ for f in v[2]:
+ # ignore all non-.rst files
+ if not f.endswith('.rst'):
+ continue
+
+
+def render_blog_entry(slug):
+ """
+ Render the blog entry
+ TODO:
+ - caching
+ - move to own file
+ """
+ # check if that file actually exists
+ path = safe_join(BLOG_DIR, slug + ".rst")
+ if not os.path.exists(path):
+ abort(404)
+
+ # read file
+ with codecs.open(path, encoding='utf-8') as fd:
+ content = fd.read()
+
+ return publish_parts(source=content, source_path=BLOG_DIR, writer_name="html")
+
+
+###############
+# Blog handlers
+
+@app.route('/<string:lang>/blog/')
+@app.route('/<string:lang>/blog/page/<int:page>')
+def blog_index(page=0):
+ # TODO: implement
+ pass
+
+@app.route('/<string:lang>/blog/entry/<path:slug>')
+def blog_entry(slug):
+ # try to render that blog entry.. throws 404 if it does not exist
+ parts = render_blog_entry(slug)
+
+ if parts:
+ # now just pass to simple template file and we are done
+ return render_template('blog/entry.html', parts=parts, title=parts['title'], body=parts['fragment'])
+ else:
+ abort(404)
+
+
+@app.route('/feed/blog/rss')
+def blog_rss():
+ # TODO: implement
+ pass
+
+@app.route('/feed/blog/atom')
+def blog_atom():
+ # TODO: implement
+ pass
+
+
+##############
+# Legacy paths
+
+@app.route('/meeting<int:id>')
+@app.route('/meeting<int:id>.html')
+def legacy_meeting(id):
+ return redirect(url_for('meetings_show', id=id, lang='en'))
+
+@app.route('/status-<int:year>-<int:month>-<int:day>')
+@app.route('/status-<int:year>-<int:month>-<int:day>.html')
+def legacy_status(year, month, day):
+ return redirect(url_for('blog_entry', lang='en', slug=('%s/%s/%s/status' % (year, month, day))))
+
+LEGACY_MAP={
+ 'download': 'downloads_list'
+}
+
+@app.route('/<string:f>_<string:lang>')
+@app.route('/<string:f>_<string:lang>.html')
+@app.route('/<string:f>')
+@app.route('/<string:f>.html')
+def legacy_show(f):
+ lang = 'en'
+ if hasattr(g, 'lang') and g.lang:
+ lang = g.lang
+ if f in LEGACY_MAP:
+ return redirect(url_for(LEGACY_MAP[f], lang=lang))
+ else:
+ return redirect(url_for('site_show', lang=lang, page=f))
+
+
+
+if __name__ == '__main__':
+ app.run(debug=True)
diff --git a/www.i2p2/pages/status-2006-10-10.html b/www.i2p2/i2p2www/blog/2006/10/10/status.html
similarity index 94%
rename from www.i2p2/pages/status-2006-10-10.html
rename to www.i2p2/i2p2www/blog/2006/10/10/status.html
index 6578b642ad90f5df4b60098b15f58d75a918f20b..a3c787e3810cb841f2d6c7982e5dca6d2c240a08 100644
--- a/www.i2p2/pages/status-2006-10-10.html
+++ b/www.i2p2/i2p2www/blog/2006/10/10/status.html
@@ -1,7 +1,5 @@
-{% extends "_layout.html" %}
-{% block title %}I2P Status Notes for 2006-10-10{% endblock %}
-{% block content %}<h3>I2P Status Notes for 2006-10-10</h3>
-<pre>-----BEGIN PGP SIGNED MESSAGE-----
+<pre>
+-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi y'all, brief status notes this week
@@ -79,7 +77,4 @@ iD8DBQFFK6hgzgi8JTPcjUkRAuG2AJ46vK/13GIEngzQe05KRuEP2ZYvRQCeJB3j
VmEzybBbtZSpSrFcU4qdvks=
=QlDy
-----END PGP SIGNATURE-----
-
-
</pre>
-{% endblock %}
diff --git a/www.i2p2/i2p2www/blog/2006/10/10/status.rst b/www.i2p2/i2p2www/blog/2006/10/10/status.rst
new file mode 100644
index 0000000000000000000000000000000000000000..b77847b708e62df65c5e58597bcea07b3349d0c5
--- /dev/null
+++ b/www.i2p2/i2p2www/blog/2006/10/10/status.rst
@@ -0,0 +1,6 @@
+===============================
+I2P STATUS NOTES FOR 2006-10-10
+===============================
+
+.. raw:: html
+ :file: blog/2006/10/10/status.html
diff --git a/www.i2p2/i2p2www/meetings/208.log b/www.i2p2/i2p2www/meetings/208.log
new file mode 100644
index 0000000000000000000000000000000000000000..0d0f51579b8a15a04c46af8eacf863650b7a4ef6
--- /dev/null
+++ b/www.i2p2/i2p2www/meetings/208.log
@@ -0,0 +1,263 @@
+22:02 <@Mathiasdm> okay
+22:02 <@Mathiasdm> meeting time
+22:03 <@Mathiasdm> 0) Hello
+22:03 <@Mathiasdm> 1) Website content progress
+22:03 <@Mathiasdm> 2) Website backend progress
+22:03 <@Mathiasdm> 3) Location for dev discussion
+22:03 <@Mathiasdm> 4) Task appointing + handling of disagreements
+22:03 <@Mathiasdm> 5) Status updates
+22:03 <@Mathiasdm> 6) Upcoming dev conferences
+22:03 <@Mathiasdm> okay
+22:03 <@Mathiasdm> 0) Hello
+22:04 <@Mathiasdm> Welcome to the 208th dev meeting! (shamelessly stolen from badger :p)
+22:04 * Mathiasdm pokes everyone
+22:04 < eche|on> *poke*
+22:04 * Mathiasdm pokes zzz, thanks for the op
+22:06 <@Mathiasdm> hm, more poking needed to wake everyone up? zzz badger dr|z3d dream duck eche|on hottuna postman sponge superuser ReturningNovice (sorry :))
+22:06 < eche|on> *POKE*
+22:06 <@Mathiasdm> sorry, eche|on :p saw your poke
+22:08 < duck> moin
+22:08 <@Mathiasdm> moin duck
+22:09 < hawk> * Mathiasd1 pokes welterde
+22:11 <@Mathiasdm> okay, waiting a bit longer then, since there's only 3 of us so far
+22:11 <@Mathiasdm> anyone who wants to join in, just poke back
+22:11 < whitenoise> *poke*
+22:11 <@zzz> ack
+22:12 <@Mathiasdm> aha, lead dev, good :)
+22:13 <@Mathiasdm> and just to be sure as many people as possible can join in, waiting 2 more minutes and then starting
+22:14 <@Mathiasdm> 1 more minute now
+22:14 < superuser> mooin
+22:15 <@Mathiasdm> right on time, superuser ;)
+22:15 <@Mathiasdm> hi all
+22:15 < superuser> ;-)
+22:15 < superuser> hi Mathiasdm
+22:15 < superuser> and all
+22:15 <@Mathiasdm> 1) Website content progress
+22:15 <@Mathiasdm> as we probably all know, I2P development is currently halted due to the specs overhaul
+22:16 * Mathiasdm hands the hot potato to zzz, so he can talk about the specs overhaul progress
+22:16 < eche|on> right
+22:17 <@zzz> it's been 7 weeks, progress is slow. I'm working on i2cp right now, I've spent several hours on it already
+22:17 <@zzz> need other ppl to chip in both on what they've promised to do, and on the stuff that is unclaimed
+22:17 <@zzz> eot
+22:18 <@Mathiasdm> okay
+22:18 * Mathiasdm will get started again tomorrow, now dev environment is set up again
+22:18 <@Mathiasdm> others having something to say about it, go ahead :)
+22:19 <@Mathiasdm> guess not
+22:19 <@Mathiasdm> hm
+22:19 <@Mathiasdm> 2) Website backend progress
+22:19 < eche|on> I think is is great form the peoples doing it.
+22:19 <@Mathiasdm> oh
+22:19 <@Mathiasdm> sorry :)
+22:21 <@Mathiasdm> we're skipping 2) for now, unless welt comes in
+22:21 <@Mathiasdm> 3) Location for dev discussion
+22:22 <@Mathiasdm> this is related to http://zzz.i2p/topics/719
+22:22 <@Mathiasdm> I quote:
+22:22 <@Mathiasdm> "* Post developer discussions on zzz.i2p. What I mean is: IRC is a highly 'volatile' medium, where not everyone is online all the time, and not everyone logs. It's a great medium for a short discussion, but do consider posting a short write-up on zzz.i2p, so others can join in on the discussion."
+22:22 < eche|on> dev discussion is a hard topic. IRC is nice, but not reliant neither an archive
+22:22 <@Mathiasdm> yes, agreed
+22:23 <@Mathiasdm> but there are many things to chose from
+22:23 <@Mathiasdm> zzz.i2p, forum.i2p, mailing list
+22:23 <@Mathiasdm> well, okay, 3 things :p
+22:23 < eche|on> I would suggest some central point of archive
+22:23 < eche|on> with a backup.
+22:24 <@Mathiasdm> yes
+22:24 <@Mathiasdm> but setting up distributed storage for this sounds like a hard thing :p
+22:24 <@Mathiasdm> though mailing list is doable, I guess
+22:25 <@Mathiasdm> mailing list is 'kinda distributed'
+22:25 < eche|on> :-)
+22:25 < superuser> isn't the website itself already distributed?
+22:25 <@Mathiasdm> anyone else, ideas?
+22:25 < eche|on> a mailinglist is a good solution, to
+22:26 < superuser> could also go there
+22:26 <@Mathiasdm> yes, but that doesn't include the forum, superuser
+22:26 < eche|on> rightm website is in monotone
+22:26 <@Mathiasdm> true
+22:26 < superuser> no, I don't mean the forum, but website itself
+22:26 < superuser> aren't old dev meetings available there somewhere too?
+22:26 <@Mathiasdm> but it's hard to discuss when you have to check your discussions into monotone :p
+22:27 < superuser> true
+22:27 <@Mathiasdm> perhaps with the new backend welt is working on, it'll be more doable
+22:27 < superuser> would only be of interest for archiving, not for keeping discussing
+22:28 <@Mathiasdm> for a temporary way, I would propose: if you keep a big discussion on IRC, post a few notes on _a_ persistent medium
+22:29 <@Mathiasdm> be it zzz.i2p, mailing list or forum
+22:29 <@Mathiasdm> I know, that's a bit vague
+22:29 < eche|on> I vote mailinglist ++
+22:29 <@Mathiasdm> hm, welt, are mailinglist instructions on the website somewhere?
+22:29 < superuser> you mean welt's nntp service?
+22:29 <@Mathiasdm> mailing list sounds good to me too, eche|on, but I wonder if it will work to get everyone to use it?
+22:29 < eche|on> currently no ml available
+22:29 <@Mathiasdm> yes, superuser
+22:29 <@Mathiasdm> er
+22:29 <@Mathiasdm> or what was it
+22:29 <@Mathiasdm> I think so
+22:30 <@Mathiasdm> eche|on: welt set a few ml's up this summer
+22:30 < eche|on> nntp is news server
+22:30 <@Mathiasdm> but not widely used yet
+22:30 <@Mathiasdm> yes, indeed, but there's a mailing list now too
+22:30 <@Mathiasdm> but I don't have the location here
+22:30 <@Mathiasdm> zzz, duck: opinions?
+22:31 < superuser> I have no mailing list info so far, just seen welt's and Mathiasdm's and ReturningNovice's posts on news server
+22:32 <@zzz> I'm not a big fan of an ML but I'll use it if ppl want. welt's seems to be a big secret atm
+22:33 < duck> I think zzz.i2p is fine
+22:33 <@Mathiasdm> imho anything not-irc would be useful (I like IRC, as said before, but too much dev discussions are unfolloweable)
+22:33 < eche|on> zzz.i2p is fine, but: irc discussions needs to be copied intoi AND somehow a kind of backup would be nice
+22:34 <@Mathiasdm> hm, maybe I can set s omething up like
+22:34 <@Mathiasdm> er
+22:34 <@Mathiasdm> what was it called
+22:34 <@Mathiasdm> 2 or 3 years ago
+22:34 <@Mathiasdm> trevorreznik.i2p?
+22:36 <@Mathiasdm> how about: we keep using zzz.i2p, and we start using a mailing list, and try to make sure IRC discussions don't stay IRC-only?
+22:36 < duck> all major design stuff is already on zzz.i2p
+22:36 < eche|on> better: try keep using zzz.i2p and copy IRC into it.
+22:36 < duck> I dont see your problem
+22:37 < superuser> what if zzz one disappearsß
+22:37 < superuser> s/ß/?
+22:37 < duck> dev/design
+22:37 <@Mathiasdm> for example, everything sponge posts (just an example, sponge :p) about seedless and bob is often irc-only discussion
+22:38 < duck> I dont think a mailinglist will result into sponge documenting his protocol and api
+22:38 < duck> but sure, give it a try
+22:39 <@Mathiasdm> nooo, that's not what I meant, duck
+22:39 <@Mathiasdm> as said, I don't care if it's on zzz.i2p or on mailing list
+22:39 <@Mathiasdm> I just don't want it to be IRC-only, those discussions
+22:39 <@Mathiasdm> but yes, you have a good point too
+22:39 <@Mathiasdm> that some things will perhaps stay irc-only
+22:39 < duck> then go talk to sponge
+22:39 <@Mathiasdm> it was an example
+22:40 < duck> (which you might be doing through this meeting ofc)
+22:40 < duck> ok, understood
+22:40 <@Mathiasdm> :)
+22:41 <@Mathiasdm> okay, I guess if everyone just tries to post things on zzz.i2p (or mailing list -- but we'll wait for welt :p), that's settled
+22:42 <@Mathiasdm> for now, at least
+22:42 <@Mathiasdm> anyone have anything to add on this?
+22:44 <@Mathiasdm> okay
+22:44 <@Mathiasdm> next
+22:44 <@Mathiasdm> 4) Task appointing + handling of disagreements
+22:45 -!- Moru [kvirc@irc2p] has joined #i2p-dev
+22:45 <@Mathiasdm> currently, tasks (displayed on http://www.i2p2.de/team.html ) are appointed/chosen by people simply changing the webpage
+22:45 < hawk> <preforce> Title: Team - I2P (at www.i2p2.de)
+22:45 <@Mathiasdm> so if you want to do a task, you just do it, and you add yourself to the webpage
+22:45 <@Mathiasdm> which is good, I guess :)
+22:46 < eche|on> if someone disagree: discussion in IRC/zzz.i2p
+22:46 <@Mathiasdm> yes, disagreeing is the point
+22:46 < eche|on> but people need checkin-rights to change, means: need som etrust from existant devs
+22:46 <@Mathiasdm> there was disagreement this summer, and we didn't really handle that
+22:46 <@Mathiasdm> true, eche|on
+22:47 <@Mathiasdm> how do we resolve a discussio if the people disagreeing can't come to agreement?
+22:47 <@Mathiasdm> vote or something?
+22:47 <@Mathiasdm> that's what I was wondering about
+22:48 <@Mathiasdm> suggestions?
+22:48 < eche|on> last line of defense was noted once
+22:48 < eche|on> which was zzz
+22:48 <@Mathiasdm> last line of defense?
+22:48 <@Mathiasdm> ah
+22:49 < whitenoise> what about a third better solution?
+22:49 < duck> if all else fails; resort to zzz
+22:49 < eche|on> but voting is a nice idea, but I think a solution will be found ahead
+22:49 <@Mathiasdm> if the third solution is definitely better, the two parties will choose that one ;)
+22:50 <@Mathiasdm> hm, okay
+22:50 <@Mathiasdm> just out of curiosity, zzz, you agree to being 'the last line of defense'? :)
+22:50 <@Mathiasdm> it sounds okay to me, but do you want that yourself?
+22:51 <@zzz> not particularly. my rule is whoever is actually doing something is in charge. ppl that do nothing but talk and piss other ppl off are not.
+22:52 <@zzz> there's plenty of work to go around.
+22:53 <@Mathiasdm> okay :) sounds good
+22:53 <@Mathiasdm> anyone have additional comments? if not, next item
+22:53 < superuser> generally "the one who does it is in charge" sounds good
+22:53 < superuser> but what if two parties actually do
+22:53 < superuser> and still go in opposite directions?
+22:54 < superuser> I guess in that case a voting mechanism would not be too uncool
+22:54 <@Mathiasdm> true
+22:54 <@zzz> if it's code I can pick. I'm definitely not the last line of defense for the website. welt and echelon are.
+22:55 <@Mathiasdm> well, if discussion happens and a solution cannot be found, there can be a vote or someone (zzz, welt?) can pick
+22:55 <@zzz> they would pick a winner by pulling privs from the loser.
+22:56 <@Mathiasdm> *only if it's a nasty discussion, I would hope ;) friendly disagreements shouldn't result in losing privs :p
+22:57 < eche|on> right
+22:58 <@Mathiasdm> okay then
+22:58 <@Mathiasdm> next point
+22:58 <@Mathiasdm> if that's okay
+22:58 <@Mathiasdm> 5) Status updates
+22:58 < eche|on> ok
+22:59 <@Mathiasdm> I will start 'collecting' status updates this weekend, I think
+22:59 <@Mathiasdm> I was going to do so last week, but caught up in work
+22:59 < eche|on> great. go ahead.
+22:59 <@Mathiasdm> basically, simply 'what did you do last week?' and 'what are your plans for next week?'
+23:00 <@Mathiasdm> and I'll post them a bit summarized on the website
+23:00 <@Mathiasdm> suggestions are always welcome :)
+23:00 <@Mathiasdm> okay, final point (added only a bit before starting the meeting)
+23:00 <@Mathiasdm> 6) Upcoming dev conferences
+23:01 <@Mathiasdm> -who's going to 27c3?
+23:01 <@Mathiasdm> -who's going to brucon?
+23:01 <@Mathiasdm> -any others?
+23:02 <@Mathiasdm> I will certainly attend brucon, and most likely 27c3 for a day (and will stay in berlin for a few days)
+23:02 < whitenoise> Mathiasdm, I added 1 more point 10 min. before the beginning.
+23:02 <@Mathiasdm> oh? sorry, didn't see
+23:03 <@Mathiasdm> okay, will do that in a minute, whitenoise
+23:03 < whitenoise> ok
+23:03 < whitenoise> thanks
+23:03 <@Mathiasdm> nobody remarks on dev conferences?
+23:04 <@Mathiasdm> then: 7) Promoting the usage of the bittorrent protocol inside I2P: pros and cons
+23:04 * Mathiasdm hands hot potato to whitenoise
+23:04 < whitenoise> Ok, so we discussed this a little bit with duck
+23:05 < whitenoise> While it's a good way for cover traffic and network growth, it may lead to the notoriety of I2P as a illegal file-sharing network
+23:05 < eche|on> I decided to not attend to 27c3
+23:06 <@Mathiasdm> ah, too bad, eche|on
+23:06 <@Mathiasdm> true, whitenoise
+23:06 < whitenoise> On the other hand...
+23:06 < superuser> I think, bt should not be empahsized more than other services, but i2p be promoted as general use network
+23:07 < superuser> oh, he had not yet finished...
+23:07 <@Mathiasdm> he might be lagging, give him a bit :)
+23:08 < whitenoise> if we don't promote this protocol, in some not very near future, if the business model for selling digital media is not changed, the pressure on torrent users will be higher, so they will start looking for ways to hide
+23:08 < whitenoise> which can lead to my first point (notoriety) anyway
+23:08 < whitenoise> but it's doubtful, of course
+23:08 < Moru> Hello! Excuse me for butting here... sad but true, promote it as filesharing and you will have loads more users and plenty of developers joining. Mabe even get funded by those that wants to use a safe filesharing platform.
+23:09 <@Mathiasdm> simply promoting it would not do that, imho
+23:09 <@Mathiasdm> and whitenoise, you are right about notoriety
+23:09 <@Mathiasdm> but are we promoting it?
+23:10 < whitenoise> Imo, right now we don't
+23:10 <@Mathiasdm> and bittorrent in itself is not causing the notoriety, file sharing is (imho important distinction, but perhaps not in this discussion)
+23:10 <@Mathiasdm> (and hi, Moru)
+23:11 < whitenoise> Well, bittorrent is the most used way, that's why I talk about it
+23:11 < whitenoise> of course, it may be emule or anything else
+23:11 <@Mathiasdm> how would you see promoting it?
+23:12 < whitenoise> For example, current simple users have some difficulties setting everything up
+23:12 < whitenoise> We could make info about bittorrent more conspicuous
+23:13 <@Mathiasdm> hm, yes
+23:13 < whitenoise> description more simple
+23:13 < whitenoise> and so on.
+23:13 <@Mathiasdm> but that's (imho) more a general I2P problem
+23:13 < whitenoise> maybe improve i2psnark a little
+23:13 <@Mathiasdm> I2P could become a lot more conspicuous :p
+23:13 < whitenoise> yes
+23:14 < whitenoise> but doing it (as well as advertising it on twitter, for example) will surely attract some users
+23:14 <@Mathiasdm> yes
+23:14 <@Mathiasdm> well, I agree, and I hope we will more towards making everything clearer (better usability and such) in the near future
+23:14 < whitenoise> so, the question is, I guess, what we should do and what we shouldn't
+23:15 < whitenoise> improve description but don't advertise as a filesharing network, maybe?
+23:15 <@Mathiasdm> what we should do (once development of 0.9 starts) is imho take a look at the 'pain points' of usability
+23:15 < eche|on> laready got some ideas of those
+23:17 <@Mathiasdm> yes, I2P description would help; console overhaul (perhaps? I don't know) would help
+23:17 <@Mathiasdm> eche|on: didn't we have a .pdf with usability remarks from a conference you went?
+23:17 < eche|on> hm
+23:18 <@zzz> i have it
+23:18 < eche|on> need to look for it, but we had some issues over all.
+23:18 <@Mathiasdm> have a link, zzz?
+23:19 <@Mathiasdm> okay, we could focus on it a bit after the website specs?
+23:20 <@zzz> http://zzz.i2p/files/petcon-usability-long.pdf
+23:20 <@Mathiasdm> thx
+23:20 < eche|on> thats a nice idea
+23:21 <@Mathiasdm> okay then
+23:21 <@Mathiasdm> other remarks or ideas, whitenoise?
+23:21 < whitenoise> hm...
+23:22 <@Mathiasdm> you are of course always free to start working on website usability improvements too
+23:22 < eche|on> just wait for some mails with contact data to pay out some money ;-)
+23:23 < whitenoise> well, I guess we decided to improve usability in general without any accent on bittorrent, right?
+23:23 < whitenoise> :-)
+23:23 <@Mathiasdm> that looks like it, yes, whitenoise
+23:23 <@Mathiasdm> I will mail you my bank account, eche|on, just send me the money ;)
+23:23 <@Mathiasdm> okay then
+23:23 <@Mathiasdm> 8) cookies for everyone who attended
+23:24 < eche|on> *g*
+23:24 <@Mathiasdm> ===Meeting over===
+23:24 <@Mathiasdm> thanks all :)
+23:24 < eche|on> COOKIES!
+23:25 <@Mathiasdm> don't eat all of them
+23:25 * Mathiasdm pokes eche|on
diff --git a/www.i2p2/pages/download.html b/www.i2p2/i2p2www/pages/downloads/list.html
similarity index 52%
rename from www.i2p2/pages/download.html
rename to www.i2p2/i2p2www/pages/downloads/list.html
index 888bf3aa0cd1d8f696ce1ecf17b6d7a7f74670e5..8842e5bdb8235473a916d33954e1cc4468ddd5d9 100644
--- a/www.i2p2/pages/download.html
+++ b/www.i2p2/i2p2www/pages/downloads/list.html
@@ -1,41 +1,58 @@
-{% extends "_layout.html" %}
+{% extends "global/layout.html" %}
{% block title %}Download{% endblock %}
{% block content %}
-<h1>Download I2P</h1>
+<h1>Download I2P</h1>
<h3>Dependency</h3>
-<a href="http://java.com/download/">Sun Java</a> 1.5 or higher, or equivalent JRE.
-(<a href="http://java.com/download/">Sun Java 1.6</a> recommended)
-<br>
-<a href="http://java.com/en/download/installed.jsp?detect=jre&try=1">Determine your installed Java version here</a>
+Java Runtime 1.5 or higher.
+(<a href="http://java.com/download/">Oracle/Sun Java Version 6</a>,
+<a href="http://openjdk.java.net/install/">OpenJDK 6</a>, or
+<a href="http://icedtea.classpath.org/wiki/Main_Page">IcedTea6</a>
+ recommended)
+<br />
+<a href="http://java.com/en/download/installed.jsp?detect=jre&try=1">Determine your installed Java version here</a>
or type <tt>java -version</tt> at your command prompt.
<h3>Clean installs</h3>
<ul class="downloadlist">
-<li>Graphical installer:<br />
- <a href="http://mirror.i2p2.de/i2pinstall_0.8.exe">i2pinstall_0.8.exe</a>
+<li><b>Windows Graphical installer:</b><br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe">i2pinstall_0.9.1_windows.exe</a>
(SHA256
-d14ef28ffff7ef95e5627d7bbeac8f5aad57c82b89d2071383787f2124152ca9
- <a href="http://mirror.i2p2.de/i2pinstall_0.8.exe.sig">sig</a>)<br />
- Download that file and run it. If you're not on windows, you can
- type <code>java -jar i2pinstall_0.8.exe</code> (yes, really)</li>
-<li>Command line (headless) install:<br />
+0727af83988e82f32e0972a9e12c72ac14c3c0da0815c5902193d6b13d356371
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe.sig">sig</a>)<br />
+ Download that file and run it.
+</li>
+
+<li><b>Linux / OS X / BSD / Solaris Graphical installer:</b><br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar">i2pinstall_0.9.1.jar</a>
+ (SHA256
+39c19c0df042ad231a14fdf1c20e4927651a2af0f0cf734b46eba0d2b8419314
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar.sig">sig</a>)<br />
+ Download that file and double-click it (if that works) or
+ type <code>java -jar i2pinstall_0.9.1.jar</code> in a terminal to run the
+ installer.
+ On some platforms you may be able to right-click and select
+ "Open with Java".</li>
+
+<li><b>Linux / OS X / BSD / Solaris Command line (headless) install:</b><br />
Download the graphical installer file above and
- run <code>java -jar i2pinstall_0.8.exe -console</code> from the command line.
- This will work on windows. linux, and mac (yes really).
+ run <code>java -jar i2pinstall_0.9.1.jar -console</code> from the command line.
</li>
-<li>Source install:<br />
- <a href="http://mirror.i2p2.de/i2psource_0.8.tar.bz2">i2psource_0.8.tar.bz2</a>
+
+ <li><a href="/debian.html">Packages for Debian & Ubuntu</a></li>
+
+<li><b>Source install:</b><br />
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2">i2psource_0.9.1.tar.bz2</a>
(SHA256
-a179fc478279383af3420c84699a014a40f9cb0da87ab2a2d2b890639345b999
- <a href="http://mirror.i2p2.de/i2psource_0.8.tar.bz2.sig">sig</a>)<br />
+8603c928a210ced77b6498bf8ee07cb000be9641adc389b34c3c8a10ac4f0677
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2.sig">sig</a>)<br />
Alternately, you can fetch the source from <a href="newdevelopers">monotone</a>.
- <br/>
- Run <code>(tar xjvf i2psource_0.8.tar.bz2 ; cd i2p-0.8 ; ant pkg)</code> then either
+ <br />
+ Run <code>(tar xjvf i2psource_0.9.1.tar.bz2 ; cd i2p-0.9.1 ; ant pkg)</code> then either
run the GUI installer or headless install as above</li>
</ul>
The files are signed by zzz,
<a href="release-signing-key.html">whose key is here</a>.
-
+<p>I2P can also be downloaded from our project pages on <a href="https://launchpad.net/i2p/trunk">Launchpad</a> and <a href="http://code.google.com/p/i2p/">Google Code</a>.</p>
<h3>Post-install work</h3>
<p>After running the installer on windows, simply click on the "Start I2P" button
@@ -56,7 +73,7 @@ start the router with "sh runplain.sh" instead.
if you can, bearing in mind the Internet-facing ports I2P uses,
<a href="faq#ports">described here</a> among other ports.
If you have successfully opened your port to inbound TCP, also enable inbound TCP on the
-<a href="http://localhost:7657/config.jsp">configuration page</a>.
+<a href="http://localhost:7657/confignet.jsp">configuration page</a>.
</p>
<p>Also, please review and <b>adjust the bandwidth settings</b> on the
@@ -64,6 +81,10 @@ If you have successfully opened your port to inbound TCP, also enable inbound TC
as the default settings of 96 KBps down / 40 KBps up are fairly slow.
</p>
+<p>
+If you want to reach eepsites via your browser, have a look on the <a href="htproxyports.html">browser proxy setup</a> page for an easy howto.
+</p>
+
<h3>Updates from earlier releases:</h3>
<p>
Both automatic and manual upgrades are available for the release.
@@ -78,18 +99,18 @@ may get a "downloaded version is not greater than current version" error,
and should use the manual update method below.
</p><p>
If you are running 0.7.4 or earlier, please see
-<a href=release-0.7.5.html>the 0.7.5 release notes</a>
+<a href="release-0.7.5.html">the 0.7.5 release notes</a>
for important information about how to configure your router to automatically
receive the release.
</p><p>
If you are running 0.6.1.30 or earlier, please see
-<a href=upgrade-0.6.1.30.html>instructions</a>
+<a href="upgrade-0.6.1.30.html">instructions</a>
for important information about how to configure your router to automatically
receive the release.
</p>
<ol>
-<li>If you have reconfigured your router following the <a href=upgrade-0.6.1.30.html>instructions</a>, you should see a link on your
+<li>If you have reconfigured your router following the <a href="upgrade-0.6.1.30.html">instructions</a>, you should see a link on your
<a href="http://localhost:7657/index.jsp">router console</a> allowing
you to download and install the new release by just clicking on that
link.</li>
@@ -98,19 +119,24 @@ receive the release.
<h3>Updates from earlier releases (manual method):</h3>
<ol>
-<li>Download <a href="http://mirror.i2p2.de/i2pupdate_0.8.zip">i2pupdate_0.8.zip</a>
+<li>Download <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip">i2pupdate_0.9.1.zip</a>
(SHA256
-57c6dd9dab15dc52613e35ba538842de948ad5f230d17f693cdcc86fa056f97c
- <a href="http://mirror.i2p2.de/i2pupdate_0.8.zip.sig">sig</a>) to your I2P
+136b74435b93aededef5884d39cfbc513f57184b74c8481580bcd5324aa23b1a
+ <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip.sig">sig</a>) to your I2P
installation directory and <b>rename as i2pupdate.zip</b>.
(alternately, you can get the source as above and run "ant updater", then copy the
resulting i2pupdate.zip to your I2P installation directory). You do
NOT need to unzip that file.</li>
-<li>Click <a href="http://localhost:7657/configservice.jsp">"Graceful restart"</a></li>
+<li>Click <a href="http://localhost:7657/configservice.jsp">"Restart"</a></li>
<li>Grab a cup of coffee and come back in 11 minutes</li>
</ol>
The file is signed by zzz,
<a href="release-signing-key.html">whose key is here</a>.
+<h3>Previous Releases</h3>
+Previous releases are available on <a href="http://code.google.com/p/i2p/downloads/list?can=1">Google Code</a>
+and within the I2P network on <a href="http://echelon.i2p/">echelon.i2p</a>.
+
+
{% endblock %}
diff --git a/www.i2p2/i2p2www/pages/global/error_404.html b/www.i2p2/i2p2www/pages/global/error_404.html
new file mode 100644
index 0000000000000000000000000000000000000000..d8563c037068a54fd588dad28d39508764725c90
--- /dev/null
+++ b/www.i2p2/i2p2www/pages/global/error_404.html
@@ -0,0 +1,21 @@
+{% extends "global/layout.html" %}
+{% block title -%}
+{% if g.lang == 'de' %}
+Nicht gefunden
+{% elif g.lang == 'zh' %}
+未找到
+{% else %}
+Not found
+{% endif %}
+{%- endblock %}
+
+{% block content %}
+{% if g.lang == 'de' %}
+Yep... die Information nach der du suchst, nennt sich anders, existiert nicht oder wurde entfernt.
+{% elif g.lang == 'zh' %}
+您æœç´¢çš„页é¢æˆ–资æºçš„å称ä¸æ£ç¡®æˆ–ä¸å˜åœ¨æˆ–å·²è¢«åˆ é™¤ã€‚
+{% else %}
+Yep... the resource, you were searching for, is named differently, doesn't exist or was removed.
+{% endif %}
+
+{% endblock %}
diff --git a/www.i2p2/pages/_layout.html b/www.i2p2/i2p2www/pages/global/layout.html
similarity index 94%
rename from www.i2p2/pages/_layout.html
rename to www.i2p2/i2p2www/pages/global/layout.html
index b75ebf3f542ddea90dd25102a17b2227cdc07ed6..4d0ac763d6ab22d7d43a4cd5db0cc61b8626c0ad 100644
--- a/www.i2p2/pages/_layout.html
+++ b/www.i2p2/i2p2www/pages/global/layout.html
@@ -1,10 +1,10 @@
-{% include "_urlify" -%}
+{% include "global/urlify" -%}
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
- <title>{% filter capture('title') %}{% block title %}{% endblock %}{% endfilter %} - I2P</title>
+ <title>{% block title %}{% endblock %} - I2P</title>
<link rel="canonical" href="{{ domain }}/{{ path }}" />
<link href="_static/styles/960.css" rel="stylesheet" type="text/css" />
<link href="_static/styles/default.css" rel="stylesheet" type="text/css" />
diff --git a/www.i2p2/pages/_menu.html b/www.i2p2/i2p2www/pages/global/menu.html
similarity index 100%
rename from www.i2p2/pages/_menu.html
rename to www.i2p2/i2p2www/pages/global/menu.html
diff --git a/www.i2p2/pages/_urlify b/www.i2p2/i2p2www/pages/global/urlify
similarity index 62%
rename from www.i2p2/pages/_urlify
rename to www.i2p2/i2p2www/pages/global/urlify
index a9bdbf3d691f818b151fde3b56874b7c3d3217ac..e8c9cd781f2da99650aa9b91fc2d9c76d2d1bcb4 100644
--- a/www.i2p2/pages/_urlify
+++ b/www.i2p2/i2p2www/pages/global/urlify
@@ -1,7 +1,9 @@
-{% macro urlify url, title, suffix %}
+{% macro urlify(url, title, suffix) %}
+ {% autoescape false %}
{% if static %}
<a href="{{url}}.{{suffix}}">{{title}}</a>
{% else %}
<a href="{{url}}">{{title}}</a>
{% endif %}
+ {% endautoescape %}
{% endmacro %}
\ No newline at end of file
diff --git a/www.i2p2/pages/meetings.html b/www.i2p2/i2p2www/pages/meetings/index.html
similarity index 98%
rename from www.i2p2/pages/meetings.html
rename to www.i2p2/i2p2www/pages/meetings/index.html
index c2a5c546f19949d5fec39e663703392166e9d104..b8effc6b6e88fdecd9acb3809c704defd5616241 100644
--- a/www.i2p2/pages/meetings.html
+++ b/www.i2p2/i2p2www/pages/meetings/index.html
@@ -1,12 +1,13 @@
-{% extends "_layout.html" %}
+{% extends "global/layout.html" %}
{% block title %}Meetings{% endblock %}
{% block content %}
<h1>Logs of past I2P meetings</h1>
<p>Regularly scheduled meetings are not being held at this time.
-If you have something to discuss, please find the developers on IRC #i2p.
-See also <a href="statusnotes.html">the old weekly status notes</a>.
+If you have something to discuss, please find the developers on IRC in #i2p-dev.
+<a href="statusnotes.html">Status updates</a> from developers are also available.
</p><div class="underline"></div>
<ul class="infolist">
+<li><a href="meeting208">Meeting 208</a> - September 8, 2010</li>
<li><a href="meeting207">Meeting 207</a> - February 10, 2009</li>
<li><a href="meeting206">Meeting 206</a> - April 10, 2007</li>
<li><a href="meeting205">Meeting 205</a> - April 3, 2007</li>
@@ -153,7 +154,6 @@ See also <a href="statusnotes.html">the old weekly status notes</a>.
<li><a href="meeting51">Meeting 51</a></li>
<li><a href="meeting50">Meeting 50</a></li>
<li><a href="meeting49">Meeting 49</a></li>
-<li><a href="meeting48">Meeting 48</a></li>
<li><a href="meeting47">Meeting 47</a></li>
<li><a href="meeting35">Meeting 35</a></li>
<li><a href="meeting34">Meeting 34</a></li>
diff --git a/www.i2p2/pages/index.html b/www.i2p2/i2p2www/pages/site/index.html
similarity index 98%
rename from www.i2p2/pages/index.html
rename to www.i2p2/i2p2www/pages/site/index.html
index e2d97fc1b6892ea167d9081fbed19940e8e74494..ad0fada2551a6872199dd1286642ca550122a773 100644
--- a/www.i2p2/pages/index.html
+++ b/www.i2p2/i2p2www/pages/site/index.html
@@ -1,4 +1,5 @@
-{% extends "_layout.html" %}
+{% extends "global/layout.html" %}
+{% from "global/urlify" import urlify as urlify %}
{% block title %}I2P Anonymous Network{% endblock %}
{% block content %}
<div class="grid_8">
diff --git a/www.i2p2/static/favicon.ico b/www.i2p2/i2p2www/static/favicon.ico
similarity index 100%
rename from www.i2p2/static/favicon.ico
rename to www.i2p2/i2p2www/static/favicon.ico
diff --git a/www.i2p2/i2p2www/static/images/I2PTunnel-streamr.png b/www.i2p2/i2p2www/static/images/I2PTunnel-streamr.png
new file mode 100644
index 0000000000000000000000000000000000000000..cfd973e81dc76cd5a64640343dc81ae2c305ed38
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/I2PTunnel-streamr.png differ
diff --git a/www.i2p2/i2p2www/static/images/add-key-terminal.png b/www.i2p2/i2p2www/static/images/add-key-terminal.png
new file mode 100644
index 0000000000000000000000000000000000000000..6f2c849112a393e59910ffbf4c71db8b967516d5
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/add-key-terminal.png differ
diff --git a/www.i2p2/static/images/bandwidth2009.png b/www.i2p2/i2p2www/static/images/bandwidth2009.png
similarity index 100%
rename from www.i2p2/static/images/bandwidth2009.png
rename to www.i2p2/i2p2www/static/images/bandwidth2009.png
diff --git a/www.i2p2/static/images/btn_left.png b/www.i2p2/i2p2www/static/images/btn_left.png
similarity index 100%
rename from www.i2p2/static/images/btn_left.png
rename to www.i2p2/i2p2www/static/images/btn_left.png
diff --git a/www.i2p2/static/images/btn_right.png b/www.i2p2/i2p2www/static/images/btn_right.png
similarity index 100%
rename from www.i2p2/static/images/btn_right.png
rename to www.i2p2/i2p2www/static/images/btn_right.png
diff --git a/www.i2p2/static/images/btn_stretch.png b/www.i2p2/i2p2www/static/images/btn_stretch.png
similarity index 100%
rename from www.i2p2/static/images/btn_stretch.png
rename to www.i2p2/i2p2www/static/images/btn_stretch.png
diff --git a/www.i2p2/i2p2www/static/images/cz.png b/www.i2p2/i2p2www/static/images/cz.png
new file mode 100644
index 0000000000000000000000000000000000000000..c8403dd21fd15f46d501a766a7a97733462f3b22
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/cz.png differ
diff --git a/www.i2p2/static/images/dark.png b/www.i2p2/i2p2www/static/images/dark.png
similarity index 100%
rename from www.i2p2/static/images/dark.png
rename to www.i2p2/i2p2www/static/images/dark.png
diff --git a/www.i2p2/static/images/darkbluebg.png b/www.i2p2/i2p2www/static/images/darkbluebg.png
similarity index 100%
rename from www.i2p2/static/images/darkbluebg.png
rename to www.i2p2/i2p2www/static/images/darkbluebg.png
diff --git a/www.i2p2/static/images/darkbluetile.png b/www.i2p2/i2p2www/static/images/darkbluetile.png
similarity index 100%
rename from www.i2p2/static/images/darkbluetile.png
rename to www.i2p2/i2p2www/static/images/darkbluetile.png
diff --git a/www.i2p2/static/images/darkerbluetile.png b/www.i2p2/i2p2www/static/images/darkerbluetile.png
similarity index 100%
rename from www.i2p2/static/images/darkerbluetile.png
rename to www.i2p2/i2p2www/static/images/darkerbluetile.png
diff --git a/www.i2p2/static/images/de.png b/www.i2p2/i2p2www/static/images/de.png
similarity index 100%
rename from www.i2p2/static/images/de.png
rename to www.i2p2/i2p2www/static/images/de.png
diff --git a/www.i2p2/static/images/download.png b/www.i2p2/i2p2www/static/images/download.png
similarity index 100%
rename from www.i2p2/static/images/download.png
rename to www.i2p2/i2p2www/static/images/download.png
diff --git a/www.i2p2/static/images/download_dark.png b/www.i2p2/i2p2www/static/images/download_dark.png
similarity index 100%
rename from www.i2p2/static/images/download_dark.png
rename to www.i2p2/i2p2www/static/images/download_dark.png
diff --git a/www.i2p2/static/images/endToEndEncryption.png b/www.i2p2/i2p2www/static/images/endToEndEncryption.png
similarity index 100%
rename from www.i2p2/static/images/endToEndEncryption.png
rename to www.i2p2/i2p2www/static/images/endToEndEncryption.png
diff --git a/www.i2p2/i2p2www/static/images/endToEndEncryption_fr.png b/www.i2p2/i2p2www/static/images/endToEndEncryption_fr.png
new file mode 100644
index 0000000000000000000000000000000000000000..9cdb0df694adfc2752528d76d82f68afe7e3e207
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/endToEndEncryption_fr.png differ
diff --git a/www.i2p2/static/images/endToEndEncryption_zh.png b/www.i2p2/i2p2www/static/images/endToEndEncryption_zh.png
similarity index 100%
rename from www.i2p2/static/images/endToEndEncryption_zh.png
rename to www.i2p2/i2p2www/static/images/endToEndEncryption_zh.png
diff --git a/www.i2p2/i2p2www/static/images/es.png b/www.i2p2/i2p2www/static/images/es.png
new file mode 100644
index 0000000000000000000000000000000000000000..c2de2d7111e3cb59cf6511dd2ab045e824bdb43e
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/es.png differ
diff --git a/www.i2p2/i2p2www/static/images/eu.png b/www.i2p2/i2p2www/static/images/eu.png
new file mode 100644
index 0000000000000000000000000000000000000000..c7cd095d13ff6b94b135af27265e3baaced7a244
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/eu.png differ
diff --git a/www.i2p2/i2p2www/static/images/firefox.options.jpg b/www.i2p2/i2p2www/static/images/firefox.options.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..5c9a7c9b4ae9c7bc273ccb34844fa3f87f794813
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/firefox.options.jpg differ
diff --git a/www.i2p2/i2p2www/static/images/firefox.options_fr.png b/www.i2p2/i2p2www/static/images/firefox.options_fr.png
new file mode 100644
index 0000000000000000000000000000000000000000..16ab6418d18a1af8631a2b23586ef0562e684821
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/firefox.options_fr.png differ
diff --git a/www.i2p2/i2p2www/static/images/firefox.proxyports.jpg b/www.i2p2/i2p2www/static/images/firefox.proxyports.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..fce0e1c568d053c0c5590252f3cbd190985941f9
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/firefox.proxyports.jpg differ
diff --git a/www.i2p2/i2p2www/static/images/firefox.proxyports_fr.png b/www.i2p2/i2p2www/static/images/firefox.proxyports_fr.png
new file mode 100644
index 0000000000000000000000000000000000000000..6791eb76c14944b7f12810ecd5b8ef29a98e1065
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/firefox.proxyports_fr.png differ
diff --git a/www.i2p2/static/images/fr.png b/www.i2p2/i2p2www/static/images/fr.png
similarity index 100%
rename from www.i2p2/static/images/fr.png
rename to www.i2p2/i2p2www/static/images/fr.png
diff --git a/www.i2p2/i2p2www/static/images/garliccloves.png b/www.i2p2/i2p2www/static/images/garliccloves.png
new file mode 100644
index 0000000000000000000000000000000000000000..2a00a9d1eebd6d427f3e3f0222bd77f30056cd54
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/garliccloves.png differ
diff --git a/www.i2p2/static/images/help.png b/www.i2p2/i2p2www/static/images/help.png
similarity index 100%
rename from www.i2p2/static/images/help.png
rename to www.i2p2/i2p2www/static/images/help.png
diff --git a/www.i2p2/static/images/help_dark.png b/www.i2p2/i2p2www/static/images/help_dark.png
similarity index 100%
rename from www.i2p2/static/images/help_dark.png
rename to www.i2p2/i2p2www/static/images/help_dark.png
diff --git a/www.i2p2/static/images/i2plogo.png b/www.i2p2/i2p2www/static/images/i2plogo.png
similarity index 100%
rename from www.i2p2/static/images/i2plogo.png
rename to www.i2p2/i2p2www/static/images/i2plogo.png
diff --git a/www.i2p2/i2p2www/static/images/i2ptunnel_peertopeer.png b/www.i2p2/i2p2www/static/images/i2ptunnel_peertopeer.png
new file mode 100644
index 0000000000000000000000000000000000000000..8dd19f99a115fa8232590e9e81ae8464dc5e30d8
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/i2ptunnel_peertopeer.png differ
diff --git a/www.i2p2/i2p2www/static/images/i2ptunnel_serverclient.png b/www.i2p2/i2p2www/static/images/i2ptunnel_serverclient.png
new file mode 100644
index 0000000000000000000000000000000000000000..282a656f7b8b8fe21e7e268b7950f00f3755d0a3
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/i2ptunnel_serverclient.png differ
diff --git a/www.i2p2/static/images/i2pvstor_zh.png b/www.i2p2/i2p2www/static/images/i2pvstor_zh.png
similarity index 100%
rename from www.i2p2/static/images/i2pvstor_zh.png
rename to www.i2p2/i2p2www/static/images/i2pvstor_zh.png
diff --git a/www.i2p2/i2p2www/static/images/ie.options.jpg b/www.i2p2/i2p2www/static/images/ie.options.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..4b4c3b9ce06fbca60f90c07789ed0ec253abc393
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/ie.options.jpg differ
diff --git a/www.i2p2/i2p2www/static/images/ie.options_fr.png b/www.i2p2/i2p2www/static/images/ie.options_fr.png
new file mode 100644
index 0000000000000000000000000000000000000000..46d26ef4e1264ef438c600d8ab621637a4c7a263
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/ie.options_fr.png differ
diff --git a/www.i2p2/i2p2www/static/images/ie.proxyports.jpg b/www.i2p2/i2p2www/static/images/ie.proxyports.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..f97dbca84173f2c54266928e5ae687846b4ba34f
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/ie.proxyports.jpg differ
diff --git a/www.i2p2/i2p2www/static/images/ie.proxyports_fr.png b/www.i2p2/i2p2www/static/images/ie.proxyports_fr.png
new file mode 100644
index 0000000000000000000000000000000000000000..6eeb10793493de2f2a794e9aec911fe149032e88
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/ie.proxyports_fr.png differ
diff --git a/www.i2p2/static/images/info.png b/www.i2p2/i2p2www/static/images/info.png
similarity index 100%
rename from www.i2p2/static/images/info.png
rename to www.i2p2/i2p2www/static/images/info.png
diff --git a/www.i2p2/static/images/info_dark.png b/www.i2p2/i2p2www/static/images/info_dark.png
similarity index 100%
rename from www.i2p2/static/images/info_dark.png
rename to www.i2p2/i2p2www/static/images/info_dark.png
diff --git a/www.i2p2/static/images/it.png b/www.i2p2/i2p2www/static/images/it.png
similarity index 100%
rename from www.i2p2/static/images/it.png
rename to www.i2p2/i2p2www/static/images/it.png
diff --git a/www.i2p2/i2p2www/static/images/itoopie.png b/www.i2p2/i2p2www/static/images/itoopie.png
new file mode 100644
index 0000000000000000000000000000000000000000..9378ea1b8c1277a95d665d4ba01fd40377c6610c
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/itoopie.png differ
diff --git a/www.i2p2/i2p2www/static/images/konqueror.options.jpg b/www.i2p2/i2p2www/static/images/konqueror.options.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..2c033c3314c29f8b0a717e811e4a3a66e034304a
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/konqueror.options.jpg differ
diff --git a/www.i2p2/i2p2www/static/images/konqueror.options_fr.jpg b/www.i2p2/i2p2www/static/images/konqueror.options_fr.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..2c033c3314c29f8b0a717e811e4a3a66e034304a
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/konqueror.options_fr.jpg differ
diff --git a/www.i2p2/i2p2www/static/images/konqueror.proxyports.jpg b/www.i2p2/i2p2www/static/images/konqueror.proxyports.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..e6fe4c6bdc21ab24a6936652464a6a5a19f461e6
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/konqueror.proxyports.jpg differ
diff --git a/www.i2p2/i2p2www/static/images/konqueror.proxyports_fr.jpg b/www.i2p2/i2p2www/static/images/konqueror.proxyports_fr.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..e6fe4c6bdc21ab24a6936652464a6a5a19f461e6
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/konqueror.proxyports_fr.jpg differ
diff --git a/www.i2p2/i2p2www/static/images/lang_ar.png b/www.i2p2/i2p2www/static/images/lang_ar.png
new file mode 100644
index 0000000000000000000000000000000000000000..f9dee35851c8c76ae16b6cc53fe27aa1ead25f3d
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/lang_ar.png differ
diff --git a/www.i2p2/static/images/light.png b/www.i2p2/i2p2www/static/images/light.png
similarity index 100%
rename from www.i2p2/static/images/light.png
rename to www.i2p2/i2p2www/static/images/light.png
diff --git a/www.i2p2/static/images/lightbluetile.png b/www.i2p2/i2p2www/static/images/lightbluetile.png
similarity index 100%
rename from www.i2p2/static/images/lightbluetile.png
rename to www.i2p2/i2p2www/static/images/lightbluetile.png
diff --git a/www.i2p2/static/images/link.png b/www.i2p2/i2p2www/static/images/link.png
similarity index 100%
rename from www.i2p2/static/images/link.png
rename to www.i2p2/i2p2www/static/images/link.png
diff --git a/www.i2p2/static/images/link_dark.png b/www.i2p2/i2p2www/static/images/link_dark.png
similarity index 100%
rename from www.i2p2/static/images/link_dark.png
rename to www.i2p2/i2p2www/static/images/link_dark.png
diff --git a/www.i2p2/static/images/logo07c.jpg b/www.i2p2/i2p2www/static/images/logo07c.jpg
similarity index 100%
rename from www.i2p2/static/images/logo07c.jpg
rename to www.i2p2/i2p2www/static/images/logo07c.jpg
diff --git a/www.i2p2/static/images/net.png b/www.i2p2/i2p2www/static/images/net.png
similarity index 100%
rename from www.i2p2/static/images/net.png
rename to www.i2p2/i2p2www/static/images/net.png
diff --git a/www.i2p2/i2p2www/static/images/net_fr.png b/www.i2p2/i2p2www/static/images/net_fr.png
new file mode 100644
index 0000000000000000000000000000000000000000..9149bb60bcf8e3090a31036d6327135b48ce7d45
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/net_fr.png differ
diff --git a/www.i2p2/i2p2www/static/images/netdb_get_leaseset.png b/www.i2p2/i2p2www/static/images/netdb_get_leaseset.png
new file mode 100644
index 0000000000000000000000000000000000000000..3667e9a7b293e5fa6df4dfc8c8534c0b6a1ca94c
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/netdb_get_leaseset.png differ
diff --git a/www.i2p2/i2p2www/static/images/netdb_get_leaseset_fr.png b/www.i2p2/i2p2www/static/images/netdb_get_leaseset_fr.png
new file mode 100644
index 0000000000000000000000000000000000000000..5bb142a31a06c5677c85adb4a8b1b3c541f95015
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/netdb_get_leaseset_fr.png differ
diff --git a/www.i2p2/i2p2www/static/images/netdb_get_routerinfo_1.png b/www.i2p2/i2p2www/static/images/netdb_get_routerinfo_1.png
new file mode 100644
index 0000000000000000000000000000000000000000..c60a6d79d6dbc643c653b6dde4d36a49907895f3
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/netdb_get_routerinfo_1.png differ
diff --git a/www.i2p2/i2p2www/static/images/netdb_get_routerinfo_1_fr.png b/www.i2p2/i2p2www/static/images/netdb_get_routerinfo_1_fr.png
new file mode 100644
index 0000000000000000000000000000000000000000..6b879a98fc83594ce2981cdcda23e4fe62d1fb57
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/netdb_get_routerinfo_1_fr.png differ
diff --git a/www.i2p2/i2p2www/static/images/netdb_get_routerinfo_2.png b/www.i2p2/i2p2www/static/images/netdb_get_routerinfo_2.png
new file mode 100644
index 0000000000000000000000000000000000000000..22a03cc0c5da4c693b5171e2281085c5ea9ea4d4
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/netdb_get_routerinfo_2.png differ
diff --git a/www.i2p2/i2p2www/static/images/netdb_get_routerinfo_2_fr.png b/www.i2p2/i2p2www/static/images/netdb_get_routerinfo_2_fr.png
new file mode 100644
index 0000000000000000000000000000000000000000..b4aa78adeeb0433b03ae12705bc065d3c3c38249
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/netdb_get_routerinfo_2_fr.png differ
diff --git a/www.i2p2/static/images/nl.png b/www.i2p2/i2p2www/static/images/nl.png
similarity index 100%
rename from www.i2p2/static/images/nl.png
rename to www.i2p2/i2p2www/static/images/nl.png
diff --git a/www.i2p2/static/images/plan.png b/www.i2p2/i2p2www/static/images/plan.png
similarity index 100%
rename from www.i2p2/static/images/plan.png
rename to www.i2p2/i2p2www/static/images/plan.png
diff --git a/www.i2p2/i2p2www/static/images/protocol_stack.png b/www.i2p2/i2p2www/static/images/protocol_stack.png
new file mode 100644
index 0000000000000000000000000000000000000000..147f330c7a21e7f8af45670dad4a384de0db571f
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/protocol_stack.png differ
diff --git a/www.i2p2/i2p2www/static/images/protocol_stack_fr.png b/www.i2p2/i2p2www/static/images/protocol_stack_fr.png
new file mode 100644
index 0000000000000000000000000000000000000000..d3a7e5319eab79e02abdb03ef1fac8a8836f6b71
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/protocol_stack_fr.png differ
diff --git a/www.i2p2/static/images/ru.png b/www.i2p2/i2p2www/static/images/ru.png
similarity index 100%
rename from www.i2p2/static/images/ru.png
rename to www.i2p2/i2p2www/static/images/ru.png
diff --git a/www.i2p2/static/images/sqbullet.png b/www.i2p2/i2p2www/static/images/sqbullet.png
similarity index 100%
rename from www.i2p2/static/images/sqbullet.png
rename to www.i2p2/i2p2www/static/images/sqbullet.png
diff --git a/www.i2p2/static/images/stackoverflow_ad.png b/www.i2p2/i2p2www/static/images/stackoverflow_ad.png
similarity index 100%
rename from www.i2p2/static/images/stackoverflow_ad.png
rename to www.i2p2/i2p2www/static/images/stackoverflow_ad.png
diff --git a/www.i2p2/static/images/tabletile.png b/www.i2p2/i2p2www/static/images/tabletile.png
similarity index 100%
rename from www.i2p2/static/images/tabletile.png
rename to www.i2p2/i2p2www/static/images/tabletile.png
diff --git a/www.i2p2/static/images/tabletile_alt.png b/www.i2p2/i2p2www/static/images/tabletile_alt.png
similarity index 100%
rename from www.i2p2/static/images/tabletile_alt.png
rename to www.i2p2/i2p2www/static/images/tabletile_alt.png
diff --git a/www.i2p2/static/images/tabletitledark.png b/www.i2p2/i2p2www/static/images/tabletitledark.png
similarity index 100%
rename from www.i2p2/static/images/tabletitledark.png
rename to www.i2p2/i2p2www/static/images/tabletitledark.png
diff --git a/www.i2p2/static/images/tabletitlelight-tall.png b/www.i2p2/i2p2www/static/images/tabletitlelight-tall.png
similarity index 100%
rename from www.i2p2/static/images/tabletitlelight-tall.png
rename to www.i2p2/i2p2www/static/images/tabletitlelight-tall.png
diff --git a/www.i2p2/static/images/tabletitlelight.png b/www.i2p2/i2p2www/static/images/tabletitlelight.png
similarity index 100%
rename from www.i2p2/static/images/tabletitlelight.png
rename to www.i2p2/i2p2www/static/images/tabletitlelight.png
diff --git a/www.i2p2/static/images/target.png b/www.i2p2/i2p2www/static/images/target.png
similarity index 100%
rename from www.i2p2/static/images/target.png
rename to www.i2p2/i2p2www/static/images/target.png
diff --git a/www.i2p2/static/images/tunnelSending.png b/www.i2p2/i2p2www/static/images/tunnelSending.png
similarity index 100%
rename from www.i2p2/static/images/tunnelSending.png
rename to www.i2p2/i2p2www/static/images/tunnelSending.png
diff --git a/www.i2p2/i2p2www/static/images/tunnels.png b/www.i2p2/i2p2www/static/images/tunnels.png
new file mode 100644
index 0000000000000000000000000000000000000000..2338d35f6f9629dd196b67fed84cd35fc26eff07
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/tunnels.png differ
diff --git a/www.i2p2/i2p2www/static/images/tunnels_fr.png b/www.i2p2/i2p2www/static/images/tunnels_fr.png
new file mode 100644
index 0000000000000000000000000000000000000000..986b4b78f282346500d083a24edea8c7bb9b3887
Binary files /dev/null and b/www.i2p2/i2p2www/static/images/tunnels_fr.png differ
diff --git a/www.i2p2/static/images/udp.png b/www.i2p2/i2p2www/static/images/udp.png
similarity index 100%
rename from www.i2p2/static/images/udp.png
rename to www.i2p2/i2p2www/static/images/udp.png
diff --git a/www.i2p2/static/images/us.png b/www.i2p2/i2p2www/static/images/us.png
similarity index 100%
rename from www.i2p2/static/images/us.png
rename to www.i2p2/i2p2www/static/images/us.png
diff --git a/www.i2p2/static/images/zh.png b/www.i2p2/i2p2www/static/images/zh.png
similarity index 100%
rename from www.i2p2/static/images/zh.png
rename to www.i2p2/i2p2www/static/images/zh.png
diff --git a/www.i2p2/i2p2www/static/news/news.xml b/www.i2p2/i2p2www/static/news/news.xml
new file mode 100644
index 0000000000000000000000000000000000000000..3bec527ca2baadb97071b7fe230f91081aedc3bc
--- /dev/null
+++ b/www.i2p2/i2p2www/static/news/news.xml
@@ -0,0 +1,22 @@
+<!--
+<i2p.news date="$Date: 2012-07-30 00:00:00 $">
+<i2p.release version="0.9.1" date="2012/07/30" minVersion="0.6" />
+-->
+<div lang="en">
+<h3>2012-07-30: <b>0.9.1 <a href="http://www.i2p2.i2p/release-0.9.1.html">Released</a></b></h3>
+
+<p>
+0.9.1 includes a large number of bug fixes and improvements in i2psnark, streaming, and elsewhere.
+There are also home page changes, new themes, and translation updates.
+Upgrading is recommended.
+</p><p>
+Say hello to the volunteers on the <a href="irc://127.0.0.1:6668/i2p-help">#i2p-help IRC channel</a>.
+<a href="http://www.i2p2.i2p/getinvolved.html">Get involved</a>,
+spread the word,
+and <a href="http://www.i2p2.i2p/donate.html">donate</a>!
+If you find a bug, please enter a report on <a href="http://trac.i2p2.i2p/report/1">trac</a>.
+To help on translations,
+volunteer on <a href="irc://127.0.0.1:6668/i2p">IRC #i2p-dev</a>
+or sign up on <a href="https://www.transifex.net/projects/p/I2P/">Transifex</a>.
+</p>
+</div>
diff --git a/www.i2p2/static/pdf/I2CP_spec.pdf b/www.i2p2/i2p2www/static/pdf/I2CP_spec.pdf
similarity index 100%
rename from www.i2p2/static/pdf/I2CP_spec.pdf
rename to www.i2p2/i2p2www/static/pdf/I2CP_spec.pdf
diff --git a/www.i2p2/static/pdf/I2NP_spec.pdf b/www.i2p2/i2p2www/static/pdf/I2NP_spec.pdf
similarity index 100%
rename from www.i2p2/static/pdf/I2NP_spec.pdf
rename to www.i2p2/i2p2www/static/pdf/I2NP_spec.pdf
diff --git a/www.i2p2/static/pdf/I2P-PET-CON-2009.1.pdf b/www.i2p2/i2p2www/static/pdf/I2P-PET-CON-2009.1.pdf
similarity index 100%
rename from www.i2p2/static/pdf/I2P-PET-CON-2009.1.pdf
rename to www.i2p2/i2p2www/static/pdf/I2P-PET-CON-2009.1.pdf
diff --git a/www.i2p2/static/pdf/datastructures.pdf b/www.i2p2/i2p2www/static/pdf/datastructures.pdf
similarity index 100%
rename from www.i2p2/static/pdf/datastructures.pdf
rename to www.i2p2/i2p2www/static/pdf/datastructures.pdf
diff --git a/www.i2p2/static/pdf/i2p_philosophy.pdf b/www.i2p2/i2p2www/static/pdf/i2p_philosophy.pdf
similarity index 100%
rename from www.i2p2/static/pdf/i2p_philosophy.pdf
rename to www.i2p2/i2p2www/static/pdf/i2p_philosophy.pdf
diff --git a/www.i2p2/static/pdf/polling_http_transport.pdf b/www.i2p2/i2p2www/static/pdf/polling_http_transport.pdf
similarity index 100%
rename from www.i2p2/static/pdf/polling_http_transport.pdf
rename to www.i2p2/i2p2www/static/pdf/polling_http_transport.pdf
diff --git a/www.i2p2/static/styles/960.css b/www.i2p2/i2p2www/static/styles/960.css
similarity index 100%
rename from www.i2p2/static/styles/960.css
rename to www.i2p2/i2p2www/static/styles/960.css
diff --git a/www.i2p2/static/styles/dark.css b/www.i2p2/i2p2www/static/styles/dark.css
similarity index 100%
rename from www.i2p2/static/styles/dark.css
rename to www.i2p2/i2p2www/static/styles/dark.css
diff --git a/www.i2p2/static/styles/default.css b/www.i2p2/i2p2www/static/styles/default.css
similarity index 100%
rename from www.i2p2/static/styles/default.css
rename to www.i2p2/i2p2www/static/styles/default.css
diff --git a/www.i2p2/static/styles/light.css b/www.i2p2/i2p2www/static/styles/light.css
similarity index 92%
rename from www.i2p2/static/styles/light.css
rename to www.i2p2/i2p2www/static/styles/light.css
index 7a099f1979860060993cdc8496cde2160bc59a85..d339a9c7d50622f1cbec0e0196ac1b1a670db845 100644
--- a/www.i2p2/static/styles/light.css
+++ b/www.i2p2/i2p2www/static/styles/light.css
@@ -162,7 +162,7 @@ ul {
h1 {
color: #9999ff;
- text-shadow: 0px 0px 2px rgba(255, 255, 255, 0.9);
+/* text-shadow: 0px 0px 2px rgba(255, 255, 255, 0.9); */
text-align: right;
padding-right: 20px;
padding-bottom: 5px;
@@ -181,7 +181,7 @@ h1 {
h2{
color: #000011;
- text-shadow: 0px 0px 1px rgba(0, 0, 128, 0.9);
+/* text-shadow: 0px 0px 1px rgba(0, 0, 128, 0.9); */
border-bottom-width: 1px;
border-bottom-style: solid;
border-bottom-color: #000022;
@@ -195,7 +195,7 @@ h3{
border-bottom-style: solid;
border-bottom-color: #000022;
padding-bottom: 3px;
- text-shadow: 0px 0px 1px rgba(0, 0, 176, 0.9);
+/* text-shadow: 0px 0px 1px rgba(0, 0, 176, 0.9); */
font-size: 11pt;
}
@@ -472,4 +472,4 @@ background: #ffffff;
color: red;
font-weight: bold;
font-size: 9pt;
-}
\ No newline at end of file
+}
diff --git a/www.i2p2/i2p2www/static/styles/light_ar.css b/www.i2p2/i2p2www/static/styles/light_ar.css
new file mode 100644
index 0000000000000000000000000000000000000000..88cedcece178466f68265f43bcced854acd773a7
--- /dev/null
+++ b/www.i2p2/i2p2www/static/styles/light_ar.css
@@ -0,0 +1,478 @@
+body {
+ font-family: "Lucida Sans Unicode", Verdana, Tahoma, Helvetica, sans-serif;
+ font-size: 10pt;
+ color: #fff;
+ margin: 1em 0em;
+ padding: 0em;
+ text-align: center;
+ background-color: #000022;
+ background: url(/_static/images/darkbluetile.png);
+ background-repeat: repeat;
+ background-position: top center;
+/* color: black;*/
+}
+
+a:link{color:#007}
+a:visited{color:#606}
+a:hover{color:#ff6600}
+a:active{color:#900}
+
+.hide {
+ display: none;
+}
+
+img {
+ border: none
+}
+
+div.logo {
+ float: right;
+/* left: 1em;
+ top: 1em;
+ margin: 0em; */
+ left: 10px;
+ top: 0px;
+/* padding: .5em;*/
+ padding: 7px 10px 0px 20px;
+ text-align: right;
+ font-color: #fff;
+}
+
+div.menu {
+ /* width: 8em; */
+ /* height: 5em; */
+ /* position: fixed; */
+ float: right;
+ /* left: 1em; */
+ /* top: 1em; */
+ /*margin: 0em;*/
+/* padding: .5em;*/
+ margin: 0px 20px 20px 0px;
+ padding: 5px 20px 20px 20px;
+ text-align: right;
+ border: 1px solid #000022;
+ border-top: 1px solid #000;
+ border-left: 0px;
+ background-color: #ddddff;
+ color: black;
+ font-size: 8pt;
+ clear: left; /* fixes a bug in Opera */
+ -moz-border-radius: 0px 0px 4px 0px;
+ -moz-box-shadow: inset 0px 0px 2px 0px #55f;
+ background: url(/_static/images/tabletile.png);
+}
+
+/*
+div.menu a:link {
+border:1px solid #000022;
+border-left: 3px solid #000022;
+margin: 10px 0;
+padding: 2px 5px;
+text-decoration: none;
+line-height: 240%;
+-moz-border-radius: 3px 3px 3px 3px;
+background-color: #9999ff;
+}
+*/
+div.warning {
+ margin: 0em 1em 1em 12em;
+ padding: .5em 1em;
+ background-color: #FEE;
+ border: medium solid #FBB;
+ text-align: left;
+ color: inherit;
+}
+
+div.main {
+ margin: 0px 0px 0px 0px;
+ padding: 30px 200px 20px 19px;
+ background-color: #eeeeff;
+ text-align: justify;
+ color: #000011;
+ border-top: 1px solid #000;
+ border-bottom: 1px solid #000;
+}
+
+div.main h1 {
+ text-align: right;
+ color: #000022;
+ padding-left: 10px;
+ margin-bottom: 20px;
+ margin-top: 5px;
+ font-size: 16pt;
+ font-weight: bold;
+ font-style: normal;
+ letter-spacing: 0.06em;
+ text-shadow: 0px 0px 1px rgba(0, 0, 176, 0.9);
+ white-space: normal;
+ background-color: #ddddff;
+ -moz-box-shadow: 0 2px 2px 1px #ccccff;
+ /*background: url(/_static/images/tabletitlelight.png);
+ background-repeat: repeat-x;*/
+ border: 1px solid #000022;
+ -moz-border-radius: 4px 4px 4px 4px;
+}
+
+.links {
+
+}
+
+.links ul {
+list-style-image: url(/_static/images/link.png);
+margin: 0 5px 0 0px;
+padding: 0px 5px;
+}
+
+.links ul li {
+list-style-image: url(/_static/images/link.png);
+margin: 0 5px 0 40px;
+padding: 0px 5px;
+}
+
+/*
+li.gap {
+ margin-top: 1em;
+ margin-bottom: 1em;
+} */
+
+li {
+ padding: 5px 0px 5px 0px;
+ margin: 0px 10px;
+}
+
+li.gap {
+ margin: 10px 10px;
+}
+
+span.permalink {
+ font-size: x-small;
+}
+
+ul {
+ margin: 10px 20px 15px 20px;
+ padding: 5px 0px 5px 20px;
+/*border-bottom: 1px solid #000022;*/
+}
+
+.irclog p {
+ font-size: small;
+ margin: 0 0 0 4em;
+ text-indent: -4em;
+}
+
+h1 {
+ color: #9999ff;
+/* text-shadow: 0px 0px 2px rgba(255, 255, 255, 0.9); */
+ text-align: right;
+ padding-right: 20px;
+ padding-bottom: 5px;
+ padding-top: 5px;
+ font-style: italic;
+ font-size: 22pt;
+ font-weight: lighter;
+ letter-spacing: 0.2em;
+ text-transform: uppercase;
+ white-space: nowrap;
+/* border: 1px solid #000022;
+ -moz-border-radius: 4px 4px 4px 4px;
+ background-color: #000022; */
+}
+
+
+h2{
+ color: #000011;
+/* text-shadow: 0px 0px 1px rgba(0, 0, 128, 0.9); */
+ text-align: right;
+ border-bottom-width: 1px;
+ border-bottom-style: solid;
+ border-bottom-color: #000022;
+ padding-bottom: 5px;
+}
+
+
+h3{
+ color: #000011;
+ text-align: right;
+ border-bottom-width: 1px;
+ border-bottom-style: solid;
+ border-bottom-color: #000022;
+ padding-bottom: 3px;
+/* text-shadow: 0px 0px 1px rgba(0, 0, 176, 0.9); */
+ font-size: 11pt;
+}
+
+
+a.fade img {
+filter:alpha(opacity=100);
+-moz-opacity: 1.0;
+opacity: 1.0;
+/*padding: 5px 0px;
+border-top: 1px solid #fff;
+border-bottom: 1px solid #fff;*/
+}
+
+a.fade:hover img {
+filter:alpha(opacity=60);
+-moz-opacity: 0.6;
+opacity: 0.6;
+/*padding: 5px 0px;
+border-top: 1px solid #fff;
+border-bottom: 1px solid #fff;*/
+}
+
+.news {
+ margin: 0px 5px 0px 10px;
+ padding: 10px 15px 15px 15px;
+ border: 1px solid #000022;
+ background-color: #ffeeaa;
+ color: black;
+ -moz-border-radius: 4px 4px 4px 4px;
+ -moz-box-shadow: 0 2px 2px 1px #bbbbff;
+ float: right;
+ width: auto;
+}
+
+.version {
+ margin: 0px 20px 30px 10px;
+ padding: 10px 15px 15px 15px;
+ border: 1px solid #000022;
+ background-color: #aaffaa;
+ color: black;
+ -moz-border-radius: 4px 4px 4px 4px;
+ -moz-box-shadow: 0 2px 2px 1px #bbbbff;
+ float: right;
+ width: auto;
+}
+
+.box {
+ margin: 30px 0px 5px 0px;
+ padding: 10px 10px 10px 10px;
+ border: 1px solid #000022;
+ background-color: #ffffff;
+ color: black;
+ font-size: 8pt;
+ -moz-border-radius: 4px 4px 4px 4px;
+ -moz-box-shadow: 0 2px 2px 1px #bbbbff;
+ clear: both;
+ width:auto;
+ align: center;
+ }
+
+ .underline {
+ border-bottom: 1px solid #000022;
+ padding: 5px 0px 5px 0px;
+ margin: 0px 0px 10px 0px;
+ -moz-border-radius: 4px 4px 4px 4px;
+ }
+
+ pre {
+ white-space: pre-wrap;
+ font-size: 9pt;
+ font-family: "Lucida Console", "Courier New", Courier, mono;
+
+ }
+
+table {
+ border-collapse: collapse;
+ width: 100%;
+ border: 1px solid #000022;
+ margin: 10px 0px 10px 0px;
+ cell-padding: 1px;
+ }
+
+table.invisible {
+ border-collapse: collapse;
+ width: 100%;
+ margin: 10px 0px 10px 0px;
+ }
+
+th {
+ padding: 0 10px;
+ text-align: left;
+ }
+
+
+
+tr.invisible td {
+ background: #eeeeff;
+ border: 1px solid #000022;
+ padding: 5px 10px;
+ }
+
+tr:nth-child(even)
+ {
+ border: 1px solid #000022;
+ padding: 5px 10px;
+ background: #bbf;
+ background-image:url('/_static/images/tabletile.png');
+ }
+
+tr:nth-child(odd)
+ {
+ border: 1px solid #000022;
+ padding: 5px 10px;
+ background: #bbf;
+ background-image:url('/_static/images/tabletile_alt.png');
+ }
+
+/*
+tr:first-child {
+ background-color: #ff6600;
+ }
+*/
+
+
+td {
+ border: 1px solid #000022;
+ padding: 5px 10px;
+/* background: #eeeeff;*/
+ }
+
+td.invisible {
+ border: 0px;
+ padding: 5px;
+ background: #eeeff;
+ }
+
+/*
+td:first-child {
+background-color: #eeeeff;
+ background-color: #ff6600;
+ padding: 10px 10px;
+ }
+*/
+
+/*
+td+td {
+ border: 1px solid #000022;
+ text-align: left;
+ background-color: #eeeeff;
+ }
+*/
+
+tr {
+ background-color: #eeeeff;
+ border: 0px none #eeeeff;
+ }
+
+td.title {
+ background-color: #ff6600;
+ border: 1px solid #ff6600;
+ text-align: right;
+ }
+
+table.announce {
+ background: #eeeeff;
+ border: 0;
+ padding: 5px 10px;
+ }
+
+ tr.announce {
+ background: #eeeeff;
+ border: 0;
+ padding: 5px 10px;
+ }
+
+tr:nth-child(even).announce {
+ background: #eeeeff;
+ border: 0;
+ padding: 5px 10px;
+ }
+
+tr:nth-child(odd).announce {
+ background: #eeeeff;
+ border: 0;
+ padding: 5px 10px;
+ }
+td.announce {
+ background: #eeeeff;
+ border: 0;
+ padding: 5px 10px;
+ }
+
+.lang {
+ padding: 0 5px 0 5px;
+ }
+
+.langbox {
+ margin: 10px 0px 10px 0px;
+ padding: 7px 0 5px 0;
+ border: 1px solid #002;
+ background-color: #e4e4ff;
+ color: black;
+ font-size: 8pt;
+ -moz-border-radius: 4px 4px 4px 4px;
+/* -moz-box-shadow: 0 2px 2px 1px #bbbbff; */
+ clear: both;
+ width:auto;
+ align: center;
+ background: url(/_static/images/tabletitlelight-tall.png);
+ -moz-box-shadow: inset 0px 0px 2px 0px #55f;
+ }
+
+ .themebox {
+ margin: 4px 0px 10px 0px;
+ padding: 5px 0 3px 0;
+ border: 1px solid #002;
+ background-color: #e4e4ff;
+ color: black;
+ font-size: 8pt;
+ -moz-border-radius: 4px 4px 4px 4px;
+/* -moz-box-shadow: 0 2px 2px 1px #bbbbff; */
+ clear: both;
+ width:auto;
+ align: center;
+ background: url(/_static/images/tabletitlelight.png);
+ -moz-box-shadow: inset 0px 0px 2px 0px #55f;
+ }
+
+.footer {
+ font-size: 8pt;
+
+ text-align: center;
+ padding: 8px 0 0 0;
+ }
+
+.toc {
+ border: 1px solid #000022;
+ font-size: 8pt;
+ background-color: #bbbbff;
+ word-wrap: none;
+ text-indent: 10px;
+ padding: 0px;
+
+}
+.contentlist {
+ line-height: 40%;
+ list-style-type: square;
+}
+
+.helplist {
+ list-style-image: url(/_static/images/help.png);
+}
+
+.infolist {
+ list-style-image: url(/_static/images/info.png);
+}
+
+.downloadlist {
+ list-style-image: url(/_static/images/download.png);
+}
+
+.targetlist {
+ list-style-image: url(/_static/images/target.png);
+margin: -10px -5px 0px -5px;
+}
+
+.uhoh {
+border: 1px solid #f00;
+-moz-border-radius: 8px;
+margin: 0 20px 0 0;
+padding: 10px 15px;
+width: 90%;
+text-align: justify;
+background: #ffffff;
+color: red;
+font-weight: bold;
+font-size: 9pt;
+}
diff --git a/www.i2p2/static/styles/light_zh.css b/www.i2p2/i2p2www/static/styles/light_zh.css
similarity index 100%
rename from www.i2p2/static/styles/light_zh.css
rename to www.i2p2/i2p2www/static/styles/light_zh.css
diff --git a/www.i2p2/static/styles/mainmenu.css b/www.i2p2/i2p2www/static/styles/mainmenu.css
similarity index 100%
rename from www.i2p2/static/styles/mainmenu.css
rename to www.i2p2/i2p2www/static/styles/mainmenu.css
diff --git a/www.i2p2/image_design/i2ptunnel_peertopeer.svg b/www.i2p2/image_design/i2ptunnel_peertopeer.svg
new file mode 100644
index 0000000000000000000000000000000000000000..44923a910f84f123b380e75ea66197f4542115c0
--- /dev/null
+++ b/www.i2p2/image_design/i2ptunnel_peertopeer.svg
@@ -0,0 +1,732 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:cc="http://creativecommons.org/ns#"
+ xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+ xmlns:svg="http://www.w3.org/2000/svg"
+ xmlns="http://www.w3.org/2000/svg"
+ xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+ xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+ width="7cm"
+ height="7cm"
+ viewBox="102 159 129 139"
+ id="svg3091"
+ version="1.1"
+ inkscape:version="0.47pre4 r22446"
+ sodipodi:docname="i2ptunnel_peertopeer.svg"
+ inkscape:export-filename="/home/mathias/Documents/I2P/i2p.www/www.i2p2/static/images/i2ptunnel_peertopeer.png"
+ inkscape:export-xdpi="49.999134"
+ inkscape:export-ydpi="49.999134">
+ <metadata
+ id="metadata3257">
+ <rdf:RDF>
+ <cc:Work
+ rdf:about="">
+ <dc:format>image/svg+xml</dc:format>
+ <dc:type
+ rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+ <dc:title></dc:title>
+ </cc:Work>
+ </rdf:RDF>
+ </metadata>
+ <defs
+ id="defs3255">
+ <marker
+ inkscape:stockid="Arrow1Lend"
+ orient="auto"
+ refY="0.0"
+ refX="0.0"
+ id="Arrow1Lend"
+ style="overflow:visible;">
+ <path
+ id="path4394"
+ d="M 0.0,0.0 L 5.0,-5.0 L -12.5,0.0 L 5.0,5.0 L 0.0,0.0 z "
+ style="fill-rule:evenodd;stroke:#000000;stroke-width:1.0pt;marker-start:none;"
+ transform="scale(0.8) rotate(180) translate(12.5,0)" />
+ </marker>
+ <inkscape:perspective
+ sodipodi:type="inkscape:persp3d"
+ inkscape:vp_x="0 : 124.01575 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_z="248.03149 : 124.01575 : 1"
+ inkscape:persp3d-origin="124.01575 : 82.677165 : 1"
+ id="perspective3259" />
+ <inkscape:perspective
+ id="perspective3524"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective3597"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective2900"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective2900-5"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective3011"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective3036"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective3036-4"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective5025"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ </defs>
+ <sodipodi:namedview
+ pagecolor="#ffffff"
+ bordercolor="#666666"
+ borderopacity="1"
+ objecttolerance="10"
+ gridtolerance="10"
+ guidetolerance="10"
+ inkscape:pageopacity="0"
+ inkscape:pageshadow="2"
+ inkscape:window-width="1280"
+ inkscape:window-height="726"
+ id="namedview3253"
+ showgrid="false"
+ inkscape:zoom="0.95149207"
+ inkscape:cx="-64.635323"
+ inkscape:cy="179.6227"
+ inkscape:window-x="0"
+ inkscape:window-y="25"
+ inkscape:window-maximized="1"
+ inkscape:current-layer="svg3091" />
+ <g
+ id="g3093"
+ transform="translate(-124.27542,48.29661)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139" />
+ </g>
+ <g
+ id="g3219"
+ transform="translate(134.87712,28.099763)">
+ <path
+ style="fill:#b7b79d"
+ d="m 139.83,178.978 0,37.022 21.882,0 0,-37.022 -21.882,0 z"
+ id="path3221" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 139.83,178.978 0,37.022 21.882,0 0,-37.022 -21.882,0"
+ id="path3223" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 139.83,178.978 2.965,-2.978 21.875,0 -2.958,2.978 -21.882,0 z"
+ id="path3225" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 139.83,178.978 2.965,-2.978 21.731,0"
+ id="path3227" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 164.526,176.151 -2.814,2.827 -21.882,0"
+ id="path3229" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 141.178,181.132 9.995,0 0,4.857 -9.995,0 0,-4.857 z"
+ id="path3231" />
+ <path
+ style="fill:none;stroke:#626248;stroke-width:0.02"
+ d="m 141.178,181.132 9.989,0 0,4.85 -9.989,0 0,-4.85"
+ id="path3233" />
+ <path
+ style="fill:none;stroke:#ecece7;stroke-width:0.60000002"
+ d="m 142.527,183.567 7.01,0"
+ id="path3235" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 161.712,216 2.958,-2.985 0,-37.015 -2.958,2.978 0,37.022 z"
+ id="path3237" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 161.712,216 2.814,-2.834"
+ id="path3239" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 164.526,176.151 -2.814,2.827 0,37.022"
+ id="path3241" />
+ <path
+ style="fill:none;stroke:#ecece7;stroke-width:0.60000002"
+ d="m 140.105,213.559 21.6,0"
+ id="path3243" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.60000002"
+ d="m 140.105,193.837 21.6,0"
+ id="path3245" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.60000002"
+ d="m 139.83,213.29 21.855,0"
+ id="path3247" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.60000002"
+ d="m 139.83,193.562 21.855,0"
+ id="path3249" />
+ <path
+ style="fill:none;stroke:#ecece7;stroke-width:0.02"
+ d="m 141.178,185.727 0,-4.595 9.72,0"
+ id="path3251" />
+ </g>
+ <text
+ xml:space="preserve"
+ style="font-size:6.16453981px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="52.2197"
+ y="266.53781"
+ id="text3232"><tspan
+ sodipodi:role="line"
+ id="tspan3234"
+ x="52.2197"
+ y="266.53781"
+ style="font-size:11.20825386px">Client</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-size:16.81238174px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="268.38885"
+ y="267.14429"
+ id="text3236"><tspan
+ sodipodi:role="line"
+ id="tspan3238"
+ x="268.38885"
+ y="267.14429"
+ style="font-size:11.20825386px">Peers</tspan></text>
+ <g
+ transform="matrix(0.75311128,0,0,0.75311128,66.977055,17.740053)"
+ id="g3183">
+ <path
+ style="fill:#0078aa"
+ d="m 171.824,286.241 -0.049,-0.589 -0.13,-0.599 -0.22,-0.589 -0.309,-0.579 -0.4,-0.589 -0.479,-0.579 -0.569,-0.559 -0.639,-0.549 -0.738,-0.539 -0.809,-0.519 -0.888,-0.52 -0.969,-0.499 -1.038,-0.479 -1.108,-0.469 -1.178,-0.439 -1.228,-0.42 -1.297,-0.399 -1.368,-0.369 -1.408,-0.37 -1.457,-0.309 -1.507,-0.309 -1.558,-0.27 -1.587,-0.26 -1.637,-0.219 -1.647,-0.19 -1.697,-0.16 -1.707,-0.139 -1.717,-0.11 -1.737,-0.08 -1.747,-0.03 -1.767,-0.03 0,0 -1.747,0.03 -1.737,0.03 -1.737,0.08 -1.717,0.11 -1.707,0.139 -1.697,0.16 -1.647,0.19 -1.637,0.219 -1.587,0.26 -1.558,0.27 -1.517,0.309 -1.447,0.309 -1.408,0.37 -1.368,0.369 -1.297,0.399 -1.228,0.42 -1.178,0.439 -1.108,0.469 -1.038,0.479 -0.979,0.499 -0.878,0.52 -0.819,0.519 -0.728,0.539 -0.639,0.549 -0.569,0.559 -0.479,0.579 -0.4,0.589 -0.309,0.579 -0.23,0.589 -0.12,0.599 -0.049,0.589 0,0 0.049,0.609 0.12,0.588 0.23,0.589 0.309,0.589 0.4,0.579 0.479,0.579 0.569,0.559 0.639,0.549 0.728,0.54 0.819,0.529 0.878,0.499 0.979,0.519 1.038,0.479 1.108,0.459 1.178,0.429 1.228,0.43 1.297,0.399 1.368,0.379 1.408,0.35 1.447,0.329 1.517,0.3 1.558,0.269 1.587,0.26 1.637,0.219 1.647,0.19 1.697,0.17 1.707,0.119 1.717,0.11 1.737,0.08 1.737,0.05 1.747,0.01 0,0 1.767,-0.01 1.747,-0.05 1.737,-0.08 1.717,-0.11 1.707,-0.119 1.697,-0.17 1.647,-0.19 1.637,-0.219 1.587,-0.26 1.558,-0.269 1.507,-0.3 1.457,-0.329 1.408,-0.35 1.368,-0.379 1.297,-0.399 1.228,-0.43 1.178,-0.429 1.108,-0.459 1.038,-0.479 0.969,-0.519 0.888,-0.499 0.809,-0.529 0.738,-0.54 0.639,-0.549 0.569,-0.559 0.479,-0.579 0.4,-0.579 0.309,-0.589 0.22,-0.589 0.13,-0.588 0.049,-0.609 z"
+ id="path3185" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 171.425,286.061 -0.05,-0.599 -0.129,-0.569 -0.22,-0.589 -0.3,-0.569 -0.399,-0.579 -0.489,-0.559 -0.539,-0.549 -0.659,-0.549 -0.729,-0.529 -0.808,-0.529 -0.879,-0.489 -0.968,-0.49 -1.018,-0.489 -1.098,-0.449 -1.178,-0.439 -1.238,-0.399 -1.288,-0.4 -1.347,-0.369 -1.388,-0.34 -1.467,-0.329 -1.508,-0.289 -1.527,-0.27 -1.587,-0.25 -1.618,-0.219 -1.647,-0.19 -1.687,-0.16 -1.687,-0.139 -1.707,-0.08 -1.737,-0.09 -1.737,-0.05 -1.747,0 0,0 -1.737,0 -1.747,0.05 -1.727,0.09 -1.707,0.08 -1.697,0.139 -1.677,0.16 -1.647,0.19 -1.627,0.219 -1.577,0.25 -1.527,0.27 -1.518,0.289 -1.447,0.329 -1.388,0.34 -1.357,0.369 -1.308,0.4 -1.238,0.399 -1.158,0.439 -1.108,0.449 -1.028,0.489 -0.949,0.49 -0.868,0.489 -0.819,0.529 -0.738,0.529 -0.639,0.549 -0.559,0.549 -0.499,0.559 -0.37,0.579 -0.319,0.569 -0.22,0.589 -0.12,0.569 -0.049,0.599 0,0 0.049,0.589 0.12,0.579 0.22,0.579 0.319,0.569 0.37,0.579 0.499,0.559 0.559,0.549 0.639,0.529 0.738,0.549 0.819,0.529 0.868,0.499 0.949,0.479 1.028,0.48 1.108,0.459 1.158,0.429 1.238,0.409 1.308,0.38 1.357,0.389 1.388,0.339 1.447,0.32 1.518,0.309 1.527,0.26 1.577,0.239 1.627,0.23 1.647,0.18 1.677,0.149 1.697,0.15 1.707,0.09 1.727,0.08 1.747,0.04 1.737,0.02 0,0 1.747,-0.02 1.737,-0.04 1.737,-0.08 1.707,-0.09 1.687,-0.15 1.687,-0.149 1.647,-0.18 1.618,-0.23 1.587,-0.239 1.527,-0.26 1.508,-0.309 1.467,-0.32 1.388,-0.339 1.347,-0.389 1.288,-0.38 1.238,-0.409 1.178,-0.429 1.098,-0.459 1.018,-0.48 0.968,-0.479 0.879,-0.499 0.808,-0.529 0.729,-0.549 0.659,-0.529 0.539,-0.549 0.489,-0.559 0.399,-0.579 0.3,-0.569 0.22,-0.579 0.129,-0.579 0.05,-0.589"
+ id="path3187" />
+ <path
+ style="fill:#0078aa"
+ d="m 102.676,269.969 0,16.491 68.749,0 0,-16.491 -68.749,0 z"
+ id="path3189" />
+ <path
+ style="fill:#00b4ff"
+ d="m 171.824,269.739 -0.049,-0.579 -0.13,-0.598 -0.22,-0.589 -0.309,-0.589 -0.4,-0.589 -0.479,-0.569 -0.569,-0.559 -0.639,-0.559 -0.738,-0.53 -0.809,-0.529 -0.888,-0.509 -0.969,-0.519 -1.038,-0.469 -1.108,-0.469 -1.178,-0.439 -1.228,-0.41 -1.297,-0.399 -1.368,-0.379 -1.408,-0.35 -1.457,-0.329 -1.507,-0.31 -1.558,-0.259 -1.587,-0.27 -1.637,-0.219 -1.647,-0.19 -1.697,-0.16 -1.707,-0.119 -1.717,-0.11 -1.737,-0.08 -1.747,-0.06 -1.767,0 0,0 -1.747,0 -1.737,0.06 -1.737,0.08 -1.717,0.11 -1.707,0.119 -1.697,0.16 -1.647,0.19 -1.637,0.219 -1.587,0.27 -1.558,0.259 -1.517,0.31 -1.447,0.329 -1.408,0.35 -1.368,0.379 -1.297,0.399 -1.228,0.41 -1.178,0.439 -1.108,0.469 -1.038,0.469 -0.979,0.519 -0.878,0.509 -0.819,0.529 -0.728,0.53 -0.639,0.559 -0.569,0.559 -0.479,0.569 -0.4,0.589 -0.309,0.589 -0.23,0.589 -0.12,0.598 -0.049,0.579 0,0 0.049,0.609 0.12,0.599 0.23,0.589 0.309,0.579 0.4,0.589 0.479,0.559 0.569,0.579 0.639,0.549 0.728,0.539 0.819,0.529 0.878,0.51 0.979,0.509 1.038,0.479 1.108,0.439 1.178,0.459 1.228,0.42 1.297,0.399 1.368,0.379 1.408,0.35 1.447,0.319 1.517,0.309 1.558,0.27 1.587,0.26 1.637,0.219 1.647,0.19 1.697,0.16 1.707,0.119 1.717,0.11 1.737,0.09 1.737,0.05 1.747,0 0,0 1.767,0 1.747,-0.05 1.737,-0.09 1.717,-0.11 1.707,-0.119 1.697,-0.16 1.647,-0.19 1.637,-0.219 1.587,-0.26 1.558,-0.27 1.507,-0.309 1.457,-0.319 1.408,-0.35 1.368,-0.379 1.297,-0.399 1.228,-0.42 1.178,-0.459 1.108,-0.439 1.038,-0.479 0.969,-0.509 0.888,-0.51 0.809,-0.529 0.738,-0.539 0.639,-0.549 0.569,-0.579 0.479,-0.559 0.4,-0.589 0.309,-0.579 0.22,-0.589 0.13,-0.599 0.049,-0.609 z"
+ id="path3191" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 171.425,269.57 -0.05,-0.599 -0.129,-0.589 -0.22,-0.559 -0.3,-0.589 -0.399,-0.569 -0.489,-0.559 -0.539,-0.539 -0.659,-0.559 -0.729,-0.519 -0.808,-0.539 -0.879,-0.5 -0.968,-0.499 -1.018,-0.469 -1.098,-0.439 -1.178,-0.459 -1.238,-0.4 -1.288,-0.389 -1.347,-0.369 -1.388,-0.34 -1.467,-0.339 -1.508,-0.29 -1.527,-0.269 -1.587,-0.25 -1.618,-0.219 -1.647,-0.19 -1.687,-0.14 -1.687,-0.139 -1.707,-0.1 -1.737,-0.09 -1.737,-0.04 -1.747,-0.02 0,0 -1.737,0.02 -1.747,0.04 -1.727,0.09 -1.707,0.1 -1.697,0.139 -1.677,0.14 -1.647,0.19 -1.627,0.219 -1.577,0.25 -1.527,0.269 -1.518,0.29 -1.447,0.339 -1.388,0.34 -1.357,0.369 -1.308,0.389 -1.238,0.4 -1.158,0.459 -1.108,0.439 -1.028,0.469 -0.949,0.499 -0.868,0.5 -0.819,0.539 -0.738,0.519 -0.639,0.559 -0.559,0.539 -0.499,0.559 -0.37,0.569 -0.319,0.589 -0.22,0.559 -0.12,0.589 -0.049,0.599 0,0 0.049,0.579 0.12,0.589 0.22,0.559 0.319,0.579 0.37,0.579 0.499,0.559 0.559,0.559 0.639,0.549 0.738,0.529 0.819,0.519 0.868,0.509 0.949,0.469 1.028,0.489 1.108,0.45 1.158,0.439 1.238,0.409 1.308,0.389 1.357,0.37 1.388,0.339 1.447,0.33 1.518,0.309 1.527,0.25 1.577,0.259 1.627,0.21 1.647,0.189 1.677,0.17 1.697,0.14 1.707,0.08 1.727,0.08 1.747,0.05 1.737,0.01 0,0 1.747,-0.01 1.737,-0.05 1.737,-0.08 1.707,-0.08 1.687,-0.14 1.687,-0.17 1.647,-0.189 1.618,-0.21 1.587,-0.259 1.527,-0.25 1.508,-0.309 1.467,-0.33 1.388,-0.339 1.347,-0.37 1.288,-0.389 1.238,-0.409 1.178,-0.439 1.098,-0.45 1.018,-0.489 0.968,-0.469 0.879,-0.509 0.808,-0.519 0.729,-0.529 0.659,-0.549 0.539,-0.559 0.489,-0.559 0.399,-0.579 0.3,-0.579 0.22,-0.559 0.129,-0.589 0.05,-0.579"
+ id="path3193" />
+ <path
+ style="fill:#000000"
+ d="m 137.874,267.074 5.041,1.657 12.169,-4.961 5.44,1.657 -2.955,-4.123 -14.225,0 5.85,1.248 -11.32,4.522 z"
+ id="path3195" />
+ <path
+ style="fill:#000000"
+ d="m 135.768,271.626 -5.002,-1.657 -11.749,4.961 -5.86,-1.667 2.935,4.542 14.674,0 -6.299,-1.657 11.301,-4.522 z"
+ id="path3197" />
+ <path
+ style="fill:#000000"
+ d="m 114.405,262.552 5.031,-1.657 12.149,4.532 5.46,-1.228 -2.925,4.113 -14.265,0 5.86,-1.238 -11.31,-4.522 z"
+ id="path3199" />
+ <path
+ style="fill:#000000"
+ d="m 159.676,276.568 -5.021,1.647 -11.74,-4.952 -5.87,1.667 2.935,-4.132 14.675,0 -6.299,1.217 11.32,4.553 z"
+ id="path3201" />
+ <path
+ style="fill:#ffffff"
+ d="m 138.293,267.483 5.051,1.648 12.149,-4.932 5.451,1.657 -2.935,-4.142 -14.265,0 5.879,1.237 -11.33,4.532 z"
+ id="path3203" />
+ <path
+ style="fill:#ffffff"
+ d="m 136.217,272.015 -5.051,-1.637 -11.73,4.952 -5.87,-1.657 2.935,4.542 14.665,0 -6.269,-1.647 11.32,-4.553 z"
+ id="path3205" />
+ <path
+ style="fill:#ffffff"
+ d="m 114.834,262.951 5.021,-1.647 12.159,4.552 5.451,-1.258 -2.935,4.133 -14.255,0 5.879,-1.248 -11.32,-4.532 z"
+ id="path3207" />
+ <path
+ style="fill:#ffffff"
+ d="m 160.105,276.977 -5.021,1.657 -11.74,-4.961 -5.879,1.657 2.925,-4.113 14.694,0 -6.289,1.228 11.31,4.532 z"
+ id="path3209" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 102.676,269.57 0,16.471"
+ id="path3211" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 171.425,269.57 0,16.471"
+ id="path3213" />
+ <path
+ style="fill:#000000"
+ d="m 124.467,283.995 7.547,0 4.612,3.713 4.602,-3.713 7.128,0 0,-1.648 5.041,2.456 -5.041,2.486 0,-1.647 -6.279,0 -4.203,2.885 4.203,3.284 6.279,0 0,-2.037 5.041,2.875 -5.041,2.486 0,-1.667 -7.128,0 -4.602,-3.694 -4.612,3.694 -7.547,0 0,1.667 -5.031,-2.486 5.031,-2.875 0,2.037 6.699,0 4.202,-2.875 -4.202,-3.294 -6.699,0 0,1.647 -5.031,-2.486 5.031,-2.456 0,1.648 z"
+ id="path3215" />
+ <path
+ style="fill:#ffffff"
+ d="m 124.897,284.394 7.536,0 4.612,3.703 4.602,-3.703 7.148,0 0,-1.647 5.011,2.485 -5.011,2.476 0,-1.647 -6.299,0 -4.203,2.875 4.203,3.294 6.299,0 0,-2.056 5.011,2.885 -5.011,2.475 0,-1.657 -7.148,0 -4.602,-3.703 -4.612,3.703 -7.536,0 0,1.657 -5.042,-2.475 5.042,-2.885 0,2.056 6.688,0 4.183,-2.885 -4.183,-3.284 -6.688,0 0,1.647 -5.042,-2.476 5.042,-2.485 0,1.647 z"
+ id="path3217" />
+ </g>
+ <text
+ xml:space="preserve"
+ style="font-size:6.16453981px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="143.47925"
+ y="266.56204"
+ id="text3232-1"><tspan
+ sodipodi:role="line"
+ id="tspan3234-7"
+ x="143.47925"
+ y="266.56204"
+ style="font-size:11.20825386px">I2PTunnel</tspan></text>
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m -23.12158,114.55692 106.149072,0"
+ id="path3614"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m 176.56479,114.55692 140.83144,0"
+ id="path4836"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <g
+ id="g3219-0"
+ transform="translate(134.85585,-107.12416)">
+ <path
+ style="fill:#b7b79d"
+ d="m 139.83,178.978 0,37.022 21.882,0 0,-37.022 -21.882,0 z"
+ id="path3221-3" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 139.83,178.978 0,37.022 21.882,0 0,-37.022 -21.882,0"
+ id="path3223-4" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 139.83,178.978 2.965,-2.978 21.875,0 -2.958,2.978 -21.882,0 z"
+ id="path3225-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 139.83,178.978 2.965,-2.978 21.731,0"
+ id="path3227-3" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 164.526,176.151 -2.814,2.827 -21.882,0"
+ id="path3229-9" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 141.178,181.132 9.995,0 0,4.857 -9.995,0 0,-4.857 z"
+ id="path3231-1" />
+ <path
+ style="fill:none;stroke:#626248;stroke-width:0.02"
+ d="m 141.178,181.132 9.989,0 0,4.85 -9.989,0 0,-4.85"
+ id="path3233-9" />
+ <path
+ style="fill:none;stroke:#ecece7;stroke-width:0.60000002"
+ d="m 142.527,183.567 7.01,0"
+ id="path3235-6" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 161.712,216 2.958,-2.985 0,-37.015 -2.958,2.978 0,37.022 z"
+ id="path3237-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 161.712,216 2.814,-2.834"
+ id="path3239-3" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 164.526,176.151 -2.814,2.827 0,37.022"
+ id="path3241-3" />
+ <path
+ style="fill:none;stroke:#ecece7;stroke-width:0.60000002"
+ d="m 140.105,213.559 21.6,0"
+ id="path3243-8" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.60000002"
+ d="m 140.105,193.837 21.6,0"
+ id="path3245-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.60000002"
+ d="m 139.83,213.29 21.855,0"
+ id="path3247-5" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.60000002"
+ d="m 139.83,193.562 21.855,0"
+ id="path3249-6" />
+ <path
+ style="fill:none;stroke:#ecece7;stroke-width:0.02"
+ d="m 141.178,185.727 0,-4.595 9.72,0"
+ id="path3251-6" />
+ </g>
+ <g
+ id="g3219-6"
+ transform="translate(134.38113,-56.133163)">
+ <path
+ style="fill:#b7b79d"
+ d="m 139.83,178.978 0,37.022 21.882,0 0,-37.022 -21.882,0 z"
+ id="path3221-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 139.83,178.978 0,37.022 21.882,0 0,-37.022 -21.882,0"
+ id="path3223-8" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 139.83,178.978 2.965,-2.978 21.875,0 -2.958,2.978 -21.882,0 z"
+ id="path3225-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 139.83,178.978 2.965,-2.978 21.731,0"
+ id="path3227-2" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 164.526,176.151 -2.814,2.827 -21.882,0"
+ id="path3229-8" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 141.178,181.132 9.995,0 0,4.857 -9.995,0 0,-4.857 z"
+ id="path3231-2" />
+ <path
+ style="fill:none;stroke:#626248;stroke-width:0.02"
+ d="m 141.178,181.132 9.989,0 0,4.85 -9.989,0 0,-4.85"
+ id="path3233-99" />
+ <path
+ style="fill:none;stroke:#ecece7;stroke-width:0.60000002"
+ d="m 142.527,183.567 7.01,0"
+ id="path3235-60" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 161.712,216 2.958,-2.985 0,-37.015 -2.958,2.978 0,37.022 z"
+ id="path3237-2" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 161.712,216 2.814,-2.834"
+ id="path3239-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 164.526,176.151 -2.814,2.827 0,37.022"
+ id="path3241-6" />
+ <path
+ style="fill:none;stroke:#ecece7;stroke-width:0.60000002"
+ d="m 140.105,213.559 21.6,0"
+ id="path3243-1" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.60000002"
+ d="m 140.105,193.837 21.6,0"
+ id="path3245-3" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.60000002"
+ d="m 139.83,213.29 21.855,0"
+ id="path3247-2" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.60000002"
+ d="m 139.83,193.562 21.855,0"
+ id="path3249-1" />
+ <path
+ style="fill:none;stroke:#ecece7;stroke-width:0.02"
+ d="m 141.178,185.727 0,-4.595 9.72,0"
+ id="path3251-5" />
+ </g>
+ <text
+ xml:space="preserve"
+ style="font-size:6.16453981px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="280.74731"
+ y="181.24799"
+ id="text3232-2"><tspan
+ sodipodi:role="line"
+ id="tspan3234-0"
+ x="280.74731"
+ y="181.24799"
+ style="font-size:11.20825386px">...</tspan></text>
+ <g
+ transform="matrix(0.75311128,0,0,0.75311128,66.155046,-65.60384)"
+ id="g3183-0">
+ <path
+ style="fill:#0078aa"
+ d="m 171.824,286.241 -0.049,-0.589 -0.13,-0.599 -0.22,-0.589 -0.309,-0.579 -0.4,-0.589 -0.479,-0.579 -0.569,-0.559 -0.639,-0.549 -0.738,-0.539 -0.809,-0.519 -0.888,-0.52 -0.969,-0.499 -1.038,-0.479 -1.108,-0.469 -1.178,-0.439 -1.228,-0.42 -1.297,-0.399 -1.368,-0.369 -1.408,-0.37 -1.457,-0.309 -1.507,-0.309 -1.558,-0.27 -1.587,-0.26 -1.637,-0.219 -1.647,-0.19 -1.697,-0.16 -1.707,-0.139 -1.717,-0.11 -1.737,-0.08 -1.747,-0.03 -1.767,-0.03 0,0 -1.747,0.03 -1.737,0.03 -1.737,0.08 -1.717,0.11 -1.707,0.139 -1.697,0.16 -1.647,0.19 -1.637,0.219 -1.587,0.26 -1.558,0.27 -1.517,0.309 -1.447,0.309 -1.408,0.37 -1.368,0.369 -1.297,0.399 -1.228,0.42 -1.178,0.439 -1.108,0.469 -1.038,0.479 -0.979,0.499 -0.878,0.52 -0.819,0.519 -0.728,0.539 -0.639,0.549 -0.569,0.559 -0.479,0.579 -0.4,0.589 -0.309,0.579 -0.23,0.589 -0.12,0.599 -0.049,0.589 0,0 0.049,0.609 0.12,0.588 0.23,0.589 0.309,0.589 0.4,0.579 0.479,0.579 0.569,0.559 0.639,0.549 0.728,0.54 0.819,0.529 0.878,0.499 0.979,0.519 1.038,0.479 1.108,0.459 1.178,0.429 1.228,0.43 1.297,0.399 1.368,0.379 1.408,0.35 1.447,0.329 1.517,0.3 1.558,0.269 1.587,0.26 1.637,0.219 1.647,0.19 1.697,0.17 1.707,0.119 1.717,0.11 1.737,0.08 1.737,0.05 1.747,0.01 0,0 1.767,-0.01 1.747,-0.05 1.737,-0.08 1.717,-0.11 1.707,-0.119 1.697,-0.17 1.647,-0.19 1.637,-0.219 1.587,-0.26 1.558,-0.269 1.507,-0.3 1.457,-0.329 1.408,-0.35 1.368,-0.379 1.297,-0.399 1.228,-0.43 1.178,-0.429 1.108,-0.459 1.038,-0.479 0.969,-0.519 0.888,-0.499 0.809,-0.529 0.738,-0.54 0.639,-0.549 0.569,-0.559 0.479,-0.579 0.4,-0.579 0.309,-0.589 0.22,-0.589 0.13,-0.588 0.049,-0.609 z"
+ id="path3185-2" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 171.425,286.061 -0.05,-0.599 -0.129,-0.569 -0.22,-0.589 -0.3,-0.569 -0.399,-0.579 -0.489,-0.559 -0.539,-0.549 -0.659,-0.549 -0.729,-0.529 -0.808,-0.529 -0.879,-0.489 -0.968,-0.49 -1.018,-0.489 -1.098,-0.449 -1.178,-0.439 -1.238,-0.399 -1.288,-0.4 -1.347,-0.369 -1.388,-0.34 -1.467,-0.329 -1.508,-0.289 -1.527,-0.27 -1.587,-0.25 -1.618,-0.219 -1.647,-0.19 -1.687,-0.16 -1.687,-0.139 -1.707,-0.08 -1.737,-0.09 -1.737,-0.05 -1.747,0 0,0 -1.737,0 -1.747,0.05 -1.727,0.09 -1.707,0.08 -1.697,0.139 -1.677,0.16 -1.647,0.19 -1.627,0.219 -1.577,0.25 -1.527,0.27 -1.518,0.289 -1.447,0.329 -1.388,0.34 -1.357,0.369 -1.308,0.4 -1.238,0.399 -1.158,0.439 -1.108,0.449 -1.028,0.489 -0.949,0.49 -0.868,0.489 -0.819,0.529 -0.738,0.529 -0.639,0.549 -0.559,0.549 -0.499,0.559 -0.37,0.579 -0.319,0.569 -0.22,0.589 -0.12,0.569 -0.049,0.599 0,0 0.049,0.589 0.12,0.579 0.22,0.579 0.319,0.569 0.37,0.579 0.499,0.559 0.559,0.549 0.639,0.529 0.738,0.549 0.819,0.529 0.868,0.499 0.949,0.479 1.028,0.48 1.108,0.459 1.158,0.429 1.238,0.409 1.308,0.38 1.357,0.389 1.388,0.339 1.447,0.32 1.518,0.309 1.527,0.26 1.577,0.239 1.627,0.23 1.647,0.18 1.677,0.149 1.697,0.15 1.707,0.09 1.727,0.08 1.747,0.04 1.737,0.02 0,0 1.747,-0.02 1.737,-0.04 1.737,-0.08 1.707,-0.09 1.687,-0.15 1.687,-0.149 1.647,-0.18 1.618,-0.23 1.587,-0.239 1.527,-0.26 1.508,-0.309 1.467,-0.32 1.388,-0.339 1.347,-0.389 1.288,-0.38 1.238,-0.409 1.178,-0.429 1.098,-0.459 1.018,-0.48 0.968,-0.479 0.879,-0.499 0.808,-0.529 0.729,-0.549 0.659,-0.529 0.539,-0.549 0.489,-0.559 0.399,-0.579 0.3,-0.569 0.22,-0.579 0.129,-0.579 0.05,-0.589"
+ id="path3187-9" />
+ <path
+ style="fill:#0078aa"
+ d="m 102.676,269.969 0,16.491 68.749,0 0,-16.491 -68.749,0 z"
+ id="path3189-4" />
+ <path
+ style="fill:#00b4ff"
+ d="m 171.824,269.739 -0.049,-0.579 -0.13,-0.598 -0.22,-0.589 -0.309,-0.589 -0.4,-0.589 -0.479,-0.569 -0.569,-0.559 -0.639,-0.559 -0.738,-0.53 -0.809,-0.529 -0.888,-0.509 -0.969,-0.519 -1.038,-0.469 -1.108,-0.469 -1.178,-0.439 -1.228,-0.41 -1.297,-0.399 -1.368,-0.379 -1.408,-0.35 -1.457,-0.329 -1.507,-0.31 -1.558,-0.259 -1.587,-0.27 -1.637,-0.219 -1.647,-0.19 -1.697,-0.16 -1.707,-0.119 -1.717,-0.11 -1.737,-0.08 -1.747,-0.06 -1.767,0 0,0 -1.747,0 -1.737,0.06 -1.737,0.08 -1.717,0.11 -1.707,0.119 -1.697,0.16 -1.647,0.19 -1.637,0.219 -1.587,0.27 -1.558,0.259 -1.517,0.31 -1.447,0.329 -1.408,0.35 -1.368,0.379 -1.297,0.399 -1.228,0.41 -1.178,0.439 -1.108,0.469 -1.038,0.469 -0.979,0.519 -0.878,0.509 -0.819,0.529 -0.728,0.53 -0.639,0.559 -0.569,0.559 -0.479,0.569 -0.4,0.589 -0.309,0.589 -0.23,0.589 -0.12,0.598 -0.049,0.579 0,0 0.049,0.609 0.12,0.599 0.23,0.589 0.309,0.579 0.4,0.589 0.479,0.559 0.569,0.579 0.639,0.549 0.728,0.539 0.819,0.529 0.878,0.51 0.979,0.509 1.038,0.479 1.108,0.439 1.178,0.459 1.228,0.42 1.297,0.399 1.368,0.379 1.408,0.35 1.447,0.319 1.517,0.309 1.558,0.27 1.587,0.26 1.637,0.219 1.647,0.19 1.697,0.16 1.707,0.119 1.717,0.11 1.737,0.09 1.737,0.05 1.747,0 0,0 1.767,0 1.747,-0.05 1.737,-0.09 1.717,-0.11 1.707,-0.119 1.697,-0.16 1.647,-0.19 1.637,-0.219 1.587,-0.26 1.558,-0.27 1.507,-0.309 1.457,-0.319 1.408,-0.35 1.368,-0.379 1.297,-0.399 1.228,-0.42 1.178,-0.459 1.108,-0.439 1.038,-0.479 0.969,-0.509 0.888,-0.51 0.809,-0.529 0.738,-0.539 0.639,-0.549 0.569,-0.579 0.479,-0.559 0.4,-0.589 0.309,-0.579 0.22,-0.589 0.13,-0.599 0.049,-0.609 z"
+ id="path3191-3" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 171.425,269.57 -0.05,-0.599 -0.129,-0.589 -0.22,-0.559 -0.3,-0.589 -0.399,-0.569 -0.489,-0.559 -0.539,-0.539 -0.659,-0.559 -0.729,-0.519 -0.808,-0.539 -0.879,-0.5 -0.968,-0.499 -1.018,-0.469 -1.098,-0.439 -1.178,-0.459 -1.238,-0.4 -1.288,-0.389 -1.347,-0.369 -1.388,-0.34 -1.467,-0.339 -1.508,-0.29 -1.527,-0.269 -1.587,-0.25 -1.618,-0.219 -1.647,-0.19 -1.687,-0.14 -1.687,-0.139 -1.707,-0.1 -1.737,-0.09 -1.737,-0.04 -1.747,-0.02 0,0 -1.737,0.02 -1.747,0.04 -1.727,0.09 -1.707,0.1 -1.697,0.139 -1.677,0.14 -1.647,0.19 -1.627,0.219 -1.577,0.25 -1.527,0.269 -1.518,0.29 -1.447,0.339 -1.388,0.34 -1.357,0.369 -1.308,0.389 -1.238,0.4 -1.158,0.459 -1.108,0.439 -1.028,0.469 -0.949,0.499 -0.868,0.5 -0.819,0.539 -0.738,0.519 -0.639,0.559 -0.559,0.539 -0.499,0.559 -0.37,0.569 -0.319,0.589 -0.22,0.559 -0.12,0.589 -0.049,0.599 0,0 0.049,0.579 0.12,0.589 0.22,0.559 0.319,0.579 0.37,0.579 0.499,0.559 0.559,0.559 0.639,0.549 0.738,0.529 0.819,0.519 0.868,0.509 0.949,0.469 1.028,0.489 1.108,0.45 1.158,0.439 1.238,0.409 1.308,0.389 1.357,0.37 1.388,0.339 1.447,0.33 1.518,0.309 1.527,0.25 1.577,0.259 1.627,0.21 1.647,0.189 1.677,0.17 1.697,0.14 1.707,0.08 1.727,0.08 1.747,0.05 1.737,0.01 0,0 1.747,-0.01 1.737,-0.05 1.737,-0.08 1.707,-0.08 1.687,-0.14 1.687,-0.17 1.647,-0.189 1.618,-0.21 1.587,-0.259 1.527,-0.25 1.508,-0.309 1.467,-0.33 1.388,-0.339 1.347,-0.37 1.288,-0.389 1.238,-0.409 1.178,-0.439 1.098,-0.45 1.018,-0.489 0.968,-0.469 0.879,-0.509 0.808,-0.519 0.729,-0.529 0.659,-0.549 0.539,-0.559 0.489,-0.559 0.399,-0.579 0.3,-0.579 0.22,-0.559 0.129,-0.589 0.05,-0.579"
+ id="path3193-5" />
+ <path
+ style="fill:#000000"
+ d="m 137.874,267.074 5.041,1.657 12.169,-4.961 5.44,1.657 -2.955,-4.123 -14.225,0 5.85,1.248 -11.32,4.522 z"
+ id="path3195-1" />
+ <path
+ style="fill:#000000"
+ d="m 135.768,271.626 -5.002,-1.657 -11.749,4.961 -5.86,-1.667 2.935,4.542 14.674,0 -6.299,-1.657 11.301,-4.522 z"
+ id="path3197-7" />
+ <path
+ style="fill:#000000"
+ d="m 114.405,262.552 5.031,-1.657 12.149,4.532 5.46,-1.228 -2.925,4.113 -14.265,0 5.86,-1.238 -11.31,-4.522 z"
+ id="path3199-4" />
+ <path
+ style="fill:#000000"
+ d="m 159.676,276.568 -5.021,1.647 -11.74,-4.952 -5.87,1.667 2.935,-4.132 14.675,0 -6.299,1.217 11.32,4.553 z"
+ id="path3201-3" />
+ <path
+ style="fill:#ffffff"
+ d="m 138.293,267.483 5.051,1.648 12.149,-4.932 5.451,1.657 -2.935,-4.142 -14.265,0 5.879,1.237 -11.33,4.532 z"
+ id="path3203-1" />
+ <path
+ style="fill:#ffffff"
+ d="m 136.217,272.015 -5.051,-1.637 -11.73,4.952 -5.87,-1.657 2.935,4.542 14.665,0 -6.269,-1.647 11.32,-4.553 z"
+ id="path3205-4" />
+ <path
+ style="fill:#ffffff"
+ d="m 114.834,262.951 5.021,-1.647 12.159,4.552 5.451,-1.258 -2.935,4.133 -14.255,0 5.879,-1.248 -11.32,-4.532 z"
+ id="path3207-6" />
+ <path
+ style="fill:#ffffff"
+ d="m 160.105,276.977 -5.021,1.657 -11.74,-4.961 -5.879,1.657 2.925,-4.113 14.694,0 -6.289,1.228 11.31,4.532 z"
+ id="path3209-9" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 102.676,269.57 0,16.471"
+ id="path3211-4" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 171.425,269.57 0,16.471"
+ id="path3213-2" />
+ <path
+ style="fill:#000000"
+ d="m 124.467,283.995 7.547,0 4.612,3.713 4.602,-3.713 7.128,0 0,-1.648 5.041,2.456 -5.041,2.486 0,-1.647 -6.279,0 -4.203,2.885 4.203,3.284 6.279,0 0,-2.037 5.041,2.875 -5.041,2.486 0,-1.667 -7.128,0 -4.602,-3.694 -4.612,3.694 -7.547,0 0,1.667 -5.031,-2.486 5.031,-2.875 0,2.037 6.699,0 4.202,-2.875 -4.202,-3.294 -6.699,0 0,1.647 -5.031,-2.486 5.031,-2.456 0,1.648 z"
+ id="path3215-2" />
+ <path
+ style="fill:#ffffff"
+ d="m 124.897,284.394 7.536,0 4.612,3.703 4.602,-3.703 7.148,0 0,-1.647 5.011,2.485 -5.011,2.476 0,-1.647 -6.299,0 -4.203,2.875 4.203,3.294 6.299,0 0,-2.056 5.011,2.885 -5.011,2.475 0,-1.657 -7.148,0 -4.602,-3.703 -4.612,3.703 -7.536,0 0,1.657 -5.042,-2.475 5.042,-2.885 0,2.056 6.688,0 4.183,-2.885 -4.183,-3.284 -6.688,0 0,1.647 -5.042,-2.476 5.042,-2.485 0,1.647 z"
+ id="path3217-6" />
+ </g>
+ <g
+ transform="matrix(0.75311128,0,0,0.75311128,66.040764,-121.3287)"
+ id="g3183-1">
+ <path
+ style="fill:#0078aa"
+ d="m 171.824,286.241 -0.049,-0.589 -0.13,-0.599 -0.22,-0.589 -0.309,-0.579 -0.4,-0.589 -0.479,-0.579 -0.569,-0.559 -0.639,-0.549 -0.738,-0.539 -0.809,-0.519 -0.888,-0.52 -0.969,-0.499 -1.038,-0.479 -1.108,-0.469 -1.178,-0.439 -1.228,-0.42 -1.297,-0.399 -1.368,-0.369 -1.408,-0.37 -1.457,-0.309 -1.507,-0.309 -1.558,-0.27 -1.587,-0.26 -1.637,-0.219 -1.647,-0.19 -1.697,-0.16 -1.707,-0.139 -1.717,-0.11 -1.737,-0.08 -1.747,-0.03 -1.767,-0.03 0,0 -1.747,0.03 -1.737,0.03 -1.737,0.08 -1.717,0.11 -1.707,0.139 -1.697,0.16 -1.647,0.19 -1.637,0.219 -1.587,0.26 -1.558,0.27 -1.517,0.309 -1.447,0.309 -1.408,0.37 -1.368,0.369 -1.297,0.399 -1.228,0.42 -1.178,0.439 -1.108,0.469 -1.038,0.479 -0.979,0.499 -0.878,0.52 -0.819,0.519 -0.728,0.539 -0.639,0.549 -0.569,0.559 -0.479,0.579 -0.4,0.589 -0.309,0.579 -0.23,0.589 -0.12,0.599 -0.049,0.589 0,0 0.049,0.609 0.12,0.588 0.23,0.589 0.309,0.589 0.4,0.579 0.479,0.579 0.569,0.559 0.639,0.549 0.728,0.54 0.819,0.529 0.878,0.499 0.979,0.519 1.038,0.479 1.108,0.459 1.178,0.429 1.228,0.43 1.297,0.399 1.368,0.379 1.408,0.35 1.447,0.329 1.517,0.3 1.558,0.269 1.587,0.26 1.637,0.219 1.647,0.19 1.697,0.17 1.707,0.119 1.717,0.11 1.737,0.08 1.737,0.05 1.747,0.01 0,0 1.767,-0.01 1.747,-0.05 1.737,-0.08 1.717,-0.11 1.707,-0.119 1.697,-0.17 1.647,-0.19 1.637,-0.219 1.587,-0.26 1.558,-0.269 1.507,-0.3 1.457,-0.329 1.408,-0.35 1.368,-0.379 1.297,-0.399 1.228,-0.43 1.178,-0.429 1.108,-0.459 1.038,-0.479 0.969,-0.519 0.888,-0.499 0.809,-0.529 0.738,-0.54 0.639,-0.549 0.569,-0.559 0.479,-0.579 0.4,-0.579 0.309,-0.589 0.22,-0.589 0.13,-0.588 0.049,-0.609 z"
+ id="path3185-28" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 171.425,286.061 -0.05,-0.599 -0.129,-0.569 -0.22,-0.589 -0.3,-0.569 -0.399,-0.579 -0.489,-0.559 -0.539,-0.549 -0.659,-0.549 -0.729,-0.529 -0.808,-0.529 -0.879,-0.489 -0.968,-0.49 -1.018,-0.489 -1.098,-0.449 -1.178,-0.439 -1.238,-0.399 -1.288,-0.4 -1.347,-0.369 -1.388,-0.34 -1.467,-0.329 -1.508,-0.289 -1.527,-0.27 -1.587,-0.25 -1.618,-0.219 -1.647,-0.19 -1.687,-0.16 -1.687,-0.139 -1.707,-0.08 -1.737,-0.09 -1.737,-0.05 -1.747,0 0,0 -1.737,0 -1.747,0.05 -1.727,0.09 -1.707,0.08 -1.697,0.139 -1.677,0.16 -1.647,0.19 -1.627,0.219 -1.577,0.25 -1.527,0.27 -1.518,0.289 -1.447,0.329 -1.388,0.34 -1.357,0.369 -1.308,0.4 -1.238,0.399 -1.158,0.439 -1.108,0.449 -1.028,0.489 -0.949,0.49 -0.868,0.489 -0.819,0.529 -0.738,0.529 -0.639,0.549 -0.559,0.549 -0.499,0.559 -0.37,0.579 -0.319,0.569 -0.22,0.589 -0.12,0.569 -0.049,0.599 0,0 0.049,0.589 0.12,0.579 0.22,0.579 0.319,0.569 0.37,0.579 0.499,0.559 0.559,0.549 0.639,0.529 0.738,0.549 0.819,0.529 0.868,0.499 0.949,0.479 1.028,0.48 1.108,0.459 1.158,0.429 1.238,0.409 1.308,0.38 1.357,0.389 1.388,0.339 1.447,0.32 1.518,0.309 1.527,0.26 1.577,0.239 1.627,0.23 1.647,0.18 1.677,0.149 1.697,0.15 1.707,0.09 1.727,0.08 1.747,0.04 1.737,0.02 0,0 1.747,-0.02 1.737,-0.04 1.737,-0.08 1.707,-0.09 1.687,-0.15 1.687,-0.149 1.647,-0.18 1.618,-0.23 1.587,-0.239 1.527,-0.26 1.508,-0.309 1.467,-0.32 1.388,-0.339 1.347,-0.389 1.288,-0.38 1.238,-0.409 1.178,-0.429 1.098,-0.459 1.018,-0.48 0.968,-0.479 0.879,-0.499 0.808,-0.529 0.729,-0.549 0.659,-0.529 0.539,-0.549 0.489,-0.559 0.399,-0.579 0.3,-0.569 0.22,-0.579 0.129,-0.579 0.05,-0.589"
+ id="path3187-8" />
+ <path
+ style="fill:#0078aa"
+ d="m 102.676,269.969 0,16.491 68.749,0 0,-16.491 -68.749,0 z"
+ id="path3189-9" />
+ <path
+ style="fill:#00b4ff"
+ d="m 171.824,269.739 -0.049,-0.579 -0.13,-0.598 -0.22,-0.589 -0.309,-0.589 -0.4,-0.589 -0.479,-0.569 -0.569,-0.559 -0.639,-0.559 -0.738,-0.53 -0.809,-0.529 -0.888,-0.509 -0.969,-0.519 -1.038,-0.469 -1.108,-0.469 -1.178,-0.439 -1.228,-0.41 -1.297,-0.399 -1.368,-0.379 -1.408,-0.35 -1.457,-0.329 -1.507,-0.31 -1.558,-0.259 -1.587,-0.27 -1.637,-0.219 -1.647,-0.19 -1.697,-0.16 -1.707,-0.119 -1.717,-0.11 -1.737,-0.08 -1.747,-0.06 -1.767,0 0,0 -1.747,0 -1.737,0.06 -1.737,0.08 -1.717,0.11 -1.707,0.119 -1.697,0.16 -1.647,0.19 -1.637,0.219 -1.587,0.27 -1.558,0.259 -1.517,0.31 -1.447,0.329 -1.408,0.35 -1.368,0.379 -1.297,0.399 -1.228,0.41 -1.178,0.439 -1.108,0.469 -1.038,0.469 -0.979,0.519 -0.878,0.509 -0.819,0.529 -0.728,0.53 -0.639,0.559 -0.569,0.559 -0.479,0.569 -0.4,0.589 -0.309,0.589 -0.23,0.589 -0.12,0.598 -0.049,0.579 0,0 0.049,0.609 0.12,0.599 0.23,0.589 0.309,0.579 0.4,0.589 0.479,0.559 0.569,0.579 0.639,0.549 0.728,0.539 0.819,0.529 0.878,0.51 0.979,0.509 1.038,0.479 1.108,0.439 1.178,0.459 1.228,0.42 1.297,0.399 1.368,0.379 1.408,0.35 1.447,0.319 1.517,0.309 1.558,0.27 1.587,0.26 1.637,0.219 1.647,0.19 1.697,0.16 1.707,0.119 1.717,0.11 1.737,0.09 1.737,0.05 1.747,0 0,0 1.767,0 1.747,-0.05 1.737,-0.09 1.717,-0.11 1.707,-0.119 1.697,-0.16 1.647,-0.19 1.637,-0.219 1.587,-0.26 1.558,-0.27 1.507,-0.309 1.457,-0.319 1.408,-0.35 1.368,-0.379 1.297,-0.399 1.228,-0.42 1.178,-0.459 1.108,-0.439 1.038,-0.479 0.969,-0.509 0.888,-0.51 0.809,-0.529 0.738,-0.539 0.639,-0.549 0.569,-0.579 0.479,-0.559 0.4,-0.589 0.309,-0.579 0.22,-0.589 0.13,-0.599 0.049,-0.609 z"
+ id="path3191-2" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 171.425,269.57 -0.05,-0.599 -0.129,-0.589 -0.22,-0.559 -0.3,-0.589 -0.399,-0.569 -0.489,-0.559 -0.539,-0.539 -0.659,-0.559 -0.729,-0.519 -0.808,-0.539 -0.879,-0.5 -0.968,-0.499 -1.018,-0.469 -1.098,-0.439 -1.178,-0.459 -1.238,-0.4 -1.288,-0.389 -1.347,-0.369 -1.388,-0.34 -1.467,-0.339 -1.508,-0.29 -1.527,-0.269 -1.587,-0.25 -1.618,-0.219 -1.647,-0.19 -1.687,-0.14 -1.687,-0.139 -1.707,-0.1 -1.737,-0.09 -1.737,-0.04 -1.747,-0.02 0,0 -1.737,0.02 -1.747,0.04 -1.727,0.09 -1.707,0.1 -1.697,0.139 -1.677,0.14 -1.647,0.19 -1.627,0.219 -1.577,0.25 -1.527,0.269 -1.518,0.29 -1.447,0.339 -1.388,0.34 -1.357,0.369 -1.308,0.389 -1.238,0.4 -1.158,0.459 -1.108,0.439 -1.028,0.469 -0.949,0.499 -0.868,0.5 -0.819,0.539 -0.738,0.519 -0.639,0.559 -0.559,0.539 -0.499,0.559 -0.37,0.569 -0.319,0.589 -0.22,0.559 -0.12,0.589 -0.049,0.599 0,0 0.049,0.579 0.12,0.589 0.22,0.559 0.319,0.579 0.37,0.579 0.499,0.559 0.559,0.559 0.639,0.549 0.738,0.529 0.819,0.519 0.868,0.509 0.949,0.469 1.028,0.489 1.108,0.45 1.158,0.439 1.238,0.409 1.308,0.389 1.357,0.37 1.388,0.339 1.447,0.33 1.518,0.309 1.527,0.25 1.577,0.259 1.627,0.21 1.647,0.189 1.677,0.17 1.697,0.14 1.707,0.08 1.727,0.08 1.747,0.05 1.737,0.01 0,0 1.747,-0.01 1.737,-0.05 1.737,-0.08 1.707,-0.08 1.687,-0.14 1.687,-0.17 1.647,-0.189 1.618,-0.21 1.587,-0.259 1.527,-0.25 1.508,-0.309 1.467,-0.33 1.388,-0.339 1.347,-0.37 1.288,-0.389 1.238,-0.409 1.178,-0.439 1.098,-0.45 1.018,-0.489 0.968,-0.469 0.879,-0.509 0.808,-0.519 0.729,-0.529 0.659,-0.549 0.539,-0.559 0.489,-0.559 0.399,-0.579 0.3,-0.579 0.22,-0.559 0.129,-0.589 0.05,-0.579"
+ id="path3193-8" />
+ <path
+ style="fill:#000000"
+ d="m 137.874,267.074 5.041,1.657 12.169,-4.961 5.44,1.657 -2.955,-4.123 -14.225,0 5.85,1.248 -11.32,4.522 z"
+ id="path3195-8" />
+ <path
+ style="fill:#000000"
+ d="m 135.768,271.626 -5.002,-1.657 -11.749,4.961 -5.86,-1.667 2.935,4.542 14.674,0 -6.299,-1.657 11.301,-4.522 z"
+ id="path3197-8" />
+ <path
+ style="fill:#000000"
+ d="m 114.405,262.552 5.031,-1.657 12.149,4.532 5.46,-1.228 -2.925,4.113 -14.265,0 5.86,-1.238 -11.31,-4.522 z"
+ id="path3199-6" />
+ <path
+ style="fill:#000000"
+ d="m 159.676,276.568 -5.021,1.647 -11.74,-4.952 -5.87,1.667 2.935,-4.132 14.675,0 -6.299,1.217 11.32,4.553 z"
+ id="path3201-8" />
+ <path
+ style="fill:#ffffff"
+ d="m 138.293,267.483 5.051,1.648 12.149,-4.932 5.451,1.657 -2.935,-4.142 -14.265,0 5.879,1.237 -11.33,4.532 z"
+ id="path3203-3" />
+ <path
+ style="fill:#ffffff"
+ d="m 136.217,272.015 -5.051,-1.637 -11.73,4.952 -5.87,-1.657 2.935,4.542 14.665,0 -6.269,-1.647 11.32,-4.553 z"
+ id="path3205-8" />
+ <path
+ style="fill:#ffffff"
+ d="m 114.834,262.951 5.021,-1.647 12.159,4.552 5.451,-1.258 -2.935,4.133 -14.255,0 5.879,-1.248 -11.32,-4.532 z"
+ id="path3207-3" />
+ <path
+ style="fill:#ffffff"
+ d="m 160.105,276.977 -5.021,1.657 -11.74,-4.961 -5.879,1.657 2.925,-4.113 14.694,0 -6.289,1.228 11.31,4.532 z"
+ id="path3209-3" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 102.676,269.57 0,16.471"
+ id="path3211-3" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 171.425,269.57 0,16.471"
+ id="path3213-8" />
+ <path
+ style="fill:#000000"
+ d="m 124.467,283.995 7.547,0 4.612,3.713 4.602,-3.713 7.128,0 0,-1.648 5.041,2.456 -5.041,2.486 0,-1.647 -6.279,0 -4.203,2.885 4.203,3.284 6.279,0 0,-2.037 5.041,2.875 -5.041,2.486 0,-1.667 -7.128,0 -4.602,-3.694 -4.612,3.694 -7.547,0 0,1.667 -5.031,-2.486 5.031,-2.875 0,2.037 6.699,0 4.202,-2.875 -4.202,-3.294 -6.699,0 0,1.647 -5.031,-2.486 5.031,-2.456 0,1.648 z"
+ id="path3215-0" />
+ <path
+ style="fill:#ffffff"
+ d="m 124.897,284.394 7.536,0 4.612,3.703 4.602,-3.703 7.148,0 0,-1.647 5.011,2.485 -5.011,2.476 0,-1.647 -6.299,0 -4.203,2.875 4.203,3.294 6.299,0 0,-2.056 5.011,2.885 -5.011,2.475 0,-1.657 -7.148,0 -4.602,-3.703 -4.612,3.703 -7.536,0 0,1.657 -5.042,-2.475 5.042,-2.885 0,2.056 6.688,0 4.183,-2.885 -4.183,-3.284 -6.688,0 0,1.647 -5.042,-2.476 5.042,-2.485 0,1.647 z"
+ id="path3217-4" />
+ </g>
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="M -24.172561,102.99613 83.027492,-13.662752"
+ id="path3144"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="M -35.733351,87.231415 81.976511,-112.45496"
+ id="path3146"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m 175.51381,-125.06673 139.78046,0"
+ id="path3148"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m 173.41185,-27.325504 141.88242,0"
+ id="path3150"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <text
+ xml:space="preserve"
+ style="font-size:6.16453981px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="165.27502"
+ y="181.54456"
+ id="text3232-2-6"><tspan
+ sodipodi:role="line"
+ id="tspan3234-0-7"
+ x="165.27502"
+ y="181.54456"
+ style="font-size:11.20825386px">...</tspan></text>
+</svg>
diff --git a/www.i2p2/image_design/i2ptunnel_serverclient.svg b/www.i2p2/image_design/i2ptunnel_serverclient.svg
new file mode 100644
index 0000000000000000000000000000000000000000..473be273b16f0e525c402fef26b9f07c6a4d6a26
--- /dev/null
+++ b/www.i2p2/image_design/i2ptunnel_serverclient.svg
@@ -0,0 +1,368 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:cc="http://creativecommons.org/ns#"
+ xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+ xmlns:svg="http://www.w3.org/2000/svg"
+ xmlns="http://www.w3.org/2000/svg"
+ xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+ xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+ width="7cm"
+ height="7cm"
+ viewBox="102 159 129 139"
+ id="svg3091"
+ version="1.1"
+ inkscape:version="0.47pre4 r22446"
+ sodipodi:docname="i2ptunnel_serverclient.svg"
+ inkscape:export-filename="/home/mathias/Documents/I2P/i2p.www/www.i2p2/static/images/i2ptunnel_serverclient.png"
+ inkscape:export-xdpi="49.999134"
+ inkscape:export-ydpi="49.999134">
+ <metadata
+ id="metadata3257">
+ <rdf:RDF>
+ <cc:Work
+ rdf:about="">
+ <dc:format>image/svg+xml</dc:format>
+ <dc:type
+ rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+ <dc:title></dc:title>
+ </cc:Work>
+ </rdf:RDF>
+ </metadata>
+ <defs
+ id="defs3255">
+ <marker
+ inkscape:stockid="Arrow1Lend"
+ orient="auto"
+ refY="0.0"
+ refX="0.0"
+ id="Arrow1Lend"
+ style="overflow:visible;">
+ <path
+ id="path4394"
+ d="M 0.0,0.0 L 5.0,-5.0 L -12.5,0.0 L 5.0,5.0 L 0.0,0.0 z "
+ style="fill-rule:evenodd;stroke:#000000;stroke-width:1.0pt;marker-start:none;"
+ transform="scale(0.8) rotate(180) translate(12.5,0)" />
+ </marker>
+ <inkscape:perspective
+ sodipodi:type="inkscape:persp3d"
+ inkscape:vp_x="0 : 124.01575 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_z="248.03149 : 124.01575 : 1"
+ inkscape:persp3d-origin="124.01575 : 82.677165 : 1"
+ id="perspective3259" />
+ <inkscape:perspective
+ id="perspective3524"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective3597"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ </defs>
+ <sodipodi:namedview
+ pagecolor="#ffffff"
+ bordercolor="#666666"
+ borderopacity="1"
+ objecttolerance="10"
+ gridtolerance="10"
+ guidetolerance="10"
+ inkscape:pageopacity="0"
+ inkscape:pageshadow="2"
+ inkscape:window-width="1280"
+ inkscape:window-height="726"
+ id="namedview3253"
+ showgrid="false"
+ inkscape:zoom="0.95149207"
+ inkscape:cx="124.01575"
+ inkscape:cy="124.01575"
+ inkscape:window-x="0"
+ inkscape:window-y="25"
+ inkscape:window-maximized="1"
+ inkscape:current-layer="svg3091" />
+ <g
+ id="g3093"
+ transform="translate(-124.27542,48.29661)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139" />
+ </g>
+ <g
+ id="g3219"
+ transform="translate(134.87712,28.099763)">
+ <path
+ style="fill:#b7b79d"
+ d="m 139.83,178.978 0,37.022 21.882,0 0,-37.022 -21.882,0 z"
+ id="path3221" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 139.83,178.978 0,37.022 21.882,0 0,-37.022 -21.882,0"
+ id="path3223" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 139.83,178.978 2.965,-2.978 21.875,0 -2.958,2.978 -21.882,0 z"
+ id="path3225" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 139.83,178.978 2.965,-2.978 21.731,0"
+ id="path3227" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 164.526,176.151 -2.814,2.827 -21.882,0"
+ id="path3229" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 141.178,181.132 9.995,0 0,4.857 -9.995,0 0,-4.857 z"
+ id="path3231" />
+ <path
+ style="fill:none;stroke:#626248;stroke-width:0.02"
+ d="m 141.178,181.132 9.989,0 0,4.85 -9.989,0 0,-4.85"
+ id="path3233" />
+ <path
+ style="fill:none;stroke:#ecece7;stroke-width:0.60000002"
+ d="m 142.527,183.567 7.01,0"
+ id="path3235" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 161.712,216 2.958,-2.985 0,-37.015 -2.958,2.978 0,37.022 z"
+ id="path3237" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 161.712,216 2.814,-2.834"
+ id="path3239" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 164.526,176.151 -2.814,2.827 0,37.022"
+ id="path3241" />
+ <path
+ style="fill:none;stroke:#ecece7;stroke-width:0.60000002"
+ d="m 140.105,213.559 21.6,0"
+ id="path3243" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.60000002"
+ d="m 140.105,193.837 21.6,0"
+ id="path3245" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.60000002"
+ d="m 139.83,213.29 21.855,0"
+ id="path3247" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.60000002"
+ d="m 139.83,193.562 21.855,0"
+ id="path3249" />
+ <path
+ style="fill:none;stroke:#ecece7;stroke-width:0.02"
+ d="m 141.178,185.727 0,-4.595 9.72,0"
+ id="path3251" />
+ </g>
+ <text
+ xml:space="preserve"
+ style="font-size:6.16453981px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="52.2197"
+ y="266.53781"
+ id="text3232"><tspan
+ sodipodi:role="line"
+ id="tspan3234"
+ x="52.2197"
+ y="266.53781"
+ style="font-size:11.20825386px">Client</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-size:16.81238174px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="268.38885"
+ y="267.14429"
+ id="text3236"><tspan
+ sodipodi:role="line"
+ id="tspan3238"
+ x="268.38885"
+ y="267.14429"
+ style="font-size:11.20825386px">Server</tspan></text>
+ <g
+ transform="matrix(0.75311128,0,0,0.75311128,66.977055,17.740053)"
+ id="g3183">
+ <path
+ style="fill:#0078aa"
+ d="m 171.824,286.241 -0.049,-0.589 -0.13,-0.599 -0.22,-0.589 -0.309,-0.579 -0.4,-0.589 -0.479,-0.579 -0.569,-0.559 -0.639,-0.549 -0.738,-0.539 -0.809,-0.519 -0.888,-0.52 -0.969,-0.499 -1.038,-0.479 -1.108,-0.469 -1.178,-0.439 -1.228,-0.42 -1.297,-0.399 -1.368,-0.369 -1.408,-0.37 -1.457,-0.309 -1.507,-0.309 -1.558,-0.27 -1.587,-0.26 -1.637,-0.219 -1.647,-0.19 -1.697,-0.16 -1.707,-0.139 -1.717,-0.11 -1.737,-0.08 -1.747,-0.03 -1.767,-0.03 0,0 -1.747,0.03 -1.737,0.03 -1.737,0.08 -1.717,0.11 -1.707,0.139 -1.697,0.16 -1.647,0.19 -1.637,0.219 -1.587,0.26 -1.558,0.27 -1.517,0.309 -1.447,0.309 -1.408,0.37 -1.368,0.369 -1.297,0.399 -1.228,0.42 -1.178,0.439 -1.108,0.469 -1.038,0.479 -0.979,0.499 -0.878,0.52 -0.819,0.519 -0.728,0.539 -0.639,0.549 -0.569,0.559 -0.479,0.579 -0.4,0.589 -0.309,0.579 -0.23,0.589 -0.12,0.599 -0.049,0.589 0,0 0.049,0.609 0.12,0.588 0.23,0.589 0.309,0.589 0.4,0.579 0.479,0.579 0.569,0.559 0.639,0.549 0.728,0.54 0.819,0.529 0.878,0.499 0.979,0.519 1.038,0.479 1.108,0.459 1.178,0.429 1.228,0.43 1.297,0.399 1.368,0.379 1.408,0.35 1.447,0.329 1.517,0.3 1.558,0.269 1.587,0.26 1.637,0.219 1.647,0.19 1.697,0.17 1.707,0.119 1.717,0.11 1.737,0.08 1.737,0.05 1.747,0.01 0,0 1.767,-0.01 1.747,-0.05 1.737,-0.08 1.717,-0.11 1.707,-0.119 1.697,-0.17 1.647,-0.19 1.637,-0.219 1.587,-0.26 1.558,-0.269 1.507,-0.3 1.457,-0.329 1.408,-0.35 1.368,-0.379 1.297,-0.399 1.228,-0.43 1.178,-0.429 1.108,-0.459 1.038,-0.479 0.969,-0.519 0.888,-0.499 0.809,-0.529 0.738,-0.54 0.639,-0.549 0.569,-0.559 0.479,-0.579 0.4,-0.579 0.309,-0.589 0.22,-0.589 0.13,-0.588 0.049,-0.609 z"
+ id="path3185" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 171.425,286.061 -0.05,-0.599 -0.129,-0.569 -0.22,-0.589 -0.3,-0.569 -0.399,-0.579 -0.489,-0.559 -0.539,-0.549 -0.659,-0.549 -0.729,-0.529 -0.808,-0.529 -0.879,-0.489 -0.968,-0.49 -1.018,-0.489 -1.098,-0.449 -1.178,-0.439 -1.238,-0.399 -1.288,-0.4 -1.347,-0.369 -1.388,-0.34 -1.467,-0.329 -1.508,-0.289 -1.527,-0.27 -1.587,-0.25 -1.618,-0.219 -1.647,-0.19 -1.687,-0.16 -1.687,-0.139 -1.707,-0.08 -1.737,-0.09 -1.737,-0.05 -1.747,0 0,0 -1.737,0 -1.747,0.05 -1.727,0.09 -1.707,0.08 -1.697,0.139 -1.677,0.16 -1.647,0.19 -1.627,0.219 -1.577,0.25 -1.527,0.27 -1.518,0.289 -1.447,0.329 -1.388,0.34 -1.357,0.369 -1.308,0.4 -1.238,0.399 -1.158,0.439 -1.108,0.449 -1.028,0.489 -0.949,0.49 -0.868,0.489 -0.819,0.529 -0.738,0.529 -0.639,0.549 -0.559,0.549 -0.499,0.559 -0.37,0.579 -0.319,0.569 -0.22,0.589 -0.12,0.569 -0.049,0.599 0,0 0.049,0.589 0.12,0.579 0.22,0.579 0.319,0.569 0.37,0.579 0.499,0.559 0.559,0.549 0.639,0.529 0.738,0.549 0.819,0.529 0.868,0.499 0.949,0.479 1.028,0.48 1.108,0.459 1.158,0.429 1.238,0.409 1.308,0.38 1.357,0.389 1.388,0.339 1.447,0.32 1.518,0.309 1.527,0.26 1.577,0.239 1.627,0.23 1.647,0.18 1.677,0.149 1.697,0.15 1.707,0.09 1.727,0.08 1.747,0.04 1.737,0.02 0,0 1.747,-0.02 1.737,-0.04 1.737,-0.08 1.707,-0.09 1.687,-0.15 1.687,-0.149 1.647,-0.18 1.618,-0.23 1.587,-0.239 1.527,-0.26 1.508,-0.309 1.467,-0.32 1.388,-0.339 1.347,-0.389 1.288,-0.38 1.238,-0.409 1.178,-0.429 1.098,-0.459 1.018,-0.48 0.968,-0.479 0.879,-0.499 0.808,-0.529 0.729,-0.549 0.659,-0.529 0.539,-0.549 0.489,-0.559 0.399,-0.579 0.3,-0.569 0.22,-0.579 0.129,-0.579 0.05,-0.589"
+ id="path3187" />
+ <path
+ style="fill:#0078aa"
+ d="m 102.676,269.969 0,16.491 68.749,0 0,-16.491 -68.749,0 z"
+ id="path3189" />
+ <path
+ style="fill:#00b4ff"
+ d="m 171.824,269.739 -0.049,-0.579 -0.13,-0.598 -0.22,-0.589 -0.309,-0.589 -0.4,-0.589 -0.479,-0.569 -0.569,-0.559 -0.639,-0.559 -0.738,-0.53 -0.809,-0.529 -0.888,-0.509 -0.969,-0.519 -1.038,-0.469 -1.108,-0.469 -1.178,-0.439 -1.228,-0.41 -1.297,-0.399 -1.368,-0.379 -1.408,-0.35 -1.457,-0.329 -1.507,-0.31 -1.558,-0.259 -1.587,-0.27 -1.637,-0.219 -1.647,-0.19 -1.697,-0.16 -1.707,-0.119 -1.717,-0.11 -1.737,-0.08 -1.747,-0.06 -1.767,0 0,0 -1.747,0 -1.737,0.06 -1.737,0.08 -1.717,0.11 -1.707,0.119 -1.697,0.16 -1.647,0.19 -1.637,0.219 -1.587,0.27 -1.558,0.259 -1.517,0.31 -1.447,0.329 -1.408,0.35 -1.368,0.379 -1.297,0.399 -1.228,0.41 -1.178,0.439 -1.108,0.469 -1.038,0.469 -0.979,0.519 -0.878,0.509 -0.819,0.529 -0.728,0.53 -0.639,0.559 -0.569,0.559 -0.479,0.569 -0.4,0.589 -0.309,0.589 -0.23,0.589 -0.12,0.598 -0.049,0.579 0,0 0.049,0.609 0.12,0.599 0.23,0.589 0.309,0.579 0.4,0.589 0.479,0.559 0.569,0.579 0.639,0.549 0.728,0.539 0.819,0.529 0.878,0.51 0.979,0.509 1.038,0.479 1.108,0.439 1.178,0.459 1.228,0.42 1.297,0.399 1.368,0.379 1.408,0.35 1.447,0.319 1.517,0.309 1.558,0.27 1.587,0.26 1.637,0.219 1.647,0.19 1.697,0.16 1.707,0.119 1.717,0.11 1.737,0.09 1.737,0.05 1.747,0 0,0 1.767,0 1.747,-0.05 1.737,-0.09 1.717,-0.11 1.707,-0.119 1.697,-0.16 1.647,-0.19 1.637,-0.219 1.587,-0.26 1.558,-0.27 1.507,-0.309 1.457,-0.319 1.408,-0.35 1.368,-0.379 1.297,-0.399 1.228,-0.42 1.178,-0.459 1.108,-0.439 1.038,-0.479 0.969,-0.509 0.888,-0.51 0.809,-0.529 0.738,-0.539 0.639,-0.549 0.569,-0.579 0.479,-0.559 0.4,-0.589 0.309,-0.579 0.22,-0.589 0.13,-0.599 0.049,-0.609 z"
+ id="path3191" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 171.425,269.57 -0.05,-0.599 -0.129,-0.589 -0.22,-0.559 -0.3,-0.589 -0.399,-0.569 -0.489,-0.559 -0.539,-0.539 -0.659,-0.559 -0.729,-0.519 -0.808,-0.539 -0.879,-0.5 -0.968,-0.499 -1.018,-0.469 -1.098,-0.439 -1.178,-0.459 -1.238,-0.4 -1.288,-0.389 -1.347,-0.369 -1.388,-0.34 -1.467,-0.339 -1.508,-0.29 -1.527,-0.269 -1.587,-0.25 -1.618,-0.219 -1.647,-0.19 -1.687,-0.14 -1.687,-0.139 -1.707,-0.1 -1.737,-0.09 -1.737,-0.04 -1.747,-0.02 0,0 -1.737,0.02 -1.747,0.04 -1.727,0.09 -1.707,0.1 -1.697,0.139 -1.677,0.14 -1.647,0.19 -1.627,0.219 -1.577,0.25 -1.527,0.269 -1.518,0.29 -1.447,0.339 -1.388,0.34 -1.357,0.369 -1.308,0.389 -1.238,0.4 -1.158,0.459 -1.108,0.439 -1.028,0.469 -0.949,0.499 -0.868,0.5 -0.819,0.539 -0.738,0.519 -0.639,0.559 -0.559,0.539 -0.499,0.559 -0.37,0.569 -0.319,0.589 -0.22,0.559 -0.12,0.589 -0.049,0.599 0,0 0.049,0.579 0.12,0.589 0.22,0.559 0.319,0.579 0.37,0.579 0.499,0.559 0.559,0.559 0.639,0.549 0.738,0.529 0.819,0.519 0.868,0.509 0.949,0.469 1.028,0.489 1.108,0.45 1.158,0.439 1.238,0.409 1.308,0.389 1.357,0.37 1.388,0.339 1.447,0.33 1.518,0.309 1.527,0.25 1.577,0.259 1.627,0.21 1.647,0.189 1.677,0.17 1.697,0.14 1.707,0.08 1.727,0.08 1.747,0.05 1.737,0.01 0,0 1.747,-0.01 1.737,-0.05 1.737,-0.08 1.707,-0.08 1.687,-0.14 1.687,-0.17 1.647,-0.189 1.618,-0.21 1.587,-0.259 1.527,-0.25 1.508,-0.309 1.467,-0.33 1.388,-0.339 1.347,-0.37 1.288,-0.389 1.238,-0.409 1.178,-0.439 1.098,-0.45 1.018,-0.489 0.968,-0.469 0.879,-0.509 0.808,-0.519 0.729,-0.529 0.659,-0.549 0.539,-0.559 0.489,-0.559 0.399,-0.579 0.3,-0.579 0.22,-0.559 0.129,-0.589 0.05,-0.579"
+ id="path3193" />
+ <path
+ style="fill:#000000"
+ d="m 137.874,267.074 5.041,1.657 12.169,-4.961 5.44,1.657 -2.955,-4.123 -14.225,0 5.85,1.248 -11.32,4.522 z"
+ id="path3195" />
+ <path
+ style="fill:#000000"
+ d="m 135.768,271.626 -5.002,-1.657 -11.749,4.961 -5.86,-1.667 2.935,4.542 14.674,0 -6.299,-1.657 11.301,-4.522 z"
+ id="path3197" />
+ <path
+ style="fill:#000000"
+ d="m 114.405,262.552 5.031,-1.657 12.149,4.532 5.46,-1.228 -2.925,4.113 -14.265,0 5.86,-1.238 -11.31,-4.522 z"
+ id="path3199" />
+ <path
+ style="fill:#000000"
+ d="m 159.676,276.568 -5.021,1.647 -11.74,-4.952 -5.87,1.667 2.935,-4.132 14.675,0 -6.299,1.217 11.32,4.553 z"
+ id="path3201" />
+ <path
+ style="fill:#ffffff"
+ d="m 138.293,267.483 5.051,1.648 12.149,-4.932 5.451,1.657 -2.935,-4.142 -14.265,0 5.879,1.237 -11.33,4.532 z"
+ id="path3203" />
+ <path
+ style="fill:#ffffff"
+ d="m 136.217,272.015 -5.051,-1.637 -11.73,4.952 -5.87,-1.657 2.935,4.542 14.665,0 -6.269,-1.647 11.32,-4.553 z"
+ id="path3205" />
+ <path
+ style="fill:#ffffff"
+ d="m 114.834,262.951 5.021,-1.647 12.159,4.552 5.451,-1.258 -2.935,4.133 -14.255,0 5.879,-1.248 -11.32,-4.532 z"
+ id="path3207" />
+ <path
+ style="fill:#ffffff"
+ d="m 160.105,276.977 -5.021,1.657 -11.74,-4.961 -5.879,1.657 2.925,-4.113 14.694,0 -6.289,1.228 11.31,4.532 z"
+ id="path3209" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 102.676,269.57 0,16.471"
+ id="path3211" />
+ <path
+ style="fill:none;stroke:#aae6ff;stroke-width:0.02"
+ d="m 171.425,269.57 0,16.471"
+ id="path3213" />
+ <path
+ style="fill:#000000"
+ d="m 124.467,283.995 7.547,0 4.612,3.713 4.602,-3.713 7.128,0 0,-1.648 5.041,2.456 -5.041,2.486 0,-1.647 -6.279,0 -4.203,2.885 4.203,3.284 6.279,0 0,-2.037 5.041,2.875 -5.041,2.486 0,-1.667 -7.128,0 -4.602,-3.694 -4.612,3.694 -7.547,0 0,1.667 -5.031,-2.486 5.031,-2.875 0,2.037 6.699,0 4.202,-2.875 -4.202,-3.294 -6.699,0 0,1.647 -5.031,-2.486 5.031,-2.456 0,1.648 z"
+ id="path3215" />
+ <path
+ style="fill:#ffffff"
+ d="m 124.897,284.394 7.536,0 4.612,3.703 4.602,-3.703 7.148,0 0,-1.647 5.011,2.485 -5.011,2.476 0,-1.647 -6.299,0 -4.203,2.875 4.203,3.294 6.299,0 0,-2.056 5.011,2.885 -5.011,2.475 0,-1.657 -7.148,0 -4.602,-3.703 -4.612,3.703 -7.536,0 0,1.657 -5.042,-2.475 5.042,-2.885 0,2.056 6.688,0 4.183,-2.885 -4.183,-3.284 -6.688,0 0,1.647 -5.042,-2.476 5.042,-2.485 0,1.647 z"
+ id="path3217" />
+ </g>
+ <text
+ xml:space="preserve"
+ style="font-size:6.16453981px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="143.47925"
+ y="266.56204"
+ id="text3232-1"><tspan
+ sodipodi:role="line"
+ id="tspan3234-7"
+ x="143.47925"
+ y="266.56204"
+ style="font-size:11.20825386px">I2PTunnel</tspan></text>
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m -23.12158,114.55692 106.149072,0"
+ id="path3614"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m 176.56479,114.55692 140.83144,0"
+ id="path4836"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+</svg>
diff --git a/www.i2p2/image_design/itoopie.svg b/www.i2p2/image_design/itoopie.svg
new file mode 100644
index 0000000000000000000000000000000000000000..ca6833dd19c7e4aa1a078844e869cb79e3ec163b
--- /dev/null
+++ b/www.i2p2/image_design/itoopie.svg
@@ -0,0 +1,133 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:cc="http://creativecommons.org/ns#"
+ xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+ xmlns:svg="http://www.w3.org/2000/svg"
+ xmlns="http://www.w3.org/2000/svg"
+ xmlns:xlink="http://www.w3.org/1999/xlink"
+ xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+ xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+ id="svg3039"
+ version="1.1"
+ inkscape:version="0.48.1 r9760"
+ width="448"
+ height="616"
+ sodipodi:docname="itoopie.png">
+ <metadata
+ id="metadata3045">
+ <rdf:RDF>
+ <cc:Work
+ rdf:about="">
+ <dc:format>image/svg+xml</dc:format>
+ <dc:type
+ rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+ <dc:title></dc:title>
+ </cc:Work>
+ </rdf:RDF>
+ </metadata>
+ <defs
+ id="defs3043" />
+ <sodipodi:namedview
+ pagecolor="#ffffff"
+ bordercolor="#666666"
+ borderopacity="1"
+ objecttolerance="10"
+ gridtolerance="10"
+ guidetolerance="10"
+ inkscape:pageopacity="0"
+ inkscape:pageshadow="2"
+ inkscape:window-width="1015"
+ inkscape:window-height="649"
+ id="namedview3041"
+ showgrid="false"
+ inkscape:zoom="0.48051948"
+ inkscape:cx="224"
+ inkscape:cy="308"
+ inkscape:window-x="0"
+ inkscape:window-y="0"
+ inkscape:window-maximized="0"
+ inkscape:current-layer="svg3039" />
+ <image
+ width="448"
+ height="616"
+ xlink:href="file:///home/hottuna/itoopie.png"
+ id="image3047"
+ x="0"
+ y="0" />
+ <g
+ id="g3049">
+ <path
+ style="fill:#fefefe"
+ d="M 0,308 0,0 l 224,0 224,0 0,308 0,308 -224,0 -224,0 0,-308 z"
+ id="path3077"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#f4b0a1"
+ d="m 97.121495,594.29009 c -4.369464,-2.15255 -7.113058,-6.73566 -7.117757,-11.89005 -0.0041,-4.44723 1.368004,-6.71577 12.338382,-20.40004 3.30692,-4.125 6.3777,-7.98999 6.82396,-8.58888 0.48345,-0.6488 -1.64163,-4.89244 -5.25805,-10.5 -14.268923,-22.12511 -18.192279,-34.94705 -18.030333,-58.92501 0.101794,-15.07179 1.204093,-21.46099 5.020034,-29.09737 2.772257,-5.54777 2.814508,-5.83919 1.074873,-7.41353 -0.995949,-0.90132 -3.445685,-4.74993 -5.443859,-8.55246 -3.341403,-6.3587 -6.30092,-9.35038 -36.867487,-37.26805 C 31.382314,384.9598 15.655781,370.1236 14.713407,368.68536 13.680913,367.10957 13,364.1114 13,361.14094 c 0,-4.01079 0.512488,-5.46762 2.75,-7.81737 1.5125,-1.58837 22.1,-16.32923 45.75,-32.75747 23.65,-16.42823 43.35082,-30.17457 43.7796,-30.54741 0.42878,-0.37284 -1.97908,-4.24207 -5.350797,-8.59829 C 83.736248,260.49982 73.62062,236.92538 69.465067,210.42477 66.944495,194.35068 67.84886,164.60573 71.302454,149.99237 77.857497,122.25568 91.513428,96.63428 110.93083,75.641195 116.71446,69.388235 129.8446,58.749473 139.30755,52.648816 157.99906,40.598612 173.77441,34.239486 197,29.392694 c 12.3229,-2.571584 43.76166,-2.588608 57.5,-0.03114 27.69782,5.15611 54.03679,17.920369 76.98509,37.308119 16.48396,13.926386 32.78945,37.352407 41.64441,59.830327 17.48403,44.38242 13.99618,96.38646 -9.16354,136.62886 -2.73128,4.74588 -4.96596,9.02353 -4.96596,9.50589 0,0.48237 1.2375,1.42652 2.75,2.09812 3.12893,1.38934 45.30662,46.5539 48.44921,51.88019 1.58039,2.67856 1.91712,4.46458 1.44947,7.68803 -0.33503,2.3094 -6.20456,21.37461 -13.04338,42.36713 l -12.43422,38.16821 1.52575,5.20483 c 1.88161,6.41878 1.36182,15.03126 -1.23359,20.4398 -1.05073,2.18958 -3.8348,5.82494 -6.18683,8.07858 -2.57622,2.46846 -4.27641,5.00013 -4.27641,6.36781 0,3.42573 -2.85792,8.74944 -5.69481,10.60824 -2.44377,1.60122 -2.50061,1.88645 -1.821,9.1389 0.38583,4.11736 1.13984,8.91245 1.67559,10.65576 3.16074,10.285 2.69016,25.60057 -1.14024,37.11094 -2.52854,7.59824 -9.44658,19.52899 -14.91015,25.71377 l -4.11222,4.65505 7.25142,6.65427 c 10.11698,9.28386 12.66157,12.99656 12.70387,18.53562 0.021,2.75022 -0.68481,5.59072 -1.81516,7.30507 -4.12372,6.25421 -1.24601,5.90803 -65.0714,7.82786 -76.63817,2.30522 -70.06039,2.36003 -74.4523,-0.6204 l -3.6655,-2.48748 -4.12409,2.98748 -4.12409,2.98747 -58.09996,-0.0228 c -52.14536,-0.0204 -58.44622,-0.19335 -61.478465,-1.68714 z M 153.20128,178.10597 c -0.55911,-7.72964 1.12614,-12.48602 6.2336,-17.59348 10.22249,-10.22249 27.45087,-7.40973 33.90143,5.53487 l 2.62995,5.27763 1.696,-3.9125 c 4.62636,-10.67257 1.95297,-24.6332 -6.43418,-33.59974 C 184.5782,126.70349 177.33683,123.49493 168,123.52069 c -9.27418,0.0256 -15.48365,2.59199 -22.17609,9.16552 -13.65277,13.41019 -13.25948,33.40347 0.91186,46.35527 2.98397,2.72719 5.75535,4.95852 6.15863,4.95852 0.40327,0 0.54137,-2.65231 0.30688,-5.89403 z m 146.99659,-0.11365 c 11.39104,-7.54511 16.63334,-23.51973 11.84974,-36.10914 -6.79602,-17.88567 -24.20289,-26.28712 -41.24924,-19.90901 -16.96104,6.34619 -25.8638,26.29092 -18.69543,41.88312 l 2.39706,5.21394 3.5,-4.69654 c 4.97336,-6.67359 8.94794,-8.57699 17,-8.14121 11.35509,0.61454 17.8475,6.99759 18.76685,18.45072 0.27883,3.47369 0.81821,6.3158 1.19862,6.3158 0.3804,0 2.73498,-1.35345 5.2324,-3.00768 z"
+ id="path3075"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#9cc59c"
+ d="m 99,594.87927 c -6.260187,-2.48894 -10.104588,-9.3421 -8.601075,-15.33258 0.340473,-1.35655 4.140694,-6.88694 8.444937,-12.28975 4.304238,-5.40281 8.624198,-11.04165 9.599898,-12.53076 l 1.774,-2.70747 -6.20917,-9.58493 C 96.548207,530.91736 90.883813,518.99598 88.360253,509.5 86.865871,503.87675 86.5,498.86146 86.5,484 l 0,-18.5 3.655321,-8.28579 3.655321,-8.2858 -2.272827,-2.7142 C 90.28776,444.72139 87.8907,440.77033 86.211014,437.43406 83.50299,432.05527 79.549242,428.07846 51.308126,402.32759 33.791224,386.35529 18.00589,371.6318 16.229606,369.60873 11.877369,364.6518 11.688439,358.49147 15.75,353.97048 c 1.5125,-1.68359 22.302608,-16.69851 46.20024,-33.36649 23.897631,-16.66799 43.59431,-30.73765 43.7704,-31.26592 0.17609,-0.52827 -2.55153,-4.60541 -6.061384,-9.06029 C 84.130423,260.56779 73.616568,235.89437 69.462861,209.41432 66.974584,193.55146 67.856554,165.63613 71.30867,150.99237 83.519753,99.193344 117.33871,59.433164 167,38.490225 c 7.74432,-3.2659 19.33046,-6.664179 31,-9.092472 12.27635,-2.554564 41.86805,-2.573862 55.5,-0.0362 42.46116,7.904392 80.61042,32.867351 104.13154,68.138442 33.18034,49.755575 35.27817,114.769705 5.37516,166.582625 -2.75369,4.7713 -5.0067,8.90583 -5.0067,9.18784 0,0.28199 1.05346,0.77713 2.34102,1.10028 2.64684,0.66431 48.10278,49.20704 50.41132,53.83463 0.91459,1.83333 1.22929,4.14008 0.83475,6.11869 -0.3483,1.74677 -6.27812,20.57033 -13.17737,41.83015 l -12.5441,38.6542 1.56719,5.2773 c 3.16003,10.64097 1.12799,19.18234 -6.45502,27.13267 -3.41579,3.58125 -4.93079,6.08625 -5.38004,8.89571 -0.39832,2.49093 -1.93745,5.36304 -4.2395,7.91113 l -3.61414,4.00043 0.67289,7.23717 c 0.37009,3.98045 1.36886,9.69814 2.21949,12.70599 1.95481,6.91224 1.90552,20.64995 -0.10236,28.53119 -2.2336,8.76721 -9.86584,23.35096 -15.5695,29.75032 -2.73055,3.06361 -4.96463,6.02408 -4.96463,6.57884 0,0.55475 3.60662,4.26523 8.01471,8.24551 4.40809,3.98028 8.90809,8.68239 10,10.44913 2.51583,4.07071 2.52696,9.07557 0.0293,13.17187 -4.19347,6.87749 -0.87477,6.47011 -69.39006,8.5179 -34.18467,1.02172 -63.55466,1.60784 -65.26665,1.30249 -1.71199,-0.30535 -3.91924,-1.44637 -4.90499,-2.53562 -2.42683,-2.68162 -4.34925,-2.44026 -8.44453,1.0602 L 216.57555,596 159.03777,595.93661 C 123.41237,595.89737 100.54791,595.49469 99,594.87927 z M 334.56274,439.4611 c 9.59476,-1.67319 16.62769,-4.35192 20.1748,-7.68426 C 363.23192,423.79679 343.85412,404 327.54859,404 c -6.38803,0 -8.88036,3.17971 -9.37664,11.96273 -0.33704,5.9647 1.9161,21.75268 3.46114,24.25261 0.69142,1.11874 2.94203,0.98745 12.92965,-0.75424 z m -179.73922,-4.79158 c 2.37793,-0.64323 4.37887,-1.61952 4.44653,-2.16952 0.18653,-1.51637 -15.84243,-12.2994 -23.77005,-15.99063 -12.45831,-5.80079 -21.33053,-6.78269 -25.68438,-2.84251 -5.68573,5.14551 2.77352,17.2122 14.68352,20.94531 5.02901,1.5763 24.57244,1.61327 30.32438,0.0573 z m -1.52082,-256.0256 c -0.72102,-6.98601 0.96955,-11.89909 5.95579,-17.30852 6.62757,-7.19007 15.84367,-8.79087 24.74151,-4.29752 4.59607,2.32099 7.42613,5.45711 9.88697,10.95622 l 2.0111,4.49411 1.80096,-3.99411 C 199.00439,165.59914 199.5,162.02328 199.5,155.5 c 0,-10.57079 -2.24115,-16.31813 -8.95857,-22.97392 C 183.78947,125.83607 177.95545,123.5 168,123.5 c -7.27059,0 -9.31872,0.40206 -14.16054,2.77978 -18.2287,8.95176 -23.76358,31.97434 -11.74482,48.85313 2.11033,2.96368 9.42254,8.86709 10.98315,8.86709 0.42774,0 0.52895,-2.41024 0.22491,-5.35608 z m 152.79368,-5.49683 c 14.01685,-15.90179 8.80561,-40.67014 -10.56317,-50.20536 -14.68873,-7.23123 -32.75637,-1.86466 -41.27849,12.26082 -5.62816,9.32871 -6.35081,21.90959 -1.76759,30.77256 1.5105,2.92098 3.51287,4.07684 3.51287,2.02777 0,-1.86137 7.48389,-9.30188 10.71788,-10.65575 7.29473,-3.05386 17.39715,-0.56444 22.54719,5.55604 2.97238,3.53247 4.95932,9.64164 4.701,14.45395 -0.0928,1.72858 -0.12311,3.50917 -0.0674,3.95686 0.2006,1.61164 8.44244,-3.90663 12.1977,-8.16689 z"
+ id="path3073"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#fcfc00"
+ d="m 99.683804,594.56367 c -5.198713,-1.8711 -7.502279,-4.17582 -8.729687,-8.73407 -1.42275,-5.28369 0.749423,-9.71321 10.950113,-22.3296 4.44689,-5.5 8.08762,-10.54702 8.09052,-11.21559 0.003,-0.66857 -2.46924,-5.01179 -5.49361,-9.65158 -12.517012,-19.2028 -17.383833,-33.55061 -18.228698,-53.7398 -0.629051,-15.03201 0.616576,-23.39076 4.919915,-33.01499 l 3.10149,-6.93635 -2.038343,-2.22085 c -1.12109,-1.22146 -3.427242,-5.00077 -5.124782,-8.39846 -2.773847,-5.55196 -6.483108,-9.27994 -36.624174,-36.80898 -18.445755,-16.84725 -34.318219,-31.82253 -35.272142,-33.2784 -2.186864,-3.33758 -2.236912,-10.05604 -0.09921,-13.31858 0.899355,-1.37259 21.688869,-16.4278 46.198919,-33.45602 24.51005,-17.02822 44.586715,-31.52972 44.614805,-32.22554 0.0281,-0.69583 -2.58836,-4.58661 -5.81435,-8.64618 C 84.737447,261.21303 73.809362,235.12902 69.45493,207.36012 66.959865,191.4487 67.792969,168.60871 71.45599,152.5 79.529326,116.99622 97.395265,86.983835 123.5,65.073027 c 20.65001,-17.33243 45.14565,-28.976785 74,-35.176976 14.85241,-3.191468 40.71585,-3.227887 56.36152,-0.07936 15.78979,3.177528 25.67233,6.444007 39.69417,13.120132 32.4006,15.42668 54.93834,36.840662 71.63499,68.063177 8.78837,16.43415 15.68753,38.39209 17.76745,56.54841 3.75464,32.77553 -3.62278,67.68637 -20.4085,96.57549 -2.5023,4.30658 -4.54963,8.3139 -4.54963,8.90515 0,0.59124 1.28733,1.52376 2.86074,2.07225 4.03951,1.40818 48.86041,50.06627 49.96762,54.24542 1.06215,4.00908 1.28835,3.18524 -13.04014,47.49153 l -12.07506,37.33825 1.74959,7.66175 c 1.45851,6.38704 1.55196,8.41043 0.5617,12.16175 -1.61506,6.11817 -5.41199,12.4277 -9.02831,15.00275 -1.64788,1.17339 -2.99865,2.6653 -3.00172,3.31534 -0.0175,3.70619 -2.63133,9.50088 -5.4777,12.14364 l -3.27235,3.03827 1.29626,10 c 0.71294,5.5 1.78295,11.57203 2.37781,13.4934 1.68471,5.44153 1.27726,16.92149 -0.90315,25.44681 -2.40711,9.41171 -9.72119,23.61479 -15.65233,30.39497 -2.39963,2.74314 -4.36296,5.39279 -4.36296,5.88812 0,0.49533 3.99893,4.70007 8.88652,9.34386 10.9513,10.40505 12.50941,13.98868 9.26804,21.31634 -3.52937,7.97872 -1.30806,7.66731 -69.65456,9.76521 -33,1.01294 -61.70312,1.57667 -63.7847,1.25274 -2.08159,-0.32394 -5.10766,-1.70217 -6.72461,-3.06274 l -2.93991,-2.47377 -4.12756,3.31753 -4.12756,3.31753 -56.64783,0.21859 c -45.93944,0.17727 -57.36922,-0.041 -60.464026,-1.15492 z M 181.5,540.62785 c 26.90128,-5.83708 43.5924,-31.6566 36.95009,-57.15815 -3.25596,-12.50048 -10.19789,-21.81284 -21.98548,-29.49276 l -6.57004,-4.28054 -12.19728,4.09143 c -6.70851,2.25029 -15.9595,4.7936 -20.55776,5.6518 -13.98915,2.61089 -32.75092,1.73486 -42.38953,-1.97927 -1.59782,-0.6157 -1.75,0.23147 -1.75,9.74226 0,19.18165 6.05233,35.85385 19.43371,53.53356 10.98553,14.51429 15.17239,18.24058 22.22782,19.78273 7.6875,1.6803 19.37786,1.72776 26.83847,0.10894 z M 334.56274,439.4611 c 9.59476,-1.67319 16.62769,-4.35192 20.1748,-7.68426 C 363.23192,423.79679 343.85412,404 327.54859,404 c -6.38803,0 -8.88036,3.17971 -9.37664,11.96273 -0.33704,5.9647 1.9161,21.75268 3.46114,24.25261 0.69142,1.11874 2.94203,0.98745 12.92965,-0.75424 z m -179.73922,-4.79158 c 2.37793,-0.64323 4.37887,-1.61952 4.44653,-2.16952 0.18653,-1.51637 -15.84243,-12.2994 -23.77005,-15.99063 -12.45831,-5.80079 -21.33053,-6.78269 -25.68438,-2.84251 -5.68573,5.14551 2.77352,17.2122 14.68352,20.94531 5.02901,1.5763 24.57244,1.61327 30.32438,0.0573 z M 154.49651,183.25 c -1.8602,-4.53731 -1.67238,-9.97042 0.52094,-15.06893 7.27211,-16.90446 29.08047,-18.02962 37.48255,-1.93384 1.65,3.16089 3.2952,5.74835 3.656,5.74992 1.53478,0.007 3.844,-9.9037 3.844,-16.49715 0,-9.49342 -2.1811,-15.44282 -7.99266,-21.80159 -6.33461,-6.93107 -12.42505,-9.89724 -21.5206,-10.48095 -10.77468,-0.69148 -17.36013,1.56632 -24.53786,8.41271 -7.70265,7.34708 -10.23327,13.24894 -10.24217,23.88652 -0.005,6.09243 0.5212,9.21283 2.19264,13 2.35197,5.32913 7.71381,11.54122 12.60065,14.5988 3.7473,2.3446 4.91877,2.38403 3.99651,0.13451 z M 298.6267,180.08594 C 308.36702,174.14655 314,163.85549 314,152 c 0,-13.25452 -6.96516,-24.34781 -18.64451,-29.69479 -6.8404,-3.13164 -17.31372,-3.54969 -24.87826,-0.99302 -6.88249,2.32615 -14.70176,9.40347 -18.12926,16.40903 -3.73329,7.63055 -3.9429,20.08006 -0.46773,27.77878 l 2.25698,5 1.88847,-2.5 c 1.03866,-1.375 2.89113,-3.79682 4.11662,-5.38182 2.7278,-3.52805 9.13629,-6.56671 13.91135,-6.59622 1.95451,-0.0121 5.89853,1.14654 8.7645,2.57471 7.04251,3.50944 10.64851,9.48279 10.64851,17.63934 0,3.24144 0.44493,5.76235 1.01666,5.76025 0.55917,-0.002 2.42368,-0.8617 4.14337,-1.91032 z"
+ id="path3071"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#95b395"
+ d="m 99.683804,594.56367 c -5.198713,-1.8711 -7.502279,-4.17582 -8.729687,-8.73407 -1.42275,-5.28369 0.749423,-9.71321 10.950113,-22.3296 4.44689,-5.5 8.08762,-10.54702 8.09052,-11.21559 0.003,-0.66857 -2.46924,-5.01179 -5.49361,-9.65158 -12.517012,-19.2028 -17.383833,-33.55061 -18.228698,-53.7398 -0.629051,-15.03201 0.616576,-23.39076 4.919915,-33.01499 l 3.10149,-6.93635 -2.038343,-2.22085 c -1.12109,-1.22146 -3.427242,-5.00077 -5.124782,-8.39846 -2.773847,-5.55196 -6.483108,-9.27994 -36.624174,-36.80898 -18.445755,-16.84725 -34.318219,-31.82253 -35.272142,-33.2784 -2.186864,-3.33758 -2.236912,-10.05604 -0.09921,-13.31858 0.899355,-1.37259 21.688869,-16.4278 46.198919,-33.45602 24.51005,-17.02822 44.586715,-31.52972 44.614805,-32.22554 0.0281,-0.69583 -2.58836,-4.58661 -5.81435,-8.64618 C 84.737447,261.21303 73.809362,235.12902 69.45493,207.36012 66.959865,191.4487 67.792969,168.60871 71.45599,152.5 79.529326,116.99622 97.395265,86.983835 123.5,65.073027 c 20.65001,-17.33243 45.14565,-28.976785 74,-35.176976 14.85241,-3.191468 40.71585,-3.227887 56.36152,-0.07936 15.78979,3.177528 25.67233,6.444007 39.69417,13.120132 32.4006,15.42668 54.93834,36.840662 71.63499,68.063177 8.78837,16.43415 15.68753,38.39209 17.76745,56.54841 3.75464,32.77553 -3.62278,67.68637 -20.4085,96.57549 -2.5023,4.30658 -4.54963,8.3139 -4.54963,8.90515 0,0.59124 1.28733,1.52376 2.86074,2.07225 4.03951,1.40818 48.86041,50.06627 49.96762,54.24542 1.06215,4.00908 1.28835,3.18524 -13.04014,47.49153 l -12.07506,37.33825 1.74959,7.66175 c 1.45851,6.38704 1.55196,8.41043 0.5617,12.16175 -1.61506,6.11817 -5.41199,12.4277 -9.02831,15.00275 -1.64788,1.17339 -2.99865,2.6653 -3.00172,3.31534 -0.0175,3.70619 -2.63133,9.50088 -5.4777,12.14364 l -3.27235,3.03827 1.29626,10 c 0.71294,5.5 1.78295,11.57203 2.37781,13.4934 1.68471,5.44153 1.27726,16.92149 -0.90315,25.44681 -2.40711,9.41171 -9.72119,23.61479 -15.65233,30.39497 -2.39963,2.74314 -4.36296,5.39279 -4.36296,5.88812 0,0.49533 3.99893,4.70007 8.88652,9.34386 10.9513,10.40505 12.50941,13.98868 9.26804,21.31634 -3.52937,7.97872 -1.30806,7.66731 -69.65456,9.76521 -33,1.01294 -61.70312,1.57667 -63.7847,1.25274 -2.08159,-0.32394 -5.10766,-1.70217 -6.72461,-3.06274 l -2.93991,-2.47377 -4.12756,3.31753 -4.12756,3.31753 -56.64783,0.21859 c -45.93944,0.17727 -57.36922,-0.041 -60.464026,-1.15492 z M 181.5,540.62785 c 26.90128,-5.83708 43.5924,-31.6566 36.95009,-57.15815 -3.25596,-12.50048 -10.19789,-21.81284 -21.98548,-29.49276 l -6.57004,-4.28054 -12.19728,4.09143 c -6.70851,2.25029 -15.9595,4.7936 -20.55776,5.6518 -13.98915,2.61089 -32.75092,1.73486 -42.38953,-1.97927 -1.59782,-0.6157 -1.75,0.23147 -1.75,9.74226 0,19.18165 6.05233,35.85385 19.43371,53.53356 10.98553,14.51429 15.17239,18.24058 22.22782,19.78273 7.6875,1.6803 19.37786,1.72776 26.83847,0.10894 z M 334.56274,439.4611 c 9.59476,-1.67319 16.62769,-4.35192 20.1748,-7.68426 C 363.23192,423.79679 343.85412,404 327.54859,404 c -6.38803,0 -8.88036,3.17971 -9.37664,11.96273 -0.33704,5.9647 1.9161,21.75268 3.46114,24.25261 0.69142,1.11874 2.94203,0.98745 12.92965,-0.75424 z m -179.73922,-4.79158 c 2.37793,-0.64323 4.37887,-1.61952 4.44653,-2.16952 0.18653,-1.51637 -15.84243,-12.2994 -23.77005,-15.99063 -12.45831,-5.80079 -21.33053,-6.78269 -25.68438,-2.84251 -5.68573,5.14551 2.77352,17.2122 14.68352,20.94531 5.02901,1.5763 24.57244,1.61327 30.32438,0.0573 z M 171.49325,364 c 19.09185,-52.86504 18.2459,-50.81375 21.69019,-52.59486 2.70949,-1.40113 4.11236,-1.38642 14.96649,0.15697 41.21688,5.8608 80.88384,-7.44597 110.3571,-37.02065 25.61752,-25.70567 39.01405,-57.8265 38.8045,-93.04146 C 357.04924,137.4243 335.8847,98.388258 298.5,73.027587 285.28277,64.061411 271.07857,58.171343 252.44333,53.929227 244.46873,52.113893 239.43107,51.660074 227,51.637158 c -16.92116,-0.03119 -25.52383,1.313636 -41.25601,6.449424 -20.88318,6.817336 -33.96147,15.006686 -50.85245,31.84272 -16.84195,16.787168 -25.62434,30.762568 -32.32688,51.441628 -18.706308,57.71387 3.62132,118.67728 55.61885,151.86183 8.99362,5.73969 11.81649,8.67998 11.81649,12.30805 0,0.79569 -6.75,20.00685 -15,42.69147 -8.25,22.68462 -15,41.80758 -15,42.49546 0,1.44803 17.20782,10.42275 18.08633,9.4329 0.32248,-0.36335 6.3556,-16.63564 13.40692,-36.16064 z M 159.6753,202.99312 c -7.75521,-0.99145 -19.66854,-7.14639 -25.9817,-13.42326 -3.24901,-3.23033 -6.37825,-7.88483 -9.07612,-13.5 L 120.5,167.5 l 0,-12 0,-12 4.22197,-8.78762 c 5.171,-10.76293 11.40395,-17.18295 21.54949,-22.19623 14.20591,-7.01966 29.66346,-6.96113 43.51723,0.16479 9.94958,5.11773 16.29197,11.65925 21.50561,22.18083 l 4.2057,8.48745 0,12.19509 0,12.19509 -4.31606,8.51215 c -2.4793,4.88968 -6.30937,10.51822 -9,13.22606 -6.21162,6.25137 -18.13669,12.23461 -26.9143,13.50387 -7.43833,1.0756 -7.27293,1.07547 -15.59434,0.0116 z M 154.49651,183.25 c -1.8602,-4.53731 -1.67238,-9.97042 0.52094,-15.06893 7.27211,-16.90446 29.08047,-18.02962 37.48255,-1.93384 1.65,3.16089 3.2952,5.74835 3.656,5.74992 1.53478,0.007 3.844,-9.9037 3.844,-16.49715 0,-9.49342 -2.1811,-15.44282 -7.99266,-21.80159 -6.33461,-6.93107 -12.42505,-9.89724 -21.5206,-10.48095 -10.77468,-0.69148 -17.36013,1.56632 -24.53786,8.41271 -7.70265,7.34708 -10.23327,13.24894 -10.24217,23.88652 -0.005,6.09243 0.5212,9.21283 2.19264,13 2.35197,5.32913 7.71381,11.54122 12.60065,14.5988 3.7473,2.3446 4.91877,2.38403 3.99651,0.13451 z m 114.65971,15.24329 c -13.7036,-3.84738 -24.72468,-13.19502 -30.96502,-26.26331 -3.64946,-7.64256 -3.6912,-7.87219 -3.6912,-20.30537 l 0,-12.57539 4.17826,-8.42461 c 5.33483,-10.75659 11.11212,-16.55229 22.0057,-22.07585 7.90533,-4.00837 9.06936,-4.30802 18.13185,-4.66758 11.92644,-0.47319 18.31196,1.05313 27.94648,6.67999 8.82432,5.15368 13.33855,10.28201 18.60043,21.13073 4.09499,8.4429 4.11876,8.55837 4.11876,20.0081 0,11.46921 -0.0171,11.55187 -4.19608,20.26105 -5.51456,11.49267 -11.48511,17.48744 -22.84614,22.93884 -7.90713,3.79411 -9.31236,4.13687 -18.25295,4.45214 -6.52419,0.23006 -11.4308,-0.14821 -15.03009,-1.15874 z M 298.6267,180.08594 C 308.36702,174.14655 314,163.85549 314,152 c 0,-13.25452 -6.96516,-24.34781 -18.64451,-29.69479 -6.8404,-3.13164 -17.31372,-3.54969 -24.87826,-0.99302 -6.88249,2.32615 -14.70176,9.40347 -18.12926,16.40903 -3.73329,7.63055 -3.9429,20.08006 -0.46773,27.77878 l 2.25698,5 1.88847,-2.5 c 1.03866,-1.375 2.89113,-3.79682 4.11662,-5.38182 2.7278,-3.52805 9.13629,-6.56671 13.91135,-6.59622 1.95451,-0.0121 5.89853,1.14654 8.7645,2.57471 7.04251,3.50944 10.64851,9.48279 10.64851,17.63934 0,3.24144 0.44493,5.76235 1.01666,5.76025 0.55917,-0.002 2.42368,-0.8617 4.14337,-1.91032 z"
+ id="path3069"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#718f71"
+ d="m 97.366714,593.08194 c -4.308436,-2.62716 -6.367399,-5.88063 -6.362976,-10.05445 0.0046,-4.32408 1.697993,-7.16175 11.963312,-20.04708 9.07653,-11.39313 8.94536,-9.41592 1.39861,-21.082 C 98.40359,532.68199 91.421821,517.93256 89.266272,510 87.860517,504.82673 87.5,499.51982 87.5,484 l 0,-19.5 3.685112,-7.75039 3.685112,-7.75039 -2.273444,-2.74961 c -1.250395,-1.51229 -3.765691,-5.57487 -5.589548,-9.02796 C 84.090505,431.69944 79.883444,427.47137 52.07517,402.11517 34.686394,386.2597 19.00589,371.6318 17.229606,369.60873 14.618122,366.63441 14,365.07299 14,361.45052 c 0,-3.68237 0.578574,-5.09191 3.25,-7.91774 1.7875,-1.89082 22.15,-16.56585 45.25,-32.61117 23.1,-16.04532 42.63539,-29.76813 43.41197,-30.49514 1.2028,-1.12602 0.75839,-2.1474 -3,-6.8947 C 91.011038,268.49945 81.594578,251.17761 75.985617,234 70.384025,216.84496 68.702198,203.3961 69.295258,180.5 69.726054,163.86834 70.235965,158.71289 72.322924,149.88878 78.636066,123.19548 92.506845,97.275101 111,77.61279 c 22.39796,-23.813987 52.3813,-40.282453 86,-47.235841 6.33093,-1.309433 13.47609,-1.773232 28,-1.817506 29.10173,-0.08871 44.07641,3.162549 68.59846,14.89391 22.7391,10.878395 37.64147,22.352188 53.31213,41.046647 8.42831,10.054633 11.4891,14.61161 17.79928,26.5 9.53504,17.96406 15.36681,36.43422 17.39752,55.10085 1.39506,12.82368 0.6542,37.56516 -1.46694,48.98937 -3.00692,16.19481 -11.05914,36.96034 -20.10882,51.85771 -1.9424,3.19753 -3.53163,6.11574 -3.53163,6.4849 0,0.36917 1.31741,1.13046 2.92757,1.69177 2.922,1.01861 47.53219,48.12891 50.07645,52.88291 0.73748,1.37799 0.98919,3.92748 0.63113,6.39235 -0.3276,2.25507 -6.1939,21.28467 -13.03623,42.28799 l -12.44059,38.18784 1.42083,4.72109 c 3.27763,10.89073 0.56166,21.36423 -7.44076,28.69353 -2.89627,2.65265 -4.13952,4.60361 -4.14214,6.5 -0.005,3.35741 -3.16212,8.6929 -6.06318,10.24551 -2.05055,1.09741 -2.13448,1.61592 -1.47862,9.1345 0.38242,4.38407 1.39295,10.30173 2.24561,13.15036 1.99616,6.66893 1.90503,22.2593 -0.17574,30.06357 -2.26737,8.50417 -10.02768,22.91117 -15.66142,29.07537 -2.6746,2.92644 -4.86291,5.77791 -4.86291,6.3366 0,0.55869 3.85712,4.51756 8.57139,8.7975 9.30315,8.44604 11.43061,11.53842 11.42487,16.60662 -0.004,3.92432 -2.98105,9.17689 -6.19275,10.92784 -1.65699,0.90335 -18.44192,1.74547 -59.80351,3.00042 -76.54285,2.32239 -70.24687,2.376 -73.81763,-0.6286 -3.79606,-3.19417 -4.68502,-3.14386 -8.83515,0.5 l -3.41681,3 -58.21521,-0.004 c -55.54345,-0.004 -58.359,-0.0914 -61.348486,-1.91432 z M 180.5,541.61649 c 19.67966,-4.30738 34.15475,-17.79492 38.91581,-36.26083 1.98875,-7.71343 2.00312,-13.30399 0.0537,-20.89556 -2.21382,-8.62139 -6.20729,-16.26154 -11.41458,-21.83793 -4.31446,-4.62028 -13.59098,-11.56101 -17.2259,-12.88849 -0.91901,-0.33562 -5.96874,0.92588 -11.22164,2.80333 -20.57112,7.35241 -44.52308,9.58645 -59.86958,5.58416 -3.71919,-0.96994 -6.98169,-1.544 -7.25,-1.27568 C 112.21953,457.1138 112,461.67266 112,466.97628 c 0,18.42431 7.51086,38.4918 20.78898,55.54396 11.02704,14.16125 14.60397,17.19612 22.23237,18.86316 8.29017,1.81165 17.86622,1.89926 25.47865,0.23309 z m 126.53852,-12.10436 c 10.72469,-7.19642 14.08618,-10.11165 20.7213,-17.97036 l 7.91991,-9.38046 0.76498,-17.83065 C 336.86544,474.5238 337.275,464.7 337.35484,462.5 l 0.14516,-4 -12.59785,0.36661 c -7.80071,0.22701 -13.36394,-0.0434 -14.60969,-0.71009 -2.2309,-1.19394 -5.73904,-8.61082 -6.81942,-14.41757 -0.38487,-2.06857 -1.01699,-3.95709 -1.4047,-4.19672 -0.38772,-0.23962 -3.05636,0.65376 -5.93031,1.98528 -10.45828,4.84539 -27.61919,8.46076 -40.1969,8.46847 -3.69909,0.002 -7.27432,0.54904 -8.19974,1.25402 -3.37839,2.57362 -9.00666,25.64744 -9.02444,36.99684 -0.0114,7.24618 32.54996,47.69387 41.72174,51.82679 3.79166,1.70856 4.12274,1.70489 8.86858,-0.0984 2.71143,-1.03027 10.69049,-5.73867 17.73125,-10.46312 z m 28.38955,-90.02755 c 11.11673,-1.93859 19.93616,-6.22205 21.38842,-10.38802 3.16989,-9.09315 -14.64011,-25.05887 -27.9847,-25.08679 -6.08486,-0.0127 -7.60188,0.64496 -9.36878,4.06175 -2.44289,4.72405 -1.52622,22.37164 1.58746,30.56123 1.07874,2.83729 2.50691,2.92191 14.3776,0.85183 z m -180.69551,-4.6279 c 2.87791,-0.54518 5.47888,-1.38978 5.77993,-1.87689 0.75001,-1.21354 -12.36204,-10.3293 -21.52004,-14.96118 -15.28306,-7.72978 -26.5792,-9.0822 -30.22714,-3.61891 -1.19205,1.78527 -0.87151,6.4955 0.63968,9.39996 5.65476,10.86828 23.43211,15.20481 45.32757,11.05702 z M 171.49325,364 c 19.09185,-52.86504 18.2459,-50.81375 21.69019,-52.59486 2.70949,-1.40113 4.11236,-1.38642 14.96649,0.15697 41.21688,5.8608 80.88384,-7.44597 110.3571,-37.02065 25.61752,-25.70567 39.01405,-57.8265 38.8045,-93.04146 C 357.04924,137.4243 335.8847,98.388258 298.5,73.027587 285.28277,64.061411 271.07857,58.171343 252.44333,53.929227 244.46873,52.113893 239.43107,51.660074 227,51.637158 c -16.92116,-0.03119 -25.52383,1.313636 -41.25601,6.449424 -20.88318,6.817336 -33.96147,15.006686 -50.85245,31.84272 -16.84195,16.787168 -25.62434,30.762568 -32.32688,51.441628 -18.706308,57.71387 3.62132,118.67728 55.61885,151.86183 8.99362,5.73969 11.81649,8.67998 11.81649,12.30805 0,0.79569 -6.75,20.00685 -15,42.69147 -8.25,22.68462 -15,41.80758 -15,42.49546 0,1.44803 17.20782,10.42275 18.08633,9.4329 0.32248,-0.36335 6.3556,-16.63564 13.40692,-36.16064 z M 159.6753,202.99312 c -7.75521,-0.99145 -19.66854,-7.14639 -25.9817,-13.42326 -3.24901,-3.23033 -6.37825,-7.88483 -9.07612,-13.5 L 120.5,167.5 l 0,-12 0,-12 4.22197,-8.78762 c 5.171,-10.76293 11.40395,-17.18295 21.54949,-22.19623 14.20591,-7.01966 29.66346,-6.96113 43.51723,0.16479 9.94958,5.11773 16.29197,11.65925 21.50561,22.18083 l 4.2057,8.48745 0,12.19509 0,12.19509 -4.31606,8.51215 c -2.4793,4.88968 -6.30937,10.51822 -9,13.22606 -6.21162,6.25137 -18.13669,12.23461 -26.9143,13.50387 -7.43833,1.0756 -7.27293,1.07547 -15.59434,0.0116 z m -5.38074,-24.28142 c -0.46202,-6.10891 -0.21634,-7.94469 1.5182,-11.34468 4.19889,-8.23051 13.07403,-13.23774 21.06921,-11.88696 7.96025,1.34487 15.43756,7.91261 16.81545,14.76994 0.97629,4.85867 3.05653,3.13956 5.66086,-4.67814 5.83164,-17.50549 -4.55104,-36.68874 -22.78978,-42.10687 -6.69687,-1.98942 -11.13178,-1.84368 -19.13705,0.6289 -5.5985,1.7292 -7.76563,3.08029 -12.44271,7.75737 -15.3165,15.3165 -12.96293,39.9648 4.89763,51.29163 2.47785,1.57141 4.60739,2.85711 4.7323,2.85711 0.1249,0 -0.0209,-3.27973 -0.32411,-7.2883 z m 114.86166,19.78159 c -13.7036,-3.84738 -24.72468,-13.19502 -30.96502,-26.26331 -3.64946,-7.64256 -3.6912,-7.87219 -3.6912,-20.30537 l 0,-12.57539 4.17826,-8.42461 c 5.33483,-10.75659 11.11212,-16.55229 22.0057,-22.07585 7.90533,-4.00837 9.06936,-4.30802 18.13185,-4.66758 11.92644,-0.47319 18.31196,1.05313 27.94648,6.67999 8.82432,5.15368 13.33855,10.28201 18.60043,21.13073 4.09499,8.4429 4.11876,8.55837 4.11876,20.0081 0,11.46921 -0.0171,11.55187 -4.19608,20.26105 -5.51456,11.49267 -11.48511,17.48744 -22.84614,22.93884 -7.90713,3.79411 -9.31236,4.13687 -18.25295,4.45214 -6.52419,0.23006 -11.4308,-0.14821 -15.03009,-1.15874 z m 29.93631,-18.33702 C 308.50549,174.18675 315,162.69144 315,152 c 0,-17.34025 -15.32939,-32.93606 -32.57591,-33.14206 -22.79379,-0.27226 -39.22187,22.19727 -32.03441,43.8151 2.14492,6.45128 4.40046,8.67303 6.00569,5.91572 2.16422,-3.71747 6.94525,-8.71354 9.70341,-10.13984 4.03105,-2.08454 12.23435,-1.82978 16.84653,0.52318 7.08288,3.61342 10.64281,10.5554 9.81751,19.14448 -0.55705,5.79729 0.0806,6.00276 6.32971,2.03969 z"
+ id="path3067"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#a2a200"
+ d="m 98.212361,593.01008 c -4.993302,-2.26627 -7.750771,-7.32657 -6.788245,-12.45728 0.346586,-1.84746 4.459549,-8.01259 10.065934,-15.08834 5.21394,-6.58045 9.48666,-12.44913 9.49492,-13.04151 0.008,-0.59238 -2.9694,-5.72372 -6.61704,-11.40297 C 96.407227,528.62544 92.819857,520.95739 89.779323,509.83663 87.823204,502.68212 87.5,499.08943 87.5,484.5 c 0,-17.86968 0.387893,-20.0951 5.263006,-30.19488 l 2.507542,-5.19488 -2.696101,-3.20413 c -1.482855,-1.76228 -4.008765,-5.80451 -5.613132,-8.98274 -2.532639,-5.01713 -7.333789,-9.81261 -36.434352,-36.39133 -18.434526,-16.83699 -34.19449,-31.92222 -35.022142,-33.52272 -1.891334,-3.65743 -1.914397,-7.31661 -0.06861,-10.88596 0.949719,-1.83655 16.700737,-13.41772 46.5,-34.18981 C 86.721293,304.65668 107,289.947 107,289.24538 c 0,-0.70162 -2.70001,-4.67335 -6.00003,-8.82607 C 85.407055,260.79727 74.73484,235.63396 70.461348,208.41432 67.997418,192.72053 68.864997,166.62913 72.337211,152 78.432993,126.31726 88.916555,104.51466 104.31306,85.5 123.15166,62.23437 152.51748,42.914137 181.5,34.717504 c 18.23232,-5.156336 24.95612,-6.09267 44,-6.127292 20.43911,-0.03716 29.88583,1.368819 48,7.143947 20.52609,6.544093 39.54958,17.205216 56.98509,31.935518 16.99486,14.358016 33.09496,37.829873 41.97886,61.199743 17.05031,44.8523 13.06807,94.91808 -10.7864,135.60967 -2.57265,4.3885 -4.67755,8.4606 -4.67755,9.04911 0,0.58851 1.4625,1.60035 3.25,2.24852 3.74459,1.35785 46.02178,46.39003 49.00793,52.20152 1.08578,2.11311 1.57529,4.52172 1.2238,6.02176 -0.32218,1.375 -6.25899,20.02189 -13.19291,41.43754 l -12.60712,38.93755 1.65915,6.22659 c 0.91253,3.42462 1.65915,7.37335 1.65915,8.77494 0,5.10467 -4.14198,13.79307 -8.62181,18.08551 C 376.97018,449.7694 375,452.4002 375,453.30835 c 0,3.27295 -3.2224,9.60735 -5.71985,11.24374 -2.5086,1.6437 -2.5394,1.81491 -1.8854,10.47832 0.36567,4.84403 1.37893,11.20633 2.25167,14.13846 2.33042,7.8294 1.37962,23.00051 -2.05533,32.7953 -3.09254,8.81836 -8.78607,18.71556 -14.49057,25.18928 -2.25529,2.5594 -4.10052,5.10933 -4.10052,5.66651 0,0.55718 3.4875,4.22425 7.75,8.14902 11.84911,10.9103 14.00856,15.52288 10.61516,22.67394 -3.18551,6.71296 -1.51296,6.50535 -68.86516,8.54797 -33.55,1.01748 -62.44925,1.59787 -64.22056,1.28975 -1.77131,-0.30812 -4.55703,-1.68478 -6.19049,-3.05925 l -2.96993,-2.49903 -4.63611,3.53882 -4.6361,3.53882 -56.67341,-0.022 c -53.98767,-0.0209 -56.87659,-0.11418 -60.961039,-1.96796 z m 81.706649,-50.49304 c 15.31261,-3.22111 29.09554,-12.77847 35.56193,-24.65935 3.13995,-5.76912 6.47613,-17.54374 6.50192,-22.94773 0.0258,-5.41196 -3.6455,-18.64474 -6.60974,-23.82379 C 210.0501,461.7859 195.07961,449 189.51333,449 c -1.42802,0 -7.06396,1.55505 -12.52429,3.45567 -5.46034,1.90062 -13.59136,4.15062 -18.06893,5 -10.99237,2.08522 -30.17397,2.0174 -39.10516,-0.13826 -8.63706,-2.08467 -8.7788,-1.92675 -8.79964,9.80437 -0.0402,22.63395 12.95577,50.13665 32.6274,69.04771 4.19153,4.02947 5.81674,4.87186 11.85729,6.14594 9.24135,1.9492 15.85179,2.00378 24.41901,0.20161 z m 113.49106,-3.46973 C 299.91253,535.62681 323,519.96462 323,518.97395 c 0,-0.36781 2.85283,-4.01225 6.33962,-8.09875 l 6.33963,-7.43 0.65648,-14.9726 c 0.36107,-8.23493 0.95235,-18.75517 1.31395,-23.37831 l 0.65745,-8.40572 -3.40356,0.70173 c -6.68843,1.37898 -19.40448,1.81447 -22.10127,0.7569 -3.54274,-1.38932 -5.7468,-4.90762 -7.80951,-12.4662 -1.96374,-7.19589 -3.5506,-7.96756 -9.81376,-4.77234 -8.30815,4.23851 -30.84397,9.07913 -42.30659,9.08732 -3.29663,0.002 -6.04241,0.52177 -6.62915,1.25402 -2.00734,2.50518 -5.24759,13.44462 -6.29423,21.25 -2.53153,18.87902 -2.59161,17.95516 1.57852,24.27377 10.49735,15.90561 30.54242,39.42166 36.97242,43.3745 4.24718,2.61096 8.44251,2.30117 14.91007,-1.10096 z M 339,439.39121 c 17.9963,-3.99486 22.77855,-10.78515 15.18593,-21.56245 C 349.13685,410.66186 335.53913,403 327.86891,403 c -9.77342,0 -13.01427,9.69797 -9.28091,27.77234 2.32451,11.25364 2.54601,11.52547 8.74155,10.7276 2.84375,-0.36621 8.09545,-1.31515 11.67045,-2.10873 z m -181.75,-4.33349 c 2.0625,-0.63345 3.75,-1.7079 3.75,-2.38767 0,-1.7971 -20.4634,-15.22321 -27.5,-18.04285 -3.3,-1.32234 -8.53826,-2.965 -11.64057,-3.65037 -5.05172,-1.11602 -6.04293,-1.04936 -9.49482,0.63853 -5.3718,2.62668 -6.29862,5.82378 -3.41507,11.7804 2.58451,5.33889 8.17011,9.63654 15.60295,12.00515 5.72575,1.82463 26.34373,1.60822 32.69751,-0.34319 z M 171.49325,364 c 19.09185,-52.86504 18.2459,-50.81375 21.69019,-52.59486 2.70949,-1.40113 4.11236,-1.38642 14.96649,0.15697 41.21688,5.8608 80.88384,-7.44597 110.3571,-37.02065 25.61752,-25.70567 39.01405,-57.8265 38.8045,-93.04146 C 357.04924,137.4243 335.8847,98.388258 298.5,73.027587 285.28277,64.061411 271.07857,58.171343 252.44333,53.929227 244.46873,52.113893 239.43107,51.660074 227,51.637158 c -16.92116,-0.03119 -25.52383,1.313636 -41.25601,6.449424 -20.88318,6.817336 -33.96147,15.006686 -50.85245,31.84272 -16.84195,16.787168 -25.62434,30.762568 -32.32688,51.441628 -18.706308,57.71387 3.62132,118.67728 55.61885,151.86183 8.99362,5.73969 11.81649,8.67998 11.81649,12.30805 0,0.79569 -6.75,20.00685 -15,42.69147 -8.25,22.68462 -15,41.80758 -15,42.49546 0,1.44803 17.20782,10.42275 18.08633,9.4329 0.32248,-0.36335 6.3556,-16.63564 13.40692,-36.16064 z M 159.6753,202.99312 c -7.75521,-0.99145 -19.66854,-7.14639 -25.9817,-13.42326 -3.24901,-3.23033 -6.37825,-7.88483 -9.07612,-13.5 L 120.5,167.5 l 0,-12 0,-12 4.22197,-8.78762 c 5.171,-10.76293 11.40395,-17.18295 21.54949,-22.19623 14.20591,-7.01966 29.66346,-6.96113 43.51723,0.16479 9.94958,5.11773 16.29197,11.65925 21.50561,22.18083 l 4.2057,8.48745 0,12.19509 0,12.19509 -4.31606,8.51215 c -2.4793,4.88968 -6.30937,10.51822 -9,13.22606 -6.21162,6.25137 -18.13669,12.23461 -26.9143,13.50387 -7.43833,1.0756 -7.27293,1.07547 -15.59434,0.0116 z M 155.57771,183.75 c -2.59618,-8.91069 -1.1877,-15.97797 4.33975,-21.77536 10.63458,-11.15393 29.95194,-6.393 33.61537,8.28481 1.13004,4.5276 2.35894,4.17132 4.97191,-1.44147 3.69101,-7.92848 3.5459,-19.10159 -0.35478,-27.31798 -3.11818,-6.56813 -9.40699,-13.00187 -16.30055,-16.6762 -3.67172,-1.95706 -5.82962,-2.31796 -13.84941,-2.31623 -8.36504,0.002 -10.09735,0.31995 -14.5,2.66305 -6.4146,3.41386 -12.56282,9.86259 -16.04512,16.82938 -2.31198,4.6254 -2.74894,6.77215 -2.74784,13.5 0.001,6.94661 0.40399,8.79004 3.05949,14 1.68201,3.3 4.78513,7.62031 6.89583,9.6007 7.43174,6.97289 12.18183,8.99616 10.91535,4.6493 z m 113.57851,14.74329 c -13.7036,-3.84738 -24.72468,-13.19502 -30.96502,-26.26331 -3.64946,-7.64256 -3.6912,-7.87219 -3.6912,-20.30537 l 0,-12.57539 4.17826,-8.42461 c 5.33483,-10.75659 11.11212,-16.55229 22.0057,-22.07585 7.90533,-4.00837 9.06936,-4.30802 18.13185,-4.66758 11.92644,-0.47319 18.31196,1.05313 27.94648,6.67999 8.82432,5.15368 13.33855,10.28201 18.60043,21.13073 4.09499,8.4429 4.11876,8.55837 4.11876,20.0081 0,11.46921 -0.0171,11.55187 -4.19608,20.26105 -5.51456,11.49267 -11.48511,17.48744 -22.84614,22.93884 -7.90713,3.79411 -9.31236,4.13687 -18.25295,4.45214 -6.52419,0.23006 -11.4308,-0.14821 -15.03009,-1.15874 z m 28.85706,-17.50006 c 14.80947,-7.55523 21.32563,-27.3183 14.06649,-42.66267 -3.61041,-7.63169 -9.05489,-13.19278 -16.46604,-16.81872 -7.95144,-3.89027 -18.65334,-4.01376 -26.74643,-0.30863 -7.62134,3.48917 -13.4216,8.98686 -17.13043,16.2368 -2.74781,5.37138 -3.10023,7.02587 -3.10141,14.55999 -0.001,7.27289 0.38843,9.25792 2.69845,13.75 2.81768,5.47926 4.30502,6.45313 5.34536,3.5 1.34562,-3.81969 5.79908,-8.5633 9.70464,-10.33688 5.60899,-2.54715 10.28871,-2.3789 16.2338,0.58367 6.8747,3.42581 9.87102,8.70443 9.79346,17.25321 -0.0312,3.4375 0.33147,6.25 0.8059,6.25 0.47443,0 2.63273,-0.90305 4.79621,-2.00677 z"
+ id="path3065"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#fc003b"
+ d="m 98.212361,593.01008 c -4.993302,-2.26627 -7.750771,-7.32657 -6.788245,-12.45728 0.346586,-1.84746 4.459549,-8.01259 10.065934,-15.08834 5.21394,-6.58045 9.48666,-12.44913 9.49492,-13.04151 0.008,-0.59238 -2.9694,-5.72372 -6.61704,-11.40297 C 96.407227,528.62544 92.819857,520.95739 89.779323,509.83663 87.823204,502.68212 87.5,499.08943 87.5,484.5 c 0,-17.86968 0.387893,-20.0951 5.263006,-30.19488 l 2.507542,-5.19488 -2.696101,-3.20413 c -1.482855,-1.76228 -4.008765,-5.80451 -5.613132,-8.98274 -2.532639,-5.01713 -7.333789,-9.81261 -36.434352,-36.39133 -18.434526,-16.83699 -34.19449,-31.92222 -35.022142,-33.52272 -1.891334,-3.65743 -1.914397,-7.31661 -0.06861,-10.88596 0.949719,-1.83655 16.700737,-13.41772 46.5,-34.18981 C 86.721293,304.65668 107,289.947 107,289.24538 c 0,-0.70162 -2.70001,-4.67335 -6.00003,-8.82607 C 85.407055,260.79727 74.73484,235.63396 70.461348,208.41432 67.997418,192.72053 68.864997,166.62913 72.337211,152 78.432993,126.31726 88.916555,104.51466 104.31306,85.5 123.15166,62.23437 152.51748,42.914137 181.5,34.717504 c 18.23232,-5.156336 24.95612,-6.09267 44,-6.127292 20.43911,-0.03716 29.88583,1.368819 48,7.143947 20.52609,6.544093 39.54958,17.205216 56.98509,31.935518 16.99486,14.358016 33.09496,37.829873 41.97886,61.199743 17.05031,44.8523 13.06807,94.91808 -10.7864,135.60967 -2.57265,4.3885 -4.67755,8.4606 -4.67755,9.04911 0,0.58851 1.4625,1.60035 3.25,2.24852 3.74459,1.35785 46.02178,46.39003 49.00793,52.20152 1.08578,2.11311 1.57529,4.52172 1.2238,6.02176 -0.32218,1.375 -6.25899,20.02189 -13.19291,41.43754 l -12.60712,38.93755 1.65915,6.22659 c 0.91253,3.42462 1.65915,7.37335 1.65915,8.77494 0,5.10467 -4.14198,13.79307 -8.62181,18.08551 C 376.97018,449.7694 375,452.4002 375,453.30835 c 0,3.27295 -3.2224,9.60735 -5.71985,11.24374 -2.5086,1.6437 -2.5394,1.81491 -1.8854,10.47832 0.36567,4.84403 1.37893,11.20633 2.25167,14.13846 2.33042,7.8294 1.37962,23.00051 -2.05533,32.7953 -3.09254,8.81836 -8.78607,18.71556 -14.49057,25.18928 -2.25529,2.5594 -4.10052,5.10933 -4.10052,5.66651 0,0.55718 3.4875,4.22425 7.75,8.14902 11.84911,10.9103 14.00856,15.52288 10.61516,22.67394 -3.18551,6.71296 -1.51296,6.50535 -68.86516,8.54797 -33.55,1.01748 -62.44925,1.59787 -64.22056,1.28975 -1.77131,-0.30812 -4.55703,-1.68478 -6.19049,-3.05925 l -2.96993,-2.49903 -4.63611,3.53882 -4.6361,3.53882 -56.67341,-0.022 c -53.98767,-0.0209 -56.87659,-0.11418 -60.961039,-1.96796 z m 81.706649,-50.49304 c 15.31261,-3.22111 29.09554,-12.77847 35.56193,-24.65935 3.13995,-5.76912 6.47613,-17.54374 6.50192,-22.94773 0.0258,-5.41196 -3.6455,-18.64474 -6.60974,-23.82379 C 210.0501,461.7859 195.07961,449 189.51333,449 c -1.42802,0 -7.06396,1.55505 -12.52429,3.45567 -5.46034,1.90062 -13.59136,4.15062 -18.06893,5 -10.99237,2.08522 -30.17397,2.0174 -39.10516,-0.13826 -8.63706,-2.08467 -8.7788,-1.92675 -8.79964,9.80437 -0.0402,22.63395 12.95577,50.13665 32.6274,69.04771 4.19153,4.02947 5.81674,4.87186 11.85729,6.14594 9.24135,1.9492 15.85179,2.00378 24.41901,0.20161 z m 113.49106,-3.46973 C 299.91253,535.62681 323,519.96462 323,518.97395 c 0,-0.36781 2.85283,-4.01225 6.33962,-8.09875 l 6.33963,-7.43 0.65648,-14.9726 c 0.36107,-8.23493 0.95235,-18.75517 1.31395,-23.37831 l 0.65745,-8.40572 -3.40356,0.70173 c -6.68843,1.37898 -19.40448,1.81447 -22.10127,0.7569 -3.54274,-1.38932 -5.7468,-4.90762 -7.80951,-12.4662 -1.96374,-7.19589 -3.5506,-7.96756 -9.81376,-4.77234 -8.30815,4.23851 -30.84397,9.07913 -42.30659,9.08732 -3.29663,0.002 -6.04241,0.52177 -6.62915,1.25402 -2.00734,2.50518 -5.24759,13.44462 -6.29423,21.25 -2.53153,18.87902 -2.59161,17.95516 1.57852,24.27377 10.49735,15.90561 30.54242,39.42166 36.97242,43.3745 4.24718,2.61096 8.44251,2.30117 14.91007,-1.10096 z M 339,439.39121 c 17.9963,-3.99486 22.77855,-10.78515 15.18593,-21.56245 C 349.13685,410.66186 335.53913,403 327.86891,403 c -9.77342,0 -13.01427,9.69797 -9.28091,27.77234 2.32451,11.25364 2.54601,11.52547 8.74155,10.7276 2.84375,-0.36621 8.09545,-1.31515 11.67045,-2.10873 z m -181.75,-4.33349 c 2.0625,-0.63345 3.75,-1.7079 3.75,-2.38767 0,-1.7971 -20.4634,-15.22321 -27.5,-18.04285 -3.3,-1.32234 -8.53826,-2.965 -11.64057,-3.65037 -5.05172,-1.11602 -6.04293,-1.04936 -9.49482,0.63853 -5.3718,2.62668 -6.29862,5.82378 -3.41507,11.7804 2.58451,5.33889 8.17011,9.63654 15.60295,12.00515 5.72575,1.82463 26.34373,1.60822 32.69751,-0.34319 z M 160.43313,397.75 c 0.8792,-2.3375 8.05348,-22.01344 15.94286,-43.72432 11.27165,-31.01863 14.87124,-39.86773 16.80423,-41.31091 2.36286,-1.76413 2.91095,-1.77036 13.88985,-0.15791 58.03888,8.52405 114.00088,-21.64389 138.89528,-74.87553 8.87517,-18.97775 12.47871,-35.34723 12.36764,-56.18133 -0.11145,-20.90634 -3.78312,-37.02327 -12.78553,-56.12261 -7.3833,-15.66424 -20.00012,-32.546305 -31.43938,-42.067747 -19.2186,-15.99657 -37.8563,-25.274576 -61.1893,-30.460556 C 239.35334,49.83404 215.12431,49.62574 202.05258,52.411784 174.40449,58.304559 153.34111,69.586309 133.86377,88.934367 108.08496,114.54208 95,146.05141 95,182.52052 c 0,45.18453 22.41092,85.52182 61.71904,111.08776 7.94254,5.16581 11.39868,8.01257 11.83413,9.74755 0.43706,1.74139 -3.79326,14.56269 -14.61569,44.29744 -8.37692,23.0157 -15.27728,42.47353 -15.33413,43.23963 -0.093,1.25385 16.15158,10.593 19.06394,10.96 0.64201,0.0809 1.88664,-1.7654 2.76584,-4.1029 z M 162.5,202.29026 C 152.52589,201.363 141.98386,196.12222 134.23791,188.24027 119.97895,173.73096 116.9158,151.79913 126.52267,133 c 5.12157,-10.0221 16.30902,-19.30105 27.24095,-22.59385 7.65143,-2.30468 21.05417,-2.29274 28.03035,0.025 17.61862,5.85347 29.95772,20.25667 32.50574,37.94335 4.44639,30.86385 -20.49673,56.82592 -51.79971,53.91579 z M 155.57771,183.75 c -2.59618,-8.91069 -1.1877,-15.97797 4.33975,-21.77536 10.63458,-11.15393 29.95194,-6.393 33.61537,8.28481 1.13004,4.5276 2.35894,4.17132 4.97191,-1.44147 3.69101,-7.92848 3.5459,-19.10159 -0.35478,-27.31798 -3.11818,-6.56813 -9.40699,-13.00187 -16.30055,-16.6762 -3.67172,-1.95706 -5.82962,-2.31796 -13.84941,-2.31623 -8.36504,0.002 -10.09735,0.31995 -14.5,2.66305 -6.4146,3.41386 -12.56282,9.86259 -16.04512,16.82938 -2.31198,4.6254 -2.74894,6.77215 -2.74784,13.5 0.001,6.94661 0.40399,8.79004 3.05949,14 1.68201,3.3 4.78513,7.62031 6.89583,9.6007 7.43174,6.97289 12.18183,8.99616 10.91535,4.6493 z M 269,197.09307 c -8.23985,-2.26482 -13.13045,-5.10202 -19.82653,-11.50205 C 239.35019,176.20207 235,165.89216 235,152 c 0,-26.32793 20.35854,-47 46.28716,-47 23.88611,0 43.45255,16.66814 46.90974,39.96119 5.03101,33.89674 -26.02784,61.24878 -59.1969,52.13188 z m 29.01328,-16.09984 c 14.80947,-7.55523 21.32563,-27.3183 14.06649,-42.66267 -3.61041,-7.63169 -9.05489,-13.19278 -16.46604,-16.81872 -7.95144,-3.89027 -18.65334,-4.01376 -26.74643,-0.30863 -7.62134,3.48917 -13.4216,8.98686 -17.13043,16.2368 -2.74781,5.37138 -3.10023,7.02587 -3.10141,14.55999 -0.001,7.27289 0.38843,9.25792 2.69845,13.75 2.81768,5.47926 4.30502,6.45313 5.34536,3.5 1.34562,-3.81969 5.79908,-8.5633 9.70464,-10.33688 5.60899,-2.54715 10.28871,-2.3789 16.2338,0.58367 6.8747,3.42581 9.87102,8.70443 9.79346,17.25321 -0.0312,3.4375 0.33147,6.25 0.8059,6.25 0.47443,0 2.63273,-0.90305 4.79621,-2.00677 z"
+ id="path3063"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#566356"
+ d="m 98.212361,593.01008 c -4.993302,-2.26627 -7.750771,-7.32657 -6.788245,-12.45728 0.346586,-1.84746 4.459549,-8.01259 10.065934,-15.08834 5.21394,-6.58045 9.48666,-12.44913 9.49492,-13.04151 0.008,-0.59238 -2.9694,-5.72372 -6.61704,-11.40297 C 96.407227,528.62544 92.819857,520.95739 89.779323,509.83663 87.823204,502.68212 87.5,499.08943 87.5,484.5 c 0,-17.86968 0.387893,-20.0951 5.263006,-30.19488 l 2.507542,-5.19488 -2.696101,-3.20413 c -1.482855,-1.76228 -4.008765,-5.80451 -5.613132,-8.98274 -2.532639,-5.01713 -7.333789,-9.81261 -36.434352,-36.39133 -18.434526,-16.83699 -34.19449,-31.92222 -35.022142,-33.52272 -1.891334,-3.65743 -1.914397,-7.31661 -0.06861,-10.88596 0.949719,-1.83655 16.700737,-13.41772 46.5,-34.18981 C 86.721293,304.65668 107,289.947 107,289.24538 c 0,-0.70162 -2.70001,-4.67335 -6.00003,-8.82607 C 85.407055,260.79727 74.73484,235.63396 70.461348,208.41432 67.997418,192.72053 68.864997,166.62913 72.337211,152 78.432993,126.31726 88.916555,104.51466 104.31306,85.5 123.15166,62.23437 152.51748,42.914137 181.5,34.717504 c 18.23232,-5.156336 24.95612,-6.09267 44,-6.127292 20.43911,-0.03716 29.88583,1.368819 48,7.143947 20.52609,6.544093 39.54958,17.205216 56.98509,31.935518 16.99486,14.358016 33.09496,37.829873 41.97886,61.199743 17.05031,44.8523 13.06807,94.91808 -10.7864,135.60967 -2.57265,4.3885 -4.67755,8.4606 -4.67755,9.04911 0,0.58851 1.4625,1.60035 3.25,2.24852 3.74459,1.35785 46.02178,46.39003 49.00793,52.20152 1.08578,2.11311 1.57529,4.52172 1.2238,6.02176 -0.32218,1.375 -6.25899,20.02189 -13.19291,41.43754 l -12.60712,38.93755 1.65915,6.22659 c 0.91253,3.42462 1.65915,7.37335 1.65915,8.77494 0,5.10467 -4.14198,13.79307 -8.62181,18.08551 C 376.97018,449.7694 375,452.4002 375,453.30835 c 0,3.27295 -3.2224,9.60735 -5.71985,11.24374 -2.5086,1.6437 -2.5394,1.81491 -1.8854,10.47832 0.36567,4.84403 1.37893,11.20633 2.25167,14.13846 2.33042,7.8294 1.37962,23.00051 -2.05533,32.7953 -3.09254,8.81836 -8.78607,18.71556 -14.49057,25.18928 -2.25529,2.5594 -4.10052,5.10933 -4.10052,5.66651 0,0.55718 3.4875,4.22425 7.75,8.14902 11.84911,10.9103 14.00856,15.52288 10.61516,22.67394 -3.18551,6.71296 -1.51296,6.50535 -68.86516,8.54797 -33.55,1.01748 -62.44925,1.59787 -64.22056,1.28975 -1.77131,-0.30812 -4.55703,-1.68478 -6.19049,-3.05925 l -2.96993,-2.49903 -4.63611,3.53882 -4.6361,3.53882 -56.67341,-0.022 c -53.98767,-0.0209 -56.87659,-0.11418 -60.961039,-1.96796 z m 81.706649,-50.49304 c 15.31261,-3.22111 29.09554,-12.77847 35.56193,-24.65935 3.13995,-5.76912 6.47613,-17.54374 6.50192,-22.94773 0.0258,-5.41196 -3.6455,-18.64474 -6.60974,-23.82379 C 210.0501,461.7859 195.07961,449 189.51333,449 c -1.42802,0 -7.06396,1.55505 -12.52429,3.45567 -5.46034,1.90062 -13.59136,4.15062 -18.06893,5 -10.99237,2.08522 -30.17397,2.0174 -39.10516,-0.13826 -8.63706,-2.08467 -8.7788,-1.92675 -8.79964,9.80437 -0.0402,22.63395 12.95577,50.13665 32.6274,69.04771 4.19153,4.02947 5.81674,4.87186 11.85729,6.14594 9.24135,1.9492 15.85179,2.00378 24.41901,0.20161 z m 113.49106,-3.46973 C 299.91253,535.62681 323,519.96462 323,518.97395 c 0,-0.36781 2.85283,-4.01225 6.33962,-8.09875 l 6.33963,-7.43 0.65648,-14.9726 c 0.36107,-8.23493 0.95235,-18.75517 1.31395,-23.37831 l 0.65745,-8.40572 -3.40356,0.70173 c -6.68843,1.37898 -19.40448,1.81447 -22.10127,0.7569 -3.54274,-1.38932 -5.7468,-4.90762 -7.80951,-12.4662 -1.96374,-7.19589 -3.5506,-7.96756 -9.81376,-4.77234 -8.30815,4.23851 -30.84397,9.07913 -42.30659,9.08732 -3.29663,0.002 -6.04241,0.52177 -6.62915,1.25402 -2.00734,2.50518 -5.24759,13.44462 -6.29423,21.25 -2.53153,18.87902 -2.59161,17.95516 1.57852,24.27377 10.49735,15.90561 30.54242,39.42166 36.97242,43.3745 4.24718,2.61096 8.44251,2.30117 14.91007,-1.10096 z M 339,439.39121 c 17.9963,-3.99486 22.77855,-10.78515 15.18593,-21.56245 C 349.13685,410.66186 335.53913,403 327.86891,403 c -9.77342,0 -13.01427,9.69797 -9.28091,27.77234 2.32451,11.25364 2.54601,11.52547 8.74155,10.7276 2.84375,-0.36621 8.09545,-1.31515 11.67045,-2.10873 z m -71.71829,-1.45914 c 8.68789,-1.22989 24.42923,-6.26403 28.81922,-9.21649 l 3.39907,-2.28602 0.56876,-10.46478 c 0.46705,-8.59334 1.03158,-11.35894 3.15676,-15.46478 3.02419,-5.84275 6.66939,-9.47592 12.37474,-12.33392 4.08107,-2.04433 4.10299,-2.08581 4.68273,-8.86001 0.95182,-11.12199 5.67367,-19.71283 12.84609,-23.37192 7.47635,-3.81415 13.06022,-1.86063 15.8693,5.5519 0.62238,1.64232 1.39782,9.21067 1.7232,16.81854 l 0.59159,13.8325 3.18781,2.43145 c 1.75329,1.3373 3.64256,2.43146 4.19838,2.43146 1.4693,0 8.69349,-16.1078 11.66075,-26 7.094,-23.64987 5.67012,-41.06203 -4.47231,-54.69057 -7.61404,-10.2311 -23.88182,-18.8189 -39.45558,-20.82871 -4.85511,-0.62655 -5.05729,-0.54131 -12.93222,5.45176 -9.93949,7.56428 -33.03906,19.15323 -44.98811,22.57033 -16.35499,4.67709 -26.08003,5.75339 -47.16898,5.22038 l -19.1571,-0.48419 -10.23684,28.1305 c -5.63026,15.47178 -11.94001,32.89851 -14.02166,38.72608 l -3.78483,10.59558 3.76645,5.67171 c 2.07155,3.11944 6.33081,8.5745 9.46502,12.12237 5.25715,5.95097 6.30586,6.6425 13.53831,8.92723 20.01473,6.32265 45.6417,8.45391 66.36945,5.5196 z M 157.25,435.05772 c 2.0625,-0.63345 3.75,-1.7079 3.75,-2.38767 0,-1.7971 -20.4634,-15.22321 -27.5,-18.04285 -3.3,-1.32234 -8.53826,-2.965 -11.64057,-3.65037 -5.05172,-1.11602 -6.04293,-1.04936 -9.49482,0.63853 -5.3718,2.62668 -6.29862,5.82378 -3.41507,11.7804 2.58451,5.33889 8.17011,9.63654 15.60295,12.00515 5.72575,1.82463 26.34373,1.60822 32.69751,-0.34319 z M 160.43313,397.75 c 0.8792,-2.3375 8.05348,-22.01344 15.94286,-43.72432 11.27165,-31.01863 14.87124,-39.86773 16.80423,-41.31091 2.36286,-1.76413 2.91095,-1.77036 13.88985,-0.15791 58.03888,8.52405 114.00088,-21.64389 138.89528,-74.87553 8.87517,-18.97775 12.47871,-35.34723 12.36764,-56.18133 -0.11145,-20.90634 -3.78312,-37.02327 -12.78553,-56.12261 -7.3833,-15.66424 -20.00012,-32.546305 -31.43938,-42.067747 -19.2186,-15.99657 -37.8563,-25.274576 -61.1893,-30.460556 C 239.35334,49.83404 215.12431,49.62574 202.05258,52.411784 174.40449,58.304559 153.34111,69.586309 133.86377,88.934367 108.08496,114.54208 95,146.05141 95,182.52052 c 0,45.18453 22.41092,85.52182 61.71904,111.08776 7.94254,5.16581 11.39868,8.01257 11.83413,9.74755 0.43706,1.74139 -3.79326,14.56269 -14.61569,44.29744 -8.37692,23.0157 -15.27728,42.47353 -15.33413,43.23963 -0.093,1.25385 16.15158,10.593 19.06394,10.96 0.64201,0.0809 1.88664,-1.7654 2.76584,-4.1029 z M 162.5,202.29026 C 152.52589,201.363 141.98386,196.12222 134.23791,188.24027 119.97895,173.73096 116.9158,151.79913 126.52267,133 c 5.12157,-10.0221 16.30902,-19.30105 27.24095,-22.59385 7.65143,-2.30468 21.05417,-2.29274 28.03035,0.025 17.61862,5.85347 29.95772,20.25667 32.50574,37.94335 4.44639,30.86385 -20.49673,56.82592 -51.79971,53.91579 z M 155.57771,183.75 c -2.59618,-8.91069 -1.1877,-15.97797 4.33975,-21.77536 10.63458,-11.15393 29.95194,-6.393 33.61537,8.28481 1.13004,4.5276 2.35894,4.17132 4.97191,-1.44147 3.69101,-7.92848 3.5459,-19.10159 -0.35478,-27.31798 -3.11818,-6.56813 -9.40699,-13.00187 -16.30055,-16.6762 -3.67172,-1.95706 -5.82962,-2.31796 -13.84941,-2.31623 -8.36504,0.002 -10.09735,0.31995 -14.5,2.66305 -6.4146,3.41386 -12.56282,9.86259 -16.04512,16.82938 -2.31198,4.6254 -2.74894,6.77215 -2.74784,13.5 0.001,6.94661 0.40399,8.79004 3.05949,14 1.68201,3.3 4.78513,7.62031 6.89583,9.6007 7.43174,6.97289 12.18183,8.99616 10.91535,4.6493 z M 269,197.09307 c -8.23985,-2.26482 -13.13045,-5.10202 -19.82653,-11.50205 C 239.35019,176.20207 235,165.89216 235,152 c 0,-26.32793 20.35854,-47 46.28716,-47 23.88611,0 43.45255,16.66814 46.90974,39.96119 5.03101,33.89674 -26.02784,61.24878 -59.1969,52.13188 z m 29.01328,-16.09984 c 14.80947,-7.55523 21.32563,-27.3183 14.06649,-42.66267 -3.61041,-7.63169 -9.05489,-13.19278 -16.46604,-16.81872 -7.95144,-3.89027 -18.65334,-4.01376 -26.74643,-0.30863 -7.62134,3.48917 -13.4216,8.98686 -17.13043,16.2368 -2.74781,5.37138 -3.10023,7.02587 -3.10141,14.55999 -0.001,7.27289 0.38843,9.25792 2.69845,13.75 2.81768,5.47926 4.30502,6.45313 5.34536,3.5 1.34562,-3.81969 5.79908,-8.5633 9.70464,-10.33688 5.60899,-2.54715 10.28871,-2.3789 16.2338,0.58367 6.8747,3.42581 9.87102,8.70443 9.79346,17.25321 -0.0312,3.4375 0.33147,6.25 0.8059,6.25 0.47443,0 2.63273,-0.90305 4.79621,-2.00677 z M 93.103454,396.5 c 2.645975,-2.475 5.280142,-4.5 5.853705,-4.5 1.951491,0 1.049811,-1.75773 -2.957159,-5.76471 -3.20847,-3.20847 -4,-4.72375 -4,-7.65748 0,-4.93319 3.196682,-10.86973 8.95238,-16.62543 9.13016,-9.13016 16.9437,-11.06569 26.04762,-6.45238 2.71343,1.375 5.33915,2.5 5.83492,2.5 0.49577,0 4.1194,-8.8875 8.05249,-19.75 8.81581,-24.34764 9.16681,-29.51108 2.15733,-31.7358 -3.00615,-0.95412 -19.53496,5.01278 -29.54474,10.66564 -18.216707,10.28758 -56.251215,37.80934 -60.816962,44.00713 l -1.979418,2.68696 2.629955,5.37544 c 3.218558,6.57849 12.046954,15.42825 24.666425,24.72612 5.225,3.84971 9.678333,7.00511 9.896295,7.01199 0.217962,0.007 2.561184,-2.01248 5.207159,-4.48748 z"
+ id="path3061"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#a10025"
+ d="m 97.313822,592.04977 c -3.877622,-2.36435 -5.315011,-4.86391 -5.310084,-9.23403 0.0046,-4.10528 1.790113,-7.06563 11.963312,-19.83533 9.07653,-11.39313 8.94536,-9.41592 1.39861,-21.082 -6.008258,-9.28782 -13.00788,-24.10633 -14.857287,-31.45355 -2.356485,-9.3617 -3.19881,-21.50621 -2.389715,-34.45452 0.659233,-10.55 1.112517,-12.62177 4.244806,-19.4012 l 3.50676,-7.58992 -2.273444,-2.74961 c -1.250395,-1.51229 -3.781658,-5.60482 -5.625029,-9.09453 -2.964231,-5.61162 -7.07114,-9.73819 -35.535087,-35.70521 C 34.735737,385.30171 19.0712,370.6849 17.62658,368.96806 15.62818,366.5931 15,364.75164 15,361.26844 c 0,-4.02345 0.46686,-5.01368 3.853419,-8.17328 C 20.972799,351.11782 41.875862,336.225 65.30467,320 c 23.428808,-16.225 42.61661,-29.95 42.63955,-30.5 0.0229,-0.55 -2.66823,-4.375 -5.9804,-8.5 C 86.612175,261.88096 75.494019,236.11803 71.441348,210.27351 68.936408,194.29912 69.865195,164.53834 73.325859,149.88878 79.553902,123.52446 93.396601,97.498961 111.5,78.11803 133.13147,54.96006 163.65426,38.273881 197,31.376949 c 6.33093,-1.309433 13.47609,-1.773232 28,-1.817506 29.10173,-0.08871 44.07641,3.162549 68.59846,14.89391 22.60386,10.813694 37.14227,21.942965 52.31384,40.046647 8.42803,10.056859 11.48876,14.614189 17.79757,26.5 9.53504,17.96406 15.36681,36.43422 17.39752,55.10085 1.39506,12.82368 0.6542,37.56516 -1.46694,48.98937 -3.00692,16.19481 -11.05914,36.96034 -20.10882,51.85771 -1.9424,3.19753 -3.53163,6.28243 -3.53163,6.85533 0,0.5729 1.51216,1.54069 3.36036,2.15066 2.45518,0.81028 9.43019,7.66433 25.89372,25.4447 12.39335,13.38463 23.08311,25.3629 23.75502,26.61839 0.73257,1.36881 0.98321,3.92422 0.62605,6.38285 -0.3276,2.25507 -6.1939,21.28467 -13.03623,42.28799 l -12.44059,38.18784 1.42083,4.72109 c 3.28412,10.91228 0.52741,21.50113 -7.44056,28.58005 -2.86495,2.54529 -4.1386,4.484 -4.1386,6.29966 0,3.62069 -2.38255,7.88892 -5.56913,9.97685 -2.63628,1.72735 -2.66223,1.85497 -1.97622,9.71918 0.38232,4.38286 1.39276,10.29953 2.24542,13.14816 1.99616,6.66893 1.90503,22.2593 -0.17574,30.06357 -2.26737,8.50417 -10.02768,22.91117 -15.66142,29.07537 -2.6746,2.92644 -4.86291,5.78627 -4.86291,6.35519 0,0.56892 3.87044,4.55582 8.60098,8.85979 4.73054,4.30397 9.23054,9.04055 10,10.52574 2.80075,5.40592 0.87168,13.38034 -3.86133,15.96201 -1.57483,0.85901 -19.30801,1.73952 -59.73965,2.96625 -76.54285,2.32239 -70.24687,2.376 -73.81763,-0.6286 -3.79606,-3.19417 -4.68502,-3.14386 -8.83515,0.5 l -3.41681,3 -58.21521,-0.004 c -55.87978,-0.004 -58.34302,-0.0817 -61.401378,-1.94649 z M 291.23356,562.06814 c 18.52047,-4.73673 39.82337,-19.82802 50.67623,-35.89977 9.31074,-13.78805 12.41372,-25.45358 9.64514,-36.26044 -0.88776,-3.46524 -1.85026,-6.53659 -2.13889,-6.82522 -1.4992,-1.4992 -2.38702,3.61417 -2.40073,13.82688 L 347,508.31917 l -5.5,5.76618 c -3.025,3.1714 -5.5,6.62114 -5.5,7.6661 0,2.63203 -2.29296,4.51082 -19.86536,16.27711 -17.3799,11.63739 -24.34397,14.92316 -31.63464,14.92574 -10.07597,0.004 -18.74635,-6.67216 -35.10528,-27.0292 C 244.56604,519.9163 240.25186,515 239.80765,515 c -1.93872,0 0.6964,17.17327 3.92724,25.59407 4.17103,10.87127 12.20745,19.02876 21.66141,21.98773 6.08432,1.90432 17.25109,1.68232 25.83726,-0.51366 z m -81.47174,-6.87773 c 8.67143,-2.78932 14.66335,-6.52426 17.29311,-10.7793 2.12922,-3.44513 2.17099,-3.92673 0.93321,-10.75884 -0.71267,-3.93375 -1.59978,-7.503 -1.97135,-7.93166 -0.37157,-0.42867 -2.83444,1.9685 -5.47305,5.32703 -15.58233,19.83381 -41.43938,27.96978 -69.95518,22.01152 l -8.91144,-1.86201 -7.08856,-7.09443 c -10.58438,-10.59314 -10.57365,-10.64494 -0.83764,4.04437 l 4.40566,6.6471 10.17171,1.16278 c 5.59444,0.63953 10.84671,1.3356 11.67171,1.54681 0.825,0.21122 10.95,0.23032 22.5,0.0425 17.67508,-0.28751 21.99143,-0.6605 27.26182,-2.35582 z m -28.56104,-12.30316 c 23.6731,-4.97098 40.7458,-25.03224 40.78735,-47.92715 0.0317,-17.46824 -8.66072,-32.55039 -24.97478,-43.33357 C 193.99569,449.63194 190.7145,448 189.72181,448 c -0.99269,0 -6.3322,1.57585 -11.86559,3.5019 -21.76684,7.57654 -40.9486,9.40148 -56.76865,5.40092 -5.51316,-1.39416 -8.62749,-1.7629 -9.29039,-1.1 -1.85689,1.85689 -1.09608,22.03024 1.15771,30.69718 4.21644,16.21434 17.04698,37.51086 30.34729,50.37138 3.58548,3.46692 5.72888,4.63542 10.35935,5.64753 7.44018,1.62624 20.70392,1.80365 27.53925,0.36834 z m 112.23244,-3.31622 c 7.87734,-4.10595 28.69813,-18.29042 29.96325,-20.4129 0.49306,-0.8272 3.68091,-4.69669 7.08412,-8.59886 l 6.18764,-7.09486 0.82336,-17.9822 c 1.3339,-29.13243 1.33759,-29.02559 -0.99159,-28.71864 -1.1,0.14497 -6.99877,0.5462 -13.10837,0.89163 -10.44863,0.59076 -11.23504,0.50139 -13.24121,-1.50478 -1.17306,-1.17306 -3.1431,-5.56671 -4.37787,-9.76367 -1.23476,-4.19695 -2.8297,-7.85519 -3.54431,-8.12941 -0.71461,-0.27422 -3.8708,0.65321 -7.01376,2.06096 -10.73717,4.80922 -27.58521,8.33608 -42.71448,8.94157 l -6,0.24013 -2.37728,4.98155 c -2.21891,4.64972 -3.09065,8.46618 -6.25639,27.39064 -1.17041,6.99657 -1.11759,7.59021 1.03662,11.65094 6.61316,12.46592 33.65506,44.53074 40.32974,47.82081 4.72184,2.32748 6.84158,2.06283 14.20053,-1.77291 z m 42.06447,-99.09859 c 21.15717,-3.6895 27.39425,-10.76236 19.58378,-22.20803 C 349.03113,409.39809 337.4907,403 327.54859,403 c -4.29476,0 -5.6213,0.44849 -7.62033,2.57636 -2.04958,2.18168 -2.47506,3.78076 -2.77739,10.43826 -0.31161,6.8616 1.85973,22.57548 3.48222,25.20072 0.72648,1.17547 5.12423,0.95568 14.8646,-0.7429 z m -68.21598,-2.54037 c 8.68789,-1.22989 24.42923,-6.26403 28.81922,-9.21649 l 3.39907,-2.28602 0.56876,-10.46478 c 0.46705,-8.59334 1.03158,-11.35894 3.15676,-15.46478 3.02419,-5.84275 6.66939,-9.47592 12.37474,-12.33392 4.08107,-2.04433 4.10299,-2.08581 4.68273,-8.86001 0.95182,-11.12199 5.67367,-19.71283 12.84609,-23.37192 7.47635,-3.81415 13.06022,-1.86063 15.8693,5.5519 0.62238,1.64232 1.39782,9.21067 1.7232,16.81854 l 0.59159,13.8325 3.18781,2.43145 c 1.75329,1.3373 3.64256,2.43146 4.19838,2.43146 1.4693,0 8.69349,-16.1078 11.66075,-26 7.094,-23.64987 5.67012,-41.06203 -4.47231,-54.69057 -7.61404,-10.2311 -23.88182,-18.8189 -39.45558,-20.82871 -4.85511,-0.62655 -5.05729,-0.54131 -12.93222,5.45176 -9.93949,7.56428 -33.03906,19.15323 -44.98811,22.57033 -16.35499,4.67709 -26.08003,5.75339 -47.16898,5.22038 l -19.1571,-0.48419 -10.23684,28.1305 c -5.63026,15.47178 -11.94001,32.89851 -14.02166,38.72608 l -3.78483,10.59558 3.76645,5.67171 c 2.07155,3.11944 6.33081,8.5745 9.46502,12.12237 5.25715,5.95097 6.30586,6.6425 13.53831,8.92723 20.01473,6.32265 45.6417,8.45391 66.36945,5.5196 z M 156.4904,435.56559 c 2.97837,-0.66134 5.10632,-1.71003 5.27791,-2.60104 0.34545,-1.79377 -18.63452,-14.76459 -26.76831,-18.29332 -16.15053,-7.0067 -28,-5.6958 -28,3.0976 0,9.9345 11.00927,18.19468 26,19.50762 5.25195,0.45999 17.84415,-0.45713 23.4904,-1.71086 z M 160.43313,397.75 c 0.8792,-2.3375 8.05348,-22.01344 15.94286,-43.72432 11.27165,-31.01863 14.87124,-39.86773 16.80423,-41.31091 2.36286,-1.76413 2.91095,-1.77036 13.88985,-0.15791 58.03888,8.52405 114.00088,-21.64389 138.89528,-74.87553 8.87517,-18.97775 12.47871,-35.34723 12.36764,-56.18133 -0.11145,-20.90634 -3.78312,-37.02327 -12.78553,-56.12261 -7.3833,-15.66424 -20.00012,-32.546305 -31.43938,-42.067747 -19.2186,-15.99657 -37.8563,-25.274576 -61.1893,-30.460556 C 239.35334,49.83404 215.12431,49.62574 202.05258,52.411784 174.40449,58.304559 153.34111,69.586309 133.86377,88.934367 108.08496,114.54208 95,146.05141 95,182.52052 c 0,45.18453 22.41092,85.52182 61.71904,111.08776 7.94254,5.16581 11.39868,8.01257 11.83413,9.74755 0.43706,1.74139 -3.79326,14.56269 -14.61569,44.29744 -8.37692,23.0157 -15.27728,42.47353 -15.33413,43.23963 -0.093,1.25385 16.15158,10.593 19.06394,10.96 0.64201,0.0809 1.88664,-1.7654 2.76584,-4.1029 z M 162.5,202.29026 C 152.52589,201.363 141.98386,196.12222 134.23791,188.24027 119.97895,173.73096 116.9158,151.79913 126.52267,133 c 5.12157,-10.0221 16.30902,-19.30105 27.24095,-22.59385 7.65143,-2.30468 21.05417,-2.29274 28.03035,0.025 17.61862,5.85347 29.95772,20.25667 32.50574,37.94335 4.44639,30.86385 -20.49673,56.82592 -51.79971,53.91579 z M 156.09565,184.875 c -0.22239,-0.75625 -0.60751,-4.11208 -0.85582,-7.45741 -0.52505,-7.07352 1.64865,-12.46307 6.76179,-16.7655 10.41935,-8.7673 27.92963,-3.24023 30.67938,9.68386 0.75373,3.54259 3.18689,4.61511 4.69279,2.06854 4.5658,-7.72105 5.76896,-18.64622 2.97083,-26.97635 -6.16157,-18.3432 -24.32741,-27.96932 -42.41451,-22.47553 -6.31896,1.91932 -8.09146,3.02423 -13.44195,8.37912 -4.5494,4.55316 -6.74578,7.72743 -8.38817,12.12283 -5.68232,15.20713 0.002,31.94679 13.82616,40.71356 4.5893,2.91045 6.8952,3.17465 6.1695,0.70688 z M 269,197.09307 c -8.23985,-2.26482 -13.13045,-5.10202 -19.82653,-11.50205 C 239.35019,176.20207 235,165.89216 235,152 c 0,-26.32793 20.35854,-47 46.28716,-47 23.88611,0 43.45255,16.66814 46.90974,39.96119 5.03101,33.89674 -26.02784,61.24878 -59.1969,52.13188 z m 30.06796,-15.92121 C 309.08512,174.81916 316,162.8903 316,151.96238 c 0,-13.86802 -10.17221,-27.63632 -23.99081,-32.47206 -16.51635,-5.77979 -36.30491,4.31393 -42.63792,21.7487 -3.20578,8.8255 -1.2727,23.26954 3.85013,28.76826 2.02988,2.17881 2.23278,2.21271 3.22244,0.53839 5.846,-9.8904 9.55436,-12.55242 17.45404,-12.52922 11.25117,0.033 18.38908,7.54676 18.03405,18.98355 -0.0939,3.025 -0.11701,5.8375 -0.0513,6.25 0.23161,1.45476 2.77712,0.71875 7.18737,-2.07814 z M 93.103454,396.5 c 2.645975,-2.475 5.280142,-4.5 5.853705,-4.5 1.951491,0 1.049811,-1.75773 -2.957159,-5.76471 -3.20847,-3.20847 -4,-4.72375 -4,-7.65748 0,-4.93319 3.196682,-10.86973 8.95238,-16.62543 9.13016,-9.13016 16.9437,-11.06569 26.04762,-6.45238 2.71343,1.375 5.33915,2.5 5.83492,2.5 0.49577,0 4.1194,-8.8875 8.05249,-19.75 8.81581,-24.34764 9.16681,-29.51108 2.15733,-31.7358 -3.00615,-0.95412 -19.53496,5.01278 -29.54474,10.66564 -18.216707,10.28758 -56.251215,37.80934 -60.816962,44.00713 l -1.979418,2.68696 2.629955,5.37544 c 3.218558,6.57849 12.046954,15.42825 24.666425,24.72612 5.225,3.84971 9.678333,7.00511 9.896295,7.01199 0.217962,0.007 2.561184,-2.01248 5.207159,-4.48748 z"
+ id="path3059"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#5b5a01"
+ d="m 97.313822,592.04977 c -3.877622,-2.36435 -5.315011,-4.86391 -5.310084,-9.23403 0.0046,-4.10528 1.790113,-7.06563 11.963312,-19.83533 9.07653,-11.39313 8.94536,-9.41592 1.39861,-21.082 -6.008258,-9.28782 -13.00788,-24.10633 -14.857287,-31.45355 -2.356485,-9.3617 -3.19881,-21.50621 -2.389715,-34.45452 0.659233,-10.55 1.112517,-12.62177 4.244806,-19.4012 l 3.50676,-7.58992 -2.273444,-2.74961 c -1.250395,-1.51229 -3.781658,-5.60482 -5.625029,-9.09453 -2.964231,-5.61162 -7.07114,-9.73819 -35.535087,-35.70521 C 34.735737,385.30171 19.0712,370.6849 17.62658,368.96806 15.62818,366.5931 15,364.75164 15,361.26844 c 0,-4.02345 0.46686,-5.01368 3.853419,-8.17328 C 20.972799,351.11782 41.875862,336.225 65.30467,320 c 23.428808,-16.225 42.61661,-29.95 42.63955,-30.5 0.0229,-0.55 -2.66823,-4.375 -5.9804,-8.5 C 86.612175,261.88096 75.494019,236.11803 71.441348,210.27351 68.936408,194.29912 69.865195,164.53834 73.325859,149.88878 79.553902,123.52446 93.396601,97.498961 111.5,78.11803 133.13147,54.96006 163.65426,38.273881 197,31.376949 c 6.33093,-1.309433 13.47609,-1.773232 28,-1.817506 29.10173,-0.08871 44.07641,3.162549 68.59846,14.89391 22.60386,10.813694 37.14227,21.942965 52.31384,40.046647 8.42803,10.056859 11.48876,14.614189 17.79757,26.5 9.53504,17.96406 15.36681,36.43422 17.39752,55.10085 1.39506,12.82368 0.6542,37.56516 -1.46694,48.98937 -3.00692,16.19481 -11.05914,36.96034 -20.10882,51.85771 -1.9424,3.19753 -3.53163,6.28243 -3.53163,6.85533 0,0.5729 1.51216,1.54069 3.36036,2.15066 2.45518,0.81028 9.43019,7.66433 25.89372,25.4447 12.39335,13.38463 23.08311,25.3629 23.75502,26.61839 0.73257,1.36881 0.98321,3.92422 0.62605,6.38285 -0.3276,2.25507 -6.1939,21.28467 -13.03623,42.28799 l -12.44059,38.18784 1.42083,4.72109 c 3.28412,10.91228 0.52741,21.50113 -7.44056,28.58005 -2.86495,2.54529 -4.1386,4.484 -4.1386,6.29966 0,3.62069 -2.38255,7.88892 -5.56913,9.97685 -2.63628,1.72735 -2.66223,1.85497 -1.97622,9.71918 0.38232,4.38286 1.39276,10.29953 2.24542,13.14816 1.99616,6.66893 1.90503,22.2593 -0.17574,30.06357 -2.26737,8.50417 -10.02768,22.91117 -15.66142,29.07537 -2.6746,2.92644 -4.86291,5.78627 -4.86291,6.35519 0,0.56892 3.87044,4.55582 8.60098,8.85979 4.73054,4.30397 9.23054,9.04055 10,10.52574 2.80075,5.40592 0.87168,13.38034 -3.86133,15.96201 -1.57483,0.85901 -19.30801,1.73952 -59.73965,2.96625 -76.54285,2.32239 -70.24687,2.376 -73.81763,-0.6286 -3.79606,-3.19417 -4.68502,-3.14386 -8.83515,0.5 l -3.41681,3 -58.21521,-0.004 c -55.87978,-0.004 -58.34302,-0.0817 -61.401378,-1.94649 z M 291.23356,562.06814 c 18.52047,-4.73673 39.82337,-19.82802 50.67623,-35.89977 9.31074,-13.78805 12.41372,-25.45358 9.64514,-36.26044 -0.88776,-3.46524 -1.85026,-6.53659 -2.13889,-6.82522 -1.4992,-1.4992 -2.38702,3.61417 -2.40073,13.82688 L 347,508.31917 l -5.5,5.76618 c -3.025,3.1714 -5.5,6.62114 -5.5,7.6661 0,2.63203 -2.29296,4.51082 -19.86536,16.27711 -17.3799,11.63739 -24.34397,14.92316 -31.63464,14.92574 -10.07597,0.004 -18.74635,-6.67216 -35.10528,-27.0292 C 244.56604,519.9163 240.25186,515 239.80765,515 c -1.93872,0 0.6964,17.17327 3.92724,25.59407 4.17103,10.87127 12.20745,19.02876 21.66141,21.98773 6.08432,1.90432 17.25109,1.68232 25.83726,-0.51366 z m -81.47174,-6.87773 c 8.67143,-2.78932 14.66335,-6.52426 17.29311,-10.7793 2.12922,-3.44513 2.17099,-3.92673 0.93321,-10.75884 -0.71267,-3.93375 -1.59978,-7.503 -1.97135,-7.93166 -0.37157,-0.42867 -2.83444,1.9685 -5.47305,5.32703 -15.58233,19.83381 -41.43938,27.96978 -69.95518,22.01152 l -8.91144,-1.86201 -7.08856,-7.09443 c -10.58438,-10.59314 -10.57365,-10.64494 -0.83764,4.04437 l 4.40566,6.6471 10.17171,1.16278 c 5.59444,0.63953 10.84671,1.3356 11.67171,1.54681 0.825,0.21122 10.95,0.23032 22.5,0.0425 17.67508,-0.28751 21.99143,-0.6605 27.26182,-2.35582 z m -28.56104,-12.30316 c 23.6731,-4.97098 40.7458,-25.03224 40.78735,-47.92715 0.0317,-17.46824 -8.66072,-32.55039 -24.97478,-43.33357 C 193.99569,449.63194 190.7145,448 189.72181,448 c -0.99269,0 -6.3322,1.57585 -11.86559,3.5019 -21.76684,7.57654 -40.9486,9.40148 -56.76865,5.40092 -5.51316,-1.39416 -8.62749,-1.7629 -9.29039,-1.1 -1.85689,1.85689 -1.09608,22.03024 1.15771,30.69718 4.21644,16.21434 17.04698,37.51086 30.34729,50.37138 3.58548,3.46692 5.72888,4.63542 10.35935,5.64753 7.44018,1.62624 20.70392,1.80365 27.53925,0.36834 z m 112.23244,-3.31622 c 7.87734,-4.10595 28.69813,-18.29042 29.96325,-20.4129 0.49306,-0.8272 3.68091,-4.69669 7.08412,-8.59886 l 6.18764,-7.09486 0.82336,-17.9822 c 1.3339,-29.13243 1.33759,-29.02559 -0.99159,-28.71864 -1.1,0.14497 -6.99877,0.5462 -13.10837,0.89163 -10.44863,0.59076 -11.23504,0.50139 -13.24121,-1.50478 -1.17306,-1.17306 -3.1431,-5.56671 -4.37787,-9.76367 -1.23476,-4.19695 -2.8297,-7.85519 -3.54431,-8.12941 -0.71461,-0.27422 -3.8708,0.65321 -7.01376,2.06096 -10.73717,4.80922 -27.58521,8.33608 -42.71448,8.94157 l -6,0.24013 -2.37728,4.98155 c -2.21891,4.64972 -3.09065,8.46618 -6.25639,27.39064 -1.17041,6.99657 -1.11759,7.59021 1.03662,11.65094 6.61316,12.46592 33.65506,44.53074 40.32974,47.82081 4.72184,2.32748 6.84158,2.06283 14.20053,-1.77291 z m 42.06447,-99.09859 c 21.15717,-3.6895 27.39425,-10.76236 19.58378,-22.20803 C 349.03113,409.39809 337.4907,403 327.54859,403 c -4.29476,0 -5.6213,0.44849 -7.62033,2.57636 -2.04958,2.18168 -2.47506,3.78076 -2.77739,10.43826 -0.31161,6.8616 1.85973,22.57548 3.48222,25.20072 0.72648,1.17547 5.12423,0.95568 14.8646,-0.7429 z M 264,439.47299 c 11.28845,-1.02359 27.81318,-6.17843 34.25,-10.68419 2.62224,-1.83556 2.75,-2.30828 2.75,-10.17539 0,-15.04695 4.82247,-24.81152 14.42491,-29.20766 l 5.28622,-2.42012 0.56868,-6.78326 c 1.25726,-14.99655 8.80667,-25.04553 18.9021,-25.16045 2.95564,-0.0337 4.09353,0.53616 5.76871,2.88873 2.4409,3.42793 3.97299,13.4441 4.0185,26.27131 l 0.0309,8.70196 4.57028,3.14443 c 2.51365,1.72944 4.77647,2.93823 5.0285,2.68621 1.48573,-1.48573 9.02494,-18.53816 11.37774,-25.73456 13.22782,-40.45917 -0.73867,-68.65475 -38.40856,-77.53929 -9.54711,-2.25171 -10.96629,-1.97744 -18.11355,3.50063 -18.07606,13.85455 -41.37297,23.74607 -64.92459,27.56603 -9.40548,1.52552 -32.30438,1.85879 -41.12662,0.59856 -2.80324,-0.40043 -5.5478,-0.57773 -6.09903,-0.39399 -0.55122,0.18374 -7.4238,18.03993 -15.27239,39.68042 l -14.27016,39.34635 3.99274,5.87064 c 2.196,3.22886 6.94905,9.06 10.56232,12.95809 6.06219,6.54006 7.13392,7.25473 13.87645,9.25341 11.19901,3.3197 22.12784,5.19882 35.30687,6.07073 11.8016,0.78078 14.53285,0.73722 27.5,-0.43859 z m -107.5096,-3.9074 c 2.97837,-0.66134 5.10632,-1.71003 5.27791,-2.60104 0.34545,-1.79377 -18.63452,-14.76459 -26.76831,-18.29332 -16.15053,-7.0067 -28,-5.6958 -28,3.0976 0,9.9345 11.00927,18.19468 26,19.50762 5.25195,0.45999 17.84415,-0.45713 23.4904,-1.71086 z m -63.977,-37.44874 c 1.929507,-2.13574 4.853336,-4.44033 6.497397,-5.12132 3.933973,-1.62951 3.724563,-2.93462 -0.994392,-6.19733 -7.401382,-5.11735 -6.203313,-14.27325 3.105065,-23.72961 9.42522,-9.57507 16.52225,-11.25329 26.15674,-6.18526 3.01472,1.58583 5.94996,2.59369 6.52276,2.23968 0.5728,-0.35401 4.25201,-9.48079 8.17603,-20.28173 6.04186,-16.63037 7.08773,-20.44219 6.82878,-24.88843 -0.256,-4.39559 -0.75947,-5.588 -3.09255,-7.32431 -2.74229,-2.04085 -2.89393,-2.04619 -9.5,-0.33454 -14.53185,3.76522 -39.955074,18.82897 -67.352874,39.90786 C 54.554699,357.20812 50,361.44863 50,363.7612 c 0,3.50376 4.440152,10.43293 10.802743,16.85844 C 67.305607,387.18681 86.20022,402 88.073953,402 c 0.512189,0 2.50994,-1.74742 4.439447,-3.88315 z M 160.43313,397.75 c 0.8792,-2.3375 8.05348,-22.01344 15.94286,-43.72432 11.27165,-31.01863 14.87124,-39.86773 16.80423,-41.31091 2.36286,-1.76413 2.91095,-1.77036 13.88985,-0.15791 58.03888,8.52405 114.00088,-21.64389 138.89528,-74.87553 8.87517,-18.97775 12.47871,-35.34723 12.36764,-56.18133 -0.11145,-20.90634 -3.78312,-37.02327 -12.78553,-56.12261 -7.3833,-15.66424 -20.00012,-32.546305 -31.43938,-42.067747 -19.2186,-15.99657 -37.8563,-25.274576 -61.1893,-30.460556 C 239.35334,49.83404 215.12431,49.62574 202.05258,52.411784 174.40449,58.304559 153.34111,69.586309 133.86377,88.934367 108.08496,114.54208 95,146.05141 95,182.52052 c 0,45.18453 22.41092,85.52182 61.71904,111.08776 7.94254,5.16581 11.39868,8.01257 11.83413,9.74755 0.43706,1.74139 -3.79326,14.56269 -14.61569,44.29744 -8.37692,23.0157 -15.27728,42.47353 -15.33413,43.23963 -0.093,1.25385 16.15158,10.593 19.06394,10.96 0.64201,0.0809 1.88664,-1.7654 2.76584,-4.1029 z M 162.5,202.29026 C 152.52589,201.363 141.98386,196.12222 134.23791,188.24027 119.97895,173.73096 116.9158,151.79913 126.52267,133 c 5.12157,-10.0221 16.30902,-19.30105 27.24095,-22.59385 7.65143,-2.30468 21.05417,-2.29274 28.03035,0.025 17.61862,5.85347 29.95772,20.25667 32.50574,37.94335 4.44639,30.86385 -20.49673,56.82592 -51.79971,53.91579 z M 156.09565,184.875 c -0.22239,-0.75625 -0.60751,-4.11208 -0.85582,-7.45741 -0.52505,-7.07352 1.64865,-12.46307 6.76179,-16.7655 10.41935,-8.7673 27.92963,-3.24023 30.67938,9.68386 0.75373,3.54259 3.18689,4.61511 4.69279,2.06854 4.5658,-7.72105 5.76896,-18.64622 2.97083,-26.97635 -6.16157,-18.3432 -24.32741,-27.96932 -42.41451,-22.47553 -6.31896,1.91932 -8.09146,3.02423 -13.44195,8.37912 -4.5494,4.55316 -6.74578,7.72743 -8.38817,12.12283 -5.68232,15.20713 0.002,31.94679 13.82616,40.71356 4.5893,2.91045 6.8952,3.17465 6.1695,0.70688 z M 269,197.09307 c -8.23985,-2.26482 -13.13045,-5.10202 -19.82653,-11.50205 C 239.35019,176.20207 235,165.89216 235,152 c 0,-26.32793 20.35854,-47 46.28716,-47 23.88611,0 43.45255,16.66814 46.90974,39.96119 5.03101,33.89674 -26.02784,61.24878 -59.1969,52.13188 z m 30.06796,-15.92121 C 309.08512,174.81916 316,162.8903 316,151.96238 c 0,-13.86802 -10.17221,-27.63632 -23.99081,-32.47206 -16.51635,-5.77979 -36.30491,4.31393 -42.63792,21.7487 -3.20578,8.8255 -1.2727,23.26954 3.85013,28.76826 2.02988,2.17881 2.23278,2.21271 3.22244,0.53839 5.846,-9.8904 9.55436,-12.55242 17.45404,-12.52922 11.25117,0.033 18.38908,7.54676 18.03405,18.98355 -0.0939,3.025 -0.11701,5.8375 -0.0513,6.25 0.23161,1.45476 2.77712,0.71875 7.18737,-2.07814 z"
+ id="path3057"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#374637"
+ d="m 97.313822,592.04977 c -3.877622,-2.36435 -5.315011,-4.86391 -5.310084,-9.23403 0.0046,-4.10528 1.790113,-7.06563 11.963312,-19.83533 9.07653,-11.39313 8.94536,-9.41592 1.39861,-21.082 -6.008258,-9.28782 -13.00788,-24.10633 -14.857287,-31.45355 -2.356485,-9.3617 -3.19881,-21.50621 -2.389715,-34.45452 0.659233,-10.55 1.112517,-12.62177 4.244806,-19.4012 l 3.50676,-7.58992 -2.273444,-2.74961 c -1.250395,-1.51229 -3.781658,-5.60482 -5.625029,-9.09453 -2.964231,-5.61162 -7.07114,-9.73819 -35.535087,-35.70521 C 34.735737,385.30171 19.0712,370.6849 17.62658,368.96806 15.62818,366.5931 15,364.75164 15,361.26844 c 0,-4.02345 0.46686,-5.01368 3.853419,-8.17328 C 20.972799,351.11782 41.875862,336.225 65.30467,320 c 23.428808,-16.225 42.61661,-29.95 42.63955,-30.5 0.0229,-0.55 -2.66823,-4.375 -5.9804,-8.5 C 86.612175,261.88096 75.494019,236.11803 71.441348,210.27351 68.936408,194.29912 69.865195,164.53834 73.325859,149.88878 79.553902,123.52446 93.396601,97.498961 111.5,78.11803 133.13147,54.96006 163.65426,38.273881 197,31.376949 c 6.33093,-1.309433 13.47609,-1.773232 28,-1.817506 29.10173,-0.08871 44.07641,3.162549 68.59846,14.89391 22.60386,10.813694 37.14227,21.942965 52.31384,40.046647 8.42803,10.056859 11.48876,14.614189 17.79757,26.5 9.53504,17.96406 15.36681,36.43422 17.39752,55.10085 1.39506,12.82368 0.6542,37.56516 -1.46694,48.98937 -3.00692,16.19481 -11.05914,36.96034 -20.10882,51.85771 -1.9424,3.19753 -3.53163,6.28243 -3.53163,6.85533 0,0.5729 1.51216,1.54069 3.36036,2.15066 2.45518,0.81028 9.43019,7.66433 25.89372,25.4447 12.39335,13.38463 23.08311,25.3629 23.75502,26.61839 0.73257,1.36881 0.98321,3.92422 0.62605,6.38285 -0.3276,2.25507 -6.1939,21.28467 -13.03623,42.28799 l -12.44059,38.18784 1.42083,4.72109 c 3.28412,10.91228 0.52741,21.50113 -7.44056,28.58005 -2.86495,2.54529 -4.1386,4.484 -4.1386,6.29966 0,3.62069 -2.38255,7.88892 -5.56913,9.97685 -2.63628,1.72735 -2.66223,1.85497 -1.97622,9.71918 0.38232,4.38286 1.39276,10.29953 2.24542,13.14816 1.99616,6.66893 1.90503,22.2593 -0.17574,30.06357 -2.26737,8.50417 -10.02768,22.91117 -15.66142,29.07537 -2.6746,2.92644 -4.86291,5.78627 -4.86291,6.35519 0,0.56892 3.87044,4.55582 8.60098,8.85979 4.73054,4.30397 9.23054,9.04055 10,10.52574 2.80075,5.40592 0.87168,13.38034 -3.86133,15.96201 -1.57483,0.85901 -19.30801,1.73952 -59.73965,2.96625 -76.54285,2.32239 -70.24687,2.376 -73.81763,-0.6286 -3.79606,-3.19417 -4.68502,-3.14386 -8.83515,0.5 l -3.41681,3 -58.21521,-0.004 c -55.87978,-0.004 -58.34302,-0.0817 -61.401378,-1.94649 z M 291.23356,562.06814 c 18.52047,-4.73673 39.82337,-19.82802 50.67623,-35.89977 9.31074,-13.78805 12.41372,-25.45358 9.64514,-36.26044 -0.88776,-3.46524 -1.85026,-6.53659 -2.13889,-6.82522 -1.4992,-1.4992 -2.38702,3.61417 -2.40073,13.82688 L 347,508.31917 l -5.5,5.76618 c -3.025,3.1714 -5.5,6.62114 -5.5,7.6661 0,2.63203 -2.29296,4.51082 -19.86536,16.27711 -17.3799,11.63739 -24.34397,14.92316 -31.63464,14.92574 -10.07597,0.004 -18.74635,-6.67216 -35.10528,-27.0292 C 244.56604,519.9163 240.25186,515 239.80765,515 c -1.93872,0 0.6964,17.17327 3.92724,25.59407 4.17103,10.87127 12.20745,19.02876 21.66141,21.98773 6.08432,1.90432 17.25109,1.68232 25.83726,-0.51366 z m -81.47174,-6.87773 c 8.67143,-2.78932 14.66335,-6.52426 17.29311,-10.7793 2.12922,-3.44513 2.17099,-3.92673 0.93321,-10.75884 -0.71267,-3.93375 -1.59978,-7.503 -1.97135,-7.93166 -0.37157,-0.42867 -2.83444,1.9685 -5.47305,5.32703 -15.58233,19.83381 -41.43938,27.96978 -69.95518,22.01152 l -8.91144,-1.86201 -7.08856,-7.09443 c -10.58438,-10.59314 -10.57365,-10.64494 -0.83764,4.04437 l 4.40566,6.6471 10.17171,1.16278 c 5.59444,0.63953 10.84671,1.3356 11.67171,1.54681 0.825,0.21122 10.95,0.23032 22.5,0.0425 17.67508,-0.28751 21.99143,-0.6605 27.26182,-2.35582 z m -28.56104,-12.30316 c 23.6731,-4.97098 40.7458,-25.03224 40.78735,-47.92715 0.0317,-17.46824 -8.66072,-32.55039 -24.97478,-43.33357 C 193.99569,449.63194 190.7145,448 189.72181,448 c -0.99269,0 -6.3322,1.57585 -11.86559,3.5019 -21.76684,7.57654 -40.9486,9.40148 -56.76865,5.40092 -5.51316,-1.39416 -8.62749,-1.7629 -9.29039,-1.1 -1.85689,1.85689 -1.09608,22.03024 1.15771,30.69718 4.21644,16.21434 17.04698,37.51086 30.34729,50.37138 3.58548,3.46692 5.72888,4.63542 10.35935,5.64753 7.44018,1.62624 20.70392,1.80365 27.53925,0.36834 z m 112.23244,-3.31622 c 7.87734,-4.10595 28.69813,-18.29042 29.96325,-20.4129 0.49306,-0.8272 3.68091,-4.69669 7.08412,-8.59886 l 6.18764,-7.09486 0.82336,-17.9822 c 1.3339,-29.13243 1.33759,-29.02559 -0.99159,-28.71864 -1.1,0.14497 -6.99877,0.5462 -13.10837,0.89163 -10.44863,0.59076 -11.23504,0.50139 -13.24121,-1.50478 -1.17306,-1.17306 -3.1431,-5.56671 -4.37787,-9.76367 -1.23476,-4.19695 -2.8297,-7.85519 -3.54431,-8.12941 -0.71461,-0.27422 -3.8708,0.65321 -7.01376,2.06096 -10.73717,4.80922 -27.58521,8.33608 -42.71448,8.94157 l -6,0.24013 -2.37728,4.98155 c -2.21891,4.64972 -3.09065,8.46618 -6.25639,27.39064 -1.17041,6.99657 -1.11759,7.59021 1.03662,11.65094 6.61316,12.46592 33.65506,44.53074 40.32974,47.82081 4.72184,2.32748 6.84158,2.06283 14.20053,-1.77291 z m 42.06447,-99.09859 c 21.15717,-3.6895 27.39425,-10.76236 19.58378,-22.20803 C 349.03113,409.39809 337.4907,403 327.54859,403 c -4.29476,0 -5.6213,0.44849 -7.62033,2.57636 -2.04958,2.18168 -2.47506,3.78076 -2.77739,10.43826 -0.31161,6.8616 1.85973,22.57548 3.48222,25.20072 0.72648,1.17547 5.12423,0.95568 14.8646,-0.7429 z M 264,439.47299 c 11.28845,-1.02359 27.81318,-6.17843 34.25,-10.68419 2.62224,-1.83556 2.75,-2.30828 2.75,-10.17539 0,-15.04695 4.82247,-24.81152 14.42491,-29.20766 l 5.28622,-2.42012 0.56868,-6.78326 c 1.25726,-14.99655 8.80667,-25.04553 18.9021,-25.16045 2.95564,-0.0337 4.09353,0.53616 5.76871,2.88873 2.4409,3.42793 3.97299,13.4441 4.0185,26.27131 l 0.0309,8.70196 4.57028,3.14443 c 2.51365,1.72944 4.77647,2.93823 5.0285,2.68621 1.48573,-1.48573 9.02494,-18.53816 11.37774,-25.73456 13.22782,-40.45917 -0.73867,-68.65475 -38.40856,-77.53929 -9.54711,-2.25171 -10.96629,-1.97744 -18.11355,3.50063 -18.07606,13.85455 -41.37297,23.74607 -64.92459,27.56603 -9.40548,1.52552 -32.30438,1.85879 -41.12662,0.59856 -2.80324,-0.40043 -5.5478,-0.57773 -6.09903,-0.39399 -0.55122,0.18374 -7.4238,18.03993 -15.27239,39.68042 l -14.27016,39.34635 3.99274,5.87064 c 2.196,3.22886 6.94905,9.06 10.56232,12.95809 6.06219,6.54006 7.13392,7.25473 13.87645,9.25341 11.19901,3.3197 22.12784,5.19882 35.30687,6.07073 11.8016,0.78078 14.53285,0.73722 27.5,-0.43859 z m -107.5096,-3.9074 c 2.97837,-0.66134 5.10632,-1.71003 5.27791,-2.60104 0.34545,-1.79377 -18.63452,-14.76459 -26.76831,-18.29332 -16.15053,-7.0067 -28,-5.6958 -28,3.0976 0,9.9345 11.00927,18.19468 26,19.50762 5.25195,0.45999 17.84415,-0.45713 23.4904,-1.71086 z M 173.42099,364.75 c 17.58103,-48.49425 18.19525,-50.02924 20.62619,-51.54739 1.64422,-1.02683 4.10872,-0.95504 13.23661,0.38559 13.5569,1.99113 34.48219,1.52023 45.71621,-1.0288 27.02807,-6.13274 48.25088,-17.70053 67.00089,-36.51975 12.48103,-12.52711 19.31691,-22.17267 26.45915,-37.33441 9.37573,-19.90307 12.98628,-35.94773 12.87295,-57.20524 -0.11839,-22.20764 -3.90722,-37.80765 -14.32954,-59 C 338.14406,108.55237 331.76342,99.669653 320.54688,88.453115 309.95098,77.857205 300.80749,71.156289 288,64.60072 266.13146,53.407217 250.20207,49.514659 226.5,49.572379 c -17.05214,0.04153 -25.92693,1.378073 -40.44742,6.091399 -9.98107,3.239835 -26.25495,11.047197 -34.18274,16.399093 -9.40482,6.349013 -29.71902,26.997437 -35.84735,36.437129 -24.087355,37.10266 -28.825661,81.92701 -12.91922,122.21578 9.69754,24.56252 29.30632,48.36309 51.89673,62.99075 9.85765,6.38299 13,9.06694 13,11.10359 0,0.80382 -7.02657,20.77382 -15.61459,44.37776 -8.58803,23.60395 -15.39579,43.13508 -15.12836,43.40251 1.13475,1.13474 19.37647,10.16489 20.76989,10.28165 1.13069,0.0947 5.12562,-9.79835 15.39405,-38.12204 z M 160.69863,200.99506 c -7.35703,-0.94057 -19.10778,-6.68523 -24.62305,-12.03763 -20.74141,-20.12884 -18.24744,-54.54829 5.14267,-70.97452 14.33935,-10.07014 31.55098,-11.37446 47.24915,-3.58062 14.77181,7.33392 23.8153,20.59807 25.16161,36.90467 1.1484,13.90952 -2.83393,25.44347 -12.33701,35.73146 -10.11175,10.94695 -24.75498,15.98152 -40.59337,13.95664 z M 156.09565,184.875 c -0.22239,-0.75625 -0.60751,-4.11208 -0.85582,-7.45741 -0.52505,-7.07352 1.64865,-12.46307 6.76179,-16.7655 10.41935,-8.7673 27.92963,-3.24023 30.67938,9.68386 0.75373,3.54259 3.18689,4.61511 4.69279,2.06854 4.5658,-7.72105 5.76896,-18.64622 2.97083,-26.97635 -6.16157,-18.3432 -24.32741,-27.96932 -42.41451,-22.47553 -6.31896,1.91932 -8.09146,3.02423 -13.44195,8.37912 -4.5494,4.55316 -6.74578,7.72743 -8.38817,12.12283 -5.68232,15.20713 0.002,31.94679 13.82616,40.71356 4.5893,2.91045 6.8952,3.17465 6.1695,0.70688 z m 113.49427,11.43255 C 249.38112,191.01361 236,173.36294 236,152 c 0,-35.36776 36.77915,-57.15544 68.14981,-40.37141 11.90821,6.37117 20.98911,19.46682 23.02893,33.21024 4.94986,33.34999 -24.90373,60.03096 -57.58882,51.46872 z m 29.47804,-15.13569 C 309.08512,174.81916 316,162.8903 316,151.96238 c 0,-13.86802 -10.17221,-27.63632 -23.99081,-32.47206 -16.51635,-5.77979 -36.30491,4.31393 -42.63792,21.7487 -3.20578,8.8255 -1.2727,23.26954 3.85013,28.76826 2.02988,2.17881 2.23278,2.21271 3.22244,0.53839 5.846,-9.8904 9.55436,-12.55242 17.45404,-12.52922 11.25117,0.033 18.38908,7.54676 18.03405,18.98355 -0.0939,3.025 -0.11701,5.8375 -0.0513,6.25 0.23161,1.45476 2.77712,0.71875 7.18737,-2.07814 z M 92.5134,398.11685 c 1.929507,-2.13574 4.853336,-4.44033 6.497397,-5.12132 3.933973,-1.62951 3.724563,-2.93462 -0.994392,-6.19733 -7.401382,-5.11735 -6.203313,-14.27325 3.105065,-23.72961 9.42522,-9.57507 16.52225,-11.25329 26.15674,-6.18526 3.01472,1.58583 5.94996,2.59369 6.52276,2.23968 0.5728,-0.35401 4.25201,-9.48079 8.17603,-20.28173 6.04186,-16.63037 7.08773,-20.44219 6.82878,-24.88843 -0.256,-4.39559 -0.75947,-5.588 -3.09255,-7.32431 -2.74229,-2.04085 -2.89393,-2.04619 -9.5,-0.33454 -14.53185,3.76522 -39.955074,18.82897 -67.352874,39.90786 C 54.554699,357.20812 50,361.44863 50,363.7612 c 0,3.50376 4.440152,10.43293 10.802743,16.85844 C 67.305607,387.18681 86.20022,402 88.073953,402 c 0.512189,0 2.50994,-1.74742 4.439447,-3.88315 z"
+ id="path3055"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#580719"
+ d="m 100.6193,592.96558 c -6.242657,-1.86914 -9.675908,-8.05629 -7.559428,-13.62305 0.555523,-1.46114 5.044312,-7.70998 9.975088,-13.88632 C 107.96573,559.27988 112,553.42912 112,552.45454 c 0,-0.97459 -2.71967,-5.97026 -6.0437,-11.10149 -12.514373,-19.31813 -16.833092,-32.12982 -17.683858,-52.46002 -0.627849,-15.0033 0.685993,-23.91216 4.798277,-32.536 3.491745,-7.3225 3.576981,-8.46237 0.818963,-10.95204 -1.160674,-1.04775 -3.6133,-4.88683 -5.450279,-8.53129 -3.069636,-6.09 -5.954187,-9.01408 -35.639682,-36.12812 C 35.034874,384.51959 19.375,370.02767 18,368.54132 c -1.877827,-2.02989 -2.5,-3.79665 -2.5,-7.09916 0,-3.37047 0.583524,-4.96799 2.5,-6.84426 1.375,-1.34616 22.3,-16.23406 46.5,-33.08423 24.2,-16.85016 44.11619,-31.17149 44.25821,-31.82517 0.14201,-0.65367 -2.46994,-4.5635 -5.80434,-8.6885 C 70.012699,240.24835 60.952172,181.84038 79.685145,131 93.806285,92.675913 122.25889,61.928363 160.09264,44.106973 171.65516,38.660505 182.51057,35.116962 197.5,31.896051 c 14.85241,-3.191468 40.71585,-3.227887 56.36152,-0.07936 15.42892,3.104907 25.58444,6.41842 38.69274,12.624553 21.07006,9.975634 37.99798,22.924841 52.36703,40.05876 42.95903,51.225156 49.00087,120.984026 15.5508,179.548866 -3.10132,5.42983 -5.3711,10.30551 -5.04396,10.83484 0.32714,0.52933 1.89463,1.24791 3.4833,1.59684 2.12629,0.46701 9.09843,7.35474 26.42232,26.10244 12.94361,14.00741 23.69236,26.46904 23.88611,27.69252 0.50949,3.21725 -0.12345,5.41141 -13.43164,46.56274 l -12.07506,37.33825 1.76625,7.73333 c 1.6671,7.29925 1.67149,8.05928 0.0781,13.54028 -1.29641,4.45949 -2.80573,6.89552 -6.50449,10.49823 -3.78368,3.68542 -4.97507,5.64116 -5.55657,9.12147 -0.55394,3.31536 -1.69864,5.31906 -4.54886,7.96243 l -3.80864,3.53224 1.35261,10.46776 c 0.74394,5.75727 1.83767,12.03979 2.43052,13.96116 4.46821,14.4811 -3.35628,40.30527 -16.66967,55.01704 -2.88883,3.19227 -5.25806,6.18335 -5.26493,6.64684 -0.007,0.4635 4.43617,5.11772 9.87344,10.34272 11.22149,10.78341 12.52459,13.5018 9.46943,19.75416 -1.0242,2.09602 -3.15169,4.3755 -4.83037,5.17545 -2.35067,1.12018 -15.98663,1.82258 -63,3.24521 -33,0.99858 -61.63843,1.56149 -63.64095,1.25091 -2.00253,-0.31057 -4.66847,-1.65842 -5.92432,-2.9952 -2.80411,-2.98484 -5.03509,-3.0821 -7.52738,-0.32815 -4.50161,4.97422 -3.58035,4.90341 -62.60769,4.81167 -30.41481,-0.0473 -56.59597,-0.47409 -58.18036,-0.94847 z m 189.11566,-28.95386 c 8.35392,-2.00279 21.07942,-7.78915 29.26504,-13.30698 17.80534,-12.00237 30.84018,-29.67004 34.33006,-46.53159 1.29386,-6.25139 1.30421,-7.98056 0.0792,-13.23173 C 351.8717,484.35051 349.46827,479 348.04522,479 c -1.7141,0 -3.29914,11.40823 -2.76884,19.92857 l 0.52458,8.42858 -5.2634,5.57142 c -2.89486,3.06429 -5.69972,6.92143 -6.23302,8.57143 -0.76975,2.38158 -4.56006,5.41367 -18.38708,14.70888 -9.5796,6.43988 -19.41012,12.40238 -21.8456,13.25 -5.49669,1.91301 -14.06699,1.98782 -18.43928,0.16096 -4.979,-2.08036 -15.02508,-12.07078 -25.63258,-25.49055 -5.225,-6.61027 -10.05393,-12.04355 -10.73095,-12.07398 -1.98994,-0.0894 -2.45275,4.02281 -1.29171,11.47747 3.71579,23.85805 12.62312,36.53553 28.79861,40.98803 6.8425,1.88348 13.60468,1.73354 22.95901,-0.50909 z m -81.72838,-6.77331 c 12.53442,-3.77197 20.01612,-8.9562 22.30031,-15.45233 0.57107,-1.62411 -0.44029,-8.46375 -2.55353,-17.26901 l -0.95589,-3.98293 -2.14874,2.67921 c -1.1818,1.47356 -3.94873,5.00898 -6.14873,7.85649 -7.62479,9.86892 -19.61015,17.32799 -32.86589,20.45402 -8.21755,1.93791 -25.22187,1.85727 -35.42463,-0.16798 l -8.29051,-1.64567 -6.58641,-7.1051 c -8.34468,-9.00185 -13.68702,-15.94072 -20.32257,-26.39584 -2.89403,-4.55989 -5.435,-8.11759 -5.64661,-7.90598 -0.65716,0.65716 2.40719,8.44546 5.28697,13.43726 7.71438,13.37206 22.49975,34.25688 24.60357,34.75333 16.286,3.84312 56.99116,4.28392 68.75266,0.74453 z m -26.8058,-13.35116 c 19.09571,-4.0098 35.61113,-19.23638 40.40909,-37.25564 4.30719,-16.17608 -1.23164,-35.15522 -13.79114,-47.25615 C 201.55964,453.3449 192.28135,447 189.72181,447 c -0.99269,0 -6.3322,1.57585 -11.86559,3.5019 -21.77323,7.57877 -40.94781,9.40168 -56.78005,5.39804 -11.1189,-2.81173 -11.2882,-2.63495 -11.2389,11.73577 0.0467,13.61622 2.40766,23.19416 9.09825,36.90986 5.12036,10.49673 15.31782,24.52342 23.86376,32.82482 4.10812,3.99055 6.06947,5.1011 10.85729,6.14753 7.44475,1.62713 20.70735,1.80496 27.54421,0.36933 z m 113.07693,-3.70899 c 9.4095,-4.8692 29.38529,-18.68005 30.77538,-21.27746 0.58317,-1.08966 3.65989,-5.00161 6.83716,-8.69322 l 5.77686,-6.71201 0.82869,-17.99779 C 338.95159,475.599 339.36399,464.8 339.41225,461.5 c 0.085,-5.81409 0.0103,-5.993 -2.41225,-5.77406 -1.375,0.12427 -7.45,0.51872 -13.5,0.87656 -13.23903,0.78305 -13.61693,0.53127 -17.03465,-11.34936 -2.54506,-8.84707 -3.80664,-9.64659 -10.13858,-6.42529 -9.35931,4.76144 -29.7136,9.16038 -42.42178,9.16813 -5.01032,0.003 -6.9737,0.42452 -8.17098,1.75402 -2.45907,2.73062 -5.54849,11.44798 -6.70993,18.93328 -0.58174,3.7492 -1.57721,9.88015 -2.21217,13.62434 -1.05685,6.23203 -0.97732,7.17221 0.94058,11.11983 5.59552,11.51726 35.09494,46.26944 41.74751,49.1812 4.65716,2.03839 6.83377,1.68042 14.77771,-2.43039 z m 41.3413,-98.69845 c 10.28084,-1.75981 20.38162,-6.24396 22.35012,-9.92213 3.3829,-6.321 -1.19293,-15.58499 -11.16317,-22.60039 C 339.7309,403.97903 334.2571,402 327.56283,402 318.98309,402 316,406.15551 316,418.10726 c 0,7.47836 2.51352,21.58773 4.21185,23.64274 1.35042,1.63403 4.61733,1.57674 15.40716,-0.27019 z M 264,439.47299 c 11.28845,-1.02359 27.81318,-6.17843 34.25,-10.68419 2.62224,-1.83556 2.75,-2.30828 2.75,-10.17539 0,-15.04695 4.82247,-24.81152 14.42491,-29.20766 l 5.28622,-2.42012 0.56868,-6.78326 c 1.25726,-14.99655 8.80667,-25.04553 18.9021,-25.16045 2.95564,-0.0337 4.09353,0.53616 5.76871,2.88873 2.4409,3.42793 3.97299,13.4441 4.0185,26.27131 l 0.0309,8.70196 4.57028,3.14443 c 2.51365,1.72944 4.77647,2.93823 5.0285,2.68621 1.48573,-1.48573 9.02494,-18.53816 11.37774,-25.73456 13.22782,-40.45917 -0.73867,-68.65475 -38.40856,-77.53929 -9.54711,-2.25171 -10.96629,-1.97744 -18.11355,3.50063 -18.07606,13.85455 -41.37297,23.74607 -64.92459,27.56603 -9.40548,1.52552 -32.30438,1.85879 -41.12662,0.59856 -2.80324,-0.40043 -5.5478,-0.57773 -6.09903,-0.39399 -0.55122,0.18374 -7.4238,18.03993 -15.27239,39.68042 l -14.27016,39.34635 3.99274,5.87064 c 2.196,3.22886 6.94905,9.06 10.56232,12.95809 6.06219,6.54006 7.13392,7.25473 13.87645,9.25341 11.19901,3.3197 22.12784,5.19882 35.30687,6.07073 11.8016,0.78078 14.53285,0.73722 27.5,-0.43859 z m -112.5,-2.05388 c 2.2,-0.27511 5.6875,-0.94929 7.75,-1.4982 6.26685,-1.66782 5.00868,-3.87021 -6.80472,-11.91147 -20.76425,-14.13402 -37.00593,-18.52862 -44.04357,-11.9171 -5.09826,4.78957 -1.45257,15.10982 7.31794,20.71568 8.54,5.45854 18.61757,6.75725 35.78035,4.61109 z M 163.89386,391.75 c 2.26157,-6.1875 9.42179,-25.84409 15.91159,-43.68131 9.20114,-25.28932 12.33862,-32.82347 14.24709,-34.2121 2.30529,-1.67735 3.02834,-1.69087 12.44746,-0.23272 20.71779,3.20728 48.07072,0.56916 65.44254,-6.31175 35.18217,-13.93552 58.75332,-35.60884 74.5881,-68.58265 9.66964,-20.13576 12.93217,-34.70571 12.81491,-57.22947 -0.11918,-22.89001 -3.88865,-38.66776 -14.09575,-59 C 330.93012,93.975617 312.9077,76.543125 282.58201,61.883497 253.05598,47.610431 218.52292,45.15288 187,55.081389 177.56092,58.054337 159.51369,66.918993 150.39772,73.060142 139.23803,80.578087 124.50413,95.559835 117.01935,107 100.64036,132.03458 94,153.81989 94,182.52052 c 0,25.68564 4.525496,42.36851 17.85378,65.81651 11.05594,19.45033 23.58059,32.67795 42.81988,45.22321 6.14551,4.00727 11.69004,8.25082 12.32117,9.43011 0.97957,1.83033 -1.14135,8.43504 -14.49077,45.12556 -8.60106,23.63977 -15.48824,43.43156 -15.30483,43.98177 0.40356,1.21068 18.62605,10.58164 20.94172,10.76932 1.21699,0.0986 2.70331,-2.77354 5.75291,-11.117 z M 162,200.92488 C 139.44431,198.12677 122,178.31664 122,155.5 c 0,-27.35539 24.93061,-49.41141 51.5,-45.56187 13.10813,1.89918 23.21306,7.82045 31.3542,18.37289 6.06563,7.86217 8.398,15.17421 8.51317,26.68898 0.14759,14.75505 -3.56597,23.55926 -14.27885,33.8527 -6.26784,6.02244 -10.18324,8.28485 -18.11862,10.46939 -7.26426,1.99979 -12.3237,2.42727 -18.9699,1.60279 z m -4.71299,-14.96319 C 157.16987,185.15776 156.5585,182.475 155.92842,180 152.09985,164.96113 168.08076,152.25939 182.5,158.88073 c 5.08093,2.33317 7.14974,4.68733 9.4542,10.75822 2.55848,6.74006 4.84314,6.55185 7.75623,-0.63895 3.00211,-7.41053 3.10334,-18.74997 0.23582,-26.41412 -2.69503,-7.2031 -9.31662,-14.43328 -16.59655,-18.12192 -8.08512,-4.09662 -19.14696,-4.65096 -27.82444,-1.39437 -8.02002,3.00986 -15.40512,10.05498 -19.08668,18.20804 -2.32276,5.14388 -2.81129,7.60896 -2.81863,14.22237 -0.0142,12.77229 5.4181,22.5919 16.38005,29.60929 4.69281,3.00415 7.65097,3.35018 7.28701,0.8524 z M 270,196.11082 c -7.75299,-2.10983 -12.27866,-4.3422 -17,-8.38557 -15.33581,-13.13364 -20.79679,-32.21192 -14.51066,-50.69391 4.82293,-14.18 15.46333,-24.46541 29.93343,-28.93477 11.60654,-3.5849 25.04524,-2.19938 35.93509,3.70487 7.01259,3.80208 17.06268,15.04219 19.69102,22.02262 4.71713,12.52789 4.69108,23.89155 -0.0838,36.57601 -2.72102,7.2283 -14.21122,19.49425 -21.1271,22.55347 -11.67239,5.16325 -21.86528,6.14327 -32.83793,3.15728 z m 27.80305,-13.51102 c 22.68922,-11.4975 24.59905,-45.06203 3.36932,-59.21458 -6.46579,-4.31034 -11.49793,-5.77696 -19.67237,-5.7335 -13.67188,0.0727 -25.48048,7.59188 -31.17097,19.84828 -3.77633,8.1336 -3.94486,20.27446 -0.3927,28.28991 1.28936,2.90945 3.16763,5.73054 4.17392,6.26909 1.53338,0.82064 2.14878,0.35359 3.80077,-2.88459 5.98677,-11.73503 19.70534,-14.49138 28.47541,-5.72131 4.11883,4.11883 6.1612,11.31824 4.66359,16.43927 -1.68773,5.77116 -0.35075,6.30719 6.75303,2.70743 z M 92.5134,398.11685 c 1.929507,-2.13574 4.853336,-4.44033 6.497397,-5.12132 3.933973,-1.62951 3.724563,-2.93462 -0.994392,-6.19733 -7.401382,-5.11735 -6.203313,-14.27325 3.105065,-23.72961 9.42522,-9.57507 16.52225,-11.25329 26.15674,-6.18526 3.01472,1.58583 5.94996,2.59369 6.52276,2.23968 0.5728,-0.35401 4.25201,-9.48079 8.17603,-20.28173 6.04186,-16.63037 7.08773,-20.44219 6.82878,-24.88843 -0.256,-4.39559 -0.75947,-5.588 -3.09255,-7.32431 -2.74229,-2.04085 -2.89393,-2.04619 -9.5,-0.33454 -14.53185,3.76522 -39.955074,18.82897 -67.352874,39.90786 C 54.554699,357.20812 50,361.44863 50,363.7612 c 0,3.50376 4.440152,10.43293 10.802743,16.85844 C 67.305607,387.18681 86.20022,402 88.073953,402 c 0.512189,0 2.50994,-1.74742 4.439447,-3.88315 z"
+ id="path3053"
+ inkscape:connector-curvature="0" />
+ <path
+ style="fill:#030302"
+ d="m 100.6193,592.96558 c -6.242657,-1.86914 -9.675908,-8.05629 -7.559428,-13.62305 0.555523,-1.46114 5.044312,-7.70998 9.975088,-13.88632 C 107.96573,559.27988 112,553.42912 112,552.45454 c 0,-0.97459 -2.71967,-5.97026 -6.0437,-11.10149 -12.514373,-19.31813 -16.833092,-32.12982 -17.683858,-52.46002 -0.627849,-15.0033 0.685993,-23.91216 4.798277,-32.536 3.491745,-7.3225 3.576981,-8.46237 0.818963,-10.95204 -1.160674,-1.04775 -3.6133,-4.88683 -5.450279,-8.53129 -3.069636,-6.09 -5.954187,-9.01408 -35.639682,-36.12812 C 35.034874,384.51959 19.375,370.02767 18,368.54132 c -1.877827,-2.02989 -2.5,-3.79665 -2.5,-7.09916 0,-3.37047 0.583524,-4.96799 2.5,-6.84426 1.375,-1.34616 22.3,-16.23406 46.5,-33.08423 24.2,-16.85016 44.11619,-31.17149 44.25821,-31.82517 0.14201,-0.65367 -2.46994,-4.5635 -5.80434,-8.6885 C 70.012699,240.24835 60.952172,181.84038 79.685145,131 93.806285,92.675913 122.25889,61.928363 160.09264,44.106973 171.65516,38.660505 182.51057,35.116962 197.5,31.896051 c 14.85241,-3.191468 40.71585,-3.227887 56.36152,-0.07936 15.42892,3.104907 25.58444,6.41842 38.69274,12.624553 21.07006,9.975634 37.99798,22.924841 52.36703,40.05876 42.95903,51.225156 49.00087,120.984026 15.5508,179.548866 -3.10132,5.42983 -5.3711,10.30551 -5.04396,10.83484 0.32714,0.52933 1.89463,1.24791 3.4833,1.59684 2.12629,0.46701 9.09843,7.35474 26.42232,26.10244 12.94361,14.00741 23.69236,26.46904 23.88611,27.69252 0.50949,3.21725 -0.12345,5.41141 -13.43164,46.56274 l -12.07506,37.33825 1.76625,7.73333 c 1.6671,7.29925 1.67149,8.05928 0.0781,13.54028 -1.29641,4.45949 -2.80573,6.89552 -6.50449,10.49823 -3.78368,3.68542 -4.97507,5.64116 -5.55657,9.12147 -0.55394,3.31536 -1.69864,5.31906 -4.54886,7.96243 l -3.80864,3.53224 1.35261,10.46776 c 0.74394,5.75727 1.83767,12.03979 2.43052,13.96116 4.46821,14.4811 -3.35628,40.30527 -16.66967,55.01704 -2.88883,3.19227 -5.25806,6.18335 -5.26493,6.64684 -0.007,0.4635 4.43617,5.11772 9.87344,10.34272 11.22149,10.78341 12.52459,13.5018 9.46943,19.75416 -1.0242,2.09602 -3.15169,4.3755 -4.83037,5.17545 -2.35067,1.12018 -15.98663,1.82258 -63,3.24521 -33,0.99858 -61.63843,1.56149 -63.64095,1.25091 -2.00253,-0.31057 -4.66847,-1.65842 -5.92432,-2.9952 -2.80411,-2.98484 -5.03509,-3.0821 -7.52738,-0.32815 -4.50161,4.97422 -3.58035,4.90341 -62.60769,4.81167 -30.41481,-0.0473 -56.59597,-0.47409 -58.18036,-0.94847 z m 189.11566,-28.95386 c 8.35392,-2.00279 21.07942,-7.78915 29.26504,-13.30698 17.80534,-12.00237 30.84018,-29.67004 34.33006,-46.53159 1.29386,-6.25139 1.30421,-7.98056 0.0792,-13.23173 C 351.8717,484.35051 349.46827,479 348.04522,479 c -1.7141,0 -3.29914,11.40823 -2.76884,19.92857 l 0.52458,8.42858 -5.2634,5.57142 c -2.89486,3.06429 -5.69972,6.92143 -6.23302,8.57143 -0.76975,2.38158 -4.56006,5.41367 -18.38708,14.70888 -9.5796,6.43988 -19.41012,12.40238 -21.8456,13.25 -5.49669,1.91301 -14.06699,1.98782 -18.43928,0.16096 -4.979,-2.08036 -15.02508,-12.07078 -25.63258,-25.49055 -5.225,-6.61027 -10.05393,-12.04355 -10.73095,-12.07398 -1.98994,-0.0894 -2.45275,4.02281 -1.29171,11.47747 3.71579,23.85805 12.62312,36.53553 28.79861,40.98803 6.8425,1.88348 13.60468,1.73354 22.95901,-0.50909 z m -81.72838,-6.77331 c 12.53442,-3.77197 20.01612,-8.9562 22.30031,-15.45233 0.57107,-1.62411 -0.44029,-8.46375 -2.55353,-17.26901 l -0.95589,-3.98293 -2.14874,2.67921 c -1.1818,1.47356 -3.94873,5.00898 -6.14873,7.85649 -7.62479,9.86892 -19.61015,17.32799 -32.86589,20.45402 -8.21755,1.93791 -25.22187,1.85727 -35.42463,-0.16798 l -8.29051,-1.64567 -6.58641,-7.1051 c -8.34468,-9.00185 -13.68702,-15.94072 -20.32257,-26.39584 -2.89403,-4.55989 -5.435,-8.11759 -5.64661,-7.90598 -0.65716,0.65716 2.40719,8.44546 5.28697,13.43726 7.71438,13.37206 22.49975,34.25688 24.60357,34.75333 16.286,3.84312 56.99116,4.28392 68.75266,0.74453 z m -26.8058,-13.35116 c 19.09571,-4.0098 35.61113,-19.23638 40.40909,-37.25564 4.30719,-16.17608 -1.23164,-35.15522 -13.79114,-47.25615 C 201.55964,453.3449 192.28135,447 189.72181,447 c -0.99269,0 -6.3322,1.57585 -11.86559,3.5019 -21.77323,7.57877 -40.94781,9.40168 -56.78005,5.39804 -11.1189,-2.81173 -11.2882,-2.63495 -11.2389,11.73577 0.0467,13.61622 2.40766,23.19416 9.09825,36.90986 5.12036,10.49673 15.31782,24.52342 23.86376,32.82482 4.10812,3.99055 6.06947,5.1011 10.85729,6.14753 7.44475,1.62713 20.70735,1.80496 27.54421,0.36933 z m 113.07693,-3.70899 c 9.4095,-4.8692 29.38529,-18.68005 30.77538,-21.27746 0.58317,-1.08966 3.65989,-5.00161 6.83716,-8.69322 l 5.77686,-6.71201 0.82869,-17.99779 C 338.95159,475.599 339.36399,464.8 339.41225,461.5 c 0.085,-5.81409 0.0103,-5.993 -2.41225,-5.77406 -1.375,0.12427 -7.45,0.51872 -13.5,0.87656 -13.23903,0.78305 -13.61693,0.53127 -17.03465,-11.34936 -2.54506,-8.84707 -3.80664,-9.64659 -10.13858,-6.42529 -9.35931,4.76144 -29.7136,9.16038 -42.42178,9.16813 -5.01032,0.003 -6.9737,0.42452 -8.17098,1.75402 -2.45907,2.73062 -5.54849,11.44798 -6.70993,18.93328 -0.58174,3.7492 -1.57721,9.88015 -2.21217,13.62434 -1.05685,6.23203 -0.97732,7.17221 0.94058,11.11983 5.59552,11.51726 35.09494,46.26944 41.74751,49.1812 4.65716,2.03839 6.83377,1.68042 14.77771,-2.43039 z m 41.3413,-98.69845 c 10.28084,-1.75981 20.38162,-6.24396 22.35012,-9.92213 3.3829,-6.321 -1.19293,-15.58499 -11.16317,-22.60039 C 339.7309,403.97903 334.2571,402 327.56283,402 318.98309,402 316,406.15551 316,418.10726 c 0,7.47836 2.51352,21.58773 4.21185,23.64274 1.35042,1.63403 4.61733,1.57674 15.40716,-0.27019 z m -75.68358,-0.50904 c 13.1386,-1.16286 20.67209,-2.91777 30.56457,-7.11994 10.59431,-4.50031 11.5,-5.66933 11.5,-14.84364 0,-14.55864 4.3604,-23.6195 13.73053,-28.53191 l 5.76947,-3.02471 0.69911,-6.31404 c 1.40143,-12.65699 5.76224,-20.96896 12.47208,-23.7725 4.88617,-2.04158 7.92447,-1.69352 10.17331,1.16541 2.45459,3.12051 3.24477,7.60733 4.03713,22.92381 l 0.61837,11.95325 4.32774,3.29675 c 2.38026,1.81321 4.86405,3.29675 5.51954,3.29675 1.721,0 12.18384,-23.32462 14.86948,-33.14827 1.87752,-6.86767 2.27106,-10.75061 2.21471,-21.85173 -0.0631,-12.42579 -0.28116,-13.96575 -2.74065,-19.35328 -7.14431,-15.64967 -20.13844,-26.0297 -38.44667,-30.71216 -11.54125,-2.95175 -13.71374,-2.64618 -21.0862,2.96585 -18.51818,14.09634 -41.27847,23.67756 -65.62813,27.62696 -10.20846,1.65576 -29.80393,1.89939 -39.52982,0.49148 -5.06556,-0.73328 -6.79399,-0.64765 -7.83219,0.38802 C 199.85479,327.71668 172,403.12659 172,405.37143 c 0,2.1477 6.7517,11.19868 14.48999,19.42452 6.91475,7.35042 8.34718,8.38226 14.10556,10.16085 9.70795,2.99848 22.62945,5.19149 35.40445,6.00878 6.325,0.40464 11.725,0.79907 12,0.87651 0.275,0.0774 5.64594,-0.31465 11.93543,-0.87132 z M 151.5,437.41911 c 2.2,-0.27511 5.6875,-0.94929 7.75,-1.4982 6.26685,-1.66782 5.00868,-3.87021 -6.80472,-11.91147 -20.76425,-14.13402 -37.00593,-18.52862 -44.04357,-11.9171 -5.09826,4.78957 -1.45257,15.10982 7.31794,20.71568 8.54,5.45854 18.61757,6.75725 35.78035,4.61109 z M 91.997253,400.00386 c 1.173393,-1.64788 4.129035,-4.16564 6.568094,-5.59502 C 101.00441,392.97945 103,391.18185 103,390.41417 c 0,-0.76768 -1.57065,-2.41242 -3.490327,-3.65498 -7.310806,-4.73208 -6.660853,-13.15012 1.723627,-22.32408 9.01398,-9.86273 16.34196,-11.48124 26.92591,-5.94704 4.44046,2.32185 5.29761,2.48369 6.54547,1.23582 0.78974,-0.78974 4.5476,-9.93819 8.3508,-20.32989 5.48545,-14.98822 6.91797,-20.06427 6.92971,-24.55511 0.0135,-5.15127 -0.27382,-5.90397 -3.19008,-8.35784 -2.78446,-2.34297 -3.79044,-2.61647 -7.66851,-2.08492 -5.88721,0.80693 -17.85193,6.04896 -30.98704,13.57616 -19.969685,11.44382 -56.805315,39.2925 -58.555658,44.26957 -1.458549,4.14736 1.83233,10.03234 10.506565,18.78857 8.616546,8.69799 25.537678,21.91961 28.091439,21.94973 0.925048,0.0109 2.641954,-1.32842 3.815347,-2.9763 z M 163.89386,391.75 c 2.26157,-6.1875 9.42179,-25.84409 15.91159,-43.68131 9.20114,-25.28932 12.33862,-32.82347 14.24709,-34.2121 2.30529,-1.67735 3.02834,-1.69087 12.44746,-0.23272 20.71779,3.20728 48.07072,0.56916 65.44254,-6.31175 35.18217,-13.93552 58.75332,-35.60884 74.5881,-68.58265 9.66964,-20.13576 12.93217,-34.70571 12.81491,-57.22947 -0.11918,-22.89001 -3.88865,-38.66776 -14.09575,-59 C 330.93012,93.975617 312.9077,76.543125 282.58201,61.883497 253.05598,47.610431 218.52292,45.15288 187,55.081389 177.56092,58.054337 159.51369,66.918993 150.39772,73.060142 139.23803,80.578087 124.50413,95.559835 117.01935,107 100.64036,132.03458 94,153.81989 94,182.52052 c 0,25.68564 4.525496,42.36851 17.85378,65.81651 11.05594,19.45033 23.58059,32.67795 42.81988,45.22321 6.14551,4.00727 11.69004,8.25082 12.32117,9.43011 0.97957,1.83033 -1.14135,8.43504 -14.49077,45.12556 -8.60106,23.63977 -15.48824,43.43156 -15.30483,43.98177 0.40356,1.21068 18.62605,10.58164 20.94172,10.76932 1.21699,0.0986 2.70331,-2.77354 5.75291,-11.117 z M 162,200.92488 C 139.44431,198.12677 122,178.31664 122,155.5 c 0,-27.35539 24.93061,-49.41141 51.5,-45.56187 13.10813,1.89918 23.21306,7.82045 31.3542,18.37289 6.06563,7.86217 8.398,15.17421 8.51317,26.68898 0.14759,14.75505 -3.56597,23.55926 -14.27885,33.8527 -6.26784,6.02244 -10.18324,8.28485 -18.11862,10.46939 -7.26426,1.99979 -12.3237,2.42727 -18.9699,1.60279 z m -4.71299,-14.96319 C 157.16987,185.15776 156.5585,182.475 155.92842,180 152.09985,164.96113 168.08076,152.25939 182.5,158.88073 c 5.08093,2.33317 7.14974,4.68733 9.4542,10.75822 2.55848,6.74006 4.84314,6.55185 7.75623,-0.63895 3.00211,-7.41053 3.10334,-18.74997 0.23582,-26.41412 -2.69503,-7.2031 -9.31662,-14.43328 -16.59655,-18.12192 -8.08512,-4.09662 -19.14696,-4.65096 -27.82444,-1.39437 -8.02002,3.00986 -15.40512,10.05498 -19.08668,18.20804 -2.32276,5.14388 -2.81129,7.60896 -2.81863,14.22237 -0.0142,12.77229 5.4181,22.5919 16.38005,29.60929 4.69281,3.00415 7.65097,3.35018 7.28701,0.8524 z M 270,196.11082 c -7.75299,-2.10983 -12.27866,-4.3422 -17,-8.38557 -15.33581,-13.13364 -20.79679,-32.21192 -14.51066,-50.69391 4.82293,-14.18 15.46333,-24.46541 29.93343,-28.93477 11.60654,-3.5849 25.04524,-2.19938 35.93509,3.70487 7.01259,3.80208 17.06268,15.04219 19.69102,22.02262 4.71713,12.52789 4.69108,23.89155 -0.0838,36.57601 -2.72102,7.2283 -14.21122,19.49425 -21.1271,22.55347 -11.67239,5.16325 -21.86528,6.14327 -32.83793,3.15728 z m 27.80305,-13.51102 c 22.68922,-11.4975 24.59905,-45.06203 3.36932,-59.21458 -6.46579,-4.31034 -11.49793,-5.77696 -19.67237,-5.7335 -13.67188,0.0727 -25.48048,7.59188 -31.17097,19.84828 -3.77633,8.1336 -3.94486,20.27446 -0.3927,28.28991 1.28936,2.90945 3.16763,5.73054 4.17392,6.26909 1.53338,0.82064 2.14878,0.35359 3.80077,-2.88459 5.98677,-11.73503 19.70534,-14.49138 28.47541,-5.72131 4.11883,4.11883 6.1612,11.31824 4.66359,16.43927 -1.68773,5.77116 -0.35075,6.30719 6.75303,2.70743 z"
+ id="path3051"
+ inkscape:connector-curvature="0" />
+ </g>
+</svg>
diff --git a/www.i2p2/image_design/netdb_get_leaseset.svg b/www.i2p2/image_design/netdb_get_leaseset.svg
new file mode 100644
index 0000000000000000000000000000000000000000..42b0f6258a9a63faa1f1e6355c66135cbfad84a8
--- /dev/null
+++ b/www.i2p2/image_design/netdb_get_leaseset.svg
@@ -0,0 +1,952 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:cc="http://creativecommons.org/ns#"
+ xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+ xmlns:svg="http://www.w3.org/2000/svg"
+ xmlns="http://www.w3.org/2000/svg"
+ xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+ xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+ width="7cm"
+ height="7cm"
+ viewBox="102 159 129 139"
+ id="svg3091"
+ version="1.1"
+ inkscape:version="0.47pre4 r22446"
+ sodipodi:docname="netdb_get_leaseset.svg"
+ inkscape:export-filename="/home/mathias/Documents/I2P/i2p.www/www.i2p2/image_design/netdb_get_leaseset.png"
+ inkscape:export-xdpi="49.999134"
+ inkscape:export-ydpi="49.999134">
+ <metadata
+ id="metadata3257">
+ <rdf:RDF>
+ <cc:Work
+ rdf:about="">
+ <dc:format>image/svg+xml</dc:format>
+ <dc:type
+ rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+ <dc:title></dc:title>
+ </cc:Work>
+ </rdf:RDF>
+ </metadata>
+ <defs
+ id="defs3255">
+ <marker
+ inkscape:stockid="Arrow1Lend"
+ orient="auto"
+ refY="0.0"
+ refX="0.0"
+ id="Arrow1Lend"
+ style="overflow:visible;">
+ <path
+ id="path4855"
+ d="M 0.0,0.0 L 5.0,-5.0 L -12.5,0.0 L 5.0,5.0 L 0.0,0.0 z "
+ style="fill-rule:evenodd;stroke:#000000;stroke-width:1.0pt;marker-start:none;"
+ transform="scale(0.8) rotate(180) translate(12.5,0)" />
+ </marker>
+ <linearGradient
+ id="linearGradient4351">
+ <stop
+ style="stop-color:#cacaff;stop-opacity:1;"
+ offset="0"
+ id="stop4353" />
+ <stop
+ style="stop-color:#cacaff;stop-opacity:0;"
+ offset="1"
+ id="stop4355" />
+ </linearGradient>
+ <inkscape:perspective
+ sodipodi:type="inkscape:persp3d"
+ inkscape:vp_x="0 : 124.01575 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_z="248.03149 : 124.01575 : 1"
+ inkscape:persp3d-origin="124.01575 : 82.677165 : 1"
+ id="perspective3259" />
+ <inkscape:perspective
+ id="perspective3365"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective3456"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective5313"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective5313-8"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective5535"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective6324"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective6580"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <marker
+ inkscape:stockid="Arrow1Lend"
+ orient="auto"
+ refY="0"
+ refX="0"
+ id="Arrow1Lend-7"
+ style="overflow:visible">
+ <path
+ id="path4855-9"
+ d="M 0,0 5,-5 -12.5,0 5,5 0,0 z"
+ style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;marker-start:none"
+ transform="matrix(-0.8,0,0,-0.8,-10,0)" />
+ </marker>
+ <marker
+ inkscape:stockid="Arrow1Lend"
+ orient="auto"
+ refY="0"
+ refX="0"
+ id="marker6586"
+ style="overflow:visible">
+ <path
+ id="path6588"
+ d="M 0,0 5,-5 -12.5,0 5,5 0,0 z"
+ style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;marker-start:none"
+ transform="matrix(-0.8,0,0,-0.8,-10,0)" />
+ </marker>
+ <inkscape:perspective
+ id="perspective6874"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <marker
+ inkscape:stockid="Arrow1Lend"
+ orient="auto"
+ refY="0"
+ refX="0"
+ id="Arrow1Lend-5"
+ style="overflow:visible">
+ <path
+ id="path4855-3"
+ d="M 0,0 5,-5 -12.5,0 5,5 0,0 z"
+ style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;marker-start:none"
+ transform="matrix(-0.8,0,0,-0.8,-10,0)" />
+ </marker>
+ <marker
+ inkscape:stockid="Arrow1Lend"
+ orient="auto"
+ refY="0"
+ refX="0"
+ id="marker6880"
+ style="overflow:visible">
+ <path
+ id="path6882"
+ d="M 0,0 5,-5 -12.5,0 5,5 0,0 z"
+ style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;marker-start:none"
+ transform="matrix(-0.8,0,0,-0.8,-10,0)" />
+ </marker>
+ <inkscape:perspective
+ id="perspective6932"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ </defs>
+ <sodipodi:namedview
+ pagecolor="#ffffff"
+ bordercolor="#666666"
+ borderopacity="1"
+ objecttolerance="10"
+ gridtolerance="10"
+ guidetolerance="10"
+ inkscape:pageopacity="0"
+ inkscape:pageshadow="2"
+ inkscape:window-width="1280"
+ inkscape:window-height="726"
+ id="namedview3253"
+ showgrid="false"
+ inkscape:zoom="0.95149207"
+ inkscape:cx="251.92816"
+ inkscape:cy="112.51086"
+ inkscape:window-x="0"
+ inkscape:window-y="25"
+ inkscape:window-maximized="1"
+ inkscape:current-layer="layer1" />
+ <g
+ inkscape:groupmode="layer"
+ id="layer2"
+ inkscape:label="Pictures">
+ <g
+ style="display:inline"
+ id="g3093"
+ transform="translate(-185.52966,11.190679)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139" />
+ </g>
+ <g
+ style="display:inline"
+ id="g3093-1"
+ transform="translate(-80.220357,10.805087)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095-1" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097-9" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101-5" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103-6" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107-7" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111-0" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115-4" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119-4" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121-8" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123-5" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125-8" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127-2" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131-0" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135-6" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139-6" />
+ </g>
+ <g
+ style="display:inline"
+ id="g3093-1-3"
+ transform="translate(38.710001,10.805087)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095-1-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097-9-7" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099-0-2" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101-5-6" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103-6-4" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105-7-5" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107-7-2" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109-4-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111-0-2" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113-6-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115-4-0" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117-7-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119-4-9" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121-8-4" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123-5-5" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125-8-1" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127-2-0" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129-6-3" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131-0-7" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133-6-8" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135-6-8" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137-4-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139-6-0" />
+ </g>
+ <path
+ style="fill:#cacaff;fill-opacity:1;fill-rule:nonzero;stroke:none;display:inline"
+ d="m 210.96287,244.40394 c -46.36835,0 -85.38274,19.53789 -96.93388,46.09394 -10.69963,-2.73694 -22.659031,-4.27314 -35.288491,-4.27314 -45.540086,0 -82.4507158,19.90612 -82.4507158,44.46524 0,9.70624 5.765251,18.67753 15.5514528,25.98914 -12.20321684,6.15369 -19.6844958,14.41016 -19.6844958,23.4848 0,19.02925 32.8283478,34.44786 73.3264988,34.44786 27.54066,0 51.544801,-7.12071 64.079691,-17.67051 15.34489,5.5421 34.71109,8.84401 55.77858,8.84401 49.76881,0 90.12136,-18.45531 90.12136,-41.22536 0,-3.0279 -0.72988,-5.98433 -2.08403,-8.8265 23.15405,-11.43708 38.00298,-29.08221 38.00298,-48.896 0,-34.48036 -44.95762,-62.43348 -100.41895,-62.43348 z"
+ id="path5558" />
+ </g>
+ <g
+ inkscape:groupmode="layer"
+ id="layer1"
+ inkscape:label="Text"
+ style="display:inline">
+ <text
+ xml:space="preserve"
+ style="font-size:11.20825386px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="101.22408"
+ y="339.98462"
+ id="text4359"><tspan
+ sodipodi:role="line"
+ id="tspan4361"
+ x="101.22408"
+ y="339.98462">Network database</tspan></text>
+ <text
+ transform="translate(-2.1705283e-6,-6.1137644e-7)"
+ xml:space="preserve"
+ style="font-size:11.20825385999999924px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="-5.6149035"
+ y="162.89429"
+ id="text5301"><tspan
+ sodipodi:role="line"
+ id="tspan5303"
+ x="-5.6149035"
+ y="162.89429">Alice</tspan></text>
+ <text
+ transform="translate(-2.1705283e-6,-6.1137644e-7)"
+ xml:space="preserve"
+ style="font-size:11.20825385999999924px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="99.99514"
+ y="162.76093"
+ id="text5301-0"><tspan
+ sodipodi:role="line"
+ id="tspan5303-7"
+ x="99.99514"
+ y="162.76093">John</tspan></text>
+ <text
+ transform="translate(-2.1705283e-6,-6.1137644e-7)"
+ xml:space="preserve"
+ style="font-size:11.20825385999999924px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="217.44405"
+ y="161.75439"
+ id="text5301-6"><tspan
+ sodipodi:role="line"
+ id="tspan5303-6"
+ x="217.44405"
+ y="161.75439">Peter</tspan></text>
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m -132.42359,48.345122 131.3726091,0"
+ id="path5942"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m 55.701988,48.345122 155.545172,0"
+ id="path6128"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ d="m -352.0786,-3.152943 0,0 z"
+ id="path6314"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <g
+ style="display:inline"
+ id="g3093-0"
+ transform="translate(152.79493,11.156386)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095-8" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097-5" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101-4" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103-4" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107-6" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111-8" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115-44" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119-1" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121-1" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123-1" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125-3" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127-4" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129-8" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131-7" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133-3" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135-2" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139-5" />
+ </g>
+ <g
+ style="display:inline"
+ id="g3093-1-2"
+ transform="translate(258.10434,10.770794)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095-1-2" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097-9-0" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099-0-1" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101-5-9" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103-6-2" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105-7-1" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107-7-9" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109-4-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111-0-0" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113-6-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115-4-3" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117-7-8" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119-4-2" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121-8-2" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123-5-9" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125-8-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127-2-7" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129-6-36" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131-0-0" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133-6-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135-6-9" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137-4-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139-6-2" />
+ </g>
+ <g
+ style="display:inline"
+ id="g3093-1-3-7"
+ transform="translate(377.0347,10.770794)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095-1-7-1" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097-9-7-5" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099-0-2-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101-5-6-8" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103-6-4-2" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105-7-5-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107-7-2-1" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109-4-0-5" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111-0-2-5" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113-6-9-2" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115-4-0-7" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117-7-9-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119-4-9-4" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121-8-4-4" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123-5-5-9" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125-8-1-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127-2-0-9" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129-6-3-8" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131-0-7-2" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133-6-8-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135-6-8-9" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137-4-6-2" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139-6-0-1" />
+ </g>
+ <text
+ xml:space="preserve"
+ style="font-size:11.20825386px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;display:inline;font-family:Bitstream Vera Sans"
+ x="332.70944"
+ y="162.86003"
+ id="text5301-4"><tspan
+ sodipodi:role="line"
+ id="tspan5303-0"
+ x="332.70944"
+ y="162.86003">Cloë</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-size:11.20825386px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;display:inline;font-family:Bitstream Vera Sans"
+ x="439.4404"
+ y="162.72667"
+ id="text5301-0-3"><tspan
+ sodipodi:role="line"
+ id="tspan5303-7-0"
+ x="439.4404"
+ y="162.72667">Dan</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-size:11.20825386px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;display:inline;font-family:Bitstream Vera Sans"
+ x="559.13147"
+ y="161.72014"
+ id="text5301-6-0"><tspan
+ sodipodi:role="line"
+ id="tspan5303-6-7"
+ x="559.13147"
+ y="161.72014">Bob</tspan></text>
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.5604127px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend);display:inline"
+ d="m 361.11284,186.05889 73.62288,0"
+ id="path5942-2" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.5604127px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend);display:inline"
+ d="m 466.5408,186.05889 87.16949,0"
+ id="path6128-9" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.5604127px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend);display:inline"
+ d="m 6.716754,211.95133 21.792366,83.6356"
+ id="path4847" />
+ <text
+ xml:space="preserve"
+ style="font-size:6.16453981px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;display:inline;font-family:Bitstream Vera Sans"
+ x="208.88512"
+ y="63.842232"
+ id="text5297"
+ transform="matrix(0.26559506,0.96408468,-0.96408468,0.26559506,0,0)"><tspan
+ sodipodi:role="line"
+ id="tspan5299"
+ x="208.88512"
+ y="63.842232"
+ style="font-size:11.20825386px">GET leaseSet</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-size:6.16453981px;font-style:normal;font-weight:normal;text-align:start;text-anchor:start;fill:#000000;fill-opacity:1;stroke:none;display:inline;font-family:Bitstream Vera Sans"
+ x="223.43687"
+ y="3.2048521"
+ id="text5297-6"
+ transform="matrix(0.22245257,0.97494351,-0.97494351,0.22245257,0,0)"><tspan
+ sodipodi:role="line"
+ x="223.43687"
+ y="3.2048521"
+ style="font-size:11.20825386px;text-align:start;text-anchor:start"
+ id="tspan5556">leaseSet</tspan><tspan
+ sodipodi:role="line"
+ x="223.43687"
+ y="17.21517"
+ style="font-size:11.20825386px;text-align:start;text-anchor:start"
+ id="tspan6922">to Bob</tspan></text>
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.5604127px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend);display:inline"
+ d="M 41.46675,291.46405 20.26336,208.41744"
+ id="path5735" />
+ <text
+ xml:space="preserve"
+ style="font-size:6.16453981px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="261.72629"
+ y="166.1996"
+ id="text7150"><tspan
+ sodipodi:role="line"
+ id="tspan7152"
+ x="261.72629"
+ y="166.1996"
+ style="font-size:11.20825386px">CONNECT</tspan><tspan
+ sodipodi:role="line"
+ x="261.72629"
+ y="180.20992"
+ id="tspan7154"
+ style="font-size:11.20825386px">tunnels</tspan></text>
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#marker6880)"
+ d="m 268.00013,47.294141 147.13733,0"
+ id="path7156"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ </g>
+</svg>
diff --git a/www.i2p2/image_design/netdb_get_routerinfo_1.svg b/www.i2p2/image_design/netdb_get_routerinfo_1.svg
new file mode 100644
index 0000000000000000000000000000000000000000..5977e8544bc68c72cfaf5278dd7d6d16e35af705
--- /dev/null
+++ b/www.i2p2/image_design/netdb_get_routerinfo_1.svg
@@ -0,0 +1,509 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:cc="http://creativecommons.org/ns#"
+ xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+ xmlns:svg="http://www.w3.org/2000/svg"
+ xmlns="http://www.w3.org/2000/svg"
+ xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+ xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+ width="7cm"
+ height="7cm"
+ viewBox="102 159 129 139"
+ id="svg3091"
+ version="1.1"
+ inkscape:version="0.47pre4 r22446"
+ sodipodi:docname="netdb_get_routerinfo_1.svg"
+ inkscape:export-filename="/home/mathias/Documents/I2P/i2p.www/www.i2p2/image_design/netdb_get_routerinfo_1.png"
+ inkscape:export-xdpi="49.999134"
+ inkscape:export-ydpi="49.999134">
+ <metadata
+ id="metadata3257">
+ <rdf:RDF>
+ <cc:Work
+ rdf:about="">
+ <dc:format>image/svg+xml</dc:format>
+ <dc:type
+ rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+ <dc:title></dc:title>
+ </cc:Work>
+ </rdf:RDF>
+ </metadata>
+ <defs
+ id="defs3255">
+ <marker
+ inkscape:stockid="Arrow1Lend"
+ orient="auto"
+ refY="0.0"
+ refX="0.0"
+ id="Arrow1Lend"
+ style="overflow:visible;">
+ <path
+ id="path4855"
+ d="M 0.0,0.0 L 5.0,-5.0 L -12.5,0.0 L 5.0,5.0 L 0.0,0.0 z "
+ style="fill-rule:evenodd;stroke:#000000;stroke-width:1.0pt;marker-start:none;"
+ transform="scale(0.8) rotate(180) translate(12.5,0)" />
+ </marker>
+ <linearGradient
+ id="linearGradient4351">
+ <stop
+ style="stop-color:#cacaff;stop-opacity:1;"
+ offset="0"
+ id="stop4353" />
+ <stop
+ style="stop-color:#cacaff;stop-opacity:0;"
+ offset="1"
+ id="stop4355" />
+ </linearGradient>
+ <inkscape:perspective
+ sodipodi:type="inkscape:persp3d"
+ inkscape:vp_x="0 : 124.01575 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_z="248.03149 : 124.01575 : 1"
+ inkscape:persp3d-origin="124.01575 : 82.677165 : 1"
+ id="perspective3259" />
+ <inkscape:perspective
+ id="perspective3365"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective3456"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective5313"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective5313-8"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective5535"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ </defs>
+ <sodipodi:namedview
+ pagecolor="#ffffff"
+ bordercolor="#666666"
+ borderopacity="1"
+ objecttolerance="10"
+ gridtolerance="10"
+ guidetolerance="10"
+ inkscape:pageopacity="0"
+ inkscape:pageshadow="2"
+ inkscape:window-width="1280"
+ inkscape:window-height="726"
+ id="namedview3253"
+ showgrid="false"
+ inkscape:zoom="0.95149207"
+ inkscape:cx="30.351733"
+ inkscape:cy="64.573832"
+ inkscape:window-x="0"
+ inkscape:window-y="25"
+ inkscape:window-maximized="1"
+ inkscape:current-layer="layer1" />
+ <g
+ inkscape:groupmode="layer"
+ id="layer2"
+ inkscape:label="Pictures">
+ <g
+ style="display:inline"
+ id="g3093"
+ transform="translate(-185.52966,11.190679)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139" />
+ </g>
+ <g
+ style="display:inline"
+ id="g3093-1"
+ transform="translate(-80.220357,10.805087)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095-1" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097-9" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101-5" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103-6" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107-7" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111-0" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115-4" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119-4" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121-8" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123-5" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125-8" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127-2" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131-0" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135-6" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139-6" />
+ </g>
+ <g
+ style="display:inline"
+ id="g3093-1-3"
+ transform="translate(38.710001,10.805087)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095-1-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097-9-7" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099-0-2" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101-5-6" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103-6-4" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105-7-5" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107-7-2" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109-4-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111-0-2" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113-6-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115-4-0" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117-7-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119-4-9" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121-8-4" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123-5-5" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125-8-1" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127-2-0" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129-6-3" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131-0-7" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133-6-8" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135-6-8" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137-4-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139-6-0" />
+ </g>
+ <path
+ style="fill:#cacaff;fill-opacity:1;fill-rule:nonzero;stroke:none;display:inline"
+ d="m 210.96287,244.40394 c -46.36835,0 -85.38274,19.53789 -96.93388,46.09394 -10.69963,-2.73694 -22.659031,-4.27314 -35.288491,-4.27314 -45.540086,0 -82.4507158,19.90612 -82.4507158,44.46524 0,9.70624 5.765251,18.67753 15.5514528,25.98914 -12.20321684,6.15369 -19.6844958,14.41016 -19.6844958,23.4848 0,19.02925 32.8283478,34.44786 73.3264988,34.44786 27.54066,0 51.544801,-7.12071 64.079691,-17.67051 15.34489,5.5421 34.71109,8.84401 55.77858,8.84401 49.76881,0 90.12136,-18.45531 90.12136,-41.22536 0,-3.0279 -0.72988,-5.98433 -2.08403,-8.8265 23.15405,-11.43708 38.00298,-29.08221 38.00298,-48.896 0,-34.48036 -44.95762,-62.43348 -100.41895,-62.43348 z"
+ id="path5558" />
+ </g>
+ <g
+ inkscape:groupmode="layer"
+ id="layer1"
+ inkscape:label="Text"
+ style="display:inline">
+ <text
+ xml:space="preserve"
+ style="font-size:11.20825386px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="101.22408"
+ y="339.98462"
+ id="text4359"><tspan
+ sodipodi:role="line"
+ id="tspan4361"
+ x="101.22408"
+ y="339.98462">Network database</tspan></text>
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m -161.85106,93.537301 38.88629,149.239289"
+ id="path4847"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <text
+ xml:space="preserve"
+ style="font-size:6.16453980999999995px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="206.88257"
+ y="64.888947"
+ id="text5297"
+ transform="matrix(0.26559507,0.9640847,-0.9640847,0.26559507,-2.1705283e-6,-6.1137644e-7)"><tspan
+ sodipodi:role="line"
+ id="tspan5299"
+ x="206.88257"
+ y="64.888947"
+ style="font-size:11.20825386px">GET routerInfo</tspan></text>
+ <text
+ transform="translate(-2.1705283e-6,-6.1137644e-7)"
+ xml:space="preserve"
+ style="font-size:11.20825385999999924px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="-5.6149035"
+ y="162.89429"
+ id="text5301"><tspan
+ sodipodi:role="line"
+ id="tspan5303"
+ x="-5.6149035"
+ y="162.89429">Alice</tspan></text>
+ <text
+ transform="translate(-2.1705283e-6,-6.1137644e-7)"
+ xml:space="preserve"
+ style="font-size:11.20825385999999924px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="99.99514"
+ y="162.76093"
+ id="text5301-0"><tspan
+ sodipodi:role="line"
+ id="tspan5303-7"
+ x="99.99514"
+ y="162.76093">John</tspan></text>
+ <text
+ transform="translate(-2.1705283e-6,-6.1137644e-7)"
+ xml:space="preserve"
+ style="font-size:11.20825385999999924px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="217.44405"
+ y="161.75439"
+ id="text5301-6"><tspan
+ sodipodi:role="line"
+ id="tspan5303-6"
+ x="217.44405"
+ y="161.75439">Peter</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-size:6.16453981px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;display:inline;font-family:Bitstream Vera Sans"
+ x="222.82492"
+ y="3.4961586"
+ id="text5297-6"
+ transform="matrix(0.22245258,0.97494351,-0.97494351,0.22245258,0,0)"><tspan
+ sodipodi:role="line"
+ x="222.82492"
+ y="3.4961586"
+ style="font-size:11.20825386px"
+ id="tspan5552">routerInfo</tspan><tspan
+ sodipodi:role="line"
+ x="222.82492"
+ y="17.506475"
+ style="font-size:11.20825386px"
+ id="tspan5556">John, Peter</tspan></text>
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="M -99.843186,235.41972 -137.6785,87.231415"
+ id="path5735"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ </g>
+</svg>
diff --git a/www.i2p2/image_design/netdb_get_routerinfo_2.svg b/www.i2p2/image_design/netdb_get_routerinfo_2.svg
new file mode 100644
index 0000000000000000000000000000000000000000..028e5438bf3def674a71fdffefc838b1f37884f8
--- /dev/null
+++ b/www.i2p2/image_design/netdb_get_routerinfo_2.svg
@@ -0,0 +1,516 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:cc="http://creativecommons.org/ns#"
+ xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+ xmlns:svg="http://www.w3.org/2000/svg"
+ xmlns="http://www.w3.org/2000/svg"
+ xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+ xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+ width="7cm"
+ height="7cm"
+ viewBox="102 159 129 139"
+ id="svg3091"
+ version="1.1"
+ inkscape:version="0.47pre4 r22446"
+ sodipodi:docname="netdb_get_routerinfo_2.svg"
+ inkscape:export-filename="/home/mathias/Documents/I2P/i2p.www/www.i2p2/image_design/netdb_get_routerinfo_2.png"
+ inkscape:export-xdpi="49.999134"
+ inkscape:export-ydpi="49.999134">
+ <metadata
+ id="metadata3257">
+ <rdf:RDF>
+ <cc:Work
+ rdf:about="">
+ <dc:format>image/svg+xml</dc:format>
+ <dc:type
+ rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+ <dc:title></dc:title>
+ </cc:Work>
+ </rdf:RDF>
+ </metadata>
+ <defs
+ id="defs3255">
+ <marker
+ inkscape:stockid="Arrow1Lend"
+ orient="auto"
+ refY="0.0"
+ refX="0.0"
+ id="Arrow1Lend"
+ style="overflow:visible;">
+ <path
+ id="path4855"
+ d="M 0.0,0.0 L 5.0,-5.0 L -12.5,0.0 L 5.0,5.0 L 0.0,0.0 z "
+ style="fill-rule:evenodd;stroke:#000000;stroke-width:1.0pt;marker-start:none;"
+ transform="scale(0.8) rotate(180) translate(12.5,0)" />
+ </marker>
+ <linearGradient
+ id="linearGradient4351">
+ <stop
+ style="stop-color:#cacaff;stop-opacity:1;"
+ offset="0"
+ id="stop4353" />
+ <stop
+ style="stop-color:#cacaff;stop-opacity:0;"
+ offset="1"
+ id="stop4355" />
+ </linearGradient>
+ <inkscape:perspective
+ sodipodi:type="inkscape:persp3d"
+ inkscape:vp_x="0 : 124.01575 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_z="248.03149 : 124.01575 : 1"
+ inkscape:persp3d-origin="124.01575 : 82.677165 : 1"
+ id="perspective3259" />
+ <inkscape:perspective
+ id="perspective3365"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective3456"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective5313"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective5313-8"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective5535"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective6324"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ </defs>
+ <sodipodi:namedview
+ pagecolor="#ffffff"
+ bordercolor="#666666"
+ borderopacity="1"
+ objecttolerance="10"
+ gridtolerance="10"
+ guidetolerance="10"
+ inkscape:pageopacity="0"
+ inkscape:pageshadow="2"
+ inkscape:window-width="1280"
+ inkscape:window-height="726"
+ id="namedview3253"
+ showgrid="false"
+ inkscape:zoom="0.95149207"
+ inkscape:cx="30.351733"
+ inkscape:cy="64.573832"
+ inkscape:window-x="0"
+ inkscape:window-y="25"
+ inkscape:window-maximized="1"
+ inkscape:current-layer="layer1" />
+ <g
+ inkscape:groupmode="layer"
+ id="layer2"
+ inkscape:label="Pictures">
+ <g
+ style="display:inline"
+ id="g3093"
+ transform="translate(-185.52966,11.190679)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139" />
+ </g>
+ <g
+ style="display:inline"
+ id="g3093-1"
+ transform="translate(-80.220357,10.805087)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095-1" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097-9" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101-5" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103-6" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107-7" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111-0" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115-4" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119-4" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121-8" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123-5" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125-8" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127-2" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131-0" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135-6" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139-6" />
+ </g>
+ <g
+ style="display:inline"
+ id="g3093-1-3"
+ transform="translate(38.710001,10.805087)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095-1-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097-9-7" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099-0-2" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101-5-6" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103-6-4" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105-7-5" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107-7-2" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109-4-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111-0-2" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113-6-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115-4-0" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117-7-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119-4-9" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121-8-4" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123-5-5" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125-8-1" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127-2-0" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129-6-3" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131-0-7" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133-6-8" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135-6-8" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137-4-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139-6-0" />
+ </g>
+ <path
+ style="fill:#cacaff;fill-opacity:1;fill-rule:nonzero;stroke:none;display:inline"
+ d="m 210.96287,244.40394 c -46.36835,0 -85.38274,19.53789 -96.93388,46.09394 -10.69963,-2.73694 -22.659031,-4.27314 -35.288491,-4.27314 -45.540086,0 -82.4507158,19.90612 -82.4507158,44.46524 0,9.70624 5.765251,18.67753 15.5514528,25.98914 -12.20321684,6.15369 -19.6844958,14.41016 -19.6844958,23.4848 0,19.02925 32.8283478,34.44786 73.3264988,34.44786 27.54066,0 51.544801,-7.12071 64.079691,-17.67051 15.34489,5.5421 34.71109,8.84401 55.77858,8.84401 49.76881,0 90.12136,-18.45531 90.12136,-41.22536 0,-3.0279 -0.72988,-5.98433 -2.08403,-8.8265 23.15405,-11.43708 38.00298,-29.08221 38.00298,-48.896 0,-34.48036 -44.95762,-62.43348 -100.41895,-62.43348 z"
+ id="path5558" />
+ </g>
+ <g
+ inkscape:groupmode="layer"
+ id="layer1"
+ inkscape:label="Text"
+ style="display:inline">
+ <text
+ xml:space="preserve"
+ style="font-size:11.20825386px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="101.22408"
+ y="339.98462"
+ id="text4359"><tspan
+ sodipodi:role="line"
+ id="tspan4361"
+ x="101.22408"
+ y="339.98462">Network database</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-size:6.16453981px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="25.080004"
+ y="181.51357"
+ id="text5297"
+ transform="matrix(0.99997535,-0.00702166,0.00702166,0.99997535,0,0)"><tspan
+ sodipodi:role="line"
+ id="tspan5299"
+ x="25.080004"
+ y="181.51357"
+ style="font-size:11.20825386px">build tunnel</tspan></text>
+ <text
+ transform="translate(-2.1705283e-6,-6.1137644e-7)"
+ xml:space="preserve"
+ style="font-size:11.20825385999999924px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="-5.6149035"
+ y="162.89429"
+ id="text5301"><tspan
+ sodipodi:role="line"
+ id="tspan5303"
+ x="-5.6149035"
+ y="162.89429">Alice</tspan></text>
+ <text
+ transform="translate(-2.1705283e-6,-6.1137644e-7)"
+ xml:space="preserve"
+ style="font-size:11.20825385999999924px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="99.99514"
+ y="162.76093"
+ id="text5301-0"><tspan
+ sodipodi:role="line"
+ id="tspan5303-7"
+ x="99.99514"
+ y="162.76093">John</tspan></text>
+ <text
+ transform="translate(-2.1705283e-6,-6.1137644e-7)"
+ xml:space="preserve"
+ style="font-size:11.20825385999999924px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="217.44405"
+ y="161.75439"
+ id="text5301-6"><tspan
+ sodipodi:role="line"
+ id="tspan5303-6"
+ x="217.44405"
+ y="161.75439">Peter</tspan></text>
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m -132.42359,48.345122 131.3726091,0"
+ id="path5942"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m 55.701988,48.345122 155.545172,0"
+ id="path6128"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ d="m -352.0786,-3.152943 0,0 z"
+ id="path6314"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <text
+ xml:space="preserve"
+ style="font-size:6.16453981px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;display:inline;font-family:Bitstream Vera Sans"
+ x="136.1862"
+ y="182.10078"
+ id="text5297-6"
+ transform="matrix(0.99997535,-0.00702166,0.00702166,0.99997535,0,0)"><tspan
+ sodipodi:role="line"
+ id="tspan5299-2"
+ x="136.1862"
+ y="182.10078"
+ style="font-size:11.20825386px">build tunnel</tspan></text>
+ </g>
+</svg>
diff --git a/www.i2p2/image_design/protocol_stack.svg b/www.i2p2/image_design/protocol_stack.svg
new file mode 100644
index 0000000000000000000000000000000000000000..61a6db2dcbeb2a8e45089364771fe5a1fea5a7ad
--- /dev/null
+++ b/www.i2p2/image_design/protocol_stack.svg
@@ -0,0 +1,190 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="362pt" height="422pt" viewBox="0 0 362 422" version="1.1">
+<defs>
+<g>
+<symbol overflow="visible" id="glyph0-0">
+<path style="stroke:none;" d="M 0.84375 3 L 0.84375 -11.984375 L 9.34375 -11.984375 L 9.34375 3 L 0.84375 3 Z M 1.796875 2.0625 L 8.40625 2.0625 L 8.40625 -11.03125 L 1.796875 -11.03125 L 1.796875 2.0625 Z M 1.796875 2.0625 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-1">
+<path style="stroke:none;" d="M 1.671875 -12.390625 L 3.34375 -12.390625 L 3.34375 0 L 1.671875 0 L 1.671875 -12.390625 Z M 1.671875 -12.390625 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-2">
+<path style="stroke:none;" d="M 3.34375 -11.015625 L 3.34375 -6.359375 L 5.453125 -6.359375 C 6.234375 -6.359375 6.835938 -6.5625 7.265625 -6.96875 C 7.691406 -7.375 7.90625 -7.945312 7.90625 -8.6875 C 7.90625 -9.425781 7.691406 -10 7.265625 -10.40625 C 6.835938 -10.8125 6.234375 -11.015625 5.453125 -11.015625 L 3.34375 -11.015625 Z M 1.671875 -12.390625 L 5.453125 -12.390625 C 6.835938 -12.390625 7.882812 -12.078125 8.59375 -11.453125 C 9.3125 -10.828125 9.671875 -9.90625 9.671875 -8.6875 C 9.671875 -7.46875 9.3125 -6.546875 8.59375 -5.921875 C 7.882812 -5.296875 6.835938 -4.984375 5.453125 -4.984375 L 3.34375 -4.984375 L 3.34375 0 L 1.671875 0 L 1.671875 -12.390625 Z M 1.671875 -12.390625 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-3">
+<path style="stroke:none;" d="M -0.046875 -12.390625 L 10.4375 -12.390625 L 10.4375 -10.984375 L 6.03125 -10.984375 L 6.03125 0 L 4.34375 0 L 4.34375 -10.984375 L -0.046875 -10.984375 L -0.046875 -12.390625 Z M -0.046875 -12.390625 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-4">
+<path style="stroke:none;" d="M 10.953125 -11.4375 L 10.953125 -9.671875 C 10.390625 -10.191406 9.785156 -10.582031 9.140625 -10.84375 C 8.503906 -11.101562 7.828125 -11.234375 7.109375 -11.234375 C 5.691406 -11.234375 4.601562 -10.800781 3.84375 -9.9375 C 3.09375 -9.070312 2.71875 -7.820312 2.71875 -6.1875 C 2.71875 -4.550781 3.09375 -3.300781 3.84375 -2.4375 C 4.601562 -1.570312 5.691406 -1.140625 7.109375 -1.140625 C 7.828125 -1.140625 8.503906 -1.269531 9.140625 -1.53125 C 9.785156 -1.789062 10.390625 -2.179688 10.953125 -2.703125 L 10.953125 -0.953125 C 10.359375 -0.554688 9.734375 -0.257812 9.078125 -0.0625 C 8.429688 0.132812 7.738281 0.234375 7 0.234375 C 5.125 0.234375 3.644531 -0.335938 2.5625 -1.484375 C 1.488281 -2.628906 0.953125 -4.195312 0.953125 -6.1875 C 0.953125 -8.175781 1.488281 -9.742188 2.5625 -10.890625 C 3.644531 -12.046875 5.125 -12.625 7 -12.625 C 7.75 -12.625 8.445312 -12.523438 9.09375 -12.328125 C 9.75 -12.128906 10.367188 -11.832031 10.953125 -11.4375 Z M 10.953125 -11.4375 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-5">
+<path style="stroke:none;" d="M 1.484375 -12.390625 L 3.15625 -12.390625 L 3.15625 -4.859375 C 3.15625 -3.535156 3.394531 -2.582031 3.875 -2 C 4.363281 -1.414062 5.144531 -1.125 6.21875 -1.125 C 7.300781 -1.125 8.082031 -1.414062 8.5625 -2 C 9.039062 -2.582031 9.28125 -3.535156 9.28125 -4.859375 L 9.28125 -12.390625 L 10.96875 -12.390625 L 10.96875 -4.65625 C 10.96875 -3.039062 10.566406 -1.820312 9.765625 -1 C 8.960938 -0.175781 7.78125 0.234375 6.21875 0.234375 C 4.65625 0.234375 3.472656 -0.175781 2.671875 -1 C 1.878906 -1.820312 1.484375 -3.039062 1.484375 -4.65625 L 1.484375 -12.390625 Z M 1.484375 -12.390625 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-6">
+<path style="stroke:none;" d="M 3.34375 -11.015625 L 3.34375 -1.375 L 5.375 -1.375 C 7.082031 -1.375 8.332031 -1.757812 9.125 -2.53125 C 9.914062 -3.3125 10.3125 -4.535156 10.3125 -6.203125 C 10.3125 -7.867188 9.914062 -9.085938 9.125 -9.859375 C 8.332031 -10.628906 7.082031 -11.015625 5.375 -11.015625 L 3.34375 -11.015625 Z M 1.671875 -12.390625 L 5.109375 -12.390625 C 7.515625 -12.390625 9.28125 -11.890625 10.40625 -10.890625 C 11.53125 -9.890625 12.09375 -8.328125 12.09375 -6.203125 C 12.09375 -4.066406 11.523438 -2.5 10.390625 -1.5 C 9.265625 -0.5 7.503906 0 5.109375 0 L 1.671875 0 L 1.671875 -12.390625 Z M 1.671875 -12.390625 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-7">
+<path style="stroke:none;" d="M 1.671875 -12.390625 L 3.921875 -12.390625 L 9.421875 -2.03125 L 9.421875 -12.390625 L 11.046875 -12.390625 L 11.046875 0 L 8.796875 0 L 3.296875 -10.375 L 3.296875 0 L 1.671875 0 L 1.671875 -12.390625 Z M 1.671875 -12.390625 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-8">
+<path style="stroke:none;" d="M 9.09375 -11.984375 L 9.09375 -10.34375 C 8.457031 -10.65625 7.859375 -10.882812 7.296875 -11.03125 C 6.734375 -11.175781 6.1875 -11.25 5.65625 -11.25 C 4.75 -11.25 4.046875 -11.070312 3.546875 -10.71875 C 3.054688 -10.363281 2.8125 -9.863281 2.8125 -9.21875 C 2.8125 -8.664062 2.972656 -8.25 3.296875 -7.96875 C 3.628906 -7.6875 4.253906 -7.460938 5.171875 -7.296875 L 6.1875 -7.09375 C 7.4375 -6.851562 8.359375 -6.429688 8.953125 -5.828125 C 9.546875 -5.234375 9.84375 -4.429688 9.84375 -3.421875 C 9.84375 -2.222656 9.4375 -1.3125 8.625 -0.6875 C 7.820312 -0.0703125 6.644531 0.234375 5.09375 0.234375 C 4.507812 0.234375 3.882812 0.164062 3.21875 0.03125 C 2.5625 -0.09375 1.878906 -0.285156 1.171875 -0.546875 L 1.171875 -2.28125 C 1.847656 -1.894531 2.515625 -1.601562 3.171875 -1.40625 C 3.828125 -1.21875 4.46875 -1.125 5.09375 -1.125 C 6.050781 -1.125 6.789062 -1.3125 7.3125 -1.6875 C 7.832031 -2.0625 8.09375 -2.597656 8.09375 -3.296875 C 8.09375 -3.898438 7.90625 -4.375 7.53125 -4.71875 C 7.15625 -5.0625 6.539062 -5.320312 5.6875 -5.5 L 4.671875 -5.6875 C 3.421875 -5.9375 2.515625 -6.328125 1.953125 -6.859375 C 1.398438 -7.390625 1.125 -8.128906 1.125 -9.078125 C 1.125 -10.171875 1.507812 -11.035156 2.28125 -11.671875 C 3.050781 -12.304688 4.113281 -12.625 5.46875 -12.625 C 6.050781 -12.625 6.644531 -12.566406 7.25 -12.453125 C 7.851562 -12.347656 8.46875 -12.191406 9.09375 -11.984375 Z M 9.09375 -11.984375 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-9">
+<path style="stroke:none;" d="M 1.4375 -3.671875 L 1.4375 -9.296875 L 2.96875 -9.296875 L 2.96875 -3.734375 C 2.96875 -2.847656 3.140625 -2.1875 3.484375 -1.75 C 3.828125 -1.3125 4.34375 -1.09375 5.03125 -1.09375 C 5.851562 -1.09375 6.503906 -1.351562 6.984375 -1.875 C 7.460938 -2.40625 7.703125 -3.125 7.703125 -4.03125 L 7.703125 -9.296875 L 9.234375 -9.296875 L 9.234375 0 L 7.703125 0 L 7.703125 -1.421875 C 7.328125 -0.859375 6.894531 -0.441406 6.40625 -0.171875 C 5.914062 0.0976562 5.347656 0.234375 4.703125 0.234375 C 3.640625 0.234375 2.828125 -0.09375 2.265625 -0.75 C 1.710938 -1.414062 1.4375 -2.390625 1.4375 -3.671875 Z M 5.28125 -9.515625 L 5.28125 -9.515625 Z M 5.28125 -9.515625 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-10">
+<path style="stroke:none;" d="M 9.328125 -5.609375 L 9.328125 0 L 7.796875 0 L 7.796875 -5.5625 C 7.796875 -6.4375 7.625 -7.09375 7.28125 -7.53125 C 6.945312 -7.96875 6.4375 -8.1875 5.75 -8.1875 C 4.914062 -8.1875 4.257812 -7.921875 3.78125 -7.390625 C 3.3125 -6.867188 3.078125 -6.15625 3.078125 -5.25 L 3.078125 0 L 1.546875 0 L 1.546875 -9.296875 L 3.078125 -9.296875 L 3.078125 -7.859375 C 3.441406 -8.410156 3.867188 -8.820312 4.359375 -9.09375 C 4.859375 -9.375 5.429688 -9.515625 6.078125 -9.515625 C 7.148438 -9.515625 7.957031 -9.179688 8.5 -8.515625 C 9.050781 -7.859375 9.328125 -6.890625 9.328125 -5.609375 Z M 9.328125 -5.609375 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-11">
+<path style="stroke:none;" d="M 9.546875 -5.03125 L 9.546875 -4.28125 L 2.53125 -4.28125 C 2.59375 -3.226562 2.90625 -2.425781 3.46875 -1.875 C 4.039062 -1.320312 4.835938 -1.046875 5.859375 -1.046875 C 6.441406 -1.046875 7.007812 -1.117188 7.5625 -1.265625 C 8.113281 -1.410156 8.660156 -1.628906 9.203125 -1.921875 L 9.203125 -0.46875 C 8.648438 -0.238281 8.085938 -0.0664062 7.515625 0.046875 C 6.941406 0.171875 6.359375 0.234375 5.765625 0.234375 C 4.273438 0.234375 3.097656 -0.191406 2.234375 -1.046875 C 1.367188 -1.910156 0.9375 -3.082031 0.9375 -4.5625 C 0.9375 -6.082031 1.347656 -7.285156 2.171875 -8.171875 C 2.992188 -9.066406 4.101562 -9.515625 5.5 -9.515625 C 6.75 -9.515625 7.734375 -9.113281 8.453125 -8.3125 C 9.179688 -7.507812 9.546875 -6.414062 9.546875 -5.03125 Z M 8.03125 -5.484375 C 8.019531 -6.316406 7.785156 -6.976562 7.328125 -7.46875 C 6.867188 -7.96875 6.265625 -8.21875 5.515625 -8.21875 C 4.660156 -8.21875 3.976562 -7.976562 3.46875 -7.5 C 2.957031 -7.019531 2.660156 -6.34375 2.578125 -5.46875 L 8.03125 -5.484375 Z M 8.03125 -5.484375 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-12">
+<path style="stroke:none;" d="M 1.609375 -12.921875 L 3.125 -12.921875 L 3.125 0 L 1.609375 0 L 1.609375 -12.921875 Z M 1.609375 -12.921875 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-13">
+<path style="stroke:none;" d=""/>
+</symbol>
+<symbol overflow="visible" id="glyph0-14">
+<path style="stroke:none;" d="M 8.84375 -7.515625 C 9.21875 -8.203125 9.671875 -8.707031 10.203125 -9.03125 C 10.734375 -9.351562 11.363281 -9.515625 12.09375 -9.515625 C 13.050781 -9.515625 13.789062 -9.175781 14.3125 -8.5 C 14.84375 -7.820312 15.109375 -6.859375 15.109375 -5.609375 L 15.109375 0 L 13.578125 0 L 13.578125 -5.5625 C 13.578125 -6.445312 13.421875 -7.101562 13.109375 -7.53125 C 12.796875 -7.96875 12.3125 -8.1875 11.65625 -8.1875 C 10.863281 -8.1875 10.238281 -7.921875 9.78125 -7.390625 C 9.320312 -6.867188 9.09375 -6.15625 9.09375 -5.25 L 9.09375 0 L 7.5625 0 L 7.5625 -5.5625 C 7.5625 -6.457031 7.398438 -7.117188 7.078125 -7.546875 C 6.765625 -7.972656 6.28125 -8.1875 5.625 -8.1875 C 4.84375 -8.1875 4.222656 -7.921875 3.765625 -7.390625 C 3.304688 -6.867188 3.078125 -6.15625 3.078125 -5.25 L 3.078125 0 L 1.546875 0 L 1.546875 -9.296875 L 3.078125 -9.296875 L 3.078125 -7.859375 C 3.429688 -8.421875 3.847656 -8.835938 4.328125 -9.109375 C 4.816406 -9.378906 5.394531 -9.515625 6.0625 -9.515625 C 6.738281 -9.515625 7.3125 -9.34375 7.78125 -9 C 8.257812 -8.65625 8.613281 -8.160156 8.84375 -7.515625 Z M 8.84375 -7.515625 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-15">
+<path style="stroke:none;" d="M 7.53125 -9.015625 L 7.53125 -7.578125 C 7.09375 -7.796875 6.640625 -7.960938 6.171875 -8.078125 C 5.710938 -8.191406 5.234375 -8.25 4.734375 -8.25 C 3.984375 -8.25 3.414062 -8.128906 3.03125 -7.890625 C 2.65625 -7.660156 2.46875 -7.3125 2.46875 -6.84375 C 2.46875 -6.488281 2.601562 -6.210938 2.875 -6.015625 C 3.144531 -5.816406 3.6875 -5.625 4.5 -5.4375 L 5.03125 -5.328125 C 6.113281 -5.085938 6.882812 -4.753906 7.34375 -4.328125 C 7.800781 -3.910156 8.03125 -3.320312 8.03125 -2.5625 C 8.03125 -1.695312 7.6875 -1.015625 7 -0.515625 C 6.320312 -0.015625 5.382812 0.234375 4.1875 0.234375 C 3.6875 0.234375 3.164062 0.1875 2.625 0.09375 C 2.082031 0 1.515625 -0.144531 0.921875 -0.34375 L 0.921875 -1.921875 C 1.484375 -1.628906 2.035156 -1.40625 2.578125 -1.25 C 3.128906 -1.101562 3.675781 -1.03125 4.21875 -1.03125 C 4.9375 -1.03125 5.488281 -1.15625 5.875 -1.40625 C 6.257812 -1.65625 6.453125 -2.003906 6.453125 -2.453125 C 6.453125 -2.867188 6.3125 -3.1875 6.03125 -3.40625 C 5.757812 -3.625 5.148438 -3.835938 4.203125 -4.046875 L 3.671875 -4.171875 C 2.722656 -4.367188 2.035156 -4.671875 1.609375 -5.078125 C 1.191406 -5.492188 0.984375 -6.0625 0.984375 -6.78125 C 0.984375 -7.65625 1.289062 -8.328125 1.90625 -8.796875 C 2.53125 -9.273438 3.414062 -9.515625 4.5625 -9.515625 C 5.125 -9.515625 5.648438 -9.472656 6.140625 -9.390625 C 6.640625 -9.304688 7.101562 -9.179688 7.53125 -9.015625 Z M 7.53125 -9.015625 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-16">
+<path style="stroke:none;" d="M 5.828125 -4.671875 C 4.585938 -4.671875 3.726562 -4.53125 3.25 -4.25 C 2.78125 -3.96875 2.546875 -3.488281 2.546875 -2.8125 C 2.546875 -2.269531 2.722656 -1.835938 3.078125 -1.515625 C 3.441406 -1.191406 3.929688 -1.03125 4.546875 -1.03125 C 5.390625 -1.03125 6.066406 -1.332031 6.578125 -1.9375 C 7.085938 -2.539062 7.34375 -3.335938 7.34375 -4.328125 L 7.34375 -4.671875 L 5.828125 -4.671875 Z M 8.875 -5.296875 L 8.875 0 L 7.34375 0 L 7.34375 -1.40625 C 7 -0.84375 6.566406 -0.425781 6.046875 -0.15625 C 5.523438 0.101562 4.890625 0.234375 4.140625 0.234375 C 3.179688 0.234375 2.421875 -0.03125 1.859375 -0.5625 C 1.296875 -1.09375 1.015625 -1.804688 1.015625 -2.703125 C 1.015625 -3.753906 1.363281 -4.546875 2.0625 -5.078125 C 2.769531 -5.609375 3.816406 -5.875 5.203125 -5.875 L 7.34375 -5.875 L 7.34375 -6.015625 C 7.34375 -6.722656 7.109375 -7.265625 6.640625 -7.640625 C 6.179688 -8.023438 5.535156 -8.21875 4.703125 -8.21875 C 4.171875 -8.21875 3.65625 -8.15625 3.15625 -8.03125 C 2.65625 -7.90625 2.171875 -7.71875 1.703125 -7.46875 L 1.703125 -8.875 C 2.265625 -9.09375 2.804688 -9.253906 3.328125 -9.359375 C 3.859375 -9.460938 4.367188 -9.515625 4.859375 -9.515625 C 6.203125 -9.515625 7.207031 -9.164062 7.875 -8.46875 C 8.539062 -7.769531 8.875 -6.710938 8.875 -5.296875 Z M 8.875 -5.296875 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-17">
+<path style="stroke:none;" d="M 7.71875 -4.75 C 7.71875 -5.863281 7.488281 -6.722656 7.03125 -7.328125 C 6.570312 -7.941406 5.929688 -8.25 5.109375 -8.25 C 4.296875 -8.25 3.660156 -7.941406 3.203125 -7.328125 C 2.742188 -6.722656 2.515625 -5.863281 2.515625 -4.75 C 2.515625 -3.65625 2.742188 -2.800781 3.203125 -2.1875 C 3.660156 -1.582031 4.296875 -1.28125 5.109375 -1.28125 C 5.929688 -1.28125 6.570312 -1.582031 7.03125 -2.1875 C 7.488281 -2.800781 7.71875 -3.65625 7.71875 -4.75 Z M 9.25 -1.15625 C 9.25 0.425781 8.894531 1.601562 8.1875 2.375 C 7.488281 3.144531 6.414062 3.53125 4.96875 3.53125 C 4.425781 3.53125 3.914062 3.488281 3.4375 3.40625 C 2.96875 3.332031 2.507812 3.210938 2.0625 3.046875 L 2.0625 1.5625 C 2.507812 1.800781 2.953125 1.976562 3.390625 2.09375 C 3.828125 2.21875 4.269531 2.28125 4.71875 2.28125 C 5.71875 2.28125 6.46875 2.015625 6.96875 1.484375 C 7.46875 0.960938 7.71875 0.175781 7.71875 -0.875 L 7.71875 -1.640625 C 7.40625 -1.085938 7 -0.675781 6.5 -0.40625 C 6.007812 -0.132812 5.421875 0 4.734375 0 C 3.597656 0 2.679688 -0.429688 1.984375 -1.296875 C 1.285156 -2.171875 0.9375 -3.320312 0.9375 -4.75 C 0.9375 -6.195312 1.285156 -7.351562 1.984375 -8.21875 C 2.679688 -9.082031 3.597656 -9.515625 4.734375 -9.515625 C 5.421875 -9.515625 6.007812 -9.378906 6.5 -9.109375 C 7 -8.835938 7.40625 -8.429688 7.71875 -7.890625 L 7.71875 -9.296875 L 9.25 -9.296875 L 9.25 -1.15625 Z M 9.25 -1.15625 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-18">
+<path style="stroke:none;" d="M 10.125 -1.765625 L 10.125 -5.09375 L 7.375 -5.09375 L 7.375 -6.46875 L 11.78125 -6.46875 L 11.78125 -1.15625 C 11.132812 -0.695312 10.421875 -0.347656 9.640625 -0.109375 C 8.859375 0.117188 8.023438 0.234375 7.140625 0.234375 C 5.203125 0.234375 3.6875 -0.328125 2.59375 -1.453125 C 1.5 -2.585938 0.953125 -4.164062 0.953125 -6.1875 C 0.953125 -8.207031 1.5 -9.785156 2.59375 -10.921875 C 3.6875 -12.054688 5.203125 -12.625 7.140625 -12.625 C 7.941406 -12.625 8.707031 -12.519531 9.4375 -12.3125 C 10.164062 -12.113281 10.835938 -11.820312 11.453125 -11.4375 L 11.453125 -9.65625 C 10.835938 -10.175781 10.179688 -10.566406 9.484375 -10.828125 C 8.785156 -11.097656 8.050781 -11.234375 7.28125 -11.234375 C 5.757812 -11.234375 4.617188 -10.8125 3.859375 -9.96875 C 3.097656 -9.125 2.71875 -7.863281 2.71875 -6.1875 C 2.71875 -4.507812 3.097656 -3.25 3.859375 -2.40625 C 4.617188 -1.5625 5.757812 -1.140625 7.28125 -1.140625 C 7.875 -1.140625 8.398438 -1.1875 8.859375 -1.28125 C 9.328125 -1.382812 9.75 -1.546875 10.125 -1.765625 Z M 10.125 -1.765625 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-19">
+<path style="stroke:none;" d="M 6.984375 -7.875 C 6.816406 -7.96875 6.628906 -8.035156 6.421875 -8.078125 C 6.222656 -8.128906 6.003906 -8.15625 5.765625 -8.15625 C 4.898438 -8.15625 4.234375 -7.875 3.765625 -7.3125 C 3.304688 -6.75 3.078125 -5.941406 3.078125 -4.890625 L 3.078125 0 L 1.546875 0 L 1.546875 -9.296875 L 3.078125 -9.296875 L 3.078125 -7.859375 C 3.398438 -8.421875 3.816406 -8.835938 4.328125 -9.109375 C 4.847656 -9.378906 5.472656 -9.515625 6.203125 -9.515625 C 6.304688 -9.515625 6.421875 -9.507812 6.546875 -9.5 C 6.679688 -9.488281 6.828125 -9.46875 6.984375 -9.4375 L 6.984375 -7.875 Z M 6.984375 -7.875 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-20">
+<path style="stroke:none;" d="M 1.609375 -9.296875 L 3.125 -9.296875 L 3.125 0 L 1.609375 0 L 1.609375 -9.296875 Z M 1.609375 -12.921875 L 3.125 -12.921875 L 3.125 -10.984375 L 1.609375 -10.984375 L 1.609375 -12.921875 Z M 1.609375 -12.921875 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-21">
+<path style="stroke:none;" d="M 8.296875 -8.9375 L 8.296875 -7.515625 C 7.859375 -7.753906 7.421875 -7.929688 6.984375 -8.046875 C 6.554688 -8.160156 6.117188 -8.21875 5.671875 -8.21875 C 4.679688 -8.21875 3.910156 -7.90625 3.359375 -7.28125 C 2.816406 -6.65625 2.546875 -5.773438 2.546875 -4.640625 C 2.546875 -3.503906 2.816406 -2.617188 3.359375 -1.984375 C 3.910156 -1.359375 4.679688 -1.046875 5.671875 -1.046875 C 6.117188 -1.046875 6.554688 -1.101562 6.984375 -1.21875 C 7.421875 -1.34375 7.859375 -1.523438 8.296875 -1.765625 L 8.296875 -0.359375 C 7.867188 -0.160156 7.425781 -0.015625 6.96875 0.078125 C 6.507812 0.179688 6.023438 0.234375 5.515625 0.234375 C 4.109375 0.234375 2.992188 -0.203125 2.171875 -1.078125 C 1.347656 -1.960938 0.9375 -3.148438 0.9375 -4.640625 C 0.9375 -6.160156 1.351562 -7.351562 2.1875 -8.21875 C 3.019531 -9.082031 4.160156 -9.515625 5.609375 -9.515625 C 6.078125 -9.515625 6.535156 -9.46875 6.984375 -9.375 C 7.429688 -9.28125 7.867188 -9.132812 8.296875 -8.9375 Z M 8.296875 -8.9375 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-22">
+<path style="stroke:none;" d="M 5.46875 0.859375 C 5.039062 1.972656 4.617188 2.695312 4.203125 3.03125 C 3.796875 3.363281 3.25 3.53125 2.5625 3.53125 L 1.34375 3.53125 L 1.34375 2.265625 L 2.234375 2.265625 C 2.660156 2.265625 2.988281 2.160156 3.21875 1.953125 C 3.445312 1.753906 3.707031 1.285156 4 0.546875 L 4.265625 -0.15625 L 0.5 -9.296875 L 2.125 -9.296875 L 5.03125 -2.03125 L 7.9375 -9.296875 L 9.546875 -9.296875 L 5.46875 0.859375 Z M 5.46875 0.859375 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-23">
+<path style="stroke:none;" d="M 3.078125 -1.390625 L 3.078125 3.53125 L 1.546875 3.53125 L 1.546875 -9.296875 L 3.078125 -9.296875 L 3.078125 -7.890625 C 3.398438 -8.441406 3.804688 -8.847656 4.296875 -9.109375 C 4.785156 -9.378906 5.367188 -9.515625 6.046875 -9.515625 C 7.179688 -9.515625 8.097656 -9.066406 8.796875 -8.171875 C 9.503906 -7.273438 9.859375 -6.097656 9.859375 -4.640625 C 9.859375 -3.179688 9.503906 -2.003906 8.796875 -1.109375 C 8.097656 -0.210938 7.179688 0.234375 6.046875 0.234375 C 5.367188 0.234375 4.785156 0.101562 4.296875 -0.15625 C 3.804688 -0.425781 3.398438 -0.835938 3.078125 -1.390625 Z M 8.28125 -4.640625 C 8.28125 -5.765625 8.046875 -6.644531 7.578125 -7.28125 C 7.117188 -7.925781 6.484375 -8.25 5.671875 -8.25 C 4.867188 -8.25 4.234375 -7.925781 3.765625 -7.28125 C 3.304688 -6.644531 3.078125 -5.765625 3.078125 -4.640625 C 3.078125 -3.515625 3.304688 -2.628906 3.765625 -1.984375 C 4.234375 -1.347656 4.867188 -1.03125 5.671875 -1.03125 C 6.484375 -1.03125 7.117188 -1.347656 7.578125 -1.984375 C 8.046875 -2.628906 8.28125 -3.515625 8.28125 -4.640625 Z M 8.28125 -4.640625 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-24">
+<path style="stroke:none;" d="M 3.109375 -11.9375 L 3.109375 -9.296875 L 6.265625 -9.296875 L 6.265625 -8.109375 L 3.109375 -8.109375 L 3.109375 -3.0625 C 3.109375 -2.300781 3.210938 -1.8125 3.421875 -1.59375 C 3.628906 -1.382812 4.050781 -1.28125 4.6875 -1.28125 L 6.265625 -1.28125 L 6.265625 0 L 4.6875 0 C 3.507812 0 2.695312 -0.21875 2.25 -0.65625 C 1.800781 -1.09375 1.578125 -1.894531 1.578125 -3.0625 L 1.578125 -8.109375 L 0.453125 -8.109375 L 0.453125 -9.296875 L 1.578125 -9.296875 L 1.578125 -11.9375 L 3.109375 -11.9375 Z M 3.109375 -11.9375 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-25">
+<path style="stroke:none;" d="M 5.203125 -8.21875 C 4.378906 -8.21875 3.726562 -7.898438 3.25 -7.265625 C 2.78125 -6.628906 2.546875 -5.753906 2.546875 -4.640625 C 2.546875 -3.523438 2.78125 -2.644531 3.25 -2 C 3.726562 -1.363281 4.378906 -1.046875 5.203125 -1.046875 C 6.015625 -1.046875 6.660156 -1.367188 7.140625 -2.015625 C 7.617188 -2.660156 7.859375 -3.535156 7.859375 -4.640625 C 7.859375 -5.742188 7.617188 -6.613281 7.140625 -7.25 C 6.660156 -7.894531 6.015625 -8.21875 5.203125 -8.21875 Z M 5.203125 -9.515625 C 6.535156 -9.515625 7.578125 -9.082031 8.328125 -8.21875 C 9.085938 -7.363281 9.46875 -6.171875 9.46875 -4.640625 C 9.46875 -3.117188 9.085938 -1.925781 8.328125 -1.0625 C 7.578125 -0.195312 6.535156 0.234375 5.203125 0.234375 C 3.867188 0.234375 2.820312 -0.195312 2.0625 -1.0625 C 1.3125 -1.925781 0.9375 -3.117188 0.9375 -4.640625 C 0.9375 -6.171875 1.3125 -7.363281 2.0625 -8.21875 C 2.820312 -9.082031 3.867188 -9.515625 5.203125 -9.515625 Z M 5.203125 -9.515625 "/>
+</symbol>
+<symbol overflow="visible" id="glyph0-26">
+<path style="stroke:none;" d="M 3.265625 -1.40625 L 9.109375 -1.40625 L 9.109375 0 L 1.25 0 L 1.25 -1.40625 C 1.882812 -2.070312 2.75 -2.957031 3.84375 -4.0625 C 4.945312 -5.175781 5.640625 -5.890625 5.921875 -6.203125 C 6.453125 -6.804688 6.820312 -7.316406 7.03125 -7.734375 C 7.25 -8.160156 7.359375 -8.570312 7.359375 -8.96875 C 7.359375 -9.632812 7.128906 -10.171875 6.671875 -10.578125 C 6.210938 -10.992188 5.609375 -11.203125 4.859375 -11.203125 C 4.335938 -11.203125 3.785156 -11.109375 3.203125 -10.921875 C 2.617188 -10.742188 1.992188 -10.472656 1.328125 -10.109375 L 1.328125 -11.796875 C 2.003906 -12.066406 2.632812 -12.269531 3.21875 -12.40625 C 3.800781 -12.550781 4.335938 -12.625 4.828125 -12.625 C 6.109375 -12.625 7.128906 -12.300781 7.890625 -11.65625 C 8.660156 -11.007812 9.046875 -10.148438 9.046875 -9.078125 C 9.046875 -8.566406 8.945312 -8.082031 8.75 -7.625 C 8.5625 -7.175781 8.21875 -6.640625 7.71875 -6.015625 C 7.582031 -5.859375 7.140625 -5.394531 6.390625 -4.625 C 5.648438 -3.863281 4.609375 -2.789062 3.265625 -1.40625 Z M 3.265625 -1.40625 "/>
+</symbol>
+</g>
+</defs>
+<g id="surface0">
+<path style=" stroke:none;fill-rule:nonzero;fill:rgb(100%,100%,100%);fill-opacity:1;" d="M 0 0 L 661 0 L 661 401 L 0 401 Z M 0 0 "/>
+<path style="fill-rule:evenodd;fill:rgb(100%,100%,100%);fill-opacity:1;stroke-width:0.1;stroke-linecap:butt;stroke-linejoin:miter;stroke:rgb(0%,0%,0%);stroke-opacity:1;stroke-miterlimit:10;" d="M 15 17 L 33 17 L 33 20 L 15 20 Z M 15 17 " transform="matrix(20,0,0,20,-299,21)"/>
+<g style="fill:rgb(0%,0%,0%);fill-opacity:1;">
+ <use xlink:href="#glyph0-1" x="173.402344" y="396.875"/>
+ <use xlink:href="#glyph0-2" x="178.402344" y="396.875"/>
+</g>
+<path style="fill-rule:evenodd;fill:rgb(100%,100%,100%);fill-opacity:1;stroke-width:0.1;stroke-linecap:butt;stroke-linejoin:miter;stroke:rgb(0%,0%,0%);stroke-opacity:1;stroke-miterlimit:10;" d="M 15 14 L 24 14 L 24 17 L 15 17 Z M 15 14 " transform="matrix(20,0,0,20,-299,21)"/>
+<path style="fill-rule:evenodd;fill:rgb(100%,100%,100%);fill-opacity:1;stroke-width:0.1;stroke-linecap:butt;stroke-linejoin:miter;stroke:rgb(0%,0%,0%);stroke-opacity:1;stroke-miterlimit:10;" d="M 24 14 L 33 14 L 33 17 L 24 17 Z M 24 14 " transform="matrix(20,0,0,20,-299,21)"/>
+<g style="fill:rgb(0%,0%,0%);fill-opacity:1;">
+ <use xlink:href="#glyph0-3" x="84.671875" y="336.875"/>
+ <use xlink:href="#glyph0-4" x="84.671875" y="336.875"/>
+ <use xlink:href="#glyph0-2" x="96.488281" y="336.875"/>
+</g>
+<g style="fill:rgb(0%,0%,0%);fill-opacity:1;">
+ <use xlink:href="#glyph0-5" x="253.207031" y="336.875"/>
+ <use xlink:href="#glyph0-6" x="265.589844" y="336.875"/>
+ <use xlink:href="#glyph0-2" x="278.617188" y="336.875"/>
+</g>
+<path style="fill-rule:evenodd;fill:rgb(100%,100%,100%);fill-opacity:1;stroke-width:0.1;stroke-linecap:butt;stroke-linejoin:miter;stroke:rgb(0%,0%,0%);stroke-opacity:1;stroke-miterlimit:10;" d="M 15 11 L 24 11 L 24 14 L 15 14 Z M 15 11 " transform="matrix(20,0,0,20,-299,21)"/>
+<path style="fill-rule:evenodd;fill:rgb(100%,100%,100%);fill-opacity:1;stroke-width:0.1;stroke-linecap:butt;stroke-linejoin:miter;stroke:rgb(0%,0%,0%);stroke-opacity:1;stroke-miterlimit:10;" d="M 24 11 L 33 11 L 33 14 L 24 14 Z M 24 11 " transform="matrix(20,0,0,20,-299,21)"/>
+<g style="fill:rgb(0%,0%,0%);fill-opacity:1;">
+ <use xlink:href="#glyph0-7" x="68.988281" y="276.875"/>
+ <use xlink:href="#glyph0-3" x="91" y="276.875"/>
+ <use xlink:href="#glyph0-4" x="91" y="276.875"/>
+ <use xlink:href="#glyph0-2" x="102.816406" y="276.875"/>
+</g>
+<g style="fill:rgb(0%,0%,0%);fill-opacity:1;">
+ <use xlink:href="#glyph0-8" x="254.066406" y="276.875"/>
+ <use xlink:href="#glyph0-8" x="264.808594" y="276.875"/>
+ <use xlink:href="#glyph0-5" x="275.550781" y="276.875"/>
+</g>
+<path style="fill-rule:evenodd;fill:rgb(100%,100%,100%);fill-opacity:1;stroke-width:0.1;stroke-linecap:butt;stroke-linejoin:miter;stroke:rgb(0%,0%,0%);stroke-opacity:1;stroke-miterlimit:10;" d="M 15 8 L 33 8 L 33 11 L 15 11 Z M 15 8 " transform="matrix(20,0,0,20,-299,21)"/>
+<g style="fill:rgb(0%,0%,0%);fill-opacity:1;">
+ <use xlink:href="#glyph0-3" x="132.71875" y="216.875"/>
+ <use xlink:href="#glyph0-9" x="132.71875" y="216.875"/>
+ <use xlink:href="#glyph0-10" x="143.441406" y="216.875"/>
+ <use xlink:href="#glyph0-10" x="154.164062" y="216.875"/>
+ <use xlink:href="#glyph0-11" x="164.886719" y="216.875"/>
+ <use xlink:href="#glyph0-12" x="175.296875" y="216.875"/>
+ <use xlink:href="#glyph0-13" x="180.003906" y="216.875"/>
+ <use xlink:href="#glyph0-14" x="185.375" y="216.875"/>
+ <use xlink:href="#glyph0-11" x="201.859375" y="216.875"/>
+ <use xlink:href="#glyph0-15" x="212.269531" y="216.875"/>
+ <use xlink:href="#glyph0-15" x="221.078125" y="216.875"/>
+ <use xlink:href="#glyph0-16" x="229.886719" y="216.875"/>
+ <use xlink:href="#glyph0-17" x="240.257812" y="216.875"/>
+ <use xlink:href="#glyph0-11" x="251" y="216.875"/>
+ <use xlink:href="#glyph0-15" x="261.410156" y="216.875"/>
+</g>
+<path style="fill-rule:evenodd;fill:rgb(100%,100%,100%);fill-opacity:1;stroke-width:0.1;stroke-linecap:butt;stroke-linejoin:miter;stroke:rgb(0%,0%,0%);stroke-opacity:1;stroke-miterlimit:10;" d="M 15 5 L 33 5 L 33 8 L 15 8 Z M 15 5 " transform="matrix(20,0,0,20,-299,21)"/>
+<g style="fill:rgb(0%,0%,0%);fill-opacity:1;">
+ <use xlink:href="#glyph0-18" x="108.460938" y="156.875"/>
+ <use xlink:href="#glyph0-16" x="121.566406" y="156.875"/>
+ <use xlink:href="#glyph0-19" x="131.9375" y="156.875"/>
+ <use xlink:href="#glyph0-12" x="138.890625" y="156.875"/>
+ <use xlink:href="#glyph0-20" x="143.597656" y="156.875"/>
+ <use xlink:href="#glyph0-21" x="148.304688" y="156.875"/>
+ <use xlink:href="#glyph0-13" x="157.601562" y="156.875"/>
+ <use xlink:href="#glyph0-11" x="162.972656" y="156.875"/>
+ <use xlink:href="#glyph0-10" x="173.382812" y="156.875"/>
+ <use xlink:href="#glyph0-21" x="184.105469" y="156.875"/>
+ <use xlink:href="#glyph0-19" x="193.402344" y="156.875"/>
+ <use xlink:href="#glyph0-22" x="200.355469" y="156.875"/>
+ <use xlink:href="#glyph0-23" x="210.375" y="156.875"/>
+ <use xlink:href="#glyph0-24" x="221.117188" y="156.875"/>
+ <use xlink:href="#glyph0-20" x="227.757812" y="156.875"/>
+ <use xlink:href="#glyph0-25" x="232.464844" y="156.875"/>
+ <use xlink:href="#glyph0-10" x="242.816406" y="156.875"/>
+</g>
+<path style="fill-rule:evenodd;fill:rgb(100%,100%,100%);fill-opacity:1;stroke-width:0.1;stroke-linecap:butt;stroke-linejoin:miter;stroke:rgb(0%,0%,0%);stroke-opacity:1;stroke-miterlimit:10;" d="M 15 2 L 33 2 L 33 5 L 15 5 Z M 15 2 " transform="matrix(20,0,0,20,-299,21)"/>
+<g style="fill:rgb(0%,0%,0%);fill-opacity:1;">
+ <use xlink:href="#glyph0-1" x="162.113281" y="96.875"/>
+ <use xlink:href="#glyph0-26" x="167.113281" y="96.875"/>
+ <use xlink:href="#glyph0-4" x="177.875" y="96.875"/>
+ <use xlink:href="#glyph0-2" x="189.691406" y="96.875"/>
+</g>
+<path style="fill-rule:evenodd;fill:rgb(100%,100%,100%);fill-opacity:1;stroke-width:0.1;stroke-linecap:butt;stroke-linejoin:miter;stroke:rgb(0%,0%,0%);stroke-opacity:1;stroke-miterlimit:10;" d="M 15 -1 L 24 -1 L 24 2 L 15 2 Z M 15 -1 " transform="matrix(20,0,0,20,-299,21)"/>
+<path style="fill-rule:evenodd;fill:rgb(100%,100%,100%);fill-opacity:1;stroke-width:0.1;stroke-linecap:butt;stroke-linejoin:miter;stroke:rgb(0%,0%,0%);stroke-opacity:1;stroke-miterlimit:10;" d="M 24 -1 L 33 -1 L 33 2 L 24 2 Z M 24 -1 " transform="matrix(20,0,0,20,-299,21)"/>
+<g style="fill:rgb(0%,0%,0%);fill-opacity:1;">
+ <use xlink:href="#glyph0-8" x="50.472656" y="36.875"/>
+ <use xlink:href="#glyph0-24" x="61.214844" y="36.875"/>
+ <use xlink:href="#glyph0-19" x="68.089844" y="36.875"/>
+ <use xlink:href="#glyph0-11" x="68.089844" y="36.875"/>
+ <use xlink:href="#glyph0-16" x="78.5" y="36.875"/>
+ <use xlink:href="#glyph0-14" x="88.871094" y="36.875"/>
+ <use xlink:href="#glyph0-20" x="105.355469" y="36.875"/>
+ <use xlink:href="#glyph0-10" x="110.0625" y="36.875"/>
+ <use xlink:href="#glyph0-17" x="120.785156" y="36.875"/>
+</g>
+<g style="fill:rgb(0%,0%,0%);fill-opacity:1;">
+ <use xlink:href="#glyph0-6" x="224.125" y="36.875"/>
+ <use xlink:href="#glyph0-16" x="237.152344" y="36.875"/>
+ <use xlink:href="#glyph0-24" x="247.523438" y="36.875"/>
+ <use xlink:href="#glyph0-16" x="254.164062" y="36.875"/>
+ <use xlink:href="#glyph0-17" x="264.535156" y="36.875"/>
+ <use xlink:href="#glyph0-19" x="275.277344" y="36.875"/>
+ <use xlink:href="#glyph0-16" x="282.230469" y="36.875"/>
+ <use xlink:href="#glyph0-14" x="292.601562" y="36.875"/>
+ <use xlink:href="#glyph0-15" x="309.085938" y="36.875"/>
+</g>
+</g>
+</svg>
diff --git a/www.i2p2/image_design/routing_template.svg b/www.i2p2/image_design/routing_template.svg
new file mode 100644
index 0000000000000000000000000000000000000000..1bdcb596cdd80c56b22762e35e9edbed1718fb0f
--- /dev/null
+++ b/www.i2p2/image_design/routing_template.svg
@@ -0,0 +1,375 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:cc="http://creativecommons.org/ns#"
+ xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+ xmlns:svg="http://www.w3.org/2000/svg"
+ xmlns="http://www.w3.org/2000/svg"
+ xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+ xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+ width="7cm"
+ height="7cm"
+ viewBox="102 159 129 139"
+ id="svg3091"
+ version="1.1"
+ inkscape:version="0.47pre4 r22446"
+ sodipodi:docname="sjabloon.svg">
+ <metadata
+ id="metadata3257">
+ <rdf:RDF>
+ <cc:Work
+ rdf:about="">
+ <dc:format>image/svg+xml</dc:format>
+ <dc:type
+ rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+ <dc:title></dc:title>
+ </cc:Work>
+ </rdf:RDF>
+ </metadata>
+ <defs
+ id="defs3255">
+ <inkscape:perspective
+ sodipodi:type="inkscape:persp3d"
+ inkscape:vp_x="0 : 124.01575 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_z="248.03149 : 124.01575 : 1"
+ inkscape:persp3d-origin="124.01575 : 82.677165 : 1"
+ id="perspective3259" />
+ </defs>
+ <sodipodi:namedview
+ pagecolor="#ffffff"
+ bordercolor="#666666"
+ borderopacity="1"
+ objecttolerance="10"
+ gridtolerance="10"
+ guidetolerance="10"
+ inkscape:pageopacity="0"
+ inkscape:pageshadow="2"
+ inkscape:window-width="1680"
+ inkscape:window-height="976"
+ id="namedview3253"
+ showgrid="false"
+ inkscape:zoom="0.95149207"
+ inkscape:cx="124.01575"
+ inkscape:cy="124.01575"
+ inkscape:window-x="0"
+ inkscape:window-y="25"
+ inkscape:window-maximized="1"
+ inkscape:current-layer="svg3091" />
+ <g
+ id="g3093">
+ <path
+ style="fill: #b7b79d"
+ d="M 170.897 186.814 L 210.865,186.814 L 210.865,194.2 L 170.897,194.2 L 170.897,186.814z"
+ id="path3095" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #494936"
+ d="M 170.897 186.814 L 210.865,186.814 L 210.865,194.2 L 170.897,194.2 L 170.897,186.814"
+ id="path3097" />
+ <path
+ style="fill: #c9c9b6"
+ d="M 170.897 186.814 L 175.135,182.796 L 215.103,182.796 L 210.865,186.814 L 170.897,186.814z"
+ id="path3099" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #494936"
+ d="M 170.897 186.814 L 175.135,182.796 L 215.103,182.796 L 210.865,186.814 L 170.897,186.814"
+ id="path3101" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 2.12; stroke: #000000"
+ d="M 208.63 190.176 L 199.039,190.176"
+ id="path3103" />
+ <path
+ style="fill: #7a7a5a"
+ d="M 210.865 194.2 L 215.103,189.95 L 215.103,182.796 L 210.865,186.814 L 210.865,194.2z"
+ id="path3105" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #494936"
+ d="M 210.865 194.2 L 215.103,189.95 L 215.103,182.796 L 210.865,186.814 L 210.865,194.2"
+ id="path3107" />
+ <path
+ style="fill: #c9c9b6"
+ d="M 171.123 198.885 L 175.582,193.3 L 206.401,193.3 L 201.942,198.885 L 171.123,198.885z"
+ id="path3109" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #494936"
+ d="M 171.123 198.885 L 175.582,193.3 L 206.401,193.3 L 201.942,198.885 L 171.123,198.885"
+ id="path3111" />
+ <path
+ style="fill: #7a7a5a"
+ d="M 201.942 200 L 206.401,195.315 L 206.401,193.3 L 201.942,198.885 L 201.942,200z"
+ id="path3113" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #494936"
+ d="M 201.942 200 L 206.401,195.315 L 206.401,193.3 L 201.942,198.885 L 201.942,200"
+ id="path3115" />
+ <path
+ style="fill: #b7b79d"
+ d="M 171.123 198.885 L 201.942,198.885 L 201.942,200 L 171.123,200 L 171.123,198.885z"
+ id="path3117" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #494936"
+ d="M 171.123 198.885 L 201.942,198.885 L 201.942,200 L 171.123,200 L 171.123,198.885"
+ id="path3119" />
+ <path
+ style="fill: #000000"
+ d="M 176.923 185.926 L 180.28,182.796 L 208.63,182.796 L 205.513,185.926 L 176.923,185.926z"
+ id="path3121" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #000000"
+ d="M 176.923 185.926 L 180.28,182.796 L 208.63,182.796 L 205.513,185.926 L 176.923,185.926"
+ id="path3123" />
+ <path
+ style="fill: #c9c9b6"
+ d="M 176.696 162.903 L 179.832,160 L 208.195,160 L 205.059,162.903 L 176.696,162.903z"
+ id="path3125" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #494936"
+ d="M 176.696 162.903 L 179.832,160 L 208.195,160 L 205.059,162.903 L 176.696,162.903"
+ id="path3127" />
+ <path
+ style="fill: #b7b79d"
+ d="M 176.696 162.903 L 205.286,162.903 L 205.286,185.472 L 176.696,185.472 L 176.696,162.903z"
+ id="path3129" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #494936"
+ d="M 176.696 162.903 L 205.273,162.903 L 205.273,185.466 L 176.696,185.466 L 176.696,162.903"
+ id="path3131" />
+ <path
+ style="fill: #ffffff"
+ d="M 179.152 165.8 L 202.824,165.8 L 202.824,183.237 L 179.152,183.237 L 179.152,165.8z"
+ id="path3133" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #494936"
+ d="M 179.152 165.8 L 202.824,165.8 L 202.824,183.23 L 179.152,183.23 L 179.152,165.8"
+ id="path3135" />
+ <path
+ style="fill: #7a7a5a"
+ d="M 205.059 185.258 L 208.195,182.128 L 208.195,160 L 205.059,162.903 L 205.059,185.258z"
+ id="path3137" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #494936"
+ d="M 205.059 185.258 L 208.195,182.128 L 208.195,160 L 205.059,162.903 L 205.059,185.258"
+ id="path3139" />
+ </g>
+ <g
+ id="g3141">
+ <path
+ style="fill: #0078aa"
+ d="M 231.384 274.56 L 231.356,274.24 L 231.288,273.913 L 231.172,273.586 L 231.002,273.273 L 230.791,272.945 L 230.532,272.639 L 230.232,272.325 L 229.871,272.026 L 229.483,271.733 L 229.046,271.446 L 228.563,271.153 L 228.045,270.888 L 227.486,270.622 L 226.893,270.37 L 226.253,270.131 L 225.592,269.899 L 224.89,269.681 L 224.154,269.477 L 223.397,269.279 L 222.607,269.102 L 221.796,268.939 L 220.951,268.789 L 220.092,268.639 L 219.22,268.516 L 218.328,268.421 L 217.421,268.332 L 216.494,268.257 L 215.575,268.203 L 214.641,268.162 L 213.687,268.128 L 212.747,268.128 L 212.747,268.128 L 211.806,268.128 L 210.859,268.162 L 209.925,268.203 L 208.999,268.257 L 208.079,268.332 L 207.172,268.421 L 206.273,268.516 L 205.401,268.639 L 204.542,268.789 L 203.704,268.939 L 202.886,269.102 L 202.096,269.279 L 201.339,269.477 L 200.603,269.681 L 199.908,269.899 L 199.241,270.131 L 198.607,270.37 L 198.007,270.622 L 197.448,270.888 L 196.931,271.153 L 196.447,271.446 L 196.011,271.733 L 195.622,272.026 L 195.268,272.325 L 194.968,272.639 L 194.709,272.945 L 194.491,273.273 L 194.328,273.586 L 194.205,273.913 L 194.137,274.24 L 194.116,274.56 L 194.116,274.56 L 194.137,274.894 L 194.205,275.221 L 194.328,275.542 L 194.491,275.862 L 194.709,276.182 L 194.968,276.496 L 195.268,276.802 L 195.622,277.109 L 196.011,277.402 L 196.447,277.688 L 196.931,277.968 L 197.448,278.247 L 198.007,278.513 L 198.607,278.758 L 199.241,278.997 L 199.908,279.235 L 200.603,279.453 L 201.339,279.658 L 202.096,279.842 L 202.886,280.032 L 203.704,280.189 L 204.542,280.346 L 205.401,280.482 L 206.273,280.605 L 207.172,280.7 L 208.079,280.802 L 208.999,280.864 L 209.925,280.925 L 210.859,280.973 L 211.806,280.993 L 212.747,281 L 212.747,281 L 213.687,280.993 L 214.641,280.973 L 215.575,280.925 L 216.494,280.864 L 217.421,280.802 L 218.328,280.7 L 219.22,280.605 L 220.092,280.482 L 220.951,280.346 L 221.796,280.189 L 222.607,280.032 L 223.397,279.842 L 224.154,279.658 L 224.89,279.453 L 225.592,279.235 L 226.253,278.997 L 226.893,278.758 L 227.486,278.513 L 228.045,278.247 L 228.563,277.968 L 229.046,277.688 L 229.483,277.402 L 229.871,277.109 L 230.232,276.802 L 230.532,276.496 L 230.791,276.182 L 231.002,275.862 L 231.172,275.542 L 231.288,275.221 L 231.356,274.894 L 231.384,274.56z"
+ id="path3143" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #aae6ff"
+ d="M 231.172 274.458 L 231.138,274.138 L 231.084,273.818 L 230.954,273.497 L 230.791,273.191 L 230.573,272.864 L 230.321,272.557 L 230.021,272.264 L 229.667,271.964 L 229.271,271.664 L 228.842,271.385 L 228.365,271.112 L 227.847,270.847 L 227.295,270.581 L 226.702,270.336 L 226.069,270.09 L 225.401,269.872 L 224.706,269.654 L 223.977,269.45 L 223.227,269.266 L 222.443,269.075 L 221.626,268.925 L 220.801,268.768 L 219.949,268.639 L 219.084,268.509 L 218.198,268.414 L 217.285,268.332 L 216.379,268.257 L 215.452,268.203 L 214.525,268.162 L 213.578,268.128 L 212.644,268.128 L 212.644,268.128 L 211.704,268.128 L 210.764,268.162 L 209.83,268.203 L 208.91,268.257 L 207.997,268.332 L 207.091,268.414 L 206.205,268.509 L 205.326,268.639 L 204.474,268.768 L 203.656,268.925 L 202.839,269.075 L 202.062,269.266 L 201.312,269.45 L 200.583,269.654 L 199.881,269.872 L 199.22,270.09 L 198.586,270.336 L 197.994,270.581 L 197.435,270.847 L 196.924,271.112 L 196.447,271.385 L 196.011,271.664 L 195.615,271.964 L 195.268,272.264 L 194.968,272.557 L 194.709,272.864 L 194.491,273.191 L 194.328,273.497 L 194.212,273.818 L 194.144,274.138 L 194.137,274.213"
+ id="path3145" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #aae6ff"
+ d="M 194.137 274.697 L 194.144,274.779 L 194.212,275.099 L 194.328,275.412 L 194.491,275.733 L 194.709,276.046 L 194.968,276.353 L 195.268,276.652 L 195.615,276.945 L 196.011,277.239 L 196.447,277.538 L 196.924,277.797 L 197.435,278.077 L 197.994,278.336 L 198.586,278.588 L 199.22,278.819 L 199.881,279.051 L 200.583,279.262 L 201.312,279.46 L 202.062,279.651 L 202.839,279.835 L 203.656,279.991 L 204.474,280.141 L 205.326,280.271 L 206.205,280.394 L 207.091,280.489 L 207.997,280.584 L 208.91,280.652 L 209.83,280.7 L 210.764,280.755 L 211.704,280.782 L 212.644,280.782 L 212.644,280.782 L 213.578,280.782 L 214.525,280.755 L 215.452,280.7 L 216.379,280.652 L 217.285,280.584 L 218.198,280.489 L 219.084,280.394 L 219.949,280.271 L 220.801,280.141 L 221.626,279.991 L 222.443,279.835 L 223.227,279.651 L 223.977,279.46 L 224.706,279.262 L 225.401,279.051 L 226.069,278.819 L 226.702,278.588 L 227.295,278.336 L 227.847,278.077 L 228.365,277.797 L 228.842,277.538 L 229.271,277.239 L 229.667,276.945 L 230.021,276.652 L 230.321,276.353 L 230.573,276.046 L 230.791,275.733 L 230.954,275.412 L 231.084,275.099 L 231.138,274.779 L 231.172,274.458"
+ id="path3147" />
+ <path
+ style="fill: #0078aa"
+ d="M 194.116 247.555 L 194.116,274.683 L 231.172,274.683 L 231.172,247.555 L 194.116,247.555z"
+ id="path3149" />
+ <path
+ style="fill: #00b4ff"
+ d="M 231.384 247.433 L 231.356,247.112 L 231.288,246.785 L 231.172,246.458 L 231.002,246.145 L 230.791,245.818 L 230.532,245.511 L 230.232,245.204 L 229.871,244.898 L 229.483,244.605 L 229.046,244.319 L 228.563,244.026 L 228.045,243.76 L 227.486,243.494 L 226.893,243.249 L 226.253,242.997 L 225.592,242.772 L 224.89,242.554 L 224.154,242.349 L 223.397,242.152 L 222.607,241.974 L 221.796,241.804 L 220.951,241.661 L 220.092,241.511 L 219.22,241.402 L 218.328,241.293 L 217.421,241.204 L 216.494,241.129 L 215.575,241.082 L 214.641,241.034 L 213.687,241 L 212.747,241 L 212.747,241 L 211.806,241 L 210.859,241.034 L 209.925,241.082 L 208.999,241.129 L 208.079,241.204 L 207.172,241.293 L 206.273,241.402 L 205.401,241.511 L 204.542,241.661 L 203.704,241.804 L 202.886,241.974 L 202.096,242.152 L 201.339,242.349 L 200.603,242.554 L 199.908,242.772 L 199.241,242.997 L 198.607,243.249 L 198.007,243.494 L 197.448,243.76 L 196.931,244.026 L 196.447,244.319 L 196.011,244.605 L 195.622,244.898 L 195.268,245.204 L 194.968,245.511 L 194.709,245.818 L 194.491,246.145 L 194.328,246.458 L 194.205,246.785 L 194.137,247.112 L 194.116,247.433 L 194.116,247.433 L 194.137,247.767 L 194.205,248.094 L 194.328,248.407 L 194.491,248.734 L 194.709,249.048 L 194.968,249.368 L 195.268,249.681 L 195.622,249.981 L 196.011,250.274 L 196.447,250.56 L 196.931,250.84 L 197.448,251.119 L 198.007,251.385 L 198.607,251.637 L 199.241,251.869 L 199.908,252.107 L 200.603,252.325 L 201.339,252.53 L 202.096,252.721 L 202.886,252.905 L 203.704,253.061 L 204.542,253.218 L 205.401,253.354 L 206.273,253.477 L 207.172,253.586 L 208.079,253.675 L 208.999,253.736 L 209.925,253.804 L 210.859,253.845 L 211.806,253.865 L 212.747,253.879 L 212.747,253.879 L 213.687,253.865 L 214.641,253.845 L 215.575,253.804 L 216.494,253.736 L 217.421,253.675 L 218.328,253.586 L 219.22,253.477 L 220.092,253.354 L 220.951,253.218 L 221.796,253.061 L 222.607,252.905 L 223.397,252.721 L 224.154,252.53 L 224.89,252.325 L 225.592,252.107 L 226.253,251.869 L 226.893,251.637 L 227.486,251.385 L 228.045,251.119 L 228.563,250.84 L 229.046,250.56 L 229.483,250.274 L 229.871,249.981 L 230.232,249.681 L 230.532,249.368 L 230.791,249.048 L 231.002,248.734 L 231.172,248.407 L 231.288,248.094 L 231.356,247.767 L 231.384,247.433z"
+ id="path3151" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #aae6ff"
+ d="M 231.172 247.33 L 231.138,247.003 L 231.084,246.69 L 230.954,246.37 L 230.791,246.063 L 230.573,245.736 L 230.321,245.429 L 230.021,245.129 L 229.667,244.83 L 229.271,244.543 L 228.842,244.257 L 228.365,243.978 L 227.847,243.719 L 227.295,243.453 L 226.702,243.208 L 226.069,242.956 L 225.401,242.744 L 224.706,242.526 L 223.977,242.322 L 223.227,242.138 L 222.443,241.954 L 221.626,241.797 L 220.801,241.641 L 219.949,241.511 L 219.084,241.388 L 218.198,241.293 L 217.285,241.204 L 216.379,241.123 L 215.452,241.082 L 214.525,241.034 L 213.578,241 L 212.644,241"
+ id="path3153" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #aae6ff"
+ d="M 212.644 241 L 211.704,241 L 210.764,241.034 L 209.83,241.082 L 208.91,241.123 L 207.997,241.204 L 207.091,241.293 L 206.205,241.388 L 205.326,241.511 L 204.474,241.641 L 203.656,241.797 L 202.839,241.954 L 202.062,242.138 L 201.312,242.322 L 200.583,242.526 L 199.881,242.744 L 199.22,242.956 L 198.586,243.208 L 197.994,243.453 L 197.435,243.719 L 196.924,243.978 L 196.447,244.257 L 196.011,244.543 L 195.615,244.83 L 195.268,245.129 L 194.968,245.429 L 194.709,245.736 L 194.491,246.063 L 194.328,246.37 L 194.212,246.69 L 194.144,247.003 L 194.137,247.085"
+ id="path3155" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #aae6ff"
+ d="M 194.137 247.576 L 194.144,247.651 L 194.212,247.971 L 194.328,248.278 L 194.491,248.605 L 194.709,248.918 L 194.968,249.225 L 195.268,249.525 L 195.615,249.818 L 196.011,250.111 L 196.447,250.411 L 196.924,250.67 L 197.435,250.949 L 197.994,251.208 L 198.586,251.46 L 199.22,251.692 L 199.881,251.923 L 200.583,252.135 L 201.312,252.332 L 202.062,252.523 L 202.839,252.707 L 203.656,252.871 L 204.474,253.007 L 205.326,253.143 L 206.205,253.266 L 207.091,253.375 L 207.997,253.457 L 208.91,253.525 L 209.83,253.586 L 210.764,253.627 L 211.704,253.647 L 212.644,253.654 L 212.644,253.654 L 213.578,253.647 L 214.525,253.627 L 215.452,253.586 L 216.379,253.525 L 217.285,253.457 L 218.198,253.375 L 219.084,253.266 L 219.949,253.143 L 220.801,253.007 L 221.626,252.871 L 222.443,252.707 L 223.227,252.523 L 223.977,252.332 L 224.706,252.135 L 225.401,251.923 L 226.069,251.692 L 226.702,251.46 L 227.295,251.208 L 227.847,250.949 L 228.365,250.67 L 228.842,250.411 L 229.271,250.111 L 229.667,249.818 L 230.021,249.525 L 230.321,249.225 L 230.573,248.918 L 230.791,248.605 L 230.954,248.278 L 231.084,247.971 L 231.138,247.651 L 231.172,247.33"
+ id="path3157" />
+ <path
+ style="fill: #000000"
+ d="M 213.094 245.974 L 215.806,246.874 L 222.355,244.155 L 225.292,245.068 L 223.704,242.813 L 216.038,242.813 L 219.193,243.487 L 213.094,245.974z"
+ id="path3159" />
+ <path
+ style="fill: #000000"
+ d="M 211.956 248.455 L 209.251,247.555 L 202.927,250.274 L 199.772,249.354 L 201.353,251.855 L 209.251,251.855 L 205.871,250.949 L 211.956,248.455z"
+ id="path3161" />
+ <path
+ style="fill: #000000"
+ d="M 200.447 243.487 L 203.145,242.574 L 209.701,245.068 L 212.644,244.394 L 211.063,246.649 L 203.377,246.649 L 206.532,245.974 L 200.447,243.487z"
+ id="path3163" />
+ <path
+ style="fill: #000000"
+ d="M 224.835 251.174 L 222.123,252.073 L 215.806,249.354 L 212.644,250.274 L 214.218,248.005 L 222.123,248.005 L 218.743,248.693 L 224.835,251.174z"
+ id="path3165" />
+ <path
+ style="fill: #ffffff"
+ d="M 213.319 246.193 L 216.038,247.092 L 222.573,244.394 L 225.517,245.3 L 223.936,243.037 L 216.263,243.037 L 219.418,243.705 L 213.319,246.193z"
+ id="path3167" />
+ <path
+ style="fill: #ffffff"
+ d="M 212.188 248.693 L 209.469,247.78 L 203.145,250.492 L 199.99,249.586 L 201.571,252.073 L 209.469,252.073 L 206.089,251.174 L 212.188,248.693z"
+ id="path3169" />
+ <path
+ style="fill: #ffffff"
+ d="M 200.672 243.705 L 203.377,242.813 L 209.925,245.3 L 212.862,244.618 L 211.288,246.874 L 203.595,246.874 L 206.764,246.193 L 200.672,243.705z"
+ id="path3171" />
+ <path
+ style="fill: #ffffff"
+ d="M 225.06 251.392 L 222.355,252.305 L 216.038,249.586 L 212.862,250.492 L 214.443,248.237 L 222.355,248.237 L 218.982,248.918 L 225.06,251.392z"
+ id="path3173" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #aae6ff"
+ d="M 194.116 247.33 L 194.116,274.451"
+ id="path3175" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #aae6ff"
+ d="M 231.172 247.33 L 231.172,274.451"
+ id="path3177" />
+ <path
+ style="fill: #000000"
+ d="M 202.477 254.56 L 202.477,257.504 L 209.019,257.504 L 212.413,263.61 L 216.038,257.504 L 222.573,257.504 L 222.573,254.56 L 226.648,258.172 L 222.573,261.79 L 222.573,259.31 L 217.837,259.31 L 213.994,266.09 L 217.837,273.095 L 222.573,273.095 L 222.573,270.608 L 226.648,274.009 L 222.573,277.62 L 222.573,274.908 L 216.038,274.908 L 212.413,268.584 L 209.019,275.133 L 202.477,275.133 L 202.477,277.62 L 198.409,274.009 L 202.477,270.608 L 202.477,273.095 L 206.989,273.095 L 211.063,266.09 L 206.989,259.31 L 202.477,259.31 L 202.477,261.572 L 198.409,258.172 L 202.477,254.56z"
+ id="path3179" />
+ <path
+ style="fill: #ffffff"
+ d="M 202.702 254.792 L 202.702,257.736 L 209.251,257.736 L 212.644,263.828 L 216.263,257.736 L 222.798,257.736 L 222.798,254.792 L 226.873,258.404 L 222.798,262.029 L 222.798,259.535 L 218.069,259.535 L 214.218,266.322 L 218.069,273.32 L 222.798,273.32 L 222.798,270.833 L 226.873,274.22 L 222.798,277.845 L 222.798,275.133 L 216.263,275.133 L 212.644,268.802 L 209.251,275.365 L 202.702,275.365 L 202.702,277.845 L 198.634,274.22 L 202.702,270.833 L 202.702,273.32 L 207.227,273.32 L 211.288,266.322 L 207.227,259.535 L 202.702,259.535 L 202.702,261.79 L 198.634,258.404 L 202.702,254.792z"
+ id="path3181" />
+ </g>
+ <g
+ id="g3183">
+ <path
+ style="fill: #0078aa"
+ d="M 171.824 286.241 L 171.775,285.652 L 171.645,285.053 L 171.425,284.464 L 171.116,283.885 L 170.716,283.296 L 170.237,282.717 L 169.668,282.158 L 169.029,281.609 L 168.291,281.07 L 167.482,280.551 L 166.594,280.031 L 165.625,279.532 L 164.587,279.053 L 163.479,278.584 L 162.301,278.145 L 161.073,277.725 L 159.776,277.326 L 158.408,276.957 L 157,276.587 L 155.543,276.278 L 154.036,275.969 L 152.478,275.699 L 150.891,275.439 L 149.254,275.22 L 147.607,275.03 L 145.91,274.87 L 144.203,274.731 L 142.486,274.621 L 140.749,274.541 L 139.002,274.511 L 137.235,274.481 L 137.235,274.481 L 135.488,274.511 L 133.751,274.541 L 132.014,274.621 L 130.297,274.731 L 128.59,274.87 L 126.893,275.03 L 125.246,275.22 L 123.609,275.439 L 122.022,275.699 L 120.464,275.969 L 118.947,276.278 L 117.5,276.587 L 116.092,276.957 L 114.724,277.326 L 113.427,277.725 L 112.199,278.145 L 111.021,278.584 L 109.913,279.053 L 108.875,279.532 L 107.896,280.031 L 107.018,280.551 L 106.199,281.07 L 105.471,281.609 L 104.832,282.158 L 104.263,282.717 L 103.784,283.296 L 103.384,283.885 L 103.075,284.464 L 102.845,285.053 L 102.725,285.652 L 102.676,286.241 L 102.676,286.241 L 102.725,286.85 L 102.845,287.438 L 103.075,288.027 L 103.384,288.616 L 103.784,289.195 L 104.263,289.774 L 104.832,290.333 L 105.471,290.882 L 106.199,291.422 L 107.018,291.951 L 107.896,292.45 L 108.875,292.969 L 109.913,293.448 L 111.021,293.907 L 112.199,294.336 L 113.427,294.766 L 114.724,295.165 L 116.092,295.544 L 117.5,295.894 L 118.947,296.223 L 120.464,296.523 L 122.022,296.792 L 123.609,297.052 L 125.246,297.271 L 126.893,297.461 L 128.59,297.631 L 130.297,297.75 L 132.014,297.86 L 133.751,297.94 L 135.488,297.99 L 137.235,298 L 137.235,298 L 139.002,297.99 L 140.749,297.94 L 142.486,297.86 L 144.203,297.75 L 145.91,297.631 L 147.607,297.461 L 149.254,297.271 L 150.891,297.052 L 152.478,296.792 L 154.036,296.523 L 155.543,296.223 L 157,295.894 L 158.408,295.544 L 159.776,295.165 L 161.073,294.766 L 162.301,294.336 L 163.479,293.907 L 164.587,293.448 L 165.625,292.969 L 166.594,292.45 L 167.482,291.951 L 168.291,291.422 L 169.029,290.882 L 169.668,290.333 L 170.237,289.774 L 170.716,289.195 L 171.116,288.616 L 171.425,288.027 L 171.645,287.438 L 171.775,286.85 L 171.824,286.241z"
+ id="path3185" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #aae6ff"
+ d="M 171.425 286.061 L 171.375,285.462 L 171.246,284.893 L 171.026,284.304 L 170.726,283.735 L 170.327,283.156 L 169.838,282.597 L 169.299,282.048 L 168.64,281.499 L 167.911,280.97 L 167.103,280.441 L 166.224,279.952 L 165.256,279.462 L 164.238,278.973 L 163.14,278.524 L 161.962,278.085 L 160.724,277.686 L 159.436,277.286 L 158.089,276.917 L 156.701,276.577 L 155.234,276.248 L 153.726,275.959 L 152.199,275.689 L 150.612,275.439 L 148.994,275.22 L 147.347,275.03 L 145.66,274.87 L 143.973,274.731 L 142.266,274.651 L 140.529,274.561 L 138.792,274.511 L 137.045,274.511 L 137.045,274.511 L 135.308,274.511 L 133.561,274.561 L 131.834,274.651 L 130.127,274.731 L 128.43,274.87 L 126.753,275.03 L 125.106,275.22 L 123.479,275.439 L 121.902,275.689 L 120.375,275.959 L 118.857,276.248 L 117.41,276.577 L 116.022,276.917 L 114.665,277.286 L 113.357,277.686 L 112.119,278.085 L 110.961,278.524 L 109.853,278.973 L 108.825,279.462 L 107.876,279.952 L 107.008,280.441 L 106.189,280.97 L 105.451,281.499 L 104.812,282.048 L 104.253,282.597 L 103.754,283.156 L 103.384,283.735 L 103.065,284.304 L 102.845,284.893 L 102.725,285.462 L 102.676,286.061 L 102.676,286.061 L 102.725,286.65 L 102.845,287.229 L 103.065,287.808 L 103.384,288.377 L 103.754,288.956 L 104.253,289.515 L 104.812,290.064 L 105.451,290.593 L 106.189,291.142 L 107.008,291.671 L 107.876,292.17 L 108.825,292.649 L 109.853,293.129 L 110.961,293.588 L 112.119,294.017 L 113.357,294.426 L 114.665,294.806 L 116.022,295.195 L 117.41,295.534 L 118.857,295.854 L 120.375,296.163 L 121.902,296.423 L 123.479,296.662 L 125.106,296.892 L 126.753,297.072 L 128.43,297.221 L 130.127,297.371 L 131.834,297.461 L 133.561,297.541 L 135.308,297.581 L 137.045,297.601 L 137.045,297.601 L 138.792,297.581 L 140.529,297.541 L 142.266,297.461 L 143.973,297.371 L 145.66,297.221 L 147.347,297.072 L 148.994,296.892 L 150.612,296.662 L 152.199,296.423 L 153.726,296.163 L 155.234,295.854 L 156.701,295.534 L 158.089,295.195 L 159.436,294.806 L 160.724,294.426 L 161.962,294.017 L 163.14,293.588 L 164.238,293.129 L 165.256,292.649 L 166.224,292.17 L 167.103,291.671 L 167.911,291.142 L 168.64,290.593 L 169.299,290.064 L 169.838,289.515 L 170.327,288.956 L 170.726,288.377 L 171.026,287.808 L 171.246,287.229 L 171.375,286.65 L 171.425,286.061"
+ id="path3187" />
+ <path
+ style="fill: #0078aa"
+ d="M 102.676 269.969 L 102.676,286.46 L 171.425,286.46 L 171.425,269.969 L 102.676,269.969z"
+ id="path3189" />
+ <path
+ style="fill: #00b4ff"
+ d="M 171.824 269.739 L 171.775,269.16 L 171.645,268.562 L 171.425,267.973 L 171.116,267.384 L 170.716,266.795 L 170.237,266.226 L 169.668,265.667 L 169.029,265.108 L 168.291,264.578 L 167.482,264.049 L 166.594,263.54 L 165.625,263.021 L 164.587,262.552 L 163.479,262.083 L 162.301,261.644 L 161.073,261.234 L 159.776,260.835 L 158.408,260.456 L 157,260.106 L 155.543,259.777 L 154.036,259.467 L 152.478,259.208 L 150.891,258.938 L 149.254,258.719 L 147.607,258.529 L 145.91,258.369 L 144.203,258.25 L 142.486,258.14 L 140.749,258.06 L 139.002,258 L 137.235,258 L 137.235,258 L 135.488,258 L 133.751,258.06 L 132.014,258.14 L 130.297,258.25 L 128.59,258.369 L 126.893,258.529 L 125.246,258.719 L 123.609,258.938 L 122.022,259.208 L 120.464,259.467 L 118.947,259.777 L 117.5,260.106 L 116.092,260.456 L 114.724,260.835 L 113.427,261.234 L 112.199,261.644 L 111.021,262.083 L 109.913,262.552 L 108.875,263.021 L 107.896,263.54 L 107.018,264.049 L 106.199,264.578 L 105.471,265.108 L 104.832,265.667 L 104.263,266.226 L 103.784,266.795 L 103.384,267.384 L 103.075,267.973 L 102.845,268.562 L 102.725,269.16 L 102.676,269.739 L 102.676,269.739 L 102.725,270.348 L 102.845,270.947 L 103.075,271.536 L 103.384,272.115 L 103.784,272.704 L 104.263,273.263 L 104.832,273.842 L 105.471,274.391 L 106.199,274.93 L 107.018,275.459 L 107.896,275.969 L 108.875,276.478 L 109.913,276.957 L 111.021,277.396 L 112.199,277.855 L 113.427,278.275 L 114.724,278.674 L 116.092,279.053 L 117.5,279.403 L 118.947,279.722 L 120.464,280.031 L 122.022,280.301 L 123.609,280.561 L 125.246,280.78 L 126.893,280.97 L 128.59,281.13 L 130.297,281.249 L 132.014,281.359 L 133.751,281.449 L 135.488,281.499 L 137.235,281.499 L 137.235,281.499 L 139.002,281.499 L 140.749,281.449 L 142.486,281.359 L 144.203,281.249 L 145.91,281.13 L 147.607,280.97 L 149.254,280.78 L 150.891,280.561 L 152.478,280.301 L 154.036,280.031 L 155.543,279.722 L 157,279.403 L 158.408,279.053 L 159.776,278.674 L 161.073,278.275 L 162.301,277.855 L 163.479,277.396 L 164.587,276.957 L 165.625,276.478 L 166.594,275.969 L 167.482,275.459 L 168.291,274.93 L 169.029,274.391 L 169.668,273.842 L 170.237,273.263 L 170.716,272.704 L 171.116,272.115 L 171.425,271.536 L 171.645,270.947 L 171.775,270.348 L 171.824,269.739z"
+ id="path3191" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #aae6ff"
+ d="M 171.425 269.57 L 171.375,268.971 L 171.246,268.382 L 171.026,267.823 L 170.726,267.234 L 170.327,266.665 L 169.838,266.106 L 169.299,265.567 L 168.64,265.008 L 167.911,264.489 L 167.103,263.95 L 166.224,263.45 L 165.256,262.951 L 164.238,262.482 L 163.14,262.043 L 161.962,261.584 L 160.724,261.184 L 159.436,260.795 L 158.089,260.426 L 156.701,260.086 L 155.234,259.747 L 153.726,259.457 L 152.199,259.188 L 150.612,258.938 L 148.994,258.719 L 147.347,258.529 L 145.66,258.389 L 143.973,258.25 L 142.266,258.15 L 140.529,258.06 L 138.792,258.02 L 137.045,258 L 137.045,258 L 135.308,258.02 L 133.561,258.06 L 131.834,258.15 L 130.127,258.25 L 128.43,258.389 L 126.753,258.529 L 125.106,258.719 L 123.479,258.938 L 121.902,259.188 L 120.375,259.457 L 118.857,259.747 L 117.41,260.086 L 116.022,260.426 L 114.665,260.795 L 113.357,261.184 L 112.119,261.584 L 110.961,262.043 L 109.853,262.482 L 108.825,262.951 L 107.876,263.45 L 107.008,263.95 L 106.189,264.489 L 105.451,265.008 L 104.812,265.567 L 104.253,266.106 L 103.754,266.665 L 103.384,267.234 L 103.065,267.823 L 102.845,268.382 L 102.725,268.971 L 102.676,269.57 L 102.676,269.57 L 102.725,270.149 L 102.845,270.738 L 103.065,271.297 L 103.384,271.876 L 103.754,272.455 L 104.253,273.014 L 104.812,273.573 L 105.451,274.122 L 106.189,274.651 L 107.008,275.17 L 107.876,275.679 L 108.825,276.148 L 109.853,276.637 L 110.961,277.087 L 112.119,277.526 L 113.357,277.935 L 114.665,278.324 L 116.022,278.694 L 117.41,279.033 L 118.857,279.363 L 120.375,279.672 L 121.902,279.922 L 123.479,280.181 L 125.106,280.391 L 126.753,280.58 L 128.43,280.75 L 130.127,280.89 L 131.834,280.97 L 133.561,281.05 L 135.308,281.1 L 137.045,281.11 L 137.045,281.11 L 138.792,281.1 L 140.529,281.05 L 142.266,280.97 L 143.973,280.89 L 145.66,280.75 L 147.347,280.58 L 148.994,280.391 L 150.612,280.181 L 152.199,279.922 L 153.726,279.672 L 155.234,279.363 L 156.701,279.033 L 158.089,278.694 L 159.436,278.324 L 160.724,277.935 L 161.962,277.526 L 163.14,277.087 L 164.238,276.637 L 165.256,276.148 L 166.224,275.679 L 167.103,275.17 L 167.911,274.651 L 168.64,274.122 L 169.299,273.573 L 169.838,273.014 L 170.327,272.455 L 170.726,271.876 L 171.026,271.297 L 171.246,270.738 L 171.375,270.149 L 171.425,269.57"
+ id="path3193" />
+ <path
+ style="fill: #000000"
+ d="M 137.874 267.074 L 142.915,268.731 L 155.084,263.77 L 160.524,265.427 L 157.569,261.304 L 143.344,261.304 L 149.194,262.552 L 137.874,267.074z"
+ id="path3195" />
+ <path
+ style="fill: #000000"
+ d="M 135.768 271.626 L 130.766,269.969 L 119.017,274.93 L 113.157,273.263 L 116.092,277.805 L 130.766,277.805 L 124.467,276.148 L 135.768,271.626z"
+ id="path3197" />
+ <path
+ style="fill: #000000"
+ d="M 114.405 262.552 L 119.436,260.895 L 131.585,265.427 L 137.045,264.199 L 134.12,268.312 L 119.855,268.312 L 125.715,267.074 L 114.405,262.552z"
+ id="path3199" />
+ <path
+ style="fill: #000000"
+ d="M 159.676 276.568 L 154.655,278.215 L 142.915,273.263 L 137.045,274.93 L 139.98,270.798 L 154.655,270.798 L 148.356,272.015 L 159.676,276.568z"
+ id="path3201" />
+ <path
+ style="fill: #ffffff"
+ d="M 138.293 267.483 L 143.344,269.131 L 155.493,264.199 L 160.944,265.856 L 158.009,261.714 L 143.744,261.714 L 149.623,262.951 L 138.293,267.483z"
+ id="path3203" />
+ <path
+ style="fill: #ffffff"
+ d="M 136.217 272.015 L 131.166,270.378 L 119.436,275.33 L 113.566,273.673 L 116.501,278.215 L 131.166,278.215 L 124.897,276.568 L 136.217,272.015z"
+ id="path3205" />
+ <path
+ style="fill: #ffffff"
+ d="M 114.834 262.951 L 119.855,261.304 L 132.014,265.856 L 137.465,264.598 L 134.53,268.731 L 120.275,268.731 L 126.154,267.483 L 114.834,262.951z"
+ id="path3207" />
+ <path
+ style="fill: #ffffff"
+ d="M 160.105 276.977 L 155.084,278.634 L 143.344,273.673 L 137.465,275.33 L 140.39,271.217 L 155.084,271.217 L 148.795,272.445 L 160.105,276.977z"
+ id="path3209" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #aae6ff"
+ d="M 102.676 269.57 L 102.676,286.041"
+ id="path3211" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #aae6ff"
+ d="M 171.425 269.57 L 171.425,286.041"
+ id="path3213" />
+ <path
+ style="fill: #000000"
+ d="M 124.467 283.995 L 132.014,283.995 L 136.626,287.708 L 141.228,283.995 L 148.356,283.995 L 148.356,282.347 L 153.397,284.803 L 148.356,287.289 L 148.356,285.642 L 142.077,285.642 L 137.874,288.527 L 142.077,291.811 L 148.356,291.811 L 148.356,289.774 L 153.397,292.649 L 148.356,295.135 L 148.356,293.468 L 141.228,293.468 L 136.626,289.774 L 132.014,293.468 L 124.467,293.468 L 124.467,295.135 L 119.436,292.649 L 124.467,289.774 L 124.467,291.811 L 131.166,291.811 L 135.368,288.936 L 131.166,285.642 L 124.467,285.642 L 124.467,287.289 L 119.436,284.803 L 124.467,282.347 L 124.467,283.995z"
+ id="path3215" />
+ <path
+ style="fill: #ffffff"
+ d="M 124.897 284.394 L 132.433,284.394 L 137.045,288.097 L 141.647,284.394 L 148.795,284.394 L 148.795,282.747 L 153.806,285.232 L 148.795,287.708 L 148.795,286.061 L 142.496,286.061 L 138.293,288.936 L 142.496,292.23 L 148.795,292.23 L 148.795,290.174 L 153.806,293.059 L 148.795,295.534 L 148.795,293.877 L 141.647,293.877 L 137.045,290.174 L 132.433,293.877 L 124.897,293.877 L 124.897,295.534 L 119.855,293.059 L 124.897,290.174 L 124.897,292.23 L 131.585,292.23 L 135.768,289.345 L 131.585,286.061 L 124.897,286.061 L 124.897,287.708 L 119.855,285.232 L 124.897,282.747 L 124.897,284.394z"
+ id="path3217" />
+ </g>
+ <g
+ id="g3219">
+ <path
+ style="fill: #b7b79d"
+ d="M 139.83 178.978 L 139.83,216 L 161.712,216 L 161.712,178.978 L 139.83,178.978z"
+ id="path3221" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #494936"
+ d="M 139.83 178.978 L 139.83,216 L 161.712,216 L 161.712,178.978 L 139.83,178.978"
+ id="path3223" />
+ <path
+ style="fill: #c9c9b6"
+ d="M 139.83 178.978 L 142.795,176 L 164.67,176 L 161.712,178.978 L 139.83,178.978z"
+ id="path3225" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #494936"
+ d="M 139.83 178.978 L 142.795,176 L 164.526,176"
+ id="path3227" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #494936"
+ d="M 164.526 176.151 L 161.712,178.978 L 139.83,178.978"
+ id="path3229" />
+ <path
+ style="fill: #c9c9b6"
+ d="M 141.178 181.132 L 151.173,181.132 L 151.173,185.989 L 141.178,185.989 L 141.178,181.132z"
+ id="path3231" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #626248"
+ d="M 141.178 181.132 L 151.167,181.132 L 151.167,185.982 L 141.178,185.982 L 141.178,181.132"
+ id="path3233" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.6; stroke: #ecece7"
+ d="M 142.527 183.567 L 149.537,183.567"
+ id="path3235" />
+ <path
+ style="fill: #7a7a5a"
+ d="M 161.712 216 L 164.67,213.015 L 164.67,176 L 161.712,178.978 L 161.712,216z"
+ id="path3237" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #494936"
+ d="M 161.712 216 L 164.526,213.166"
+ id="path3239" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #494936"
+ d="M 164.526 176.151 L 161.712,178.978 L 161.712,216"
+ id="path3241" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.6; stroke: #ecece7"
+ d="M 140.105 213.559 L 161.705,213.559"
+ id="path3243" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.6; stroke: #000000"
+ d="M 140.105 193.837 L 161.705,193.837"
+ id="path3245" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.6; stroke: #494936"
+ d="M 139.83 213.29 L 161.685,213.29"
+ id="path3247" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.6; stroke: #000000"
+ d="M 139.83 193.562 L 161.685,193.562"
+ id="path3249" />
+ <path
+ style="fill: none; fill-opacity:0; stroke-width: 0.02; stroke: #ecece7"
+ d="M 141.178 185.727 L 141.178,181.132 L 150.898,181.132"
+ id="path3251" />
+ </g>
+</svg>
diff --git a/www.i2p2/image_design/tunnels.svg b/www.i2p2/image_design/tunnels.svg
new file mode 100644
index 0000000000000000000000000000000000000000..a7cddf8d1eaf401360533fd91170109ff5397210
--- /dev/null
+++ b/www.i2p2/image_design/tunnels.svg
@@ -0,0 +1,881 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+ xmlns:dc="http://purl.org/dc/elements/1.1/"
+ xmlns:cc="http://creativecommons.org/ns#"
+ xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+ xmlns:svg="http://www.w3.org/2000/svg"
+ xmlns="http://www.w3.org/2000/svg"
+ xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+ xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+ width="7cm"
+ height="7cm"
+ viewBox="102 159 129 139"
+ id="svg3091"
+ version="1.1"
+ inkscape:version="0.47pre4 r22446"
+ sodipodi:docname="tunnels.svg"
+ inkscape:export-filename="/home/mathias/Documents/Programming/I2P/monotone/i2p.www/www.i2p2/static/images/tunnels.png"
+ inkscape:export-xdpi="59.290222"
+ inkscape:export-ydpi="59.290222">
+ <metadata
+ id="metadata3257">
+ <rdf:RDF>
+ <cc:Work
+ rdf:about="">
+ <dc:format>image/svg+xml</dc:format>
+ <dc:type
+ rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+ <dc:title></dc:title>
+ </cc:Work>
+ </rdf:RDF>
+ </metadata>
+ <defs
+ id="defs3255">
+ <marker
+ inkscape:stockid="Arrow1Lend"
+ orient="auto"
+ refY="0.0"
+ refX="0.0"
+ id="Arrow1Lend"
+ style="overflow:visible;">
+ <path
+ id="path4713"
+ d="M 0.0,0.0 L 5.0,-5.0 L -12.5,0.0 L 5.0,5.0 L 0.0,0.0 z "
+ style="fill-rule:evenodd;stroke:#000000;stroke-width:1.0pt;marker-start:none;"
+ transform="scale(0.8) rotate(180) translate(12.5,0)" />
+ </marker>
+ <inkscape:perspective
+ sodipodi:type="inkscape:persp3d"
+ inkscape:vp_x="0 : 124.01575 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_z="248.03149 : 124.01575 : 1"
+ inkscape:persp3d-origin="124.01575 : 82.677165 : 1"
+ id="perspective3259" />
+ <inkscape:perspective
+ id="perspective3476"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective3511"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective3511-3"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective3657"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective3685"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective3713"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective3804"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective3895"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective5913"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective5938"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ <inkscape:perspective
+ id="perspective5968"
+ inkscape:persp3d-origin="0.5 : 0.33333333 : 1"
+ inkscape:vp_z="1 : 0.5 : 1"
+ inkscape:vp_y="0 : 1000 : 0"
+ inkscape:vp_x="0 : 0.5 : 1"
+ sodipodi:type="inkscape:persp3d" />
+ </defs>
+ <sodipodi:namedview
+ pagecolor="#ffffff"
+ bordercolor="#666666"
+ borderopacity="1"
+ objecttolerance="10"
+ gridtolerance="10"
+ guidetolerance="10"
+ inkscape:pageopacity="0"
+ inkscape:pageshadow="2"
+ inkscape:window-width="1680"
+ inkscape:window-height="976"
+ id="namedview3253"
+ showgrid="false"
+ inkscape:zoom="0.95149207"
+ inkscape:cx="259.02426"
+ inkscape:cy="132.97823"
+ inkscape:window-x="0"
+ inkscape:window-y="25"
+ inkscape:window-maximized="1"
+ inkscape:current-layer="svg3091" />
+ <g
+ id="g3093"
+ transform="translate(-205.55508,60.665254)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139" />
+ </g>
+ <g
+ id="g3219"
+ transform="translate(351.61007,41.817797)">
+ <path
+ style="fill:#b7b79d"
+ d="m 139.83,178.978 0,37.022 21.882,0 0,-37.022 -21.882,0 z"
+ id="path3221" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 139.83,178.978 0,37.022 21.882,0 0,-37.022 -21.882,0"
+ id="path3223" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 139.83,178.978 2.965,-2.978 21.875,0 -2.958,2.978 -21.882,0 z"
+ id="path3225" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 139.83,178.978 2.965,-2.978 21.731,0"
+ id="path3227" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 164.526,176.151 -2.814,2.827 -21.882,0"
+ id="path3229" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 141.178,181.132 9.995,0 0,4.857 -9.995,0 0,-4.857 z"
+ id="path3231" />
+ <path
+ style="fill:none;stroke:#626248;stroke-width:0.02"
+ d="m 141.178,181.132 9.989,0 0,4.85 -9.989,0 0,-4.85"
+ id="path3233" />
+ <path
+ style="fill:none;stroke:#ecece7;stroke-width:0.60000002"
+ d="m 142.527,183.567 7.01,0"
+ id="path3235" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 161.712,216 2.958,-2.985 0,-37.015 -2.958,2.978 0,37.022 z"
+ id="path3237" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 161.712,216 2.814,-2.834"
+ id="path3239" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 164.526,176.151 -2.814,2.827 0,37.022"
+ id="path3241" />
+ <path
+ style="fill:none;stroke:#ecece7;stroke-width:0.60000002"
+ d="m 140.105,213.559 21.6,0"
+ id="path3243" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.60000002"
+ d="m 140.105,193.837 21.6,0"
+ id="path3245" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.60000002"
+ d="m 139.83,213.29 21.855,0"
+ id="path3247" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.60000002"
+ d="m 139.83,193.562 21.855,0"
+ id="path3249" />
+ <path
+ style="fill:none;stroke:#ecece7;stroke-width:0.02"
+ d="m 141.178,185.727 0,-4.595 9.72,0"
+ id="path3251" />
+ </g>
+ <text
+ xml:space="preserve"
+ style="font-size:11.20825386px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="-27.429262"
+ y="278.73502"
+ id="text3464"><tspan
+ sodipodi:role="line"
+ id="tspan3466"
+ x="-27.429262"
+ y="278.73502">Alice</tspan><tspan
+ sodipodi:role="line"
+ x="-27.429262"
+ y="292.74533"
+ id="tspan3493" /><tspan
+ sodipodi:role="line"
+ x="-27.429262"
+ y="278.73502"
+ id="tspan3495" /></text>
+ <text
+ xml:space="preserve"
+ style="font-size:11.20825386px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="491.81763"
+ y="279.91141"
+ id="text3464-0"><tspan
+ sodipodi:role="line"
+ id="tspan3466-3"
+ x="491.81763"
+ y="279.91141">Bob</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-size:11.20825386px;font-style:normal;font-weight:normal;text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="-14.774929"
+ y="302.99759"
+ id="text3497"><tspan
+ sodipodi:role="line"
+ id="tspan3499"
+ x="-14.774927"
+ y="302.99759">Outbound</tspan><tspan
+ sodipodi:role="line"
+ x="-14.77493"
+ y="317.0079"
+ id="tspan3501">Gateway</tspan></text>
+ <g
+ id="g3093-7"
+ transform="translate(-121.00535,61.457627)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097-8" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099-5" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101-4" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103-7" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105-8" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107-6" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111-0" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115-4" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117-3" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119-7" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121-5" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123-8" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125-1" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127-0" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131-3" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135-2" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139-4" />
+ </g>
+ <g
+ id="g3093-8"
+ transform="translate(-29.273492,60.279661)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097-7" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101-8" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103-1" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107-8" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109-1" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111-6" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115-8" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117-5" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119-0" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121-1" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123-5" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127-7" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131-6" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133-2" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135-8" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139-5" />
+ </g>
+ <text
+ xml:space="preserve"
+ style="font-size:11.20825386px;font-style:normal;font-weight:normal;text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="69.643944"
+ y="302.57883"
+ id="text3497-9"><tspan
+ sodipodi:role="line"
+ id="tspan3499-7"
+ x="69.643944"
+ y="302.57883">Outbound</tspan><tspan
+ sodipodi:role="line"
+ x="69.643944"
+ y="316.58914"
+ id="tspan3501-9">Participant</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-size:11.20825386px;font-style:normal;font-weight:normal;text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="165.55498"
+ y="303.09314"
+ id="text3497-9-4"><tspan
+ sodipodi:role="line"
+ id="tspan3499-7-3"
+ x="165.55498"
+ y="303.09314">Outbound</tspan><tspan
+ sodipodi:role="line"
+ x="165.55498"
+ y="317.10345"
+ id="tspan3501-9-7">Endpoint</tspan></text>
+ <g
+ id="g3093-8-3"
+ transform="translate(116.31955,60.22252)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095-6-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097-7-0" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099-0-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101-8-8" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103-1-2" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105-9-2" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107-8-0" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109-1-2" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111-6-4" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113-4-5" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115-8-8" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117-5-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119-0-0" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121-1-8" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123-5-4" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125-9-2" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127-7-5" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129-0-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131-6-2" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133-2-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135-8-5" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137-9-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139-5-5" />
+ </g>
+ <g
+ id="g3093-8-3-6"
+ transform="translate(208.50459,59.158836)">
+ <path
+ style="fill:#b7b79d"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386 z"
+ id="path3095-6-0-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 39.968,0 0,7.386 -39.968,0 0,-7.386"
+ id="path3097-7-0-0" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0 z"
+ id="path3099-0-4-9" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 170.897,186.814 4.238,-4.018 39.968,0 -4.238,4.018 -39.968,0"
+ id="path3101-8-8-1" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:2.11999989"
+ d="m 208.63,190.176 -9.591,0"
+ id="path3103-1-2-2" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386 z"
+ id="path3105-9-2-6" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 210.865,194.2 4.238,-4.25 0,-7.154 -4.238,4.018 0,7.386"
+ id="path3107-8-0-9" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0 z"
+ id="path3109-1-2-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 4.459,-5.585 30.819,0 -4.459,5.585 -30.819,0"
+ id="path3111-6-4-8" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115 z"
+ id="path3113-4-5-2" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 201.942,200 4.459,-4.685 0,-2.015 -4.459,5.585 0,1.115"
+ id="path3115-8-8-8" />
+ <path
+ style="fill:#b7b79d"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115 z"
+ id="path3117-5-4-2" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 171.123,198.885 30.819,0 0,1.115 -30.819,0 0,-1.115"
+ id="path3119-0-0-7" />
+ <path
+ style="fill:#000000"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0 z"
+ id="path3121-1-8-8" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:0.02"
+ d="m 176.923,185.926 3.357,-3.13 28.35,0 -3.117,3.13 -28.59,0"
+ id="path3123-5-4-6" />
+ <path
+ style="fill:#c9c9b6"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0 z"
+ id="path3125-9-2-7" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 3.136,-2.903 28.363,0 -3.136,2.903 -28.363,0"
+ id="path3127-7-5-7" />
+ <path
+ style="fill:#b7b79d"
+ d="m 176.696,162.903 28.59,0 0,22.569 -28.59,0 0,-22.569 z"
+ id="path3129-0-4-0" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 176.696,162.903 28.577,0 0,22.563 -28.577,0 0,-22.563"
+ id="path3131-6-2-9" />
+ <path
+ style="fill:#ffffff"
+ d="m 179.152,165.8 23.672,0 0,17.437 -23.672,0 0,-17.437 z"
+ id="path3133-2-7-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 179.152,165.8 23.672,0 0,17.43 -23.672,0 0,-17.43"
+ id="path3135-8-5-5" />
+ <path
+ style="fill:#7a7a5a"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355 z"
+ id="path3137-9-7-4" />
+ <path
+ style="fill:none;stroke:#494936;stroke-width:0.02"
+ d="m 205.059,185.258 3.136,-3.13 0,-22.128 -3.136,2.903 0,22.355"
+ id="path3139-5-5-2" />
+ </g>
+ <text
+ xml:space="preserve"
+ style="font-size:11.20825386px;font-style:normal;font-weight:normal;text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="309.82376"
+ y="299.60657"
+ id="text3497-6"><tspan
+ sodipodi:role="line"
+ id="tspan3499-9"
+ x="309.82376"
+ y="299.60657">Inbound</tspan><tspan
+ sodipodi:role="line"
+ x="309.82376"
+ y="313.61688"
+ id="tspan3501-1">Gateway</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-size:11.20825386px;font-style:normal;font-weight:normal;text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="398.72592"
+ y="299.18781"
+ id="text3497-9-43"><tspan
+ sodipodi:role="line"
+ id="tspan3499-7-6"
+ x="398.72592"
+ y="299.18781">Inbound</tspan><tspan
+ sodipodi:role="line"
+ x="398.72592"
+ y="313.19812"
+ id="tspan3501-9-76">Participant</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-size:11.20825386px;font-style:normal;font-weight:normal;text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="502.48267"
+ y="299.70212"
+ id="text3497-9-4-9"><tspan
+ sodipodi:role="line"
+ id="tspan3499-7-3-7"
+ x="502.48267"
+ y="299.70212">Inbound</tspan><tspan
+ sodipodi:role="line"
+ x="502.48267"
+ y="313.71243"
+ id="tspan3501-9-7-6">Endpoint</tspan></text>
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m -169.20793,135.05105 94.851031,0"
+ id="path3933"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m -17.341185,133.47458 107.462798,0"
+ id="path5155"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m 145.95497,131.50399 203.32822,0"
+ id="path5341"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m 405.76303,129.49816 108.50073,0"
+ id="path5527"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <path
+ style="fill:none;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;marker-end:url(#Arrow1Lend)"
+ d="m 570.7436,127.26869 133.02487,0"
+ id="path5713"
+ transform="matrix(0.5604127,0,0,0.5604127,97,159)" />
+ <text
+ xml:space="preserve"
+ style="font-size:13.74895px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="276.8869"
+ y="-2.6395926"
+ id="text5901"
+ transform="matrix(0,0.5601056,-1.7853776,0,0,0)"><tspan
+ sodipodi:role="line"
+ id="tspan5903"
+ x="276.8869"
+ y="-2.6395926"
+ style="font-size:137.48951721px">{</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-size:14.08445358px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="283.70001"
+ y="-178.97672"
+ id="text5901-1"
+ transform="matrix(0,0.5467634,-1.8289446,0,0,0)"><tspan
+ sodipodi:role="line"
+ id="tspan5903-7"
+ x="283.70001"
+ y="-178.97672"
+ style="font-size:140.84455872px">{</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-size:22.41650772px;font-style:normal;font-weight:normal;text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="78.72393"
+ y="147.61469"
+ id="text3497-9-2"><tspan
+ sodipodi:role="line"
+ x="78.72393"
+ y="147.61469"
+ id="tspan3501-9-72">Outbound tunnel</tspan></text>
+ <text
+ xml:space="preserve"
+ style="font-size:22.41650772px;font-style:normal;font-weight:normal;text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none;font-family:Bitstream Vera Sans"
+ x="402.98383"
+ y="147.9205"
+ id="text3497-9-2-8"><tspan
+ sodipodi:role="line"
+ x="402.98383"
+ y="147.9205"
+ id="tspan3501-9-72-1">Inbound tunnel</tspan></text>
+</svg>
diff --git a/www.i2p2/pages/_layout_ar.html b/www.i2p2/pages/_layout_ar.html
new file mode 100644
index 0000000000000000000000000000000000000000..94481446c925319b2dc9856821e5af9779c5fa85
--- /dev/null
+++ b/www.i2p2/pages/_layout_ar.html
@@ -0,0 +1,28 @@
+{% set lang = "ar" -%}
+{% include "_urlify" -%}
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
+ "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ar" dir="rtl" >
+ <head>
+ <title>{% filter capture('title') %}{% block title %}{% endblock %}{% endfilter %} - I2P</title>
+ <link rel="canonical" href="{{ domain }}/{{ path }}" />
+ <link rel="stylesheet" href="_static/styles/{{ theme }}_ar.css" type="text/css" title="{{ theme }}" />
+ <link rel="shortcut icon" href="_static/favicon.ico" />
+ <link type="application/atom+xml" rel="alternate" href="http://code.google.com/feeds/p/i2p/downloads/basic" />
+ <meta name="robots" content="NOODP" />
+ </head>
+ <body>
+ <div class="hide"><a href="#main" title="Skip navigation" accesskey="2">Skip navigation</a></div>
+ <div class="logo" >
+ <a href="index.html" class="fade"><img src="_static/images/i2plogo.png" alt="I2P Logo" title="I2P مشروع التخÙÙŠ على الانترنت" /></a>
+ </div>
+ <h1>{{ title }}</h1>
+ <div class="menu" style="text-align: right;" >
+ {% include "_menu.html" %}
+ </div>
+ <div class="main" id="main" >
+ {% block content %}{% endblock %}
+ </div>
+ </body>
+</html>
diff --git a/www.i2p2/pages/_layout_cs.html b/www.i2p2/pages/_layout_cs.html
new file mode 100644
index 0000000000000000000000000000000000000000..456a803c33e65442693de23fa38884b6be427d2a
--- /dev/null
+++ b/www.i2p2/pages/_layout_cs.html
@@ -0,0 +1,28 @@
+{% set lang = "cs" -%}
+{% include "_urlify" -%}
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
+ "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="cs" >
+ <head>
+ <title>{% filter capture('title') %}{% block title %}{% endblock %}{% endfilter %} - I2P</title>
+ <link rel="canonical" href="{{ domain }}/{{ path }}" />
+ <link rel="stylesheet" href="_static/styles/{{ theme }}.css" type="text/css" title="{{ theme }}" />
+ <link rel="shortcut icon" href="_static/favicon.ico" />
+ <link type="application/atom+xml" rel="alternate" href="http://code.google.com/feeds/p/i2p/downloads/basic" />
+ <meta name="robots" content="NOODP" />
+ </head>
+ <body>
+ <div class="hide"><a href="#main" title="Skip navigation" accesskey="2">Skip navigation</a></div>
+ <div class="logo">
+ <a href="index.html" class="fade"><img src="_static/images/i2plogo.png" alt="I2P Logo" title="Invisible Internet Project (I2P)" /></a>
+ </div>
+ <h1>{{ title }}</h1>
+ <div class="menu">
+ {% include "_menu.html" %}
+ </div>
+ <div class="main" id="main">
+ {% block content %}{% endblock %}
+ </div>
+ </body>
+</html>
diff --git a/www.i2p2/pages/_layout_de.html b/www.i2p2/pages/_layout_de.html
index 8201232debb197e17f16f725c2dea28462912fbc..5e455596600c665fa2ac2a8d4c710a954797cdbc 100644
--- a/www.i2p2/pages/_layout_de.html
+++ b/www.i2p2/pages/_layout_de.html
@@ -1,16 +1,16 @@
-{% set lang = "de" %}
-{% include "_urlify" %}
+{% set lang = "de" -%}
+{% include "_urlify" -%}
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="de" >
<head>
<title>{% filter capture('title') %}{% block title %}{% endblock %}{% endfilter %} - I2P</title>
- <link rel="canonical" href="{{ domain }}/{{ path }}">
- <link rel="stylesheet" href="_static/styles/{{ theme }}.css" type="text/css" title="{{ theme }}">
+ <link rel="canonical" href="{{ domain }}/{{ path }}" />
+ <link rel="stylesheet" href="_static/styles/{{ theme }}.css" type="text/css" title="{{ theme }}" />
<link rel="shortcut icon" href="_static/favicon.ico" />
- <link type="application/atom+xml" rel="alternate" href="http://code.google.com/feeds/p/i2p/downloads/basic">
- <meta name="robots" content="NOODP">
+ <link type="application/atom+xml" rel="alternate" href="http://code.google.com/feeds/p/i2p/downloads/basic" />
+ <meta name="robots" content="NOODP" />
</head>
<body>
<div class="hide"><a href="#main" title="Skip navigation" accesskey="2">Skip navigation</a></div>
diff --git a/www.i2p2/pages/_layout_es.html b/www.i2p2/pages/_layout_es.html
new file mode 100644
index 0000000000000000000000000000000000000000..1ba4b6075ec57fde0383ee2637fce6d363a76f54
--- /dev/null
+++ b/www.i2p2/pages/_layout_es.html
@@ -0,0 +1,28 @@
+{% set lang = "es" -%}
+{% include "_urlify" -%}
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
+ "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="es" >
+ <head>
+ <title>{% filter capture('title') %}{% block title %}{% endblock %}{% endfilter %} - I2P</title>
+ <link rel="canonical" href="{{ domain }}/{{ path }}" />
+ <link rel="stylesheet" href="_static/styles/{{ theme }}.css" type="text/css" title="{{ theme }}" />
+ <link rel="shortcut icon" href="_static/favicon.ico" />
+ <link type="application/atom+xml" rel="alternate" href="http://code.google.com/feeds/p/i2p/downloads/basic" />
+ <meta name="robots" content="NOODP" />
+ </head>
+ <body>
+ <div class="hide"><a href="#main" title="Skip navigation" accesskey="2">Skip navigation</a></div>
+ <div class="logo">
+ <a href="index.html" class="fade"><img src="_static/images/i2plogo.png" alt="I2P Logo" /></a>
+ </div>
+ <h1>{{ title }}</h1>
+ <div class="menu">
+ {% include "_menu.html" %}
+ </div>
+ <div class="main" id="main">
+ {% block content %}{% endblock %}
+ </div>
+ </body>
+</html>
diff --git a/www.i2p2/pages/_layout_fr.html b/www.i2p2/pages/_layout_fr.html
index ecd7d7876ed02c5e29c09899a1cfa767c3b344ca..cad7569e0f545fa534c0734e3a01cdccd9a899c2 100644
--- a/www.i2p2/pages/_layout_fr.html
+++ b/www.i2p2/pages/_layout_fr.html
@@ -1,16 +1,16 @@
-{% set lang = "fr" %}
-{% include "_urlify" %}
+{% set lang = "fr" -%}
+{% include "_urlify" -%}
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" >
<head>
<title>{% filter capture('title') %}{% block title %}{% endblock %}{% endfilter %} - I2P</title>
- <link rel="canonical" href="{{ domain }}/{{ path }}">
- <link rel="stylesheet" href="_static/styles/{{ theme }}.css" type="text/css" title="{{ theme }}">
+ <link rel="canonical" href="{{ domain }}/{{ path }}" />
+ <link rel="stylesheet" href="_static/styles/{{ theme }}.css" type="text/css" title="{{ theme }}" />
<link rel="shortcut icon" href="_static/favicon.ico" />
- <link type="application/atom+xml" rel="alternate" href="http://code.google.com/feeds/p/i2p/downloads/basic">
- <meta name="robots" content="NOODP">
+ <link type="application/atom+xml" rel="alternate" href="http://code.google.com/feeds/p/i2p/downloads/basic" />
+ <meta name="robots" content="NOODP" />
</head>
<body>
<div class="hide"><a href="#main" title="Skip navigation" accesskey="2">Skip navigation</a></div>
diff --git a/www.i2p2/pages/_layout_it.html b/www.i2p2/pages/_layout_it.html
old mode 100755
new mode 100644
index 1cb38bffd820960f086223abfc812eef5a6876e7..b9977ab1b3a31dbd89e06380a9aa7ae73d784936
--- a/www.i2p2/pages/_layout_it.html
+++ b/www.i2p2/pages/_layout_it.html
@@ -1,16 +1,16 @@
-{% set lang = "it" %}
-{% include "_urlify" %}
+{% set lang = "it" -%}
+{% include "_urlify" -%}
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="it" >
<head>
<title>{% filter capture('title') %}{% block title %}{% endblock %}{% endfilter %} - I2P</title>
- <link rel="canonical" href="{{ domain }}/{{ path }}">
- <link rel="stylesheet" href="_static/styles/{{ theme }}.css" type="text/css" title="{{ theme }}">
+ <link rel="canonical" href="{{ domain }}/{{ path }}" />
+ <link rel="stylesheet" href="_static/styles/{{ theme }}.css" type="text/css" title="{{ theme }}" />
<link rel="shortcut icon" href="_static/favicon.ico" />
- <link type="application/atom+xml" rel="alternate" href="http://code.google.com/feeds/p/i2p/downloads/basic">
- <meta name="robots" content="NOODP">
+ <link type="application/atom+xml" rel="alternate" href="http://code.google.com/feeds/p/i2p/downloads/basic" />
+ <meta name="robots" content="NOODP" />
</head>
<body>
<div class="hide"><a href="#main" title="Skip navigation" accesskey="2">Skip navigation</a></div>
@@ -25,4 +25,4 @@
{% block content %}{% endblock %}
</div>
</body>
-</html>
\ No newline at end of file
+</html>
diff --git a/www.i2p2/pages/_layout_nl.html b/www.i2p2/pages/_layout_nl.html
index c76cac141eddd2c911170560b15cffe3e9188b9e..b93524a08f05f79f4ec897c1b02b28d1859e7409 100644
--- a/www.i2p2/pages/_layout_nl.html
+++ b/www.i2p2/pages/_layout_nl.html
@@ -1,16 +1,16 @@
-{% set lang = "nl" %}
-{% include "_urlify" %}
+{% set lang = "nl" -%}
+{% include "_urlify" -%}
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="nl" >
<head>
<title>{% filter capture('title') %}{% block title %}{% endblock %}{% endfilter %} - I2P</title>
- <link rel="canonical" href="{{ domain }}/{{ path }}">
- <link rel="stylesheet" href="_static/styles/{{ theme }}.css" type="text/css" title="{{ theme }}">
+ <link rel="canonical" href="{{ domain }}/{{ path }}" />
+ <link rel="stylesheet" href="_static/styles/{{ theme }}.css" type="text/css" title="{{ theme }}" />
<link rel="shortcut icon" href="_static/favicon.ico" />
- <link type="application/atom+xml" rel="alternate" href="http://code.google.com/feeds/p/i2p/downloads/basic">
- <meta name="robots" content="NOODP">
+ <link type="application/atom+xml" rel="alternate" href="http://code.google.com/feeds/p/i2p/downloads/basic" />
+ <meta name="robots" content="NOODP" />
</head>
<body>
<div class="hide"><a href="#main" title="Skip navigation" accesskey="2">Skip navigation</a></div>
diff --git a/www.i2p2/pages/_layout_ru.html b/www.i2p2/pages/_layout_ru.html
index d50c6375ba1448b2a57912736021be3a9f9fdfb0..67ac1cc79252f0ae900fc4760d40480112c36243 100644
--- a/www.i2p2/pages/_layout_ru.html
+++ b/www.i2p2/pages/_layout_ru.html
@@ -1,16 +1,16 @@
-{% set lang = "ru" %}
-{% include "_urlify" %}
+{% set lang = "ru" -%}
+{% include "_urlify" -%}
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru" >
<head>
<title>{% filter capture('title') %}{% block title %}{% endblock %}{% endfilter %} - I2P</title>
- <link rel="canonical" href="{{ domain }}/{{ path }}">
- <link rel="stylesheet" href="_static/styles/{{ theme }}.css" type="text/css" title="{{ theme }}">
+ <link rel="canonical" href="{{ domain }}/{{ path }}" />
+ <link rel="stylesheet" href="_static/styles/{{ theme }}.css" type="text/css" title="{{ theme }}" />
<link rel="shortcut icon" href="_static/favicon.ico" />
- <link type="application/atom+xml" rel="alternate" href="http://code.google.com/feeds/p/i2p/downloads/basic">
- <meta name="robots" content="NOODP">
+ <link type="application/atom+xml" rel="alternate" href="http://code.google.com/feeds/p/i2p/downloads/basic" />
+ <meta name="robots" content="NOODP" />
</head>
<body>
<div class="hide"><a href="#main" title="Skip navigation" accesskey="2">Skip navigation</a></div>
diff --git a/www.i2p2/pages/_layout_zh.html b/www.i2p2/pages/_layout_zh.html
index afbf60f4ca5f0af3b67bec446f30b7bf60b08737..c831b097ae58fd7f4f76fd72b91290e810831f4e 100644
--- a/www.i2p2/pages/_layout_zh.html
+++ b/www.i2p2/pages/_layout_zh.html
@@ -1,16 +1,16 @@
-{% set lang = "zh" %}
-{% include "_urlify" %}
+{% set lang = "zh" -%}
+{% include "_urlify" -%}
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="zh" >
<head>
<title>{% filter capture('title') %}{% block title %}{% endblock %}{% endfilter %} - I2P</title>
- <link rel="canonical" href="{{ domain }}/{{ path }}">
- <link rel="stylesheet" href="_static/styles/{{ theme }}_zh.css" type="text/css" title="{{ theme }}">
+ <link rel="canonical" href="{{ domain }}/{{ path }}" />
+ <link rel="stylesheet" href="_static/styles/{{ theme }}_zh.css" type="text/css" title="{{ theme }}" />
<link rel="shortcut icon" href="_static/favicon.ico" />
- <link type="application/atom+xml" rel="alternate" href="/feeds/p/i2p/downloads/basic">
- <meta name="robots" content="NOODP">
+ <link type="application/atom+xml" rel="alternate" href="/feeds/p/i2p/downloads/basic" />
+ <meta name="robots" content="NOODP" />
</head>
<body>
<div class="hide"><a href="#main" title="Skip navigation" accesskey="2">跳过导航</a></div>
diff --git a/www.i2p2/pages/announcements.html b/www.i2p2/pages/announcements.html
index fe0408cdff4db28ee2c318255b717ad2c588b26d..766d4a918f236c3d6cfeaf6e1686125629cc8e72 100644
--- a/www.i2p2/pages/announcements.html
+++ b/www.i2p2/pages/announcements.html
@@ -2,8 +2,31 @@
{% block title %}Announcements{% endblock %}
{% block content %}
<h1>Past I2P Release Announcements</h1>
+<h4>2012</h4>
+<ul class="infolist">
+<li>2012-07-30 - <a href="release-0.9.1.html">0.9.1</a></li>
+<li>2012-05-02 - <a href="release-0.9.html">0.9</a></li>
+<li>2012-02-27 - <a href="release-0.8.13.html">0.8.13</a></li>
+<li>2012-01-06 - <a href="release-0.8.12.html">0.8.12</a></li>
+</ul>
+<h4>2011</h4>
+<ul class="infolist">
+<li>2011-11-08 - <a href="release-0.8.11.html">0.8.11</a></li>
+<li>2011-10-20 - <a href="release-0.8.10.html">0.8.10</a></li>
+<li>2011-10-11 - <a href="release-0.8.9.html">0.8.9</a></li>
+<li>2011-09-03 - <a href="summerofcode-2011-end.html">Ipredator summer of Code: itoopie released</a></li>
+<li>2011-08-23 - <a href="release-0.8.8.html">0.8.8</a></li>
+<li>2011-06-27 - <a href="release-0.8.7.html">0.8.7</a></li>
+<li>2011-06-06 - <a href="summerofcode-2011.html">Ipredator summer of Code</a></li>
+<li>2011-05-16 - <a href="release-0.8.6.html">0.8.6</a></li>
+<li>2011-04-18 - <a href="release-0.8.5.html">0.8.5</a></li>
+<li>2011-03-02 - <a href="release-0.8.4.html">0.8.4</a></li>
+<li>2011-01-24 - <a href="release-0.8.3.html">0.8.3</a></li>
+</ul>
<h4>2010</h4>
<ul class="infolist">
+<li>2010-12-22 - <a href="release-0.8.2.html">0.8.2</a></li>
+<li>2010-11-15 - <a href="release-0.8.1.html">0.8.1</a></li>
<li>2010-07-12 - <a href="release-0.8.html">0.8</a></li>
<li>2010-06-07 - <a href="release-0.7.14.html">0.7.14</a></li>
<li>2010-04-27 - <a href="release-0.7.13.html">0.7.13</a></li>
diff --git a/www.i2p2/pages/announcements_ar.html b/www.i2p2/pages/announcements_ar.html
new file mode 100644
index 0000000000000000000000000000000000000000..16f427e2c4f307b4b529eadd4bbbbe83b48520a1
--- /dev/null
+++ b/www.i2p2/pages/announcements_ar.html
@@ -0,0 +1,169 @@
+{% extends "_layout_ar.html" %}
+{% block title %}اصدارات{% endblock %}
+{% block content %}
+<h1>
+الاصدارات السابقة لـI2P
+</h1>
+<h4>2012</h4>
+<ul class="infolist">
+<li>2012-07-30 - <a href="release-0.9.1.html">0.9.1</a></li>
+<li>2012-05-02 - <a href="release-0.9.html">0.9</a></li>
+<li>2012-02-27 - <a href="release-0.8.13.html">0.8.13</a></li>
+<li>2012-01-06 - <a href="release-0.8.12.html">0.8.12</a></li>
+</ul>
+<h4>2011</h4>
+<ul class="infolist">
+<li>2011-11-08 - <a href="release-0.8.11.html">0.8.11</a></li>
+<li>2011-10-20 - <a href="release-0.8.10.html">0.8.10</a></li>
+<li>2011-10-11 - <a href="release-0.8.9.html">0.8.9</a></li>
+<li>2011-08-23 - <a href="release-0.8.8.html">0.8.8</a></li>
+<li>2011-06-27 - <a href="release-0.8.7.html">0.8.7</a></li>
+<li>2011-06-06 - <a href="summerofcode-2011.html">Ipredator summer of Code</a></li>
+<li>2011-05-16 - <a href="release-0.8.6.html">0.8.6</a></li>
+<li>2011-04-18 - <a href="release-0.8.5.html">0.8.5</a></li>
+<li>2011-03-02 - <a href="release-0.8.4.html">0.8.4</a></li>
+<li>2011-01-24 - <a href="release-0.8.3.html">0.8.3</a></li>
+</ul>
+<h4>2010</h4>
+<ul class="infolist">
+<li>2010-12-22 - <a href="release-0.8.2.html">0.8.2</a></li>
+<li>2010-11-15 - <a href="release-0.8.1.html">0.8.1</a></li>
+<li>2010-07-12 - <a href="release-0.8.html">0.8</a></li>
+<li>2010-06-07 - <a href="release-0.7.14.html">0.7.14</a></li>
+<li>2010-04-27 - <a href="release-0.7.13.html">0.7.13</a></li>
+<li>2010-03-15 - <a href="release-0.7.12.html">0.7.12</a></li>
+<li>2010-02-15 - <a href="release-0.7.11.html">0.7.11</a></li>
+<li>2010-01-22 - <a href="release-0.7.10.html">0.7.10</a></li>
+<li>2010-01-12 - <a href="release-0.7.9.html">0.7.9</a></li>
+</ul>
+<h4>2009</h4>
+<ul class="infolist">
+<li>2009-12-08 - <a href="release-0.7.8.html">0.7.8</a></li>
+<li>2009-10-12 - <a href="release-0.7.7.html">0.7.7</a></li>
+<li>2009-07-31 - <a href="release-0.7.6.html">0.7.6</a></li>
+<li>2009-06-29 - <a href="release-0.7.5.html">0.7.5</a></li>
+<li>2009-06-13 - <a href="release-0.7.4.html">0.7.4</a></li>
+<li>2009-05-18 - <a href="release-0.7.3.html">0.7.3</a></li>
+<li>2009-04-19 - <a href="release-0.7.2.html">0.7.2</a></li>
+<li>2009-03-29 - <a href="release-0.7.1.html">0.7.1</a></li>
+<li>2009-01-25 - <a href="release-0.7.html">0.7</a></li>
+</ul>
+<h4>2008</h4>
+<ul class="infolist">
+<li>2008-12-01 - <a href="release-0.6.5.html">0.6.5</a></li>
+<li>2008-10-06 - <a href="release-0.6.4.html">0.6.4</a></li>
+<li>2008-08-26 - <a href="release-0.6.3.html">0.6.3</a></li>
+<li>2008-06-07 - <a href="release-0.6.2.html">0.6.2</a></li>
+<li>2008-04-26 - <a href="release-0.6.1.33.html">0.6.1.33</a></li>
+<li>2008-03-09 - <a href="release-0.6.1.32.html">0.6.1.32</a></li>
+<li>2008-02-10 - <a href="release-0.6.1.31.html">0.6.1.31</a></li>
+</ul>
+<h4>2007</h4>
+<ul class="infolist">
+<li>2007-10-07 - <a href="release-0.6.1.30.html">0.6.1.30</a></li>
+<li>2007-08-29 - <a href="http://forum.i2p2.de/viewtopic.php?t=2263">0.6.1.29</a></li>
+<li>2007-03-17 - <a href="http://forum.i2p2.de/viewtopic.php?t=2074">0.6.1.28</a></li>
+<li>2007-02-15 - <a href="http://forum.i2p2.de/viewtopic.php?t=2045">0.6.1.27</a></li>
+</ul>
+<h4>2006</h4>
+<ul class="infolist">
+<li>2006-10-09 - <a href="http://forum.i2p2.de/viewtopic.php?t=1919">0.6.1.26</a></li>
+<li>2006-09-09 - <a href="http://forum.i2p2.de/viewtopic.php?t=1888">0.6.1.25</a></li>
+<li>2006-07-29 - <a href="http://forum.i2p2.de/viewtopic.php?t=1812">0.6.1.24</a></li>
+<li>2006-07-28 - <a href="http://forum.i2p2.de/viewtopic.php?t=1801">0.6.1.23</a></li>
+<li>2006-07-18 - <a href="http://forum.i2p2.de/viewtopic.php?t=1785">0.6.1.22</a></li>
+<li>2006-06-14 - <a href="http://forum.i2p2.de/viewtopic.php?t=1743">0.6.1.21</a></li>
+<li>2006-06-04 - <a href="http://forum.i2p2.de/viewtopic.php?t=1730">0.6.1.20</a></li>
+<li>2006-05-29 - <a href="http://forum.i2p2.de/viewtopic.php?t=1706">0.6.1.19</a></li>
+<li>2006-05-09 - <a href="http://forum.i2p2.de/viewtopic.php?t=1691">0.6.1.18</a></li>
+<li>2006-04-23 - <a href="http://forum.i2p2.de/viewtopic.php?t=1670">0.6.1.17</a></li>
+<li>2006-04-15 - <a href="http://forum.i2p2.de/viewtopic.php?t=1664">0.6.1.16</a></li>
+<li>2006-04-13 - <a href="http://forum.i2p2.de/viewtopic.php?t=1661">0.6.1.15</a></li>
+<li>2006-04-05 - <a href="http://forum.i2p2.de/viewtopic.php?t=1636">0.6.1.14</a></li>
+<li>2006-03-26 - <a href="http://forum.i2p2.de/viewtopic.php?t=1612">0.6.1.13</a></li>
+<li>2006-02-27 - <a href="http://forum.i2p2.de/viewtopic.php?t=1558">0.6.1.12</a></li>
+<li>2006-02-21 - <a href="http://forum.i2p2.de/viewtopic.php?t=1533">0.6.1.11</a></li>
+<li>2006-02-16 - <a href="http://forum.i2p2.de/viewtopic.php?t=1512">0.6.1.10</a></li>
+<li>2006-01-12 - <a href="http://forum.i2p2.de/viewtopic.php?t=1402">0.6.1.9</a></li>
+</ul>
+<h4>2005</h4>
+<ul class="infolist">
+<li>2005-12-22 - <a href="http://forum.i2p2.de/viewtopic.php?t=1339">0.6.1.8</a></li>
+<li>2005-12-01 - <a href="http://forum.i2p2.de/viewtopic.php?t=1257">0.6.1.7</a></li>
+<li>2005-11-26 - <a href="http://forum.i2p2.de/viewtopic.php?t=1238">0.6.1.6</a></li>
+<li>2005-11-15 - <a href="http://forum.i2p2.de/viewtopic.php?t=1206">0.6.1.5</a></li>
+<li>2005-10-29 - <a href="http://forum.i2p2.de/viewtopic.php?t=1144">0.6.1.4</a></li>
+<li>2005-10-14 - <a href="http://forum.i2p2.de/viewtopic.php?t=1098">0.6.1.3</a></li>
+<li>2005-10-07 - <a href="http://forum.i2p2.de/viewtopic.php?t=1068">0.6.1.2</a></li>
+<li>2005-10-01 - <a href="http://forum.i2p2.de/viewtopic.php?t=1048">0.6.1.1</a></li>
+<li>2005-09-29 - <a href="http://forum.i2p2.de/viewtopic.php?t=1037">0.6.1</a></li>
+<li>2005-09-17 - <a href="http://forum.i2p2.de/viewtopic.php?t=999">0.6.0.6</a></li>
+<li>2005-09-02 - <a href="http://forum.i2p2.de/viewtopic.php?t=953">0.6.0.5</a></li>
+<li>2005-09-01 - <a href="http://forum.i2p2.de/viewtopic.php?t=948">0.6.0.4</a></li>
+<li>2005-08-21 - <a href="http://forum.i2p2.de/viewtopic.php?t=910">0.6.0.3</a></li>
+<li>2005-08-08 - <a href="http://forum.i2p2.de/viewtopic.php?t=875">0.6.0.2</a></li>
+<li>2005-08-03 - <a href="http://forum.i2p2.de/viewtopic.php?t=858">0.6.0.1</a></li>
+<li>2005-07-27 - <a href="http://forum.i2p2.de/viewtopic.php?t=828">0.6</a></li>
+<li>2005-04-20 - <a href="http://forum.i2p2.de/viewtopic.php?t=662">0.5.0.7</a></li>
+<li>2005-04-06 - <a href="http://forum.i2p2.de/viewtopic.php?t=612">0.5.0.6</a></li>
+<li>2005-03-29 - <a href="http://forum.i2p2.de/viewtopic.php?t=592">0.5.0.5</a></li>
+<li>2005-03-24 - <a href="http://forum.i2p2.de/viewtopic.php?t=572">0.5.0.4</a></li>
+<li>2005-03-18 - <a href="http://forum.i2p2.de/viewtopic.php?t=553">0.5.0.3</a></li>
+<li>2005-03-06 - <a href="http://forum.i2p2.de/viewtopic.php?t=413">0.5.0.2</a></li>
+<li>2005-02-23 - <a href="http://forum.i2p2.de/viewtopic.php?t=367">0.5.0.1</a></li>
+<li>2005-02-18 - <a href="http://forum.i2p2.de/viewtopic.php?t=361">0.5</a></li>
+<li>2005-01-06 - <a href="http://forum.i2p2.de/viewtopic.php?t=236">0.4.2.6</a></li>
+</ul>
+<h4>2004</h4>
+<ul class="infolist">
+<li>2004-12-21 - <a href="http://dev.i2p.net/pipermail/i2p/2004-December/000527.html">0.4.2.5</a></li>
+<li>2004-12-18 - <a href="http://dev.i2p.net/pipermail/i2p/2004-December/000525.html">0.4.2.4</a></li>
+<li>2004-12-08 - <a href="http://forum.i2p2.de/viewtopic.php?t=195">0.4.2.3</a></li>
+<li>2004-12-01 - <a href="http://dev.i2p.net/pipermail/i2p/2004-December/000494.html">0.4.2.2</a></li>
+<li>2004-12-01 - <a href="http://dev.i2p.net/pipermail/i2p/2004-December/000493.html">0.4.2.1</a></li>
+<li>2004-11-26 - <a href="http://forum.i2p2.de/viewtopic.php?t=176">0.4.2</a></li>
+<li>2004-11-06 - <a href="http://forum.i2p2.de/viewtopic.php?t=143">0.4.1.4</a></li>
+<li>2004-10-18 - <a href="http://forum.i2p2.de/viewtopic.php?t=124">0.4.1.3</a></li>
+<li>2004-10-10 - <a href="http://forum.i2p2.de/viewtopic.php?t=113">0.4.1.2</a></li>
+<li>2004-10-01 - <a href="http://forum.i2p2.de/viewtopic.php?t=100">0.4.1.1</a></li>
+<li>2004-09-30 - <a href="http://forum.i2p2.de/viewtopic.php?t=97">0.4.1</a></li>
+<li>2004-09-08 - <a href="http://forum.i2p2.de/viewtopic.php?t=70">0.4.0.1</a></li>
+<li>2004-09-03 - <a href="http://forum.i2p2.de/viewtopic.php?t=60">0.4</a></li>
+<li>2004-08-20 - <a href="http://forum.i2p2.de/viewtopic.php?t=51">0.3.4.3</a></li>
+<li>2004-08-12 - <a href="http://forum.i2p2.de/viewtopic.php?t=45">0.3.4.2</a></li>
+<li>2004-08-08 - <a href="http://forum.i2p2.de/viewtopic.php?t=42">0.3.4.1</a></li>
+<li>2004-07-29 - <a href="http://forum.i2p2.de/viewtopic.php?t=36">0.3.4</a></li>
+<li>2004-07-23 - <a href="http://dev.i2p.net/pipermail/i2p/2004-July/000363.html">0.3.3</a></li>
+<li>2004-07-16 - <a href="http://forum.i2p2.de/viewtopic.php?t=28">0.3.2.3</a></li>
+<li>2004-07-14 - <a href="http://forum.i2p2.de/viewtopic.php?t=27">0.3.2.2</a></li>
+<li>2004-07-11 - <a href="http://forum.i2p2.de/viewtopic.php?t=22">0.3.2.1</a></li>
+<li>2004-07-07 - <a href="http://forum.i2p2.de/viewtopic.php?t=20">0.3.2</a></li>
+<li>2004-06-25 - <a href="http://forum.i2p2.de/viewtopic.php?t=6">0.3.1.5</a></li>
+<li>2004-05-23 - <a href="http://forum.i2p2.de/viewtopic.php?t=2">0.3.1.4</a></li>
+<li>2004-05-20 - <a href="http://dev.i2p.net/pipermail/i2p/2004-May/000240.html">0.3.1.3</a></li>
+<li>2004-05-13 - <a href="http://dev.i2p.net/pipermail/i2p/2004-May/000238.html">0.3.1.2</a></li>
+<li>2004-05-07 - <a href="http://dev.i2p.net/pipermail/i2p/2004-May/000235.html">0.3.1.1</a></li>
+<li>2004-04-30 - <a href="http://dev.i2p.net/pipermail/i2p/2004-April/000232.html">0.3.1</a></li>
+<li>2004-04-20 - <a href="http://dev.i2p.net/pipermail/i2p/2004-April/000227.html">0.3.0.4</a></li>
+<li>2004-04-04 - <a href="http://dev.i2p.net/pipermail/i2p/2004-April/000190.html">0.3.0.3</a></li>
+<li>2004-03-30 - <a href="http://dev.i2p.net/pipermail/i2p/2004-March/000187.html">0.3.0.2</a></li>
+<li>2004-03-25 - <a href="http://dev.i2p.net/pipermail/i2p/2004-March/000184.html">0.3.0.1</a></li>
+<li>2004-03-21 - <a href="http://dev.i2p.net/pipermail/i2p/2004-March/000173.html">0.3.0</a></li>
+<li>2004-03-10 - <a href="http://dev.i2p.net/pipermail/i2p/2004-March/000161.html">0.2.5.4</a></li>
+<li>2004-03-04 - <a href="http://dev.i2p.net/pipermail/i2p/2004-March/000158.html">0.2.5.3</a></li>
+<li>2004-02-28 - <a href="http://dev.i2p.net/pipermail/i2p/2004-February/000154.html">0.2.5.2</a></li>
+<li>2004-02-27 - <a href="http://dev.i2p.net/pipermail/i2p/2004-February/000153.html">0.2.5.1</a></li>
+<li>2004-02-25 - <a href="http://dev.i2p.net/pipermail/i2p/2004-February/000152.html">0.2.5</a></li>
+<li>2004-02-19 - <a href="http://dev.i2p.net/pipermail/i2p/2004-February/000145.html">0.2.4.2</a></li>
+<li>2004-02-14 - <a href="http://dev.i2p.net/pipermail/i2p/2004-February/000143.html">0.2.4</a></li>
+<li>2004-01-27 - <a href="http://dev.i2p.net/pipermail/i2p/2004-January/000118.html">0.2.3.6</a></li>
+<li>2004-01-21 - <a href="http://dev.i2p.net/pipermail/i2p/2004-January/000103.html">0.2.3.5</a></li>
+<li>2004-01-14 - <a href="http://dev.i2p.net/pipermail/i2p/2004-January/000089.html">0.2.3.4</a></li>
+</ul>
+<h4>2003</h4>
+<ul class="infolist">
+<li>2003-12-29 - <a href="http://dev.i2p.net/pipermail/i2p/2003-December/000032.html">0.2.3.3</a></li>
+<li>2003-12-27 - <a href="http://dev.i2p.net/pipermail/i2p/2003-December/000023.html">0.2.3.2</a></li>
+<li>2003-12-15 - <a href="http://dev.i2p.net/pipermail/i2p/2003-December/000002.html">0.2.3</a></li>
+</ul>
+{% endblock %}
diff --git a/www.i2p2/pages/announcements_de.html b/www.i2p2/pages/announcements_de.html
index f4f050cfe000903476ec457113af9d2cb237758a..e04d06f95d39f66e79b48ce77deb0e54815399ab 100644
--- a/www.i2p2/pages/announcements_de.html
+++ b/www.i2p2/pages/announcements_de.html
@@ -3,8 +3,29 @@
{% block content %}
<h1>Alte Ankündigungen</h1>
<p>Hinweis: Da i2p.net nicht erreichbar ist, sind viele Verweise nicht funktional</p>
+<h4>2012</h4>
+<ul class="infolist">
+<li>2012-07-30 - <a href="release-0.9.1.html">0.9.1</a></li>
+<li>2012-05-02 - <a href="release-0.9.html">0.9</a></li>
+<li>2012-02-27 - <a href="release-0.8.13.html">0.8.13</a></li>
+<li>2012-01-06 - <a href="release-0.8.12.html">0.8.12</a></li>
+</ul>
+<h4>2011</h4>
+<ul class="infolist">
+<li>2011-11-08 - <a href="release-0.8.11.html">0.8.11</a></li>
+<li>2011-10-20 - <a href="release-0.8.10.html">0.8.10</a></li>
+<li>2011-10-11 - <a href="release-0.8.9.html">0.8.9</a></li>
+<li>2011-08-23 - <a href="release-0.8.8.html">0.8.8</a></li>
+<li>2011-06-27 - <a href="release-0.8.7.html">0.8.7</a></li>
+<li>2011-05-16 - <a href="release-0.8.6.html">0.8.6</a></li>
+<li>2011-04-18 - <a href="release-0.8.5.html">0.8.5</a></li>
+<li>2011-03-02 - <a href="release-0.8.4.html">0.8.4</a></li>
+<li>2011-01-24 - <a href="release-0.8.3.html">0.8.3</a></li>
+</ul>
<h4>2010</h4>
<ul class="infolist">
+<li>2010-12-22 - <a href="release-0.8.2.html">0.8.2</a></li>
+<li>2010-11-15 - <a href="release-0.8.1.html">0.8.1</a></li>
<li>2010-07-12 - <a href="release-0.8.html">0.8</a></li>
<li>2010-06-07 - <a href="release-0.7.14.html">0.7.14</a></li>
<li>2010-04-27 - <a href="release-0.7.13.html">0.7.13</a></li>
diff --git a/www.i2p2/pages/announcements_fr.html b/www.i2p2/pages/announcements_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..b33da0c134be29f28a67bf7aa4415c4317c6240c
--- /dev/null
+++ b/www.i2p2/pages/announcements_fr.html
@@ -0,0 +1,167 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Versions{% endblock %}
+{% block content %}
+<h1>Historique des versions publiées</h1>
+<h4>2012</h4>
+<ul class="infolist">
+<li>2012-07-30 - <a href="release-0.9.1.html">0.9.1</a></li>
+<li>2012-05-02 - <a href="release-0.9.html">0.9</a></li>
+<li>2012-02-27 - <a href="release-0.8.13.html">0.8.13</a></li>
+<li>2012-01-06 - <a href="release-0.8.12.html">0.8.12</a></li>
+</ul>
+<h4>2011</h4>
+<ul class="infolist">
+<li>2011-11-08 - <a href="release-0.8.11.html">0.8.11</a></li>
+<li>2011-10-20 - <a href="release-0.8.10.html">0.8.10</a></li>
+<li>2011-10-11 - <a href="release-0.8.9.html">0.8.9</a></li>
+<li>2011-08-23 - <a href="release-0.8.8.html">0.8.8</a></li>
+<li>2011-06-27 - <a href="release-0.8.7_fr.html">0.8.7</a></li>
+<li>2011-06-06 - <a href="summerofcode-2011_fr.html">Ipredator - Codage estival</a></li>
+<li>2011-05-16 - <a href="release-0.8.6_fr.html">0.8.6</a></li>
+<li>2011-04-18 - <a href="release-0.8.5_fr.html">0.8.5</a></li>
+<li>2011-03-02 - <a href="release-0.8.4_fr.html">0.8.4</a></li>
+<li>2011-01-24 - <a href="release-0.8.3.html">0.8.3</a></li>
+</ul>
+<h4>2010</h4>
+<ul class="infolist">
+<li>2010-12-22 - <a href="release-0.8.2.html">0.8.2</a></li>
+<li>2010-11-15 - <a href="release-0.8.1.html">0.8.1</a></li>
+<li>2010-07-12 - <a href="release-0.8.html">0.8</a></li>
+<li>2010-06-07 - <a href="release-0.7.14.html">0.7.14</a></li>
+<li>2010-04-27 - <a href="release-0.7.13.html">0.7.13</a></li>
+<li>2010-03-15 - <a href="release-0.7.12.html">0.7.12</a></li>
+<li>2010-02-15 - <a href="release-0.7.11.html">0.7.11</a></li>
+<li>2010-01-22 - <a href="release-0.7.10.html">0.7.10</a></li>
+<li>2010-01-12 - <a href="release-0.7.9.html">0.7.9</a></li>
+</ul>
+<h4>2009</h4>
+<ul class="infolist">
+<li>2009-12-08 - <a href="release-0.7.8.html">0.7.8</a></li>
+<li>2009-10-12 - <a href="release-0.7.7.html">0.7.7</a></li>
+<li>2009-07-31 - <a href="release-0.7.6.html">0.7.6</a></li>
+<li>2009-06-29 - <a href="release-0.7.5.html">0.7.5</a></li>
+<li>2009-06-13 - <a href="release-0.7.4.html">0.7.4</a></li>
+<li>2009-05-18 - <a href="release-0.7.3.html">0.7.3</a></li>
+<li>2009-04-19 - <a href="release-0.7.2.html">0.7.2</a></li>
+<li>2009-03-29 - <a href="release-0.7.1.html">0.7.1</a></li>
+<li>2009-01-25 - <a href="release-0.7.html">0.7</a></li>
+</ul>
+<h4>2008</h4>
+<ul class="infolist">
+<li>2008-12-01 - <a href="release-0.6.5.html">0.6.5</a></li>
+<li>2008-10-06 - <a href="release-0.6.4.html">0.6.4</a></li>
+<li>2008-08-26 - <a href="release-0.6.3.html">0.6.3</a></li>
+<li>2008-06-07 - <a href="release-0.6.2.html">0.6.2</a></li>
+<li>2008-04-26 - <a href="release-0.6.1.33.html">0.6.1.33</a></li>
+<li>2008-03-09 - <a href="release-0.6.1.32.html">0.6.1.32</a></li>
+<li>2008-02-10 - <a href="release-0.6.1.31.html">0.6.1.31</a></li>
+</ul>
+<h4>2007</h4>
+<ul class="infolist">
+<li>2007-10-07 - <a href="release-0.6.1.30.html">0.6.1.30</a></li>
+<li>2007-08-29 - <a href="http://forum.i2p2.de/viewtopic.php?t=2263">0.6.1.29</a></li>
+<li>2007-03-17 - <a href="http://forum.i2p2.de/viewtopic.php?t=2074">0.6.1.28</a></li>
+<li>2007-02-15 - <a href="http://forum.i2p2.de/viewtopic.php?t=2045">0.6.1.27</a></li>
+</ul>
+<h4>2006</h4>
+<ul class="infolist">
+<li>2006-10-09 - <a href="http://forum.i2p2.de/viewtopic.php?t=1919">0.6.1.26</a></li>
+<li>2006-09-09 - <a href="http://forum.i2p2.de/viewtopic.php?t=1888">0.6.1.25</a></li>
+<li>2006-07-29 - <a href="http://forum.i2p2.de/viewtopic.php?t=1812">0.6.1.24</a></li>
+<li>2006-07-28 - <a href="http://forum.i2p2.de/viewtopic.php?t=1801">0.6.1.23</a></li>
+<li>2006-07-18 - <a href="http://forum.i2p2.de/viewtopic.php?t=1785">0.6.1.22</a></li>
+<li>2006-06-14 - <a href="http://forum.i2p2.de/viewtopic.php?t=1743">0.6.1.21</a></li>
+<li>2006-06-04 - <a href="http://forum.i2p2.de/viewtopic.php?t=1730">0.6.1.20</a></li>
+<li>2006-05-29 - <a href="http://forum.i2p2.de/viewtopic.php?t=1706">0.6.1.19</a></li>
+<li>2006-05-09 - <a href="http://forum.i2p2.de/viewtopic.php?t=1691">0.6.1.18</a></li>
+<li>2006-04-23 - <a href="http://forum.i2p2.de/viewtopic.php?t=1670">0.6.1.17</a></li>
+<li>2006-04-15 - <a href="http://forum.i2p2.de/viewtopic.php?t=1664">0.6.1.16</a></li>
+<li>2006-04-13 - <a href="http://forum.i2p2.de/viewtopic.php?t=1661">0.6.1.15</a></li>
+<li>2006-04-05 - <a href="http://forum.i2p2.de/viewtopic.php?t=1636">0.6.1.14</a></li>
+<li>2006-03-26 - <a href="http://forum.i2p2.de/viewtopic.php?t=1612">0.6.1.13</a></li>
+<li>2006-02-27 - <a href="http://forum.i2p2.de/viewtopic.php?t=1558">0.6.1.12</a></li>
+<li>2006-02-21 - <a href="http://forum.i2p2.de/viewtopic.php?t=1533">0.6.1.11</a></li>
+<li>2006-02-16 - <a href="http://forum.i2p2.de/viewtopic.php?t=1512">0.6.1.10</a></li>
+<li>2006-01-12 - <a href="http://forum.i2p2.de/viewtopic.php?t=1402">0.6.1.9</a></li>
+</ul>
+<h4>2005</h4>
+<ul class="infolist">
+<li>2005-12-22 - <a href="http://forum.i2p2.de/viewtopic.php?t=1339">0.6.1.8</a></li>
+<li>2005-12-01 - <a href="http://forum.i2p2.de/viewtopic.php?t=1257">0.6.1.7</a></li>
+<li>2005-11-26 - <a href="http://forum.i2p2.de/viewtopic.php?t=1238">0.6.1.6</a></li>
+<li>2005-11-15 - <a href="http://forum.i2p2.de/viewtopic.php?t=1206">0.6.1.5</a></li>
+<li>2005-10-29 - <a href="http://forum.i2p2.de/viewtopic.php?t=1144">0.6.1.4</a></li>
+<li>2005-10-14 - <a href="http://forum.i2p2.de/viewtopic.php?t=1098">0.6.1.3</a></li>
+<li>2005-10-07 - <a href="http://forum.i2p2.de/viewtopic.php?t=1068">0.6.1.2</a></li>
+<li>2005-10-01 - <a href="http://forum.i2p2.de/viewtopic.php?t=1048">0.6.1.1</a></li>
+<li>2005-09-29 - <a href="http://forum.i2p2.de/viewtopic.php?t=1037">0.6.1</a></li>
+<li>2005-09-17 - <a href="http://forum.i2p2.de/viewtopic.php?t=999">0.6.0.6</a></li>
+<li>2005-09-02 - <a href="http://forum.i2p2.de/viewtopic.php?t=953">0.6.0.5</a></li>
+<li>2005-09-01 - <a href="http://forum.i2p2.de/viewtopic.php?t=948">0.6.0.4</a></li>
+<li>2005-08-21 - <a href="http://forum.i2p2.de/viewtopic.php?t=910">0.6.0.3</a></li>
+<li>2005-08-08 - <a href="http://forum.i2p2.de/viewtopic.php?t=875">0.6.0.2</a></li>
+<li>2005-08-03 - <a href="http://forum.i2p2.de/viewtopic.php?t=858">0.6.0.1</a></li>
+<li>2005-07-27 - <a href="http://forum.i2p2.de/viewtopic.php?t=828">0.6</a></li>
+<li>2005-04-20 - <a href="http://forum.i2p2.de/viewtopic.php?t=662">0.5.0.7</a></li>
+<li>2005-04-06 - <a href="http://forum.i2p2.de/viewtopic.php?t=612">0.5.0.6</a></li>
+<li>2005-03-29 - <a href="http://forum.i2p2.de/viewtopic.php?t=592">0.5.0.5</a></li>
+<li>2005-03-24 - <a href="http://forum.i2p2.de/viewtopic.php?t=572">0.5.0.4</a></li>
+<li>2005-03-18 - <a href="http://forum.i2p2.de/viewtopic.php?t=553">0.5.0.3</a></li>
+<li>2005-03-06 - <a href="http://forum.i2p2.de/viewtopic.php?t=413">0.5.0.2</a></li>
+<li>2005-02-23 - <a href="http://forum.i2p2.de/viewtopic.php?t=367">0.5.0.1</a></li>
+<li>2005-02-18 - <a href="http://forum.i2p2.de/viewtopic.php?t=361">0.5</a></li>
+<li>2005-01-06 - <a href="http://forum.i2p2.de/viewtopic.php?t=236">0.4.2.6</a></li>
+</ul>
+<h4>2004</h4>
+<ul class="infolist">
+<li>2004-12-21 - <a href="http://dev.i2p.net/pipermail/i2p/2004-December/000527.html">0.4.2.5</a></li>
+<li>2004-12-18 - <a href="http://dev.i2p.net/pipermail/i2p/2004-December/000525.html">0.4.2.4</a></li>
+<li>2004-12-08 - <a href="http://forum.i2p2.de/viewtopic.php?t=195">0.4.2.3</a></li>
+<li>2004-12-01 - <a href="http://dev.i2p.net/pipermail/i2p/2004-December/000494.html">0.4.2.2</a></li>
+<li>2004-12-01 - <a href="http://dev.i2p.net/pipermail/i2p/2004-December/000493.html">0.4.2.1</a></li>
+<li>2004-11-26 - <a href="http://forum.i2p2.de/viewtopic.php?t=176">0.4.2</a></li>
+<li>2004-11-06 - <a href="http://forum.i2p2.de/viewtopic.php?t=143">0.4.1.4</a></li>
+<li>2004-10-18 - <a href="http://forum.i2p2.de/viewtopic.php?t=124">0.4.1.3</a></li>
+<li>2004-10-10 - <a href="http://forum.i2p2.de/viewtopic.php?t=113">0.4.1.2</a></li>
+<li>2004-10-01 - <a href="http://forum.i2p2.de/viewtopic.php?t=100">0.4.1.1</a></li>
+<li>2004-09-30 - <a href="http://forum.i2p2.de/viewtopic.php?t=97">0.4.1</a></li>
+<li>2004-09-08 - <a href="http://forum.i2p2.de/viewtopic.php?t=70">0.4.0.1</a></li>
+<li>2004-09-03 - <a href="http://forum.i2p2.de/viewtopic.php?t=60">0.4</a></li>
+<li>2004-08-20 - <a href="http://forum.i2p2.de/viewtopic.php?t=51">0.3.4.3</a></li>
+<li>2004-08-12 - <a href="http://forum.i2p2.de/viewtopic.php?t=45">0.3.4.2</a></li>
+<li>2004-08-08 - <a href="http://forum.i2p2.de/viewtopic.php?t=42">0.3.4.1</a></li>
+<li>2004-07-29 - <a href="http://forum.i2p2.de/viewtopic.php?t=36">0.3.4</a></li>
+<li>2004-07-23 - <a href="http://dev.i2p.net/pipermail/i2p/2004-July/000363.html">0.3.3</a></li>
+<li>2004-07-16 - <a href="http://forum.i2p2.de/viewtopic.php?t=28">0.3.2.3</a></li>
+<li>2004-07-14 - <a href="http://forum.i2p2.de/viewtopic.php?t=27">0.3.2.2</a></li>
+<li>2004-07-11 - <a href="http://forum.i2p2.de/viewtopic.php?t=22">0.3.2.1</a></li>
+<li>2004-07-07 - <a href="http://forum.i2p2.de/viewtopic.php?t=20">0.3.2</a></li>
+<li>2004-06-25 - <a href="http://forum.i2p2.de/viewtopic.php?t=6">0.3.1.5</a></li>
+<li>2004-05-23 - <a href="http://forum.i2p2.de/viewtopic.php?t=2">0.3.1.4</a></li>
+<li>2004-05-20 - <a href="http://dev.i2p.net/pipermail/i2p/2004-May/000240.html">0.3.1.3</a></li>
+<li>2004-05-13 - <a href="http://dev.i2p.net/pipermail/i2p/2004-May/000238.html">0.3.1.2</a></li>
+<li>2004-05-07 - <a href="http://dev.i2p.net/pipermail/i2p/2004-May/000235.html">0.3.1.1</a></li>
+<li>2004-04-30 - <a href="http://dev.i2p.net/pipermail/i2p/2004-April/000232.html">0.3.1</a></li>
+<li>2004-04-20 - <a href="http://dev.i2p.net/pipermail/i2p/2004-April/000227.html">0.3.0.4</a></li>
+<li>2004-04-04 - <a href="http://dev.i2p.net/pipermail/i2p/2004-April/000190.html">0.3.0.3</a></li>
+<li>2004-03-30 - <a href="http://dev.i2p.net/pipermail/i2p/2004-March/000187.html">0.3.0.2</a></li>
+<li>2004-03-25 - <a href="http://dev.i2p.net/pipermail/i2p/2004-March/000184.html">0.3.0.1</a></li>
+<li>2004-03-21 - <a href="http://dev.i2p.net/pipermail/i2p/2004-March/000173.html">0.3.0</a></li>
+<li>2004-03-10 - <a href="http://dev.i2p.net/pipermail/i2p/2004-March/000161.html">0.2.5.4</a></li>
+<li>2004-03-04 - <a href="http://dev.i2p.net/pipermail/i2p/2004-March/000158.html">0.2.5.3</a></li>
+<li>2004-02-28 - <a href="http://dev.i2p.net/pipermail/i2p/2004-February/000154.html">0.2.5.2</a></li>
+<li>2004-02-27 - <a href="http://dev.i2p.net/pipermail/i2p/2004-February/000153.html">0.2.5.1</a></li>
+<li>2004-02-25 - <a href="http://dev.i2p.net/pipermail/i2p/2004-February/000152.html">0.2.5</a></li>
+<li>2004-02-19 - <a href="http://dev.i2p.net/pipermail/i2p/2004-February/000145.html">0.2.4.2</a></li>
+<li>2004-02-14 - <a href="http://dev.i2p.net/pipermail/i2p/2004-February/000143.html">0.2.4</a></li>
+<li>2004-01-27 - <a href="http://dev.i2p.net/pipermail/i2p/2004-January/000118.html">0.2.3.6</a></li>
+<li>2004-01-21 - <a href="http://dev.i2p.net/pipermail/i2p/2004-January/000103.html">0.2.3.5</a></li>
+<li>2004-01-14 - <a href="http://dev.i2p.net/pipermail/i2p/2004-January/000089.html">0.2.3.4</a></li>
+</ul>
+<h4>2003</h4>
+<ul class="infolist">
+<li>2003-12-29 - <a href="http://dev.i2p.net/pipermail/i2p/2003-December/000032.html">0.2.3.3</a></li>
+<li>2003-12-27 - <a href="http://dev.i2p.net/pipermail/i2p/2003-December/000023.html">0.2.3.2</a></li>
+<li>2003-12-15 - <a href="http://dev.i2p.net/pipermail/i2p/2003-December/000002.html">0.2.3</a></li>
+</ul>
+{% endblock %}
diff --git a/www.i2p2/pages/announcements_it.html b/www.i2p2/pages/announcements_it.html
old mode 100755
new mode 100644
index ff1405e85e06183a6dc15b32ace3c1a26421da0d..c14bee2f07dfa5cffe5df4216437a6884cdf0d95
--- a/www.i2p2/pages/announcements_it.html
+++ b/www.i2p2/pages/announcements_it.html
@@ -2,8 +2,29 @@
{% block title %}Announcements{% endblock %}
{% block content %}
<h1>Versioni di I2P Rilasciate e Annunciate</h1>
+<h4>2012</h4>
+<ul class="infolist">
+<li>2012-07-30 - <a href="release-0.9.1.html">0.9.1</a></li>
+<li>2012-05-02 - <a href="release-0.9.html">0.9</a></li>
+<li>2012-02-27 - <a href="release-0.8.13.html">0.8.13</a></li>
+<li>2012-01-06 - <a href="release-0.8.12.html">0.8.12</a></li>
+</ul>
+<h4>2011</h4>
+<ul class="infolist">
+<li>2011-11-08 - <a href="release-0.8.11.html">0.8.11</a></li>
+<li>2011-10-20 - <a href="release-0.8.10.html">0.8.10</a></li>
+<li>2011-10-11 - <a href="release-0.8.9.html">0.8.9</a></li>
+<li>2011-08-23 - <a href="release-0.8.8.html">0.8.8</a></li>
+<li>2011-06-27 - <a href="release-0.8.7.html">0.8.7</a></li>
+<li>2011-05-16 - <a href="release-0.8.6.html">0.8.6</a></li>
+<li>2011-04-18 - <a href="release-0.8.5.html">0.8.5</a></li>
+<li>2011-03-02 - <a href="release-0.8.4.html">0.8.4</a></li>
+<li>2011-01-24 - <a href="release-0.8.3.html">0.8.3</a></li>
+</ul>
<h4>2010</h4>
<ul class="infolist">
+<li>2010-12-22 - <a href="release-0.8.2.html">0.8.2</a></li>
+<li>2010-11-15 - <a href="release-0.8.1.html">0.8.1</a></li>
<li>2010-07-12 - <a href="release-0.8.html">0.8</a></li>
<li>2010-06-07 - <a href="release-0.7.14.html">0.7.14</a></li>
<li>2010-04-27 - <a href="release-0.7.13.html">0.7.13</a></li>
diff --git a/www.i2p2/pages/api.html b/www.i2p2/pages/api.html
index 592bd782dd2daf1b63cbdcee2ea411bd1cabf406..7e59a4150ce208141a436117c64f6246c2611b32 100644
--- a/www.i2p2/pages/api.html
+++ b/www.i2p2/pages/api.html
@@ -1,17 +1,5 @@
{% extends "_layout.html" %}
{% block title %}API{% endblock %}
{% block content %}
-<h1>API for I2P</h1>
-<p>Application developers should review the <a href="applications">application
-development guide</a> for ideas about the four basic protocols for writing an
-application to run over I2P:</p>
-<ul class="helplist">
-<li><a href="http://docs.i2p2.de/core/">Core I2P API Javadoc</a>
- (<a href="http://docs.i2p2.i2p/core/">internal link</a>)</li>
-<li>BOB</li>
-<li><a href="sam">SAM</a>, <a href="samv2.html">SAM V2</a> and <a href="samv3.html">SAM V3</a></li>
-<li><a href="ministreaming">ministreaming</a></li>
-<li><a href="i2cp">I2CP</a></li>
-<li><a href="datagrams">Datagrams</a></li>
-</ul>
+See the <a href="how.html">Index to Technical Documentation</a>.
{% endblock %}
diff --git a/www.i2p2/pages/api_de.html b/www.i2p2/pages/api_de.html
index e343319f9972e7ab71860f5720a95571345eaf55..a730bf4f8a4a0ecdfab722bebc6b6277e63c15da 100644
--- a/www.i2p2/pages/api_de.html
+++ b/www.i2p2/pages/api_de.html
@@ -6,8 +6,8 @@
Anwendungen</a> nach Ideen über die 4 Grundprotokolle durchlesen, um eine Idee zum Schreiben
einer Anwendung auf I2P zu bekommen:</p>
<ul class="helplist>
-<li><a href="http://docs.i2p2.de/core/">Core I2P API Javadoc</a>
- (<a href="http://docs.i2p2.i2p/core/">internal link</a>)</li>
+<li><a href="http://docs.i2p-projekt.de/javadoc/">Core I2P API Javadoc</a>
+ (<a href="http://docs.i2p-projekt.de/javadoc/">internal link</a>)</li>
<li>BOB</li>
<li><a href="sam_de">SAM</a> und <a href="samv2_de.html">SAM V2</a></li>
<li><a href="ministreaming_de">ministreaming</a></li>
diff --git a/www.i2p2/pages/api_it.html b/www.i2p2/pages/api_it.html
old mode 100755
new mode 100644
index 65e543ace64d55ff3f9f5911dbafdc1c7cac6e0a..922b2b8ca2536bc941e7b18702c513542699694b
--- a/www.i2p2/pages/api_it.html
+++ b/www.i2p2/pages/api_it.html
@@ -5,8 +5,8 @@
<p>Programmatori di applicazioni controllate prima di tutto la <a href="applications">guida su come creare un applicazione</a>
per farsi un idea dei quattro protocolli base per creare un applicazione che funzioni su I2P:</p>
<ul class="helplist">
-<li><a href="http://docs.i2p2.de/core/">Core I2P API Javadoc</a>
- (<a href="http://docs.i2p2.i2p/core/">Link Interni</a>)</li>
+<li><a href="http://docs.i2p-projekt.de/javadoc/">Core I2P API Javadoc</a>
+ (<a href="http://docs.i2p-projekt.de/javadoc/">Link Interni</a>)</li>
<li>BOB</li>
<li><a href="sam">SAM</a>, <a href="samv2.html">SAM V2</a> and <a href="samv3.html">SAM V3</a></li>
<li><a href="ministreaming">Ministreaming</a></li>
diff --git a/www.i2p2/pages/applications.html b/www.i2p2/pages/applications.html
index 3036b8f02db1705b14d75231444b45b066fe97da..a1dcff5869ebe42ec6d8c30ebb853326cc945d03 100644
--- a/www.i2p2/pages/applications.html
+++ b/www.i2p2/pages/applications.html
@@ -3,78 +3,93 @@
{% block content %}
<h1>Application Development Guide</h1>
-<h2>Why write I2P specific code?</h2>
-
-<p>Using mihi's <a href="i2ptunnel">I2PTunnel</a> application, you can hook up
-application instances and have them talk to each other over standard TCP
-sockets. In plain client-server scenarios, this is an effective technique for
-many simple protocols, but for distributed systems where each peer may contact
-a number of other peers (instead of just a single server), or for systems that
-expose TCP or IP information within the communication protocols themselves,
-there are problems.</p>
-
-<p>With I2PTunnel, you need to explicitly instantiate an I2PTunnel for each peer
-you want to contact - if you are building a distributed instant messenger
-application, that means you need to have each peer create an I2PTunnel 'client'
-pointing at each peer it wants to contact, plus a single I2PTunnel 'server' to
-receive other peer's connections. This process can of course be automated, but
-there are nontrivial overheads involved in running more than just a few I2PTunnel
-instances. In addition, with many protocols you will need to force everyone to
-use the same set of ports for all peers - e.g. if you want to reliably run DCC
-chat, everyone needs to agree that port 10001 is Alice, port 10002 is Bob, port
-10003 is Charlie, and so on, since the protocol includes TCP/IP specific information
-(host and port).</p>
-
-<p>Applications that are designed to work with I2P can take advantage of its
-built in data security and optional pseudonymous authentication. All data sent
-over the network is transparently end to end encrypted (not even the routers
-get the cleartext), and any application using the streaming or datagram
-functionality has all of that data authenticated by the sending destination's
-public key. As an aside, environments where anonymity instead of pseudonymity
-is required are trivially accommodated by either using the I2CP directly, SAM RAW
-sessions, or by simply creating a new sending destination whenever needed).</p>
-
-<p>Another important thing to remember is that I2P is simply a communication
-system - what data is sent and what is done with that data is outside of its scope.
-Applications that are used on top of I2P should be carefully sanitized of any
-insecure or identifying data or protocols (hostnames, port numbers, time zone,
-character set, etc). This in and of itself is often a daunting task, as
-analyzing the safety of a system that has had anonymity and security strapped on to
-it is no small feat, giving significant incentive to learn from the experiences of
-the traditional application base, but design the application and its communication
-protocols with I2P's anonymity and security in mind.</p>
-
-<p>There are also efficiency considerations to review when determining how to
-interact on top of I2P. The streaming library and things built on top of it
-operate with handshakes similar to TCP, while the core I2P protocols (I2NP and I2CP)
-are strictly message based (like UDP or in some instances raw IP). The important
-distinction is that with I2P, communication is operating over a long fat network -
-each end to end message will have nontrivial latencies, but may contain payloads
-of up to 32KB. An application that needs a simple request and response can get rid
-of any state and drop the latency incurred by the startup and teardown handshakes
-by using (best effort) datagrams without having to worry about MTU detection or
-fragmentation of messages under 32KB.
-</p>
+<h2>Contents</h2>
+<ul>
+ <li><a href="#why">Why write I2P-specific code?</a></li>
+ <li><a href="#concepts">Important concepts</a></li>
+ <li><a href="#options">Development options</a></li>
+ <li><a href="#start"><b>Start developing - a simple guide</b></a></li>
+</ul>
+<h2 id="why">Why write I2P-specific code?</h2>
+
+<p>
+ There are multiple ways to use applications in I2P.
+ Using <a href="/i2ptunnel.html">I2PTunnel</a>,
+ you can use regular applications without needing to program explicit I2P support.
+ This is very effective for client-server scenario's,
+ where you need to connect to a single website.
+ You can simply create a tunnel using I2PTunnel to connect to that website, as shown in <a href="#tunnel.serverclient">Figure 1</a>.
+</p>
<p>
-The ministreaming library itself uses a
-functional but inefficient scheme for dealing with reliable and in order delivery
-by requiring the equivalent of an ACK after each message which must traverse the
-network end to end again (though there are plans for improving this with a more
-efficient and robust algorithm). With ministreaming, an application
-that uses one of the I2P message oriented protocols could in some situations get
-substantially better performance.
-However with the full streaming library now the standard interface,
-it isn't clear if that is still the case.
+ If your application is distributed, it will require connections to a large amount of peers.
+ Using I2PTunnel, you will need to create a new tunnel for each peer you want to contact,
+ as shown in <a href="#tunnel.peertopeer">Figure 2</a>.
+ This process can of course be automated, but running a lot of I2PTunnel instances creates a large amount of overhead.
+ In addition, with many protocols you will need to force everyone to
+ use the same set of ports for all peers - e.g. if you want to reliably run DCC
+ chat, everyone needs to agree that port 10001 is Alice, port 10002 is Bob, port
+ 10003 is Charlie, and so on, since the protocol includes TCP/IP specific information
+ (host and port).
</p>
+<p>
+ General network applications often send a lot of additional data that could be used to identify users.
+ Hostnames, port numbers, time zones, character sets, etc. are often sent without informing the user.
+ As such, designing the network protocol specifically with anonymity in mind
+ can avoid compromising user identities.
+</p>
+<p>
+ There are also efficiency considerations to review when determining how to
+ interact on top of I2P. The streaming library and things built on top of it
+ operate with handshakes similar to TCP, while the core I2P protocols (I2NP and I2CP)
+ are strictly message based (like UDP or in some instances raw IP). The important
+ distinction is that with I2P, communication is operating over a long fat network -
+ each end to end message will have nontrivial latencies, but may contain payloads
+ of up to 32KB. An application that needs a simple request and response can get rid
+ of any state and drop the latency incurred by the startup and teardown handshakes
+ by using (best effort) datagrams without having to worry about MTU detection or
+ fragmentation of messages under 32KB.
+</p>
+
+ <div class="box" id="tunnel.serverclient" style="text-align:center">
+ <img src="_static/images/i2ptunnel_serverclient.png" alt="Creating a server-client connection using I2PTunnel only requires creating a single tunnel." title="Creating a server-client connection using I2PTunnel only requires creating a single tunnel." />
+ <br /><br />
+ Figure 1: Creating a server-client connection using I2PTunnel only requires creating a single tunnel.
+ </div>
+ <br/>
+
+ <div class="box" id="tunnel.peertopeer" style="text-align:center">
+ <img src="_static/images/i2ptunnel_peertopeer.png" alt="Setting up connections for a peer-to-peer applications requires a very large amount of tunnels." title="Setting up connections for a peer-to-peer applications requires a very large amount of tunnels." />
+ <br /><br />
+ Figure 2: Setting up connections for a peer-to-peer applications requires a very large amount of tunnels.
+ </div>
+ <br/>
+
+ In summary, a number of reasons to write I2P-specific code:
+ <ul>
+ <li>
+ Creating a large amount of I2PTunnel instances consumes a non-trivial amount of resources,
+ which is problematic for distributed applications (a new tunnel is required for each peer).
+ </li>
+ <li>
+ General network protocols often send a lot of additional data that can be used to identify users.
+ Programming specifically for I2P allows the creation of a network protocol
+ that does not leak such information, keeping users anonymous and secure.
+ </li>
+ <li>
+ Network protocols designed for use on the regular internet can be inefficient
+ on I2P, which is a network with a much higher latency.
+ </li>
+ </ul>
+
<p>
-Applications written in Java and accessible/runnable
-using an HTML interface via the standard webapps/app.war
-may be considered for inclusion in the i2p distribution.
+ Applications written in Java and accessible/runnable
+ using an HTML interface via the standard webapps/app.war
+ may be considered for inclusion in the i2p distribution.
</p>
-<h2>Important ideas</h2>
+<h2 id="concepts">Important concepts</h2>
<p>There are a few changes that require adjusting to when using I2P:</p>
@@ -93,26 +108,30 @@ location of the end point signed as if there were universal deployment of DNSSEC
to another (or with some special software, it can even operate on multiple routers at
once). This is quite different from the TCP or UDP world where a single end point (port)
must stay on a single host.</li>
-<li>I2P destinations are ugly and large - behind the scenes, they contain a 2048bit ElGamal
+<li>
+<p>
+I2P destinations are ugly and large - behind the scenes, they contain a 2048bit ElGamal
public key for encryption, a 1024bit DSA public key for signing, and a variable size
-certificate (currently this is the null type, but may contain proof of work, blinded
-data, or other information to increase the 'cost' of a destination in an effort to fight
-Sybil). <p>There are existing ways to refer to these large and ugly destinations by short
+certificate, which may contain proof of work or blinded data.
+</p>
+<p>
+There are existing ways to refer to these large and ugly destinations by short
and pretty names (e.g. "irc.duck.i2p"), but at the moment those techniques do not guarantee
globally uniqueness (since they're stored locally at each person's machine as "hosts.txt")
-and the current mechanism is not especially scalable nor secure (updates to one host file is
+and the current mechanism is not especially scalable nor secure (updates to one host file are
manually managed within Monotone, and as such, anyone with commit rights on the repository can
change the destinations). There may be some secure, human readable, scalable, and globally
unique, naming system some day, but applications shouldn't depend upon it being in place,
since there are those who don't think such a beast is possible.
<a href="naming.html">Further information on the naming system</a> is available.
+</p>
</li>
</ul>
<h3>Anonymity and confidentiality</h3>
<p>A useful thing to remember is that I2P has transparent end to end encryption
-and authentication for all data passed over the network - if Bob sends Alice's destination,
+and authentication for all data passed over the network - if Bob sends to Alice's destination,
only Alice's destination can receive it, and if Bob is using the datagrams or streaming
library, Alice knows for certain that Bob's destination is the one who sent the data. </p>
@@ -132,7 +151,7 @@ UDP, applications don't need to worry about MTU detection and can simply fire of
entire request or response, allowing them to transparently operate in I2P as a UDP-like
application without having to write fragmentation, resends, etc.</p>
-<h2>Integration techniques</h2>
+<h2 id="options">Development options</h2>
<p>There are several means of sending data over I2P, each with their own pros and cons.
The streaming lib is the recommended interface, used by the majority of I2P applications.
@@ -141,10 +160,19 @@ The streaming lib is the recommended interface, used by the majority of I2P appl
<h3>Streaming Lib</h3>
<p>
The <a href="streaming.html">full streaming library</a> is now the standard
-interface. Ministreaming and SAM are not recommended.
-The streaming lib interface is similar to the ministreaming lib interface described below.
+interface. It allows programming using TCP-like sockets, as explained in the <a href="#start.streaming">Streaming development guide</a>.
</p>
+<h3>BOB</h3>
+<p>BOB is the <a href="BOB.html">Basic Open Bridge</a>,
+allowing an application in any language to make streaming connections
+to and from I2P. At this point in time it lacks UDP support, but UDP support
+is planned in the near future. BOB also contains several tools, such as
+destination key generation, and verification that an address conforms to
+I2P specifications. Up to date info and applications that use BOB can be
+found at this <a href="http://bob.i2p/">eepsite</a>.</p>
+
+
<h3>SAM, SAM V2, SAM V3</h3>
<p><i>SAM is not recommended. SAM V2 is okay, SAM V3 is beta.</i></p>
@@ -159,9 +187,9 @@ and event based handling. SAM supports three styles of operation:</p>
and Bob doesn't care whether the data's sender is authenticated or not (e.g. the data transferred
is self authenticating)</li>
</ul>
-<p>SAM V3<p> aims at the same goal as SAM and SAM V2, but does not require
+<p>SAM V3 aims at the same goal as SAM and SAM V2, but does not require
multiplexing/demultiplexing. Each I2P stream is handled by its own socket between the application
-and the SAM bride. Besides, datagrams can be sent and received by the application through datagram
+and the SAM bridge. Besides, datagrams can be sent and received by the application through datagram
communications with the SAM bridge.
</p>
@@ -185,76 +213,314 @@ their own unique I2P destination and their own set of tunnels, keys, etc.</p>
<h3>Ministreaming</h3>
<p><i>Not recommended</i></p>
-<p>For applications written in Java, the simplest way to go is to use the libraries that the SAM
-bridge and I2PTunnel applications use. The streaming functionality is exposed in the 'ministreaming'
-library, which is centered on the
-<a href="http://www.i2p.net/javadoc/net/i2p/client/streaming/package-summary.html">I2PSocketManager</a>,
-the <a href="http://www.i2p.net/javadoc/net/i2p/client/streaming/I2PSocket.html">I2PSocket</a>, and the
-<a href="http://www.i2p.net/javadoc/net/i2p/client/streaming/I2PServerSocket.html">I2PServerSocket</a>.</p>
+<p>
+It was possible to write I2P applications in Java using the ministreaming library.
+However, the Streaming library has superceded this, and provides better functionality.
+</p>
<h3>Datagrams</h3>
<p><i>Not recommended</i></p>
-<p>For applications that want to use repliable datagrams, they can be built with the
-<a href="http://www.i2p.net/javadoc/net/i2p/client/datagram/I2PDatagramMaker.html">I2PDatagramMaker</a>
-and parsed on the receiving side by the
-<a href="http://www.i2p.net/javadoc/net/i2p/client/datagram/I2PDatagramDissector.html">I2PDatagramDissector</a>.
-In turn, these are sent and received through an
-
-<a href="http://www.i2p.net/javadoc/net/i2p/client/I2PSession.html">I2PSession</a>.</p>
-
-<p>Applications that want to use raw datagrams simply send directly through the I2PSession's
-<a href="http://www.i2p.net/javadoc/net/i2p/client/I2PSession.html#sendMessage(net.i2p.data.Destination,%20byte[])">sendMessage(...)</a>
-method, receiving notification of available messages through the
-<a href="http://www.i2p.net/javadoc/net/i2p/client/I2PSessionListener.html">I2PSessionListener</a> and
-then fetching those messages by calling
-<a href="http://www.i2p.net/javadoc/net/i2p/client/I2PSession.html#receiveMessage(int)">receiveMessage(...)</a>.</p>
+The <a href="datagrams">Datagram library</a> allows sending UDP-like packets.
+It's possible to use:
+<ul>
+ <li>Repliable datagrams</li>
+ <li>Raw datagrams</li>
+</ul>
<h3>I2CP</h3>
-<p><i>Not easy</i></p>
+<p><i>Not recommended</i></p>
<p><a href="i2cp">I2CP</a> itself is a language independent protocol, but to implement an I2CP library
in something other than Java there is a significant amount of code to be written (encryption routines,
object marshalling, asynchronous message handling, etc). While someone could write an I2CP library in
C or something else, it would most likely be more useful to use the C SAM library instead.
-I2CP also <a href="i2cp">needs documentation</a>.
</p>
<h3>Web Applications</h3>
I2P comes with the Jetty webserver, and configuring to use the Apache server instead is straightforward.
Any standard web app technology should work.
+<h2 id="start">Start developing - a simple guide</h2>
+Developing using I2P requires a working I2P installation and a development environment of your own choice.
+If you are using Java, you can start development with the <a href="#start.streaming">streaming library</a> or datagram library.
+Using another programming language, SAM or BOB can be used.
+
+<h3 id="start.streaming">Developing with the streaming library</h3>
+
+ Development using the streaming library requires the following libraries in your classpath:
+ <ul>
+ <li>$I2P/lib/streaming.jar: the streaming library itself.</li>
+ <li>$I2P/lib/mstreaming.jar: the ministreaming library is used as the base for the streaming library.</li>
+ <li>$I2P/lib/i2p.jar: some standard I2P classes (like the Destination class) are very convenient when developing.</li>
+ </ul>
+
+<p>
+ Network communication requires the usage of I2P network sockets.
+ To demonstrate this, we will create an application where a client can send text messages to a server,
+ who will print the messages and send them back to the client. In other words, the server will function as an echo.
+</p>
+<p>
+ We will start by initializing the server application. This requires getting an I2PSocketManager
+ and creating an I2PServerSocket.
+ In addition, we will ask the I2PSocketManager for an I2PSession, so we can find out the Destination we use.
+</p>
+<div class="box">
+ <pre>
+ package i2p.echoserver;
+
+ import net.i2p.client.I2PSession;
+ import net.i2p.client.streaming.I2PServerSocket;
+ import net.i2p.client.streaming.I2PSocketManager;
+ import net.i2p.client.streaming.I2PSocketManagerFactory;
+
+ public class Main {
+
+ public static void main(String[] args) {
+ //Initialize application
+ I2PSocketManager manager = I2PSocketManagerFactory.createManager();
+ I2PServerSocket serverSocket = manager.getServerSocket();
+ I2PSession session = manager.getSession();
+ System.out.println(session.getMyDestination().toBase64()); //Print the base64 string, the regular string would look like garbage.
+ //The additional main method code comes here...
+ }
+
+ }
+ </pre>
+ <br /><br />
+ <p style="text-align:center">Code example 1: initializing the server application.</p>
+</div>
+<p>
+ Once we have an I2PServerSocket, we can create I2PSocket instances to accept connections from clients.
+ In this example, we will create a single I2PSocket instance, that can only handle one client at a time.
+ A real server would have to be able to handle multiple clients.
+ To do this, multiple I2PSocket instances would have to be created, each in separate threads.
+ Once we have created the I2PSocket instance, we read data, print it and send it back to the client.
+ The bold code is the new code we add.
+</p>
+<div class="box">
+ <pre>
+ package i2p.echoserver;
+
+ </pre>
+ <pre><b>
+ import java.io.IOException;
+ import java.io.InputStream;
+ import java.io.OutputStream;
+ import java.net.ConnectException;
+ import java.net.SocketTimeoutException;
+ import net.i2p.I2PException;
+ import net.i2p.client.streaming.I2PSocket;
+ import net.i2p.util.I2PThread;
+ </b></pre>
+ <pre>
+ import net.i2p.client.I2PSession;
+ import net.i2p.client.streaming.I2PServerSocket;
+ import net.i2p.client.streaming.I2PSocketManager;
+ import net.i2p.client.streaming.I2PSocketManagerFactory;
+
+ public class Main {
+
+ public static void main(String[] args) {
+ I2PSocketManager manager = I2PSocketManagerFactory.createManager();
+ I2PServerSocket serverSocket = manager.getServerSocket();
+ I2PSession session = manager.getSession();
+ System.out.println(session.getMyDestination().toBase64()); //Print the base64 string, the regular string would look like garbage.
+</pre>
+<pre><b>
+
+ //Create socket to handle clients
+ I2PThread t = new I2PThread(new ClientHandler(serverSocket));
+ t.setName("clienthandler1");
+ t.setDaemon(false);
+ t.start();
+ }
+
+ private static class ClientHandler implements Runnable {
+
+ public ClientHandler(I2PServerSocket socket) {
+ this.socket = socket;
+ }
+
+ public void run() {
+ while(true) {
+ try {
+ I2PSocket sock = this.socket.accept();
+ if(sock != null) {
+ BufferedReader br = new BufferedReader(new InputStreamReader(sock.getInputStream())); //Receive from clients
+ BufferedWriter bw = new BufferedWriter(new OutputStreamWriter(sock.getOutputStream())); //Send to clients
+ String line = br.readLine();
+ if(line != null) {
+ System.out.println("Received from client: " + line);
+ bw.write(line);
+ bw.flush(); //Flush to make sure everything got sent
+ }
+ sock.close();
+ }
+ } catch (I2PException ex) {
+ System.out.println("General I2P exception!");
+ } catch (ConnectException ex) {
+ System.out.println("Error connecting!");
+ } catch (SocketTimeoutException ex) {
+ System.out.println("Timeout!");
+ } catch (IOException ex) {
+ System.out.println("General read/write-exception!");
+ }
+ }
+ }
+
+ private I2PServerSocket socket;
+
+ }
+
+ }
+ </b></pre>
+ <br /><br />
+ <p style="text-align:center">Code example 2: accepting connections from clients and handling messages.</p>
+</div>
+
+
+ When you run the above server code, it should print something like this (but without the line endings, it should just be
+ one huge block of characters):
+ <pre id="start.streaming.destination">
+ y17s~L3H9q5xuIyyynyWahAuj6Jeg5VC~Klu9YPquQvD4vlgzmxn4yy~5Z0zVvKJiS2Lk
+ poPIcB3r9EbFYkz1mzzE3RYY~XFyPTaFQY8omDv49nltI2VCQ5cx7gAt~y4LdWqkyk3au
+ 6HdfYSLr45zxzWRGZnTXQay9HPuYcHysZHJP1lY28QsPz36DHr6IZ0vwMENQsnQ5rhq20
+ jkB3iheYJeuO7MpL~1xrjgKzteirkCNHvXN8PjxNmxe-pj3QgOiow-R9rEYKyPAyGd2pe
+ qMD-J12CGfB6MlnmH5qPHGdZ13bUuebHiyZ1jqSprWL-SVIPcynAxD2Uu85ynxnx31Fth
+ nxFMk07vvggBrLM2Sw82pxNjKDbtO8reawe3cyksIXBBkuobOZdyOxp3NT~x6aLOxwkEq
+ BOF6kbxV7NPRPnivbNekd1E1GUq08ltDPVMO1pKJuGMsFyZC4Q~osZ8nI59ryouXgn97Q
+ 5ZDEO8-Iazx50~yUQTRgLMOTC5hqnAAAA
+ </pre>
+ This is the base64-representation of the server Destination. The client will need this string to reach the server.
+
+<p>
+ Now, we will create the client application. Again, a number of steps are required for initialization.
+ Again, we will need to start by getting an I2PSocketManager.
+ We won't use an I2PSession and an I2PServerSocket this time.
+ Instead, we will use the server Destination string to start our connection.
+ We will ask the user for the Destination string, and create an I2PSocket using this string.
+ Once we have an I2PSocket, we can start sending and receiving data to and from the server.
+</p>
+<div class="box">
+ <pre>
+ package i2p.echoclient;
+
+ import java.io.BufferedReader;
+ import java.io.BufferedWriter;
+ import java.io.IOException;
+ import java.io.InputStreamReader;
+ import java.io.InterruptedIOException;
+ import java.io.OutputStream;
+ import java.io.OutputStreamWriter;
+ import java.net.ConnectException;
+ import java.net.NoRouteToHostException;
+ import java.util.logging.Level;
+ import java.util.logging.Logger;
+ import net.i2p.I2PException;
+ import net.i2p.client.streaming.I2PSocket;
+ import net.i2p.client.streaming.I2PSocketManager;
+ import net.i2p.client.streaming.I2PSocketManagerFactory;
+ import net.i2p.data.DataFormatException;
+ import net.i2p.data.Destination;
+
+ public class Main {
+
+ public static void main(String[] args) {
+ I2PSocketManager manager = I2PSocketManagerFactory.createManager();
+ System.out.println("Please enter a Destination:");
+ BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
+ String destinationString = null;
+ try {
+ destinationString = br.readLine();
+ } catch (IOException ex) {
+ System.out.println("Failed to get a Destination string.");
+ return;
+ }
+ Destination destination = null;
+ try {
+ destination = new Destination(destinationString);
+ } catch (DataFormatException ex) {
+ System.out.println("Destination string incorrectly formatted.");
+ return;
+ }
+ I2PSocket socket = null;
+ try {
+ socket = manager.connect(destination);
+ } catch (I2PException ex) {
+ System.out.println("General I2P exception occurred!");
+ } catch (ConnectException ex) {
+ System.out.println("Failed to connect!");
+ } catch (NoRouteToHostException ex) {
+ System.out.println("Couldn't find host!");
+ } catch (InterruptedIOException ex) {
+ System.out.println("Sending/receiving was interrupted!");
+ }
+ try {
+ //Write to server
+ BufferedWriter bw = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()));
+ bw.write("Hello I2P!\n");
+ bw.flush(); //Flush to make sure everything got sent
+ //Read from server
+ BufferedReader br2 = new BufferedReader(new InputStreamReader(socket.getInputStream()));
+ String s = null;
+ while ((s = br2.readLine()) != null) {
+ System.out.println("Received from server: " + s);
+ }
+ socket.close();
+ } catch (IOException ex) {
+ System.out.println("Error occurred while sending/receiving!");
+ }
+ }
+
+ }
+ </pre>
+ <br /><br />
+ <p style="text-align:center">Code example 3: starting the client and connecting it to the server application.</p>
+</div>
+<p>
+ Finally, you can run both the server and the client application.
+ First, start the server application. It will print a Destination string (like shown <a href="#start.streaming.destination">above</a>).
+ Next, start the client application. When it requests a Destination string, you can enter the string printed by the server.
+ The client will then send 'Hello I2P!' (along with a newline) to the server, who will print the message and send it back to the client.
+</p>
+<p>
+ Congratulations, you have successfully communicated over I2P!
+</p>
+
<h2>Existing Applications in Development</h2>
Contact us if you would like to help.
<ul>
<li>
+<a href="http://i2pbote.i2p/">I2P-Bote</a> - contact HungryHobo
+</li><li>
<a href="http://syndie.i2p2.de/">Syndie</a>
-<li>
+</li><li>
+<a href="http://www.imule.i2p/">IMule</a>
+</li><li>
<a href="http://forum.i2p/viewforum.php?f=25">I2Phex</a> - contact Complication
<a href="http://forum.i2p2.de/viewforum.php?f=25">(outside I2P)</a>
-<li>
-<a href="http://www.imule.i2p/">IMule</a>
-<li>I2PRufus - contact codevoid
-<li>I2P-BT - contact sponge
-<li>BOB - contact sponge
-</ul>
+</li><li>I2PRufus - contact codevoid
+</li><li>I2P-BT - contact sponge
+</li><li><a href="http://bob.i2p">BOB</a> - contact sponge
+</li></ul>
<h2>Application Ideas</h2>
<ul>
<li>NNTP server - there have been some in the past, none at the moment
-<li>Jabber server - there have been some in the past, none at the moment
-<li>PGP Key server and/or proxy
-<li>Download manager / eepget scheduler -
+</li><li>Jabber server - there have been some in the past, and there is one at the moment, with access to the public internet
+</li><li>PGP Key server and/or proxy
+</li><li>Download manager / eepget scheduler -
We use eepget to fetch lots of things reliably over i2p, and there's already an
implementation of a sequential download manager (net.i2p.util.EepGetScheduler),
but there isn't any sort of user interface to it. A web based UI would be
great.
-<li>Content Distribution / DHT applications - help out with <a href="http://feedspace.i2p/">feedspace</a>,
+</li><li>Content Distribution / DHT applications - help out with <a href="http://feedspace.i2p/">feedspace</a>,
port dijjer, look for alternatives
-<li>Help out with <a href="http://syndie.i2p2.de/">Syndie</a> development
-<li>Web-based applications - The sky is the limit for hosting web-server-based
+</li><li>Help out with <a href="http://syndie.i2p2.de/">Syndie</a> development
+</li><li>Web-based applications - The sky is the limit for hosting web-server-based
applications such as blogs, pastebins, storage, tracking, feeds, etc.
Any web or CGI technology such as Perl, PHP, Python, or Ruby will work.
-<li>Resurrect some old apps - in the i2p source package -
+</li><li>Resurrect some old apps - in the i2p source package -
bogobot, pants, proxyscript, q, stasher, socks proxy, i2ping
-</ul>
+</li></ul>
{% endblock %}
diff --git a/www.i2p2/pages/benchmarks.html b/www.i2p2/pages/benchmarks.html
new file mode 100644
index 0000000000000000000000000000000000000000..cfad236b76373a2df6d64628912a5cc858d003de
--- /dev/null
+++ b/www.i2p2/pages/benchmarks.html
@@ -0,0 +1,334 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
+<HTML>
+<HEAD>
+<BASE HREF="http://www.eskimo.com.wstub.archive.org/~weidai/benchmarks.html">
+
+<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
+<TITLE>Speed Comparison of Popular Crypto Algorithms</TITLE>
+
+<BODY>
+<H1><a href="http://www.cryptopp.com">Crypto++</a> 5.2.1 Benchmarks</H1>
+
+<P>
+Here are speed benchmarks for some of the most commonly used cryptographic algorithms.
+All were coded in C++, compiled with Microsoft Visual C++ .NET 2003
+(whole program optimization, optimize for speed, P4 code generation), and ran on a Pentium 4
+2.1 GHz processor under Windows XP SP 1. 386 assembly routines were used
+for multiple-precision addition and subtraction. SSE2 intrinsics were used
+for multiple-precision multiplication.
+</P>
+Also available are <a href="amd64-benchmarks.html">benchmarks that ran on an AMD Opteron 1.6 GHz processor under Linux 2.4.21</a>.
+Those were compiled with GCC 3.2.2 using -O2 optimization, and inline assembly was used to access the 64-bit multiplication instruction.
+</P>
+
+<TABLE border=1><COLGROUP><COL align=left><COL align=right><COL align=right><COL align=right>
+<THEAD><TR><TH>Algorithm<TH>Megabytes(2^20 bytes) Processed<TH>Time Taken<TH>MB/Second
+<TBODY>
+<TR><TH>CRC-32<TD>2.05e+003<TD>6.399<TD>320.050
+<TR><TH>Adler-32<TD>4.1e+003<TD>3.525<TD>1161.986
+<TR><TH>MD2<TD>16<TD>4.006<TD>3.994
+<TR><TH>MD5<TD>1.02e+003<TD>4.726<TD>216.674
+<TR><TH>SHA-1<TD>256<TD>3.766<TD>67.977
+<TR><TH>SHA-256<TD>256<TD>5.758<TD>44.460
+<TR><TH>SHA-512<TD>64<TD>5.618<TD>11.392
+<TR><TH>HAVAL (pass=3)<TD>512<TD>4.717<TD>108.544
+<TR><TH>HAVAL (pass=4)<TD>256<TD>3.695<TD>69.283
+<TR><TH>HAVAL (pass=5)<TD>256<TD>3.796<TD>67.439
+<TR><TH>Tiger<TD>128<TD>3.364<TD>38.050
+<TR><TH>RIPE-MD160<TD>256<TD>4.867<TD>52.599
+<TR><TH>Panama Hash (little endian)<TD>1.02e+003<TD>3.375<TD>303.407
+<TR><TH>Panama Hash (big endian)<TD>1.02e+003<TD>4.637<TD>220.832
+<TR><TH>Whirlpool<TD>64<TD>5.288<TD>12.103
+<TR><TH>MDC/MD5<TD>256<TD>5.377<TD>47.610
+<TR><TH>Luby-Rackoff/MD5<TD>64<TD>4.307<TD>14.860
+<TR><TH>DES<TD>128<TD>5.998<TD>21.340
+<TR><TH>DES-XEX3<TD>128<TD>6.159<TD>20.783
+<TR><TH>DES-EDE3<TD>64<TD>6.499<TD>9.848
+<TR><TH>IDEA<TD>64<TD>3.375<TD>18.963
+<TR><TH>RC2<TD>64<TD>5.548<TD>11.536
+<TR><TH>RC5 (r=16)<TD>256<TD>4.286<TD>59.729
+<TR><TH>Blowfish<TD>256<TD>3.976<TD>64.386
+<TR><TH>3-WAY<TD>128<TD>3.665<TD>34.789
+<TR><TH>TEA<TD>128<TD>5.378<TD>23.801
+<TR><TH>SAFER (r=8)<TD>128<TD>6.279<TD>20.385
+<TR><TH>GOST<TD>128<TD>3.505<TD>36.519
+<TR><TH>SHARK (r=6)<TD>128<TD>3.826<TD>33.455
+<TR><TH>CAST-128<TD>256<TD>5.988<TD>42.752
+<TR><TH>CAST-256<TD>128<TD>5.889<TD>21.735
+<TR><TH>Square<TD>128<TD>4.176<TD>30.651
+<TR><TH>SKIPJACK<TD>128<TD>6.329<TD>20.224
+<TR><TH>RC6<TD>128<TD>3.385<TD>37.814
+<TR><TH>MARS<TD>128<TD>4.586<TD>27.911
+<TR><TH>Rijndael (128-bit key)<TD>256<TD>4.196<TD>61.010
+<TR><TH>Rijndael (192-bit key)<TD>256<TD>4.817<TD>53.145
+<TR><TH>Rijndael (256-bit key)<TD>256<TD>5.308<TD>48.229
+<TR><TH>Rijndael (128) CTR<TD>256<TD>4.436<TD>57.710
+<TR><TH>Rijndael (128) OFB<TD>256<TD>4.837<TD>52.925
+<TR><TH>Rijndael (128) CFB<TD>256<TD>5.378<TD>47.601
+<TR><TH>Rijndael (128) CBC<TD>256<TD>4.617<TD>55.447
+<TR><TH>Twofish<TD>128<TD>4.075<TD>31.411
+<TR><TH>Serpent<TD>128<TD>6.069<TD>21.091
+<TR><TH>ARC4<TD>512<TD>4.517<TD>113.350
+<TR><TH>SEAL-3.0-BE<TD>1.02e+003<TD>3.485<TD>293.831
+<TR><TH>SEAL-3.0-LE<TD>2.05e+003<TD>4.937<TD>414.827
+<TR><TH>WAKE-CFB-BE<TD>512<TD>5.498<TD>93.125
+<TR><TH>WAKE-CFB-LE<TD>512<TD>3.615<TD>141.632
+<TR><TH>WAKE-OFB-BE<TD>512<TD>3.855<TD>132.815
+<TR><TH>WAKE-OFB-LE<TD>512<TD>3.836<TD>133.472
+<TR><TH>Panama Cipher (little endian)<TD>1.02e+003<TD>4.036<TD>253.717
+<TR><TH>Panama Cipher (big endian)<TD>1.02e+003<TD>5.317<TD>192.590
+<TR><TH>SHACAL-2 (128-bit key)<TD>128<TD>6.279<TD>20.385
+<TR><TH>SHACAL-2 (512-bit key)<TD>128<TD>6.279<TD>20.385
+<TR><TH>Camellia (128-bit key)<TD>64<TD>3.355<TD>19.076
+<TR><TH>Camellia (192-bit key)<TD>64<TD>4.437<TD>14.424
+<TR><TH>Camellia (256-bit key)<TD>64<TD>4.416<TD>14.493
+<TR><TH>MD5-MAC<TD>1.02e+003<TD>5.528<TD>185.239
+<TR><TH>XMACC/MD5<TD>1.02e+003<TD>5.999<TD>170.695
+<TR><TH>HMAC/MD5<TD>1.02e+003<TD>4.726<TD>216.674
+<TR><TH>Two-Track-MAC<TD>256<TD>4.817<TD>53.145
+<TR><TH>CBC-MAC/Rijndael<TD>256<TD>4.447<TD>57.567
+<TR><TH>DMAC/Rijndael<TD>256<TD>4.476<TD>57.194
+<TR><TH>BlumBlumShub 512<TD>0.25<TD>3.585<TD>0.070
+<TR><TH>BlumBlumShub 1024<TD>0.125<TD>4.096<TD>0.031
+<TR><TH>BlumBlumShub 2048<TD>0.0625<TD>5.869<TD>0.011
+</TABLE>
+<TABLE border=1><COLGROUP><COL align=left><COL align=right><COL align=right><COL align=right>
+<THEAD><TR><TH>Operation<TH>Iterations<TH>Total Time<TH>Milliseconds/Operation
+<TBODY style="background: yellow">
+<TR><TH>RSA 1024 Encryption<TD>27607<TD>5.007<TD>0.18
+<TR><TH>RSA 1024 Decryption<TD>1050<TD>5.007<TD>4.77
+<TR><TH>Rabin 1024 Encryption<TD>3008<TD>5.007<TD>1.66
+<TR><TH>Rabin 1024 Decryption<TD>795<TD>5.007<TD>6.30
+<TR><TH>LUC 1024 Encryption<TD>23544<TD>5.008<TD>0.21
+<TR><TH>LUC 1024 Decryption<TD>634<TD>5.007<TD>7.90
+<TR><TH>DLIES 1024 Encryption<TD>1159<TD>5.007<TD>4.32
+<TR><TH>DLIES 1024 Encryption with precomputation<TD>1061<TD>5.007<TD>4.72
+<TR><TH>DLIES 1024 Decryption<TD>350<TD>5.008<TD>14.31
+<TR><TH>LUCELG 512 Encryption<TD>2433<TD>5.007<TD>2.06
+<TR><TH>LUCELG 512 Encryption with precomputation<TD>2402<TD>5.007<TD>2.08
+<TR><TH>LUCELG 512 Decryption<TD>2744<TD>5.007<TD>1.82
+<TBODY style="background: white">
+<TR><TH>RSA 2048 Encryption<TD>11022<TD>5.007<TD>0.45
+<TR><TH>RSA 2048 Decryption<TD>177<TD>5.028<TD>28.41
+<TR><TH>Rabin 2048 Encryption<TD>1254<TD>5.007<TD>3.99
+<TR><TH>Rabin 2048 Decryption<TD>159<TD>5.027<TD>31.62
+<TR><TH>LUC 2048 Encryption<TD>8756<TD>5.007<TD>0.57
+<TR><TH>LUC 2048 Decryption<TD>110<TD>5.037<TD>45.79
+<TR><TH>DLIES 2048 Encryption<TD>260<TD>5.007<TD>19.26
+<TR><TH>DLIES 2048 Encryption with precomputation<TD>269<TD>5.017<TD>18.65
+<TR><TH>DLIES 2048 Decryption<TD>60<TD>5.027<TD>83.78
+<TR><TH>LUCELG 1024 Encryption<TD>532<TD>5.008<TD>9.41
+<TR><TH>LUCELG 1024 Encryption with precomputation<TD>531<TD>5.007<TD>9.43
+<TR><TH>LUCELG 1024 Decryption<TD>772<TD>5.007<TD>6.49
+<TBODY style="background: yellow">
+<TR><TH>RSA 1024 Signature<TD>1053<TD>5.007<TD>4.75
+<TR><TH>RSA 1024 Verification<TD>27406<TD>5.007<TD>0.18
+<TR><TH>Rabin 1024 Signature<TD>816<TD>5.008<TD>6.14
+<TR><TH>Rabin 1024 Verification<TD>3117<TD>5.007<TD>1.61
+<TR><TH>RW 1024 Signature<TD>951<TD>5.007<TD>5.26
+<TR><TH>RW 1024 Verification<TD>55580<TD>5.007<TD>0.09
+<TR><TH>LUC 1024 Signature<TD>644<TD>5.007<TD>7.77
+<TR><TH>LUC 1024 Verification<TD>24321<TD>5.008<TD>0.21
+<TR><TH>NR 1024 Signature<TD>2260<TD>5.007<TD>2.22
+<TR><TH>NR 1024 Signature with precomputation<TD>4376<TD>5.007<TD>1.14
+<TR><TH>NR 1024 Verification<TD>1964<TD>5.007<TD>2.55
+<TR><TH>NR 1024 Verification with precomputation<TD>2738<TD>5.007<TD>1.83
+<TR><TH>DSA 1024 Signature<TD>2301<TD>5.008<TD>2.18
+<TR><TH>DSA 1024 Signature with precomputation<TD>4444<TD>5.007<TD>1.13
+<TR><TH>DSA 1024 Verification<TD>2007<TD>5.007<TD>2.49
+<TR><TH>DSA 1024 Verification with precomputation<TD>2795<TD>5.007<TD>1.79
+<TR><TH>LUC-HMP 512 Signature<TD>2365<TD>5.007<TD>2.12
+<TR><TH>LUC-HMP 512 Signature with precomputation<TD>2401<TD>5.008<TD>2.09
+<TR><TH>LUC-HMP 512 Verification<TD>2312<TD>5.007<TD>2.17
+<TR><TH>LUC-HMP 512 Verification with precomputation<TD>2269<TD>5.007<TD>2.21
+<TR><TH>ESIGN 1023 Signature<TD>9837<TD>5.007<TD>0.51
+<TR><TH>ESIGN 1023 Verification<TD>27679<TD>5.007<TD>0.18
+<TR><TH>ESIGN 1536 Signature<TD>4898<TD>5.008<TD>1.02
+<TR><TH>ESIGN 1536 Verification<TD>11940<TD>5.007<TD>0.42
+<TBODY style="background: white">
+<TR><TH>RSA 2048 Signature<TD>178<TD>5.007<TD>28.13
+<TR><TH>RSA 2048 Verification<TD>11054<TD>5.007<TD>0.45
+<TR><TH>Rabin 2048 Signature<TD>158<TD>5.028<TD>31.82
+<TR><TH>Rabin 2048 Verification<TD>1294<TD>5.007<TD>3.87
+<TR><TH>RW 2048 Signature<TD>176<TD>5.017<TD>28.51
+<TR><TH>RW 2048 Verification<TD>24521<TD>5.007<TD>0.20
+<TR><TH>LUC 2048 Signature<TD>110<TD>5.007<TD>45.52
+<TR><TH>LUC 2048 Verification<TD>9072<TD>5.008<TD>0.55
+<TR><TH>NR 2048 Signature<TD>511<TD>5.007<TD>9.80
+<TR><TH>NR 2048 Signature with precomputation<TD>1530<TD>5.007<TD>3.27
+<TR><TH>NR 2048 Verification<TD>454<TD>5.007<TD>11.03
+<TR><TH>NR 2048 Verification with precomputation<TD>982<TD>5.008<TD>5.10
+<TR><TH>LUC-HMP 1024 Signature<TD>522<TD>5.007<TD>9.59
+<TR><TH>LUC-HMP 1024 Signature with precomputation<TD>527<TD>5.007<TD>9.50
+<TR><TH>LUC-HMP 1024 Verification<TD>520<TD>5.007<TD>9.63
+<TR><TH>LUC-HMP 1024 Verification with precomputation<TD>499<TD>5.007<TD>10.03
+<TR><TH>ESIGN 2046 Signature<TD>4253<TD>5.008<TD>1.18
+<TR><TH>ESIGN 2046 Verification<TD>11024<TD>5.007<TD>0.45
+<TBODY style="background: yellow">
+<TR><TH>XTR-DH 171 Key-Pair Generation<TD>2802<TD>5.007<TD>1.79
+<TR><TH>XTR-DH 171 Key Agreement<TD>1360<TD>5.007<TD>3.68
+<TR><TH>XTR-DH 342 Key-Pair Generation<TD>777<TD>5.007<TD>6.44
+<TR><TH>XTR-DH 342 Key Agreement<TD>404<TD>5.018<TD>12.42
+<TR><TH>DH 1024 Key-Pair Generation<TD>2283<TD>5.007<TD>2.19
+<TR><TH>DH 1024 Key-Pair Generation with precomputation<TD>2072<TD>5.007<TD>2.42
+<TR><TH>DH 1024 Key Agreement<TD>1298<TD>5.007<TD>3.86
+<TR><TH>DH 2048 Key-Pair Generation<TD>512<TD>5.007<TD>9.78
+<TR><TH>DH 2048 Key-Pair Generation with precomputation<TD>524<TD>5.007<TD>9.56
+<TR><TH>DH 2048 Key Agreement<TD>368<TD>5.027<TD>13.66
+<TR><TH>LUCDIF 512 Key-Pair Generation<TD>4688<TD>5.007<TD>1.07
+<TR><TH>LUCDIF 512 Key-Pair Generation with precomputation<TD>4339<TD>5.007<TD>1.15
+<TR><TH>LUCDIF 512 Key Agreement<TD>2880<TD>5.008<TD>1.74
+<TR><TH>LUCDIF 1024 Key-Pair Generation<TD>1057<TD>5.007<TD>4.74
+<TR><TH>LUCDIF 1024 Key-Pair Generation with precomputation<TD>1037<TD>5.007<TD>4.83
+<TR><TH>LUCDIF 1024 Key Agreement<TD>776<TD>5.017<TD>6.47
+<TR><TH>MQV 1024 Key-Pair Generation<TD>2311<TD>5.007<TD>2.17
+<TR><TH>MQV 1024 Key-Pair Generation with precomputation<TD>4595<TD>5.008<TD>1.09
+<TR><TH>MQV 1024 Key Agreement<TD>1224<TD>5.007<TD>4.09
+<TR><TH>MQV 2048 Key-Pair Generation<TD>522<TD>5.007<TD>9.59
+<TR><TH>MQV 2048 Key-Pair Generation with precomputation<TD>1572<TD>5.007<TD>3.19
+<TR><TH>MQV 2048 Key Agreement<TD>282<TD>5.017<TD>17.79
+<TBODY style="background: white">
+<TR><TH>ECIES over GF(p) 168 Encryption<TD>759<TD>5.008<TD>6.60
+<TR><TH>ECIES over GF(p) 168 Encryption with precomputation<TD>1327<TD>5.007<TD>3.77
+<TR><TH>ECIES over GF(p) 168 Decryption<TD>1062<TD>5.007<TD>4.71
+<TR><TH>ECNR over GF(p) 168 Signature<TD>1497<TD>5.007<TD>3.34
+<TR><TH>ECNR over GF(p) 168 Signature with precomputation<TD>2629<TD>5.007<TD>1.90
+<TR><TH>ECNR over GF(p) 168 Verification<TD>794<TD>5.008<TD>6.31
+<TR><TH>ECNR over GF(p) 168 Verification with precomputation<TD>1618<TD>5.007<TD>3.09
+<TR><TH>ECDHC over GF(p) 168 Key-Pair Generation<TD>1536<TD>5.007<TD>3.26
+<TR><TH>ECDHC over GF(p) 168 Key-Pair Generation with precomputation<TD>2576<TD>5.007<TD>1.94
+<TR><TH>ECDHC over GF(p) 168 Key Agreement<TD>1474<TD>5.007<TD>3.40
+<TR><TH>ECMQVC over GF(p) 168 Key-Pair Generation<TD>1529<TD>5.008<TD>3.28
+<TR><TH>ECMQVC over GF(p) 168 Key-Pair Generation with precomputation<TD>2588<TD>5.007<TD>1.93
+<TR><TH>ECMQVC over GF(p) 168 Key Agreement<TD>746<TD>5.007<TD>6.71
+<TBODY style="background: yellow">
+<TR><TH>ECIES over GF(2^n) 155 Encryption<TD>414<TD>5.007<TD>12.09
+<TR><TH>ECIES over GF(2^n) 155 Encryption with precomputation<TD>1071<TD>5.008<TD>4.68
+<TR><TH>ECIES over GF(2^n) 155 Decryption<TD>633<TD>5.007<TD>7.91
+<TR><TH>ECNR over GF(2^n) 155 Signature<TD>827<TD>5.007<TD>6.05
+<TR><TH>ECNR over GF(2^n) 155 Signature with precomputation<TD>2132<TD>5.007<TD>2.35
+<TR><TH>ECNR over GF(2^n) 155 Verification<TD>655<TD>5.007<TD>7.64
+<TR><TH>ECNR over GF(2^n) 155 Verification with precomputation<TD>1232<TD>5.008<TD>4.06
+<TR><TH>ECDHC over GF(2^n) 155 Key-Pair Generation<TD>806<TD>5.007<TD>6.21
+<TR><TH>ECDHC over GF(2^n) 155 Key-Pair Generation with precomputation<TD>2124<TD>5.007<TD>2.36
+<TR><TH>ECDHC over GF(2^n) 155 Key Agreement<TD>780<TD>5.007<TD>6.42
+<TR><TH>ECMQVC over GF(2^n) 155 Key-Pair Generation<TD>816<TD>5.007<TD>6.14
+<TR><TH>ECMQVC over GF(2^n) 155 Key-Pair Generation with precomputation<TD>2116<TD>5.008<TD>2.37
+<TR><TH>ECMQVC over GF(2^n) 155 Key Agreement<TD>660<TD>5.017<TD>7.60
+</TABLE>
+
+<H2>Notes</H2>
+<UL>
+<LI>
+Crypto++ 5.2.1 Benchmark Average for this platform: <STRONG>135.54</STRONG>. This number
+is computed by taking the geometric mean of the number of MB/second of each cipher,
+hash function, and MAC, and operations/second of each asymmetric operation listed above.
+<LI>
+RSA and LUC use 17 as the public exponent.
+<LI>
+DH and ElGamal encryption and decryption use short exponents to save time.
+The size of the secret exponents were chosen so that a meet-in-the-middle
+attack would be slower than the general discrete log algorithm (NFS). The
+sizes used were:
+<TABLE>
+<TR><TH>modulus<TH>exponent
+<TR><TD>512 <TD>120
+<TR><TD>1024 <TD>164
+<TR><TD>2048 <TD>226
+</TABLE>
+<LI>
+EC means elliptic curve. Operations in GF(2^n) are implemented using
+trinomial basis. Note that compared to other algorithms listed here,
+Crypto++'s implementation of EC over GF(2^n) is less optimized.
+<LI>
+All tests were done by repeating the crypto operations over small blocks
+of random data. In practice you will likely see slower
+speeds because time is needed to transfer data to and from memory.
+<LI>
+For the ciphers that specify big endian byte order, the timing data
+listed include time needed to convert to and from little endian
+order. For some ciphers (WAKE and SHA) this is a large fraction (up
+to 25%) of the total time.
+<LI>
+The RSA, RW, DH, MQV, and elliptic curve schemes come from the IEEE P1363
+standard. For more info see <A HREF="http://grouper.ieee.org/groups/1363/index.html">
+http://grouper.ieee.org/groups/1363/index.html</A>.
+<LI>
+Precomputation means using a table of 16 precomputed powers of
+each fixed base to speed up exponentiation.
+<LI>
+Tiger, SHARK, SHA-384, and SHA-512 are designed to take advantage of 64-bit
+word operations.
+Their relatives speeds can be expected to be much higher if the benchmarks
+were done on a 64-bit CPU.
+<LI>
+Source code for these benchmarks is available as part of the <a href="http://www.cryptopp.com">Crypto++</a> library.
+</UL>
+
+<HR>
+<ADDRESS>Written by: <A HREF="http://www.weidai.com">Wei Dai</A> <<A HREF="mailto:webmaster@weidai.com">webmaster@weidai.com</A>> Last modified: 7/23/2004</ADDRESS>
+
+<SCRIPT language="Javascript">
+<!--
+
+// FILE ARCHIVED ON 20080423003735 AND RETRIEVED FROM THE
+// INTERNET ARCHIVE ON 20100802114447.
+// JAVASCRIPT APPENDED BY WAYBACK MACHINE, COPYRIGHT INTERNET ARCHIVE.
+// ALL OTHER CONTENT MAY ALSO BE PROTECTED BY COPYRIGHT (17 U.S.C.
+// SECTION 108(a)(3)).
+
+ var sWayBackCGI = "http://web.archive.org/web/20080423003735/";
+
+ function xResolveUrl(url) {
+ var image = new Image();
+ image.src = url;
+ return image.src;
+ }
+ function xLateUrl(aCollection, sProp) {
+ var i = 0;
+ for(i = 0; i < aCollection.length; i++) {
+ var url = aCollection[i][sProp]; if (typeof(url) == "string") {
+ if (url.indexOf("mailto:") == -1 &&
+ url.indexOf("javascript:") == -1
+ && url.length > 0) {
+ if(url.indexOf("http") != 0) {
+ url = xResolveUrl(url);
+ }
+ url = url.replace('.wstub.archive.org','');
+ aCollection[i][sProp] = sWayBackCGI + url;
+ }
+ }
+ }
+ }
+
+ xLateUrl(document.getElementsByTagName("IMG"),"src");
+ xLateUrl(document.getElementsByTagName("A"),"href");
+ xLateUrl(document.getElementsByTagName("AREA"),"href");
+ xLateUrl(document.getElementsByTagName("OBJECT"),"codebase");
+ xLateUrl(document.getElementsByTagName("OBJECT"),"data");
+ xLateUrl(document.getElementsByTagName("APPLET"),"codebase");
+ xLateUrl(document.getElementsByTagName("APPLET"),"archive");
+ xLateUrl(document.getElementsByTagName("EMBED"),"src");
+ xLateUrl(document.getElementsByTagName("BODY"),"background");
+ xLateUrl(document.getElementsByTagName("TD"),"background");
+ xLateUrl(document.getElementsByTagName("INPUT"),"src");
+ var forms = document.getElementsByTagName("FORM");
+ if (forms) {
+ var j = 0;
+ for (j = 0; j < forms.length; j++) {
+ f = forms[j];
+ if (typeof(f.action) == "string") {
+ if(typeof(f.method) == "string") {
+ if(typeof(f.method) != "post") {
+ f.action = sWayBackCGI + f.action;
+ }
+ }
+ }
+ }
+ }
+
+
+//-->
+</SCRIPT>
+
+</HTML>
diff --git a/www.i2p2/pages/bittorrent.html b/www.i2p2/pages/bittorrent.html
new file mode 100644
index 0000000000000000000000000000000000000000..53cb640fc315d390a4c0596ef4c632b4a9170a36
--- /dev/null
+++ b/www.i2p2/pages/bittorrent.html
@@ -0,0 +1,276 @@
+{% extends "_layout.html" %}
+{% block title %}Bittorrent over I2P{% endblock %}
+{% block content %}
+Updated August 2012, current as of router version 0.9.1
+
+
+<p>There are several bittorrent clients and trackers on I2P.
+As I2P addressing uses a Destination instead of an IP and port, minor
+changes are required to tracker and client software for operation on I2P.
+These changes are specified below.
+Note carefully the guidelines for compatibility with older I2P clients and trackers.
+</p>
+<p>
+This page specifies protocol details common to all clients and trackers.
+Specific clients and trackers may implement other unique features or protocols.
+</p>
+<p>
+We welcome additional ports of client and tracker software to I2P.
+</p>
+
+
+
+<h2>Announces</h2>
+<p>
+Clients generally include a fake port=6881 parameter in the announce, for compatibility with older trackers.
+Trackers may ignore the port parameter, and should not require it.
+</p>
+<p>
+The ip parameter is the base 64 of the client's
+<a href="common_structures_spec.html#struct_Destination">Destination</a>,
+using the I2P Base 64 alphabet [A-Z][a-z][0-9]-~.
+<a href="common_structures_spec.html#struct_Destination">Destinations</a>
+are 387+ bytes, so the Base 64 is 516+ bytes.
+Clients generally append ".i2p" to the Base 64 Destination for compatibility with older trackers.
+Trackers should not require an appended ".i2p".
+</p>
+<p>
+Other parameters are the same as in standard bittorrent.
+</p>
+<p>
+While all current Destinations for clients are exactly 387 bytes, a tracker should not
+presume that will always be so. A reasonable maximum to assume, for now, is 475 bytes.
+As the tracker must decode the Base64 to deliver compact responses (see below),
+the tracker should probably decode and reject bad Base64 when announced.
+</p>
+<p>
+The default response type is non-compact. Clients may request a compact response with
+the parameter compact=1. A tracker may, but is not required to, return
+a compact response when requested.
+</p>
+<p>
+Developers of new I2P clients
+are strongly encouraged to implemenent announces over their own tunnel rather than
+the HTTP client proxy at port 4444. Doing so is both more efficient and it allows
+destination enforcement by the tracker (see below).
+</p>
+<p>
+There are no known I2P clients or trackers that currently support UDP announce/responses.
+</p>
+
+
+<h2>Non-Compact Tracker Responses</h2>
+<p>
+The non-compact response is just as in standard bittorrent, with an I2P "ip".
+</p>
+<p>
+Trackers generally include a fake port key, or use the port from the announce, for compatibility with older clients.
+Clients must ignore the port parameter, and should not require it.
+</p>
+<p>
+The value of the ip key is the base 64 of the client's
+<a href="common_structures_spec.html#struct_Destination">Destination</a>, as described above.
+Trackers generally append ".i2p" to the Base 64 Destination if it wasn't in the announce ip, for compatibility with older clients.
+Clients should not require an appended ".i2p" in the responses.
+</p>
+<p>
+Other response keys and values are the same as in standard bittorrent.
+</p>
+
+
+
+<h2>Compact Tracker Responses</h2>
+<p>
+In the compact response, the value of the "peers" dictionary key is a single byte string,
+whose length is a multiple of 32 bytes.
+This string contains the concatenated
+<a href="common_structures_spec.html#type_Hash">32-byte SHA-256 Hashes</a>
+of the binary
+<a href="common_structures_spec.html#struct_Destination">Destinations</a>
+of the peers.
+This hash must be computed by the tracker, unless destination enforcement
+(see below) is used, in which case the hash delivered in the X-I2P-DestHash
+or X-I2P-DestB32 HTTP headers may be converted to binary and stored.
+The peers key may be absent, or the peers value may be zero-length.
+</p>
+<p>
+While compact response support is optional for both clients and trackers, it is highly
+recommended as it reduces the nominal response size by over 90%.
+</p>
+
+
+
+<h2>Destination Enforcement</h2>
+<p>
+Some, but not all, I2P bittorrent clients announce over their own tunnels.
+Trackers may choose to prevent spoofing by requiring this, and verifying the
+client's
+<a href="common_structures_spec.html#struct_Destination">Destination</a>
+using HTTP headers added by the I2PTunnel HTTP Server tunnel.
+The headers are X-I2P-DestHash, X-I2P-DestB64, and X-I2P-DestB32, which are
+different formats for the same information.
+These headers cannot be spoofed by the client.
+A tracker enforcing destinations need not require the ip announce parameter at all.
+</p>
+<p>
+As several clients use the HTTP proxy instead of their own tunnel for announces,
+destination enforcement will prevent usage by those clients unless or until
+those clients are converted to announcing over their own tunnel.
+</p>
+<p>
+Unfortunately, as the network grows, so will the amount of maliciousness,
+so we expect that all trackers will eventually enforce destinations.
+Both tracker and client developers should anticipate it.
+</p>
+
+
+
+<h2>Announce Host Names</h2>
+<p>
+Announce URL host names in torrent files generally follow the
+<a href="naming.html">I2P naming standards</a>.
+In addition to host names from address books and ".b32.i2p" Base 32 hostnames,
+the full Base 64 Destination (with [or without?] ".i2p" appended) should be supported.
+Non-open trackers should recognize their own host name in any of these formats.
+</p>
+<p>
+To preserve anonymity,
+clients should generally ignore non-I2P announce URLs in torrent files.
+</p>
+
+
+
+<h2>Client Connections</h2>
+<p>
+Client-to-client connections use the standard protocol over TCP.
+There are no known I2P clients that currently support uTP communication.
+</p>
+<p>
+I2P uses 387+ byte
+<a href="common_structures_spec.html#struct_Destination">Destinations</a> for addresses, as explained above.
+</p>
+<p>
+If the client has only the hash of the destination (such as from a compact response or PEX), it must perform a lookup
+by encoding it with Base 32, appending ".b32.i2p", and querying the Naming Service,
+which will return the full Destination if available.
+</p>
+<p>
+If the client has a peer's full Destination it received in a non-compact response, it should use it
+directly in the connection setup.
+Do not convert a Destination back to a Base 32 hash for lookup, this is quite inefficient.
+</p>
+
+
+<h2>Cross-Network Prevention</h2>
+<p>
+To preserve anonymity,
+I2P bittorrent clients generally do not support non-I2P announces or peer connections.
+I2P HTTP outproxies often block announces.
+There are no known SOCKS outproxies supporting bittorrent traffic.
+</p>
+<p>
+To prevent usage by non-I2P clients via an HTTP inproxy, I2P trackers often
+block accesses or announces that contain an X-Forwarded-For HTTP header.
+Trackers should reject standard network announces with IPv4 or IPv6 IPs, and not deliver them in responses.
+</p>
+
+
+
+<h2>PEX</h2>
+<p>
+I2P PEX is based on ut_pex.
+As there does not appear to be a formal specification of ut_pex available,
+it may be necessary to review the libtorrent source for assistance.
+It is an extension message, identified as "i2p_pex" in
+<a href="http://www.bittorrent.org/beps/bep_0010.html">the extension handshake</a>.
+It contains a bencoded dictionary with up to 3 keys, "added", "added.f", and "dropped".
+The added and dropped values are each a single byte string, whose length is a multiple of 32 bytes.
+These byte strings are the concatenated SHA-256 Hashes of the binary
+<a href="common_structures_spec.html#struct_Destination">Destinations</a>
+of the peers.
+This is the same format as the peers dictionary value in the i2p compact response format specified above.
+The added.f value, if present, is the same as in ut_pex.
+</p>
+
+
+
+<h2>DHT</h2>
+<p>
+DHT is not fully implemented in any I2P client.
+Preliminary differences from
+<a href="http://www.bittorrent.org/beps/bep_0005.html">BEP 5</a>
+are described below, and are subject to change.
+Contact the I2P developers if you wish to develop a client supporting DHT.
+</p>
+<p>
+Unlike standard DHT, I2P DHT does not use a bit in the options handshake, or the PORT message.
+It is advertised with an extension message, identified as "i2p_dht" in
+<a href="http://www.bittorrent.org/beps/bep_0010.html">the extension handshake</a>.
+It contains a bencoded dictionary with two keys, "port" and "rport", both integers.
+</p>
+<p>
+The UDP (datagram) port listed in the compact node info is used
+to receive repliable (signed) datagrams.
+This is used for queries, except for announces.
+We call this the "query port".
+This is the "port" value from the extension message.
+Queries use I2CP protocol number 17.
+</p>
+<p>
+In addition to that UDP port, we use a second datagram
+port equal to the query port + 1. This is used to receive
+unsigned (raw) datagrams for replies, errors, and announces.
+This port provides increased efficiency since replies
+contain tokens sent in the query, and need not be signed.
+We call this the "response port".
+This is the "rport" value from the extension message.
+It must be 1 + the query port.
+Responses and announces use I2CP protocol number 18.
+</p>
+<p>
+Compact peer info is 32 bytes (32 byte SHA256 Hash)
+instead of 4 byte IP + 2 byte port. There is no peer port.
+In a response, the "values" key is a list of strings, each containing a single compact peer info.
+</p>
+<p>
+Compact node info is 54 bytes (20 byte SHA1 Hash + 32 byte SHA256 Hash + 2 byte port)
+instead of 20 byte SHA1 Hash + 4 byte IP + 2 byte port.
+In a response, the "nodes" key is a
+single byte string with concatenated compact node info.
+</p>
+<p>
+Secure node ID requirement: To make various DHT attacks more difficult,
+the first 4 bytes of the Node ID must match the first 4 bytes of the destination Hash,
+and the next two bytes of the Node ID must match the next two bytes of the
+destination hash exclusive-ORed with the port.
+</p>
+<p>
+In a torrent file,
+the trackerless torrent dictionary "nodes" key is TBD.
+It could be a list of
+32 byte binary strings (SHA256 Hashes) instead of a list of lists
+containing a host string and a port integer.
+Alternatives: A single byte string with concatenated hashes,
+or a list of strings alone.
+</p>
+
+
+<h2>Additional Information</h2>
+<ul>
+<li>
+I2P bittorrent standards are generally discussed on <a href="http://zzz.i2p/">zzz.i2p</a>.
+</li>
+<li>
+A chart of current tracker software capabilities is <a href="http://zzz.i2p/files/trackers.html">also available there</a>.
+</li>
+<li>
+The
+<a href="http://forum.i2p2.de/viewtopic.php?t=2068">I2P bittorrent FAQ</a>
+</li>
+<li>
+<a href="http://zzz.i2p/topics/812">DHT on I2P discussion</a>
+</li>
+</ul>
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/bittorrent_fr.html b/www.i2p2/pages/bittorrent_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..5796cfbc5ca2e289a2bc73a7fd730c85a61542a7
--- /dev/null
+++ b/www.i2p2/pages/bittorrent_fr.html
@@ -0,0 +1,228 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Bittorrent sur I2P{% endblock %}
+{% block content %}
+Traduction de juillet 2011. <a href="bittorrent.html">Version anglaise actuelle</a>
+Mise à jour de mai 2011, pour la version 0.8.6 du routeur
+<p>Il existe plusieurs clients et trackers bittorrent sur I2P.
+Comme l'adressage I2P utilise une Destination plutôt qu'une adresse IP et un port, de légères modifications
+des logiciels tracker et client sont nécessaires au fonctionnement sur I2P.
+Ces modifications sont précisées ci-dessous.
+Faites particulièrement attention aux informations concernant la compatibilité avec les anciens clients et trackers I2P.
+</p>
+<p>
+Cette page détaille les protocoles communs à tous les clients et trackers.
+Des clients et trackers particulier peuvent mettre en œuvre d'autres fonctionnalités ou protocoles uniques.
+</p>
+<p>
+Nous accueillons avec joie les nouveaux portages des clients et tracker sur I2P.
+</p>
+
+
+
+<h2>Annonces</h2>
+<p>
+Les clients disposent généralement d'un paramètre de port factice 6881 dans l'annonce, pour la compatibilité avec
+les anciens trackers. Les trackers peuvent ignorer ce paramètre de port, et ne doivent pas en avoir besoin.
+</p>
+<p>
+Le paramètre ip est le code Base64 de la <a href="common_structures_spec.html#struct_Destination">Destination</a> du
+client, Ã base de l'alphabet Base64 d'I2P [A-Z][a-z][0-9]-~.
+Les <a href="common_structures_spec.html#struct_Destination">Destinations</a>
+font plus de 387 octets, donc plus de 516 octets en Base64.
+Les clients suffixent généralement ".i2p" à la Destination Base64 pour la compatibilité avec d'anciens trackers.
+Les trackers ne doivent pas avoir besoin de ce suffixe.
+</p>
+<p>D'autres paramètre sont les mêmes que dans le standard bittorrent.
+</p>
+<p>
+Bien que toutes les Destinations actuelles de clients font exactement 387 octets, un tracker ne doit pas
+présumer qu'il sera toujours ainsi. Un maximum raisonnable pour l'instant, serait 475 octets.
+Comme le tracker doit décoder la Base64 pour fournir des réponses compactes (voir plus bas), il devrait décoder et
+rejeter les
+annonces Base64 non conformes.
+</p>
+<p>
+Le type de réponse par défaut est non-compact. Les clients peuvent demander une réponse compacte par le paramètre
+compact=1. Un tracker peut, sans y être contraint, renvoyer une réponse compacte, quand on lui demande.
+</p>
+<p>
+Nous conseillons vivement aux développeurs de nouveaux clients I2P d'implémenter les annonces par leur propre tunnel
+plutôt que par celui du mandataire client HTTP (port 4444). C'est à la fois plus efficace et cela renforce la
+destination au niveau du tracker (voir plus bas).
+</p>
+
+
+<h2>Réponses non-compactes du tracker </h2>
+<p>
+La réponse non-compacte n'est simplement que le standard bittorrent, avec une "ip" I2P.
+</p>
+<p>
+Les trackers disposent généralement d'un port factice ou utilisent le port reçu dans l'annonce, pour la compatibilité
+avec les anciens clients. Les clients doivent ignorer ce port, et ne doivent pas en avoir besoin.
+</p>
+<p>
+La valeur de la clé ip est la Base64 de la
+<a href="common_structures_spec.html#struct_Destination">Destination</a> du client, comme expliqué ci-dessus.
+Les trackers suffixent généralement ".i2p" la Destination Base64 si elle n'était pas dans l'annonce, pour la
+compatibilité avec les anciens clients. Les ne doivent pas avoir besoin de ce suffixe dans les réponses qu'ils reçoivent.
+</p>
+<p>
+Les autres paramètres et valeurs de réponses sont les mêmes que dans le standard bittorrent.
+</p>
+
+
+
+<h2>Réponses compactes du tracker</h2>
+<p>
+Dans la réponse compacte, la valeur de clé de dictionnaire de pairs est une chaîne d'un seul octet, dont la longueur est
+un multiple de 32 octets. Cette chaîne contient les empreintes
+<a href="common_structures_spec.html#type_Hash">SHA-256 32 octets</a> concaténées des
+<a href="common_structures_spec.html#struct_Destination">Destinations</a> binaires des pairs.
+Cette empreinte doit être calculée par le tracker, à moins que le renforcement de destination (voir plus bas)
+ne soit utilisé, auquel cas l'empreinte fournie dans les en-têtes HTTP X-I2P-DestHash ou X-I2P-DestB32 peuvent être
+converties en binaire et enregistrées. La clé des pairs peut être absente, ou la valeur des pairs peut être de longueur
+nulle.</p>
+<p>
+Bien que la prise en charge de la réponse compacte soit optionnelle tant pour le client que pour le tracker, elle est
+fortement recommandée car elle la taille nominale de la réponse de plus de 90%.
+</p>
+
+
+
+<h2>Renforcement de destination</h2>
+<p>
+Quelques-uns (mais malheureusement pas tous) des clients bittorrent I2P communiquent par leurs propres tunnels. Les
+trackers peuvent décider d'empêcher l'usurpation en exigeant cette fonctionnalité et en vérifiant la
+<a href="common_structures_spec.html#struct_Destination">Destination</a> du client en utilisant les en-têtes HTTP
+ajoutées par le tunnel Serveur HTTP I2PTunnel. Les en-têtes sont X-I2P-DestHash, X-I2P-DestB64, et X-I2P-DestB32,
+qui sont différents formats de la même information. Ces en-têtes ne peuvent pas être modifiées par le client à des fins
+malhonnêtes. Un tracker qui renforce les destinations n'a absolument pas besoin du paramètre d'annonce ip.
+</p>
+<p>
+Comme plusieurs clients utilisent le proxy HTTP au lieu de leur propre tunnel pour les annonces,
+le renforcements de destinations empêchera l'utilisation de ces clients à moins ou jusqu'à ce qu'ils soit modifiés pour
+faire leurs annonces sur leur propre tunnel.
+</p>
+<p>
+Malheureusement, au fur et à mesure de la croissance de la taille du réseau, la malignité en fait autant, et nous
+espérons voir tous les trackers adopter le renforcement de destinations. Tous les clients et les trackers devraient
+l'anticiper.</p>
+
+
+
+<h2>Annonce noms d'hôtes</h2>
+<p>
+L'annonce de l'URL de nom d'hôte dans les fichiers torrent obéit généralement aux
+<a href="naming_fr.html">conventions de nommage I2P</a>.
+En plus des noms d'hôtes du carnet d'adresses et de ceux en Base32 (".b32.i2p"),
+la destination Base64 complète (suffixée ou pas en ".i2p") doit être prise en charge. Les trackers non ouverts doivent
+reconnaître leur propre nom d'hôte dans tous ces formats.</p>
+<p>
+Pour préserver l'anonymat, les clients devraient ignorer les annonces URL non-I2P des fichiers torrent.
+</p>
+
+
+
+<h2>Connexions sortantes</h2>
+<p>
+I2P utilise en tant qu'adresses des <a href="common_structures_spec.html#struct_Destination">Destinations</a> de plus
+de 387 octets, comme expliqué plus haut.
+</p>
+<p>
+Si le client ne dispose que de l'empreinte de la destination (comme dans une réponse compacte ou PEX), il doit effectuer
+une recherche en l'encodant en Base32 suffixé en ".b32.i2p" pour le service de nommage, et c'est celui-ci qui donnera la
+destination complète si elle est disponible.
+</p>
+<p>
+Si le client connaît la destination complète d'un pair (qu'il a reçue dans une réponse non-compacte, il peut l'utiliser
+directement dans le montage de la connexion. Une conversion en Base32 à fin de requête est complètement inefficace.
+</p>
+
+
+
+<h2>Protection inter-réseaux</h2>
+<p>
+Pour préserver l'anonymat, les clients bittorrent I2P n'acceptent généralement pas les annonces non-I2P ou les
+connexions de pairs. En général, les proxies sortant HTTP I2P bloquent les annonces. Il n'existe pas de proxy
+SOCKS sortant qui accepterait le trafic bittorrent.
+</p>
+<p>
+Pour empêcher l'utilisation par des clients non-I2P par un proxy HTTP entrant, les trackers I2P bloquent souvent
+les accès ou les annonces qui contiennent une en-tête HTTP X-Forwarded-For. Les trackers devraient rejeter les
+annonces standard en IPv4/IPv6, et ne pas les fournir en tant que réponses.</p>
+
+
+
+<h2>PEX</h2>
+<p>
+I2P PEX est basé sur ut_pex.
+Comme il ne semple pas y avoir de spécification officielle disponible pour ut_pex, il pourra être nécessaire d'examiner
+la source de libtorrent pour y trouver de l'aide. C'est une extension des messages, identifiée comme "i2p_pex" dans
+la <a href="http://www.bittorrent.org/beps/bep_0010.html">négociation d'extension</a>. Elle contient un dictionnaire
+<a href="http://en.wikipedia.org/wiki/Bencode">b-encodé</a> avec jusqu'à trois clés, "added", "added.f", et "dropped".
+Les valeurs added et dropped sont toutes deux une chaîne simple octet, dont la longueur est un multiple de 32 octets.
+Ces chaînes d'octets sont les empreintes SHA-256 concaténées des
+<a href="common_structures_spec.html#struct_Destination">Destinations</a> des pairs. C'est le même format que la valeur
+du dictionnaire de pairs dans le format de réponse compacte I2P exposé plus haut. La valeur added.f, si présente,
+est la même que dans ut_pex.
+</p>
+
+
+
+<h2>DHT</h2>
+<p>
+DHT n'est pas entièrement implémentée dans aucuns clients I2P. Les différences initiales par rapport Ã
+<a href="http://www.bittorrent.org/beps/bep_0005.html">BEP 5</a> sont décrites ci-dessous, et sont susceptibles de
+modifications. Contactez les développeurs d'I2P si vous voulez créer un client qui supporterait DHT.
+</p>
+<p>
+La DHT I2P utilisera probablement des options de négociation différentes de celles du standard DHT, ou bien elle
+utilisera un message d'extension.
+</p>
+<p>
+Le port UDP (datagramme) listé dans l'information compacte de nœud sert pour recevoir des datagrammes (signés) auxquels
+il est possible de répondre. Ceci est utilisé pour les requêtes, à part les annonces. Nous l'appelons le port de
+requêtes ("query port").
+</p>
+<p>
+En complément de ce port UDP, nous utilisons un second port UDP, dont le n° est égal à celui du port des datagrammes
+signés, +1. Il sert à recevoir des datagrammes bruts non signés pour les réponses, les erreurs, et les requêtes
+d'annonces : c'est le port de réponse ("response port").
+</p>
+<p>
+L'information compacte de pair fait 32 octets (empreinte SHA256 Ã 32 octets) au lieu de 4 octets d'IP + 2 octets de
+port. Il n'y a pas de port de pair.
+</p>
+<p>
+L'information compacte de nœud fait 54 octets (20 octets d'empreinte SHA1 + 32 octets d'empreinte SHA256 + 2 octets de
+port) au lieu de 20 octets d'empreinte SHA1 + 4 octets d'IP + 2 octets de port.
+</p>
+<p>
+Le port de requête est échangé dans un message PORT standard. Le port de réponse est toujours le port de requête +1.
+</p>
+<p>
+La clé de "nœuds" de dictionnaire de torrent sans tracker est une liste de chaînes binaires de 32 octets (empreintes
+SHA256) au lieu d'une liste de listes contenant une chaîne "hôte" et un entier "port".
+Alternative : une chaîne simple octet, avec des empreintes concaténées.
+</p>
+
+
+<h2>Information supplémentaires</h2>
+<ul>
+<li>
+Les standards bittorrent I2P sont discutés sur <a href="http://zzz.i2p/">zzz.i2p</a>.
+</li>
+<li>
+Un tableau de compatibilité actuelle des trackers est également
+<a href="http://zzz.i2p/files/trackers.html">disponible ici</a>.
+</li>
+<li>
+La <a href="http://forum.i2p2.de/viewtopic.php?t=2068">FAQ bittorrent I2P</a>
+</li>
+<li>
+<a href="http://zzz.i2p/topics/812">Discussion de DHT sur I2P</a>
+</li>
+</ul>
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/blockfile.html b/www.i2p2/pages/blockfile.html
new file mode 100644
index 0000000000000000000000000000000000000000..ec25cf56e99fb82a3bfdbc20e192c1ccd0e45eac
--- /dev/null
+++ b/www.i2p2/pages/blockfile.html
@@ -0,0 +1,216 @@
+{% extends "_layout.html" %}
+{% block title %}I2P Blockfile Specification{% endblock %}
+{% block content %}
+<h2>
+Blockfile and Hosts Database Specification
+</h2>
+<p>
+Page last updated January 2012, current as of router version 0.8.12
+<h3>Overview</h3>
+<p>
+This document specifies
+the I2P blockfile file format
+and the tables in the hostsdb.blockfile used by the Blockfile <a href="naming.html">Naming Service</a>.
+</p><p>
+The blockfile provides fast Destination lookup in a compact format. While the blockfile page overhead is substantial,
+the destinations are stored in binary rather than in Base 64 as in the hosts.txt format.
+In addition, the blockfile provides the capability of arbitrary metadata storage
+(such as added date, source, and comments) for each entry.
+The metadata may be used in the future to provide advanced addressbook features.
+The blockfile storage requirement is a modest increase over the hosts.txt format, and the blockfile provides
+approximately 10x reduction in lookup times.
+</p><p>
+A blockfile is simply on-disk storage of multiple sorted maps (key-value pairs),
+implemented as skiplists.
+The blockfile format is adopted from the
+<a href="http://www.metanotion.net/software/sandbox/block.html">Metanotion Blockfile Database</a>.
+First we will define the file format, then the use of that format by the BlockfileNamingService.
+
+<h3>Blockfile Format</h3>
+<p>
+The original blockfile spec was modified to add magic numbers to each page.
+The file is structured in 1024-byte pages. Pages are numbered starting from 1.
+The "superblock" is always at page 1, i.e. starting at byte 0 in the file.
+The metaindex skiplist is always at page 2, i.e. starting at byte 1024 in the file.
+</p><p>
+All 2-byte integer values are unsigned.
+All 4-byte integer values (page numbers) are signed and negative values are illegal.
+</p><p>
+The database is designed to be opened and accessed by a single thread.
+The BlockfileNamingService provides synchronization.
+</p>
+
+<p>
+Superblock format:
+</p>
+<pre>
+Byte Contents
+0-5 Magic number 0x3141de493250 ("1A" 0xde "I2P")
+6 Major version 0x01
+7 Minor version 0x01
+8-15 File length Total length in bytes
+16-19 First free list page
+20-21 Mounted flag 0x01 = yes
+22-23 Span size max number of key/value pairs per span (16 for hostsdb)
+24-1023 unused
+</pre>
+
+<p>
+Skip list block page format:
+</p>
+<pre>
+Byte Contents
+0-7 Magic number 0x536b69704c697374 "SkipList"
+8-11 First span page
+12-15 First level page
+16-19 Size (total number of keys - may only be valid at startup)
+20-23 Spans (total number of spans - may only be valid at startup)
+24-27 Levels (total number of levels - may only be valid at startup)
+28-1023 unused
+</pre>
+
+
+<p>
+Skip level block page format is as follows.
+All levels have a span. Not all spans have levels.
+</p>
+<pre>
+Byte Contents
+0-7 Magic number 0x42534c6576656c73 "BSLevels"
+8-9 Max height
+10-11 Current height
+12-15 Span page
+16- Next level pages ('current height' entries, 4 bytes each, lowest first)
+remaining bytes unused
+</pre>
+
+
+<p>
+Skip span block page format is as follows.
+Key/value structures are sorted by key within each span and across all spans.
+Key/value structures are sorted by key within each span.
+Spans other than the first span may not be empty.
+</p>
+<pre>
+Byte Contents
+0-3 Magic number 0x5370616e "Span"
+4-7 First continuation page or 0
+8-11 Previous span page or 0
+12-15 Next span page or 0
+16-17 Max keys (16 for hostsdb)
+18-19 Size (current number of keys)
+20-1023 key/value structures
+</pre>
+
+<p>
+Span Continuation block page format:
+</p>
+<pre>
+Byte Contents
+0-3 Magic number 0x434f4e54 "CONT"
+4-7 Next continuation page or 0
+8-1023 key/value structures
+</pre>
+
+
+<p>
+Key/value structure format is as follows.
+Key and value lengths must not be split across pages, i.e. all 4 bytes must be on the same page.
+If there is not enough room the last 1-3 bytes of a page are unused and the lengths will
+be at offset 8 in the continuation page.
+Key and value data may be split across pages.
+Max key and value lengths are 65535 bytes.
+</p>
+<pre>
+Byte Contents
+0-1 key length in bytes
+2-3 value length in bytes
+4- key data
+ value data
+</pre>
+
+<p>
+Free list block page format:
+</p>
+<pre>
+Byte Contents
+0-7 Magic number 0x2366724c69737423 "#frList#"
+8-11 Next free list block or 0 if none
+12-15 Number of valid free pages in this block (0 - 252)
+16-1023 Free pages (4 bytes each), only the first (valid number) are valid
+</pre>
+
+
+<p>
+Free page block format:
+</p>
+<pre>
+Byte Contents
+0-7 Magic number 0x7e2146524545217e "~!FREE!~"
+8-1023 unused
+</pre>
+
+<p>
+The metaindex (located at page 2) is a mapping of US-ASCII strings to 4-byte integers.
+The key is the name of the skiplist and the value is the page index of the skiplist.
+</p>
+
+<h3>Blockfile Naming Service Tables</h3>
+<p>
+The tables created and used by the BlockfileNamingService are as follows.
+The maximum number of entries per span is 16.
+</p>
+
+<h4>Properties Skiplist</h4>
+<p>
+"%%__INFO__%%" is the master database skiplist with String/Properties key/value entries containing only one entry:
+</p>
+<pre>
+ "info": a Properties (UTF-8 String/String Map), serialized as a <a href="common_structures_spec#type_Mapping">Mapping</a>:
+ "version": "2"
+ "created": Java long time (ms)
+ "upgraded": Java long time (ms) (as of database version 2)
+ "lists": Comma-separated list of host databases, to be
+ searched in-order for lookups. Almost always "privatehosts.txt,userhosts.txt,hosts.txt".
+</pre>
+
+<h4>Reverse Lookup Skiplist</h4>
+<p>
+"%%__REVERSE__%%" is the reverse lookup skiplist with Integer/Properties key/value entries
+ (as of database version 2):
+</p>
+<pre>
+ The skiplist keys are 4-byte Integers, the first 4 bytes of the hash of the Destination.
+ The skiplist values are each a Properties (a UTF-8 String/String Map) serialized as a <a href="common_structures_spec#type_Mapping">Mapping</a>
+ There may be multiple entries in the properties, each one is a reverse mapping,
+ as there may be more than one hostname for a given destination,
+ or there could be collisions with the same first 4 bytes of the hash.
+ Each property key is a hostname.
+ Each property value is the empty string.
+</pre>
+
+<h4>hosts.txt, userhosts.txt, and privatehosts.txt Skiplists</h4>
+<p>
+For each host database, there is a skiplist containing
+the hosts for that database.
+The keys/values in these skiplists are as follows:
+</p>
+<pre>
+ key: a UTF-8 String (the hostname)
+ value: a DestEntry, which is a Properties (a UTF-8 String/String Map) serialized as a <a href="common_structures_spec#type_Mapping">Mapping</a>
+ followed by a binary Destination (serialized <a href="common_structures_spec#struct_Destination">as usual</a>).
+</pre>
+
+<p>
+The DestEntry Properties typically contains:
+</p>
+<pre>
+ "a": The time added (Java long time in ms)
+ "s": The original source of the entry (typically a file name or subscription URL)
+ others: TBD
+</pre>
+<p>
+Hostname keys are stored in lower-case and always end in ".i2p".
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/bob.html b/www.i2p2/pages/bob.html
new file mode 100644
index 0000000000000000000000000000000000000000..6563aee9e3379e971b7b584643b473da31f1f520
--- /dev/null
+++ b/www.i2p2/pages/bob.html
@@ -0,0 +1,255 @@
+{% extends "_layout.html" %}
+{% block title %}BOB{% endblock %}
+{% block content %}
+<pre>
+Technical differences from SAM (for the better?)
+
+
+BOB has separate command and data channels.
+One, an application command channel socket to router to configure.
+Two, the application data sockets to/from router that carry only data.
+The command channel is only needed for making or setting the initial
+destination key, and to set the destination key to port bindings.
+All connections run in parallel.
+
+SAM One connection that does everything, and you need to parse every packet.
+
+BOB does not hold keypair values, nor does the router.
+Your application holds the keypair values.
+This is to reduce any extra complexity in the router code, it also adds to
+your privacy.
+
+SAM router stores every keypair you ever make.
+
+Those are the important differences.
+
+KEYS = keypair public+private, these are BASE64
+KEY = public key, also BASE64
+
+ERROR as is implied returns the message "ERROR "+DESCRIPTION+"\n", where the DESCRIPTION is what went wrong.
+OK returns "OK", and if data is to be returned, it is on the same line. OK means the command is finished.
+DATA lines contain information that you requested. There may be multiple DATA lines per request.
+
+NOTE: The help command is the ONLY command that has an exception to
+the rules... it can actually return nothing! This is intentional, since
+help is a HUMAN and not an APPLICATION command.
+
+PLEASE NOTE:
+For CURRENT details on the commands PLEASE use the built-in help command.
+Just telnet to localhost 2827 and type help and you can get full documentation on each command.
+
+Commands never get obsoleted or changed, however new commands do get added from time to time.
+
+Here are the commands we have as of this writing (Aug 2010).
+
+COMMAND OPERAND RETURNS
+help (optional command to get help on) NOTHING or OK and description of the command
+clear ERROR or OK
+getdest ERROR or OK and KEY
+getkeys ERROR or OK and KEYS
+getnick tunnelname ERROR or OK
+inhost hostname or IP address ERROR or OK
+inport port number ERROR or OK
+list ERROR or DATA lines and final OK
+newkeys ERROR or OK and KEY
+option ERROR or OK
+outhost hostname or IP address ERROR or OK
+outport port number ERROR or OK
+quiet ERROR or OK
+quit OK and terminates the command connection
+setkeys KEYS ERROR or OK
+setnick tunnel nickname ERROR or OK
+show ERROR or OK and information
+showprops ERROR or OK and information
+start ERROR or OK
+status tunnel nickname ERROR or OK and information
+stop ERROR or OK
+verify KEY ERROR or OK
+visit OK, and dumps BOB's threads to the wrapper.log
+zap nothing, quits BOB
+
+Once set up, all TCP sockets can and will block as needed, and there is no need for any
+additional messages to/from the command channel. This allows the router to pace the
+stream without exploding with OOM like SAM does as it chokes on attempting to shove
+many streams in or out one socket -- that can't scale when you have alot of connections!
+
+What is also nice about this particular interface is that writing anything to interface
+to it, is much much easier than SAM. There is no other processing to do after the set up.
+It's configuration is so simple, that very simple tools, such as nc (netcat) can be used
+to point to some application. The value there is that one could schedule up and down times
+for an application, and not have to change the application to do that, or to even have
+to stop that application. Instead, you can literally "unplug" the destination, and
+"plug it in" again. As long as the same IP/port addresses and destination keys are used
+when bringing the bridge up, the normal TCP application won't care, and won't notice.
+It will simply be fooled -- the destinations are not reachable, and that nothing is coming in.
+
+For the following example, we'll setup a very simple local loopback connection,
+with two destinations. Destination "mouth" will be the CHARGEN service from
+the INET superserver daemon. Destination "ear" will be a local port that you
+can telnet into, and watch the pretty ASCII test puke forth.
+
+EXAMPLE SESSION DIALOGUE -- simple telnet 127.0.0.1 2827 works
+A = Application
+C = BOB's Command response.
+
+FROM TO DIALOGUE
+A C setnick mouth
+C A OK Nickname set to mouth
+A C newkeys
+C A OK ZMPz1zinTdy3~zGD~f3g9aikZTipujEvvXOEyYfq4Su-mNKerqG710hFbkR6P-xkouVyNQsqWLI8c6ngnkSwGdUfM7hGccqBYDjIubTrlr~0g2-l0vM7Y8nSqtFrSdMw~pyufXZ0Ys3NqUSb8NuZXpiH2lCCkFG21QPRVfKBGwvvyDVU~hPVfBHuR8vkd5x0teMXGGmiTzdB96DuNRWayM0y8vkP-1KJiPFxKjOXULjuXhLmINIOYn39bQprq~dAtNALoBgd-waZedYgFLvwHDCc9Gui8Cpp41EihlYGNW0cu0vhNFUN79N4DEpO7AtJyrSu5ZjFTAGjLw~lOvhyO2NwQ4RiC4UCKSuM70Fz0BFKTJquIjUNkQ8pBPBYvJRRlRG9HjAcSqAMckC3pvKKlcTJJBAE8GqexV7rdCCIsnasJXle-6DoWrDkY1s1KNbEVH6i1iUEtmFr2IHTpPeFCyWfZ581CAFNRbbUs-MmnZu1tXAYF7I2-oXTH2hXoxCGAAAA
+
+MAKE NOTE OF THE ABOVE DESTINATION KEY, YOURS WILL BE DIFFERENT!
+
+FROM TO DIALOGUE
+A C outhost 127.0.0.1
+C A OK outhost set
+A C outport 19
+C A OK outbound port set
+A C start
+C A OK tunnel starting
+
+At this point, there was no error, a destination with a nickname of "mouth"
+is set up. When you contact the destination provided, you actually connect
+to the CHARGEN service on 19/TCP.
+
+Now for the other half, so that we can actually contact this destination.
+
+FROM TO DIALOGUE
+A C setnick ear
+C A OK Nickname set to ear
+A C newkeys
+C A OK 8SlWuZ6QNKHPZ8KLUlExLwtglhizZ7TG19T7VwN25AbLPsoxW0fgLY8drcH0r8Klg~3eXtL-7S-qU-wdP-6VF~ulWCWtDMn5UaPDCZytdGPni9pK9l1Oudqd2lGhLA4DeQ0QRKU9Z1ESqejAIFZ9rjKdij8UQ4amuLEyoI0GYs2J~flAvF4wrbF-LfVpMdg~tjtns6fA~EAAM1C4AFGId9RTGot6wwmbVmKKFUbbSmqdHgE6x8-xtqjeU80osyzeN7Jr7S7XO1bivxEDnhIjvMvR9sVNC81f1CsVGzW8AVNX5msEudLEggpbcjynoi-968tDLdvb-CtablzwkWBOhSwhHIXbbDEm0Zlw17qKZw4rzpsJzQg5zbGmGoPgrSD80FyMdTCG0-f~dzoRCapAGDDTTnvjXuLrZ-vN-orT~HIVYoHV7An6t6whgiSXNqeEFq9j52G95MhYIfXQ79pO9mcJtV3sfea6aGkMzqmCP3aikwf4G3y0RVbcPcNMQetDAAAA
+A C inhost 127.0.0.1
+C A OK inhost set
+A C inport 37337
+C A OK inbound port set
+A C start
+C A OK tunnel starting
+A C quit
+C A OK Bye!
+
+Now all we need to do is telnet into 127.0.0.1, port 37337,
+send the destination key or host address from addressbook we want to contact.
+In this case, we want to contact "mouth", all we do is paste in the
+key and it goes.
+
+NOTE: The "quit" command in the command channel does NOT disconnect the tunnels like SAM.
+
+# telnet 127.0.0.1 37337
+Trying 127.0.0.1...
+Connected to 127.0.0.1.
+Escape character is '^]'.
+ZMPz1zinTdy3~zGD~f3g9aikZTipujEvvXOEyYfq4Su-mNKerqG710hFbkR6P-xkouVyNQsqWLI8c6ngnkSwGdUfM7hGccqBYDjIubTrlr~0g2-l0vM7Y8nSqtFrSdMw~pyufXZ0Ys3NqUSb8NuZXpiH2lCCkFG21QPRVfKBGwvvyDVU~hPVfBHuR8vkd5x0teMXGGmiTzdB96DuNRWayM0y8vkP-1KJiPFxKjOXULjuXhLmINIOYn39bQprq~dAtNALoBgd-waZedYgFLvwHDCc9Gui8Cpp41EihlYGNW0cu0vhNFUN79N4DEpO7AtJyrSu5ZjFTAGjLw~lOvhyO2NwQ4RiC4UCKSuM70Fz0BFKTJquIjUNkQ8pBPBYvJRRlRG9HjAcSqAMckC3pvKKlcTJJBAE8GqexV7rdCCIsnasJXle-6DoWrDkY1s1KNbEVH6i1iUEtmFr2IHTpPeFCyWfZ581CAFNRbbUs-MmnZu1tXAYF7I2-oXTH2hXoxCGAAAA
+ !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefg
+!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefgh
+"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghi
+#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghij
+$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijk
+...
+After a few virtual miles of this spew, press Control-]
+...
+cdefghijklmnopqrstuvwxyz{|}~ !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJK
+defghijklmnopqrstuvwxyz{|}~ !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKL
+efghijklmnopqrstuvwxyz{|}~ !"#$%&'()*+,-./0123456789:;<=
+telnet> c
+Connection closed.
+
+Here is what happened...
+telnet -> ear -> i2p -> mouth -> chargen -.
+telnet <- ear <- i2p <- mouth <-----------'
+
+You can connect to EEPSITES too!
+
+# telnet 127.0.0.1 37337
+Trying 127.0.0.1...
+Connected to 127.0.0.1.
+Escape character is '^]'.
+i2host.i2p
+GET / HTTP/1.1
+
+HTTP/1.1 200 OK
+Date: Fri, 05 Dec 2008 14:20:28 GMT
+Connection: close
+Content-Type: text/html
+Content-Length: 3946
+Last-Modified: Fri, 05 Dec 2008 10:33:36 GMT
+Accept-Ranges: bytes
+
+<html>
+<head>
+ <title>I2HOST</title>
+ <link rel="shortcut icon" href="favicon.ico">
+</head>
+...
+<a href="http://sponge.i2p/">--Sponge.</a></pre>
+<img src="/counter.gif" alt="!@^7A76Z!#(*&amp;%"> visitors. </body>
+</html>
+Connection closed by foreign host.
+#
+
+Pretty cool isn't it? Try some other well known EEPSITES if you like, nonexistent ones,
+etc, to get a feel for what kind of output to expect in different situations.
+For the most part, it is suggested that you ignore any of the error messages.
+They would be meaningless to the application, and are only presented for human debugging.
+
+Let's put down our destinations now that we are all done with them.
+
+First, lets see what destination nicknames we have.
+
+FROM TO DIALOGUE
+A C list
+C A DATA NICKNAME: mouth STARTING: false RUNNING: true STOPPING: false KEYS: true QUIET: false INPORT: not_set INHOST: localhost OUTPORT: 19 OUTHOST: 127.0.0.1
+C A DATA NICKNAME: ear STARTING: false RUNNING: true STOPPING: false KEYS: true QUIET: false INPORT: 37337 INHOST: 127.0.0.1 OUTPORT: not_set OUTHOST: localhost
+C A OK Listing done
+
+Alright, there they are. First, let's remove "mouth".
+
+FROM TO DIALOGUE
+A C getnick mouth
+C A OK Nickname set to mouth
+A C stop
+C A OK tunnel stopping
+A C clear
+C A OK cleared
+
+Now to remove "ear", note that this is what happens when you type too fast,
+and shows you what typical ERROR messages looks like.
+
+FROM TO DIALOGUE
+A C getnick ear
+C A OK Nickname set to ear
+A C stop
+C A OK tunnel stopping
+A C clear
+C A ERROR tunnel is active
+A C clear
+C A OK cleared
+A C quit
+C A OK Bye!
+
+I won't bother to show an example of the receiver end of a bridge
+because it is very simple. There are two possible settings for it, and
+it is toggled with the "quiet" command.
+The default is NOT quiet, and the first data to come into your
+listening socket is the destination that is making the contact. It is a
+single line consisting of the BASE64 address followed by a newline.
+Everything after that is for the application to actually consume.
+In quiet mode, think of it as a regular Internet connection. No
+extra data comes in at all. It's just as if you are plain connected to
+the regular Internet. This mode allows a form of transparency much like
+is available on the router console tunnel settings pages, so that you
+can use BOB to point a destination at a web server, for example, and
+you would not have to modify the web server at all.
+The advantage with using BOB for this is as discussed
+previously. You could schedule random uptimes for the application,
+redirect to a different machine, etc. One use of this may be something
+like wanting to try to goof up router-to-destination upness guessing.
+You could stop and start the destination with a totally different
+process to make random up and down times on services. That way you
+would only be stopping the ability to contact such a service, and not
+have to bother shutting it down and restarting it. You could redirect
+and point to a different machine on your LAN while you do updates, or
+point to a set of backup machines depending on what is running, etc,
+etc. Only your imagination limits what you could do with BOB.
+
+{% endblock %}
diff --git a/www.i2p2/pages/bounties.html b/www.i2p2/pages/bounties.html
index 7705e5ec8d4ae74978b5a024426c9b919865ed35..b3f2a60566d8e70bffc5aa652623fd8ebb3aba7e 100644
--- a/www.i2p2/pages/bounties.html
+++ b/www.i2p2/pages/bounties.html
@@ -1,6 +1,7 @@
{% extends "_layout.html" %}
{% block title %}Bounties{% endblock %}
{% block content %}
+<!-- file version 2012.04.16.01 -->
<h1>Bounties for I2P</h1>
<p>While we always gratefully accept any contributions of code,
documentation, and the like, there are other ways to help I2P move
@@ -21,58 +22,63 @@ etc), and the like.</p>
<h2>Current bounties</h2>
-<p>
<table border="1">
<tr><td><p><b>Name</b></p></td><td><p><b>Status</b></p></td><td><p><b>Judge</b></p></td><td><p><b>Dev <sup>*</sup></b></p></td><td><p><b>Bounty</b></p></td></tr>
- <tr>
- <td><p><b><a href="bounty_datastore">Datastore over I2P</a></b></p></td>
- <td><p>work in progress</p></td>
- <td><p>echelon</p></td>
- <td><p>duck, smeghead</p></td>
- <td><p>€500 EUR</p></td>
- </tr>
<tr>
<td><p><b><a href="bounty_datastore">Frost for I2P datastorage</a></b></p></td>
<td><p>Proposal in development</p></td>
<td><p>echelon</p></td>
<td><p>[vacant]</p></td>
- <td><p>€100 EUR</p></td>
+ <td><p>€50 EUR</p></td>
</tr>
<tr>
<td><p><b><a href="bounty_datastore">Eepsites served out of I2P datastorage</a></b></p></td>
<td><p>Proposal in development</p></td>
<td><p>echelon</p></td>
<td><p>[vacant]</p></td>
- <td><p>€100 EUR</p></td>
+ <td><p>€50 EUR</p></td>
</tr>
<tr>
<td><p><b><a href="bounty_i2phex">Backporting Phex code onto I2PHex</a></b></p></td>
<td><p>Proposal in development</p></td>
<td><p>Arne Bab</p></td>
<td><p>[vacant]</p></td>
- <td><p>€20 EUR</p></td>
+ <td><p>€100 EUR</p></td>
</tr>
<tr>
<td><p><b><a href="bounty_ipv6">make I2P IPv6 native</a></b></p></td>
<td><p>Proposal in development</p></td>
<td><p>Amiga4000</p></td>
<td><p>[vacant]</p></td>
- <td><p>€50 EUR</p></td>
+ <td><p>€100 EUR</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_debpack">I2P package in Debian and Ubuntu mirrors</a></b></p></td>
+ <td><p>Proposal in development</p></td>
+ <td><p>h2ik</p></td>
+ <td><p>[vacant]</p></td>
+ <td><p>€93 EUR</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_btcclient">Bitcoin client for I2P</a></b></p></td>
+ <td><p>Proposal in development</p></td>
+ <td><p>psychonaut</p></td>
+ <td><p>[vacant]</p></td>
+ <td><p>€30 EUR and 114,24BTC</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_unittests">Unit tests and Multi-router Simulation</a></b></p></td>
+ <td><p>Partly done, partly in work, partly still open</p></td>
+ <td><p>anonymous</p></td>
+ <td><p>str4d,hottuna</p></td>
+ <td><p>3000 €, of which 300 € already paid for done jobs</p></td>
</tr>
</table>
<h2>Hold bounties, set on hold due to jrandom AWOL and missing funding</h2>
-<p>
<table border="1">
<tr><td><p><b>Name</b></p></td><td><p><b>Status</b></p></td><td><p><b>Judge</b></p></td><td><p><b>Dev <sup>*</sup></b></p></td><td><p><b>Bounty</b></p></td></tr>
- <tr>
- <td><p><b><a href="bounty_unittests">Unit tests</a></b></p></td>
- <td><p>Partly completed</p></td>
- <td><p>jrandom</p></td>
- <td><p>Comwiz</p></td>
- <td><p>$0.0 USD</p></td>
- </tr>
<tr>
<td><p><b><a href="http://forum.i2p2.de/viewtopic.php?t=1136">Bundling bounties</a></b></p></td>
<td><p>Proposed</p></td>
@@ -83,11 +89,26 @@ etc), and the like.</p>
</table>
<h2>Claimed bounties</h2>
-<p>
+
<table border="1">
<tr><td><p><b>Name</b></p></td><td><p><b>Status</b></p></td><td><p><b>Dev team<sup>*</sup></b></p></td></tr>
<tr>
- <td> <p><b><a href="bounty_rutrans">translation into Russian</a></b></td>
+ <td><p><b><a href="bounty_silc">Setting up a SILC server</a></b></p></td>
+ <td><p>withdrawn and bounty divided between ReturningNovice and the general fund</p></td>
+ <td><p>An Anonymous Secret Society, society@mail.i2p</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_arabic">arabic translation</a></b></p></td>
+ <td><p>both parts were taken by hamada for 100 BTC</p></td>
+ <td><p>hamada</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_datastore">Datastore over I2P</a></b></p></td>
+ <td><p><a href="http://duck.i2p/tahoe-lafs/">CLAIMED</a> for 700 €</p></td>
+ <td><p>duck, smeghead</p></td>
+ </tr>
+ <tr>
+ <td> <p><b><a href="bounty_rutrans">translation into Russian</a></b></p></td>
<td><p>claimed for $230 USD sponsored by russian sponsor</p></td>
<td><p>4get</p></td>
</tr>
@@ -117,7 +138,7 @@ etc), and the like.</p>
<td><p>jrandom</p></td>
</tr>
</table>
-</p>
+
<p><i><sup>*</sup> Dev lists anyone who may already be working on the bounty - collaboration is preferred, so if you're interested in working on it, please contact one of the people listed!</i></p>
diff --git a/www.i2p2/pages/bounties_ar.html b/www.i2p2/pages/bounties_ar.html
new file mode 100644
index 0000000000000000000000000000000000000000..966cafac40a3def68bf1b97830fc60b62abfe99c
--- /dev/null
+++ b/www.i2p2/pages/bounties_ar.html
@@ -0,0 +1,148 @@
+{% extends "_layout_ar.html" %}
+{% block title %}المكاÙآت{% endblock %}
+{% block content %}
+<h1> I2P المكاÙآت </h1>
+<p>
+بينما Ù†ØÙ† دائما تقبل بامتنان أية مساهمة برمجية ØŒ
+وثائق ØŒ وما شابه ذلك، الا ان هناك طرق أخرى للمساعدة ÙÙŠ تقدم مشروع I2P
+إلى الأمام. كما هو الØال مع أي مشروع Ù…ÙØªÙˆØ Ø§Ù„Ù…ØµØ¯Ø±ØŒ سيكون تØقيق المزيد من أهداÙنا
+إذا تمكنا من دعم مادي لجميع المساهمين لدينا للعمل باستمرار. ومع ذلك ØŒ كما هو الØال مع أي مشروع Ù…ÙØªÙˆØ Ø§Ù„Ù…ØµØ¯Ø±ØŒ وهذا ليس ممكن. بدلا من ذلك، ونØÙ† نستعمل نظام المكاÙآت، Øيث
+يمكن لأي شخص الØصول على الدعم للعمل على شيء يريد الناس
+تنÙيذه ØŒ ويمكن أن يطمئن الناس الذين يتبرعون لمشروع I2P
+ ان دعمهم سيذهب إلى ما ÙŠØتاجونه.
+</p>
+
+<p>
+
+اننا نبقي Ù…ÙتوØØ© قدرة الناس الذين يريدون لدعم I2P
+لكن ليس لديهم Ùكرة معينة عن اية Øول المكاÙآت المتوÙرة. هؤلاء الناس
+يمكنهم وضع ثقتهم ÙÙŠ Ùريق I2P أن ÙŠÙعل ما يشعر به هو Ø£Ùضل من قبل
+التبرع Øسبما يراه
+ضروري -- المخصصة للØاجيات المختلÙØ© ØŒ التي تغطي المصاري٠الموقع (الاستضاÙØ© ØŒ
+الخ) ، وما شابه ذلك.
+</p>
+
+<h2>المكاÙآت الØالية</h2>
+
+<p>
+<table border="1">
+ <tr><td><p><b>الاسم</b></p></td><td><p><b>الØالة</b></p></td><td><p><b>المسؤول</b></p></td><td><p><b>Dev <sup>*</sup></b></p></td><td><p><b>المكاÙئة</b></p></td></tr>
+ <tr>
+ <td><p><b><a href="bounty_arabic">ترجمة عربية</a></b></p></td>
+ <td><p>جاري التطبيق</p></td>
+ <td><p>echelon</p></td>
+ <td><p>يشتغل عليها hamada</p></td>
+ <td><p>20 BTC</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_datastore">Frost I2P Ù„ØÙظ البيانات</a></b></p></td>
+ <td><p>جاري التطبيق</p></td>
+ <td><p>echelon</p></td>
+ <td><p>[Ùارغة]</p></td>
+ <td><p>€50 EUR</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_datastore">Eepsites تنصيب I2P Ùوق قاعدة بيانات</a></b></p></td>
+ <td><p>جاري التطبيق</p></td>
+ <td><p>echelon</p></td>
+ <td><p>[Ùارغة]</p></td>
+ <td><p>€50 EUR</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_i2phex">Phex جعل الكود متواÙÙ‚ مع I2PHex</a></b></p></td>
+ <td><p>جاري التطبيق</p></td>
+ <td><p>Arne Bab</p></td>
+ <td><p>[Ùارغة]</p></td>
+ <td><p>€60 EUR</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_ipv6">make I2P IPv6 native</a></b></p></td>
+ <td><p>جاري التطبيق</p></td>
+ <td><p>Amiga4000</p></td>
+ <td><p>[Ùارغة]</p></td>
+ <td><p>€100 EUR</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_debpack">ÙÙŠ اوبونتو وديبيان I2P Øزم</a></b></p></td>
+ <td><p>جاري التطبيق</p></td>
+ <td><p>h2ik</p></td>
+ <td><p>[Ùارغة]</p></td>
+ <td><p>€73 EUR</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_silc">التØول من IRC الى SILC</a></b></p></td>
+ <td><p>جاري التطبيق</p></td>
+ <td><p>The Assembly -- Secret Society</p></td>
+ <td><p>[Ùارغة]</p></td>
+ <td><p>€200 EUR</p></td>
+ </tr>
+ </table>
+
+<h2>المكاÙئات المجمدة نظرا لندرة الموارد</h2>
+
+<p>
+<table border="1">
+ <tr><td><p><b>الاسم</b></p></td><td><p><b>الØالة</b></p></td><td><p><b>الØكم</b></p></td><td><p><b>المطور <sup>*</sup></b></p></td><td><p><b>المكاÙئة</b></p></td></tr>
+ <tr>
+ <td><p><b><a href="bounty_unittests">Unit tests</a></b></p></td>
+ <td><p>مكتملة جزئيا</p></td>
+ <td><p>jrandom</p></td>
+ <td><p>Comwiz</p></td>
+ <td><p>$0.0 USD</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="http://forum.i2p2.de/viewtopic.php?t=1136">Bundling bounties</a></b></p></td>
+ <td><p>Proposed</p></td>
+ <td><p>jrandom</p></td>
+ <td><p>[Ùارغة]</p></td>
+ <td><p>$0 USD each, or $0 for all</p></td>
+ </tr>
+</table>
+
+<h2>مستعمل bounties</h2>
+<p>
+<table border="1">
+ <tr><td><p><b>الاسم</b></p></td><td><p><b>الØالة</b></p></td><td><p><b>Ùريق التطوير<sup>*</sup></b></p></td></tr>
+ <tr>
+ <td><p><b><a href="bounty_datastore">ØÙظ البيانات Ùوق I2P</a></b></p></td>
+ <td><p><a href="http://duck.i2p/tahoe-lafs/">مستعمل</a> for 700 €</p></td>
+ <td><p>duck, smeghead</p></td>
+ </tr>
+ <tr>
+ <td> <p><b><a href="bounty_rutrans">الترجمة الى الروسية Russian</a></b></p></td>
+ <td><p>مستعمل for $230 USD sponsored by russian sponsor</p></td>
+ <td><p>4get</p></td>
+ </tr>
+ <tr>
+ <td><p><b>Swarming file transfer</b></p></td>
+ <td><p><a href="http://duck.i2p/i2p-bt/">مستعمل</a> for €250 EUR</p></td>
+ <td><p>duck, ragnarok, dinoman, connelly, drwoo</p></td>
+ </tr>
+ <tr>
+ <td><p><b>Streaming library window size</b></p></td>
+ <td><p><a href="http://dev.i2p.net/pipermail/i2p/2004-November/000491.html">مستعمل</a></p></td>
+ <td><p>jrandom</p></td>
+ </tr>
+ <tr>
+ <td><p><b>IRC connect time monitor</b></p></td>
+ <td>مستعمل for $10 USD</td>
+ <td><p>hypercubus</p></td>
+ </tr>
+ <tr>
+ <td><p><b>Unit tests (part 1)</b></p></td>
+ <td>مستعمل for $300 USD</td>
+ <td><p>Comwiz</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="http://gcc.gnu.org/java/">GCJ</a> دعم</b></p></td>
+ <td><p><a href="http://dev.i2p.net/cgi-bin/cvsweb.cgi/i2p/Makefile.gcj">مستعمل</a></p></td>
+ <td><p>jrandom</p></td>
+ </tr>
+</table>
+</p>
+
+<p><i><sup>*</sup>
+نعني بÙريق المطورين اي واØد يشتغل على مشروع المكاÙئة، التشارك Ù…Ùضل، اذا كنت مهتم بالشتغال عليها قم بمراسلة اØد المشتغلين عليها!
+</i></p>
+
+{% endblock %}
diff --git a/www.i2p2/pages/bounties_de.html b/www.i2p2/pages/bounties_de.html
index 22361893db3790137156739f5e0a4f3091e1198f..831231dcc8ab553f67893e5e737c2db4f04afefc 100644
--- a/www.i2p2/pages/bounties_de.html
+++ b/www.i2p2/pages/bounties_de.html
@@ -1,6 +1,7 @@
{% extends "_layout_de.html" %}
{% block title %}Belohnungen{% endblock %}
{% block content %}
+<!-- file version 2012.04.16.01 -->
<h1>Belohnungen für I2P</h1>
<p>Während wir jederzeit dankbar jeglichen Beitrag an Quelltext,
Dokumentationen und ähnlichen entgegennehmen, gibt es noch
@@ -24,58 +25,64 @@ etc.) benutzt wird.</p>
<h2>Derzeitig angebotene Belohnungen</h2>
-<p>
<table border="1">
<tr><td><p><b>Name</b></p></td><td><p><b>Status</b></p></td><td><p><b>Richter</b></p></td><td><p><b>Entwickler <sup>*</sup></b></p></td><td><p><b>Bounty</b></p></td></tr>
- <tr>
- <td><p><b><a href="bounty_datastore_de">Datencontainer im I2P</a></b></p></td>
- <td><p>In Bearbeitung</p></td>
- <td><p>echelon</p></td>
- <td><p>duck,smeghead</p></td>
- <td><p>€500 EUR</p></td>
- </tr>
<tr>
<td><p><b><a href="bounty_datastore_de">Frost für I2P Datencontainer</a></b></p></td>
<td><p>Entwickler gesucht</p></td>
<td><p>echelon</p></td>
<td><p>[vacant]</p></td>
- <td><p>€100 EUR</p></td>
+ <td><p>€50 EUR</p></td>
</tr>
<tr>
<td><p><b><a href="bounty_datastore_de">Eepsites aus dem I2P Datencontainer</a></b></p></td>
<td><p>Entwickler gesucht</p></td>
<td><p>echelon</p></td>
<td><p>[vacant]</p></td>
- <td><p>€100 EUR</p></td>
+ <td><p>€50 EUR</p></td>
</tr>
<tr>
<td><p><b><a href="bounty_i2phex_de">Aktuellen Code von Phex auf I2PHex portieren</a></b></p></td>
<td><p>Entwickler gesucht</p></td>
<td><p>Arne Bab</p></td>
<td><p>[vacant]</p></td>
- <td><p>€20 EUR</p></td>
+ <td><p>€100 EUR</p></td>
</tr>
<tr>
<td><p><b><a href="bounty_ipv6_de">Belohnung für die Anpassung von I2P an IPv6</a></b></p></td>
<td><p>Entwickler gesucht</p></td>
<td><p>Amiga4000</p></td>
<td><p>[vacant]</p></td>
- <td><p>€50 EUR</p></td>
- </tr>
+ <td><p>€100 EUR</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_debpack">I2P Paket in Debian und Ubuntu Spiegelserver</a></b></p></td>
+ <td><p>Entwickler gesucht</p></td>
+ <td><p>h2ik</p></td>
+ <td><p>[vacant]</p></td>
+ <td><p>€93 EUR</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_btcclient">Bitcoin Client in I2P</a></b></p></td>
+ <td><p>Entwickler gesucht</p></td>
+ <td><p>psychonaut</p></td>
+ <td><p>[vacant]</p></td>
+ <td><p>€30 EUR und 114,24BTC</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_unittests_de">Unit tests und Multi-router-Simulation</a></b></p></td>
+ <td><p>Teile erledigt, Teile in Arbeit, Teile ohne Entwickler</p></td>
+ <td><p>Anonym</p></td>
+ <td><p>str4d,hottuna</p></td>
+ <td><p>3000 €, davon 300 € schon ausgezahlt</p></td>
+ </tr>
</table>
<h2>Auf Pause gesetzte Belohnungen, bedingt durch jrandoms Abwesenheit und fehlender Finanzen</h2>
-<p>
+
<table border="1">
<tr><td><p><b>Name</b></p></td><td><p><b>Status</b></p></td><td><p><b>Richter</b></p></td><td><p><b>Entwickler <sup>*</sup></b></p></td><td><p><b>Bounty</b></p></td></tr>
- <tr>
- <td><p><b><a href="bounty_unittests">Unit tests</a></b></p></td>
- <td><p>Teilweise fertig</p></td>
- <td><p>jrandom</p></td>
- <td><p>Comwiz</p></td>
- <td><p>$0.0 USD</p></td>
- </tr>
<tr>
<td><p><b><a href="http://forum.i2p2.de/viewtopic.php?t=1136">zusammenlegen von Programmen</a></b></p></td>
<td><p>Vorgeschlagen</p></td>
@@ -86,11 +93,26 @@ etc.) benutzt wird.</p>
</table>
<h2>Ausgezahlte Belohnungen</h2>
-<p>
+
<table border="1">
<tr><td><p><b>Name</b></p></td><td><p><b>Status</b></p></td><td><p><b>Entwickler Team<sup>*</sup></b></p></td></tr>
- <tr>
- <td><p><b><a href="bounty_rutrans_de">Russische Übersetzung</a></b></td>
+ <tr>
+ <td><p><b><a href="bounty_silc">SILC Server in I2P</a></b></p></td>
+ <td><p>zurückgezogen, Geld an ReturningNovice und Generelles Konto ausgezahlt</p></td>
+ <td><p>An Anonymous Secret Society, society@mail.i2p</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_arabic_de">Arabische Übersetzung I2P</a></b></p></td>
+ <td><p>Ausgezahlt mit 100 BTC</p></td>
+ <td><p>hamada</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_datastore_de">Datencontainer im I2P</a></b></p></td>
+ <td><p><a href="http://duck.i2p/tahoe-lafs/">Ausgezahlt</a> mit €700 EUR</p></td>
+ <td><p>duck,smeghead</p></td>
+</tr>
+<tr>
+ <td><p><b><a href="bounty_rutrans_de">Russische Übersetzung</a></b></p></td>
<td><p>erledigt von forget für $230 USD gesponsert von Russischersponsor</p></td>
<td><p>_4get</p></td>
</tr>
@@ -120,7 +142,7 @@ etc.) benutzt wird.</p>
<td><p>jrandom</p></td>
</tr>
</table>
-</p>
+
<p><i><sup>*</sup> Entwickler listet jeden auf, der eventuell schon an dem Projekt arbeitet - arbeiten im Team
ist bevorzugt, falls Du mitarbeiten möchtest, kontaktiere eine der Person in der Liste!</i></p>
diff --git a/www.i2p2/pages/bounties_it.html b/www.i2p2/pages/bounties_it.html
old mode 100755
new mode 100644
index d5fdd176f3b75ad5a1ff128cf1081f531e046893..d7efa3c811fcb9ea6798b06565a1d09fb247573b
--- a/www.i2p2/pages/bounties_it.html
+++ b/www.i2p2/pages/bounties_it.html
@@ -21,36 +21,35 @@ etc e simili.</p>
<h2>Premi Attualmente Disponibili</h2>
-<p>
<table border="1">
<tr><td><p><b>Name</b></p></td><td><p><b>Status</b></p></td><td><p><b>Judge</b></p></td><td><p><b>Dev <sup>*</sup></b></p></td><td><p><b>Bounty</b></p></td></tr>
<tr>
- <td><p><b><a href="bounty_datastore">Datastore over I2P</a></b></p></td>
- <td><p>work in progress</p></td>
+ <td><p><b><a href="bounty_arabic">arabic translation</a></b></p></td>
+ <td><p>Proposal in development</p></td>
<td><p>echelon</p></td>
- <td><p>duck, smeghead</p></td>
- <td><p>€500 EUR</p></td>
+ <td><p>[vacant]</p></td>
+ <td><p>100 BTC</p></td>
</tr>
<tr>
<td><p><b><a href="bounty_datastore">Frost for I2P datastorage</a></b></p></td>
<td><p>Proposal in development</p></td>
<td><p>echelon</p></td>
<td><p>[vacant]</p></td>
- <td><p>€100 EUR</p></td>
+ <td><p>€50 EUR</p></td>
</tr>
<tr>
<td><p><b><a href="bounty_datastore">Eepsites served out of I2P datastorage</a></b></p></td>
<td><p>Proposal in development</p></td>
<td><p>echelon</p></td>
<td><p>[vacant]</p></td>
- <td><p>€100 EUR</p></td>
+ <td><p>€50 EUR</p></td>
</tr>
<tr>
<td><p><b><a href="bounty_i2phex">Backporting Phex code onto I2PHex</a></b></p></td>
<td><p>Proposal in development</p></td>
<td><p>Arne Bab</p></td>
<td><p>[vacant]</p></td>
- <td><p>€20 EUR</p></td>
+ <td><p>€60 EUR</p></td>
</tr>
<tr>
<td><p><b><a href="bounty_ipv6">make I2P IPv6 native</a></b></p></td>
@@ -63,7 +62,6 @@ etc e simili.</p>
<h2>I premi potrbbero essere assegnati in ritardo, causa mancaza fondi o assenza dell'adetto jrandom</h2>
-<p>
<table border="1">
<tr><td><p><b>Name</b></p></td><td><p><b>Status</b></p></td><td><p><b>Judge</b></p></td><td><p><b>Dev <sup>*</sup></b></p></td><td><p><b>Bounty</b></p></td></tr>
<tr>
@@ -83,11 +81,15 @@ etc e simili.</p>
</table>
<h2>Claimed bounties</h2>
-<p>
<table border="1">
<tr><td><p><b>Name</b></p></td><td><p><b>Status</b></p></td><td><p><b>Dev team<sup>*</sup></b></p></td></tr>
<tr>
- <td> <p><b><a href="bounty_rutrans">translation into Russian</a></b></td>
+ <td><p><b><a href="bounty_datastore">Datastore over I2P</a></b></p></td>
+ <td><p><a href="http://duck.i2p/tahoe-lafs/">CLAIMED</a> for 700 €</p></td>
+ <td><p>duck, smeghead</p></td>
+ </tr>
+ <tr>
+ <td> <p><b><a href="bounty_rutrans">translation into Russian</a></b></p></td>
<td><p>claimed for $230 USD sponsored by russian sponsor</p></td>
<td><p>_4get</p></td>
</tr>
@@ -117,7 +119,7 @@ etc e simili.</p>
<td><p>jrandom</p></td>
</tr>
</table>
-</p>
+
<p><i><sup>*</sup> Se siete interessati ad uno dei premi, fatelo presente alla persona che se ne occupa!</i></p>
diff --git a/www.i2p2/pages/bounties_ru.html b/www.i2p2/pages/bounties_ru.html
index e4530bee0422c26388b38018ab26734874fe8fd1..6fdd49de569edf6db09df53b6832cd4c9c88efa5 100644
--- a/www.i2p2/pages/bounties_ru.html
+++ b/www.i2p2/pages/bounties_ru.html
@@ -10,36 +10,35 @@
<h2>Текущие проекты</h2>
-<p>
<table border="1">
<tr><td><p><b>Ðазвание</b></p></td><td><p><b>СтатуÑ</b></p></td><td><p><b>СудьÑ</b></p></td><td><p><b>Разработчик <sup>*</sup></b></p></td><td><p><b>ПремиÑ</b></p></td></tr>
<tr>
- <td><p><b><a href="bounty_datastore_ru">Децентрализованное хранилище данных поверх I2P</a></b></p></td>
- <td><p>ВыполнÑетÑÑ</p></td>
+ <td><p><b><a href="bounty_arabic_ru">Перевод на arabic</a></b></p></td>
+ <td><p>Предложение на Ñтадии разработки</p></td>
<td><p>echelon</p></td>
- <td><p>duck, smeghead</p></td>
- <td><p>€500 EUR</p></td>
+ <td><p>[вакантно]</p></td>
+ <td><p>100 BTC</p></td>
</tr>
<tr>
<td><p><b><a href="bounty_datastore_ru">Frost Ð´Ð»Ñ Ð´ÐµÑ†ÐµÐ½Ñ‚Ñ€Ð°Ð»Ð¸Ð·Ð¾Ð²Ð°Ð½Ð½Ð¾Ð³Ð¾ хранилища</a></b></p></td>
<td><p>Предложение на Ñтадии разработки</p></td>
<td><p>echelon</p></td>
<td><p>[вакантно]</p></td>
- <td><p>€100 EUR</p></td>
+ <td><p>€50 EUR</p></td>
</tr>
<tr>
<td><p><b><a href="bounty_datastore_ru">ХоÑтинг I2P-Ñайтов из децентрализованного хранилища</a></b></p></td>
<td><p>Предложение на Ñтадии разработки</p></td>
<td><p>echelon</p></td>
<td><p>[вакантно]</p></td>
- <td><p>€100 EUR</p></td>
+ <td><p>€50 EUR</p></td>
</tr>
<tr>
<td><p><b><a href="bounty_i2phex_ru">БÑкпорт кода Phex в I2PHex</a></b></p></td>
<td><p>Предложение на Ñтадии разработки</p></td>
<td><p>Arne Bab</p></td>
<td><p>[вакантно]</p></td>
- <td><p>€20 EUR</p></td>
+ <td><p>€60 EUR</p></td>
</tr>
<tr>
<td><p><b><a href="bounty_ipv6_ru">Ð’ÑÑ‚Ñ€Ð¾ÐµÐ½Ð½Ð°Ñ Ð¿Ð¾Ð´Ð´ÐµÑ€Ð¶ÐºÐ° IPv6</a></b></p></td>
@@ -52,7 +51,6 @@
<h2>Замороженные проекты (из-за иÑÑ‡ÐµÐ·Ð½Ð¾Ð²ÐµÐ½Ð¸Ñ jrandom и отÑутÑÑ‚Ð²Ð¸Ñ Ñ„Ð¸Ð½Ð°Ð½ÑированиÑ)</h2>
-<p>
<table border="1">
<tr><td><p><b>Ðазвание</b></p></td><td><p><b>СтатуÑ</b></p></td><td><p><b>СудьÑ</b></p></td><td><p><b>Разработчик <sup>*</sup></b></p></td><td><p><b>ПремиÑ</b></p></td></tr>
<tr>
@@ -72,11 +70,15 @@
</table>
<h2>Выплаченные премии</h2>
-<p>
<table border="1">
<tr><td><p><b>Ðазвание</b></p></td><td><p><b>СтатуÑ</b></p></td><td><p><b>Разработчики<sup>*</sup></b></p></td></tr>
<tr>
- <td><p><b><a href="bounty_rutrans">Перевод на руÑÑкий</a></b></td>
+ <td><p><b><a href="bounty_datastore_ru">Децентрализованное хранилище данных поверх I2P</a></b></p></td>
+ <td><p><a href="http://duck.i2p/tahoe-lafs/">ВоÑтребована</a>, €70 EUR</p></td>
+ <td><p>duck, smeghead</p></td>
+ </tr>
+ <tr>
+ <td><p><b><a href="bounty_rutrans_ru">Перевод на руÑÑкий</a></b></p></td>
<td><p>ВоÑтребована, $230 USD пожертвованные russian sponsor</p></td>
<td><p>4get</p></td>
</tr>
@@ -106,7 +108,6 @@
<td><p>jrandom</p></td>
</tr>
</table>
-</p>
<p><i><sup>*</sup> Ð’ графе «Разработчики» перечиÑлены вÑе, кто уже заÑвил желание и работает над ÑоответÑтвующим проектом. Предпочтительна ÑовмеÑÑ‚Ð½Ð°Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ð°, поÑтому, еÑли Ð’Ñ‹ хотите подключитьÑÑ Ðº уже активному проекту, пожалуйÑта, Ñначала ÑвÑжитеÑÑŒ Ñ ÑƒÐºÐ°Ð·Ð°Ð½Ð½Ñ‹Ð¼Ð¸ людьми!</i></p>
diff --git a/www.i2p2/pages/bounty_arabic.html b/www.i2p2/pages/bounty_arabic.html
new file mode 100644
index 0000000000000000000000000000000000000000..448f9002e4bc1d355ef9b78d91a44f24ec316f6b
--- /dev/null
+++ b/www.i2p2/pages/bounty_arabic.html
@@ -0,0 +1,36 @@
+{% extends "_layout.html" %}
+{% block title %}Bounty Arabic translation of webpage and router console{% endblock %}
+{% block content %}<p>To improve I2P usage and attract more people
+into I2P echelon set out this bounty for translation
+of the I2P web page and I2P router console into Arabic.
+</p>
+<p>
+This bounty is set into 2 subparts:
+<br>
+Part 1 is translation of the webpage. <br>
+</p>
+<p>
+For collecting the bounty of 20 BTC you need to translate the following pages:<br>
+http://www.i2p2.de/index.html<br>
+http://www.i2p2.de/download.html<br>
+http://www.i2p2.de/intro.html <br>
+http://www.i2p2.de/faq.html <br>
+http://www.i2p2.de/bounties.html <br>
+http://www.i2p2.de/getinvolved.html <br>
+http://www.i2p2.de/donate.html <br>
+This job was done by hamada and the bounty of 20 BTC was paid to hamada.<br>
+</p>
+<p>
+Part 2 is the translation of the router console. The router console was
+partly translated and the bounty of 80 BTC was paid to hamada.
+</p>
+<p>
+Judge is echelon.
+</p>
+<p>
+Note:
+
+<p><i>bounty amounts may be increased by further donations. Do
+you think these are important? <a href="donate">Add in your donation</a>,
+marking the amount for this translation bounty!</i></p>
+{% endblock %}
diff --git a/www.i2p2/pages/bounty_arabic_de.html b/www.i2p2/pages/bounty_arabic_de.html
new file mode 100644
index 0000000000000000000000000000000000000000..420520b78319345433a0e75a095842f972551108
--- /dev/null
+++ b/www.i2p2/pages/bounty_arabic_de.html
@@ -0,0 +1,37 @@
+{% extends "_layout.html" %}
+{% block title %}Belohnung zur Übersetzung der Webseite und Router Konsole ins arabische{% endblock %}
+{% block content %}<p>Um die Attraktivität von I2P weiter zu
+erhöhen wird diese Belohnung zur Übersetzung der I2P
+Webseite und I2P Router Konsole in die arabische Sprache ausgesetzt.
+</p>
+<p>
+Diese Belohnung teilt sich in 2 Abschnitte:<br>
+<br>
+Abschnitt 1 ist die Übersetzung der Webseite.
+</p>
+<p>
+Um die Belohnung von 20 BTC zu verdienen müssen folgende Seiten
+ins arabische übersetzt sein:<br>
+http://www.i2p2.de/index.html<br>
+http://www.i2p2.de/download.html<br>
+http://www.i2p2.de/intro.html <br>
+http://www.i2p2.de/faq.html <br>
+http://www.i2p2.de/bounties.html <br>
+http://www.i2p2.de/getinvolved.html <br>
+http://www.i2p2.de/donate.html <br>
+Dieser Teil wurde von Hamada beendet und die Belohnung von 20 BTC wurde an Hamada ausgezahlt.<br>
+</p>
+<p>
+Abschnitt 2 ist die Übersetzung der Router Konsole. Diese wurde teilweise übersetzt
+und die 80 BTC wurden ausgezahlt an hamada.
+</p>
+<p>
+Gutachter ist echelon.
+</p>
+<p>
+Note:
+
+<p><i>Die Höhe des Betrags kann durch weitere Spenden steigen.
+Findest Du diese Teile wichtig? <a href="donate_de">Spende einen Betrag</a>
+für diese Belohnung zur Fertigstellung der Übersetzng dieser Software</i></p>
+{% endblock %}
diff --git a/www.i2p2/pages/bounty_btcclient.html b/www.i2p2/pages/bounty_btcclient.html
new file mode 100644
index 0000000000000000000000000000000000000000..52318a9685c8373fe064b6c128f99178c0455a7f
--- /dev/null
+++ b/www.i2p2/pages/bounty_btcclient.html
@@ -0,0 +1,20 @@
+{% extends "_layout.html" %}
+{% block title %}Bounty creating a I2P native Bitcoin client {% endblock %}
+{% block content %}<p>For a future of I2P and attract more people
+into I2P this bounty is to create a I2P native Bitcoin client.
+It should integrate with other client via the I2P network and via gateways to
+the existant bitcoin network.
+</p>
+Judge is psychonaut who donated the first 30 € to this bounty.
+<br>
+<p>
+Note:
+To claim the bounty the author must not be paid by other organizations or teams
+for this work (e.g. GSoC students are not valid).</p>
+
+
+<p><i>Note 2: bounty amounts may be increased by further donations. Do
+you think these are important? <a href="donate">Add in your donation</a>,
+marking the amount for the BTC I2P native client bounty!</i></p>
+{% endblock %}
+
diff --git a/www.i2p2/pages/bounty_debpack.html b/www.i2p2/pages/bounty_debpack.html
new file mode 100644
index 0000000000000000000000000000000000000000..4d25029b8c72ae976260d0dd77a02d39a628eac1
--- /dev/null
+++ b/www.i2p2/pages/bounty_debpack.html
@@ -0,0 +1,22 @@
+{% extends "_layout.html" %}
+{% block title %}Bounty I2P package in Debian and Ubuntu mirrors{% endblock %}
+{% block content %}<p>For the future of I2P and in order to attract more people
+to I2P, this bounty was set for including an I2P package into the Ubuntu and Debian
+archive mirrors.
+To claim this bounty, the I2P router package needs to be available from
+Ubuntu and Debian archive mirrors and Debian bug
+<a href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448638">448638</a>
+needs to be closed successfully.
+</p>
+<br>
+<p>
+Note:
+To claim the bounty, the author must not be paid by other organizations or teams
+for this work (e.g. GSoC students are not permitted to claim it).</p>
+
+
+<p><i>Note 2: Bounty amounts can be increased by further donations. Do
+you think these are important? <a href="donate">Make a donation</a>,
+marking the amount for the I2P Ubuntu/Debian package bounty!</i></p>
+{% endblock %}
+
diff --git a/www.i2p2/pages/bounty_debpack_de.html b/www.i2p2/pages/bounty_debpack_de.html
new file mode 100644
index 0000000000000000000000000000000000000000..02333f7b06d586f6e81cae7cd562440f0958b555
--- /dev/null
+++ b/www.i2p2/pages/bounty_debpack_de.html
@@ -0,0 +1,21 @@
+{% extends "_layout.html" %}
+{% block title %}Belohnung für das Einbringen eines I2P-Pakets in Debian- und Ubuntu-Spiegelserver{% endblock %}
+{% block content %}<p>Um die Zukunftsfähigkeit von I2P zu erhöhen wurde
+eine Belohnung zur Integration eines I2P-Softwarepakets in die Ubuntu- und
+Debian-Spiegelserver ausgesetzt.
+Um diese Belohnung erfüllt zu haben, muss ein funktionierendes I2P-Softwarepaket
+in die Spiegelserver von Ubuntu und Debian aufgenommen worden und der Debian-<a href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448638">Bug 448638</a> erfolgreich geschlossen sein.
+</p>
+<br>
+<p>
+Hinweis:
+Der Autor darf für dieses Projekt nicht von einer anderen Organisation oder Gruppe bezahlt werden
+(z.B. GSoC Studenten sind NICHT erlaubt).</p>
+
+
+<p><i>Hinweis 2: Die Höhe des Betrags kann durch weitere Spenden steigen.
+Findest Du dieses Projekt wichtig? Dann <a href="donate_de">spende einen Betrag</a>
+zur Belohnung für dessen Fertigstellung!</i></p>
+
+{% endblock %}
+
diff --git a/www.i2p2/pages/bounty_rutrans_ru.html b/www.i2p2/pages/bounty_rutrans_ru.html
index fece3f9f1a913c765f89d0662900370c34eac10b..7b61afc9e9d0765be9ade080b4d7dbb9e3993235 100644
--- a/www.i2p2/pages/bounty_rutrans_ru.html
+++ b/www.i2p2/pages/bounty_rutrans_ru.html
@@ -1,19 +1,18 @@
{% extends "_layout_ru.html" %}
{% block title %}Bounty for translation into russian{% endblock %}
-{% block content %}<p>To improve I2P usage and attract more people
-into I2P a anonymous donator set out the bounty for translation
-of the I2P web page and I2P router console into russian language.
+{% block content %}<p>Ð”Ð»Ñ ÑƒÐ»ÑƒÑ‡ÑˆÐµÐ½Ð¸Ñ Ð¸ÑÐ¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ I2P и Ð¿Ñ€Ð¸Ð²Ð»ÐµÑ‡ÐµÐ½Ð¸Ñ Ð±Ð¾Ð»ÑŒÑˆÐµÐ³Ð¾ чиÑла людей в I2P
+анонимный ÑпонÑор назначил награду за перевод веб-Ñайта I2P и конÑоли
+маршрутизатора I2P на руÑÑкий Ñзык.
</p>
-BOUNTY I2P РУССКИЙ ПЕРЕВОД
-
-Мы хотим чтобы кто-то, у кого родной руÑÑкий Ñзык и кто хорошо знает английÑкий Ñзык, переводил I2P веб-Ñайт и конÑоль I2P маршрутизатора на руÑÑком чтобы люди которые говорÑÑ‚ на руÑÑком могли легче иÑпользовать I2P. Даритель заплатил деньги I2P админиÑтраторам чтобы они могли платить вам за перевода. Чтобы получить Ñти деньги, вам надо правильно Ñохранить перевод в I2P ÑиÑтеме ÑƒÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð²ÐµÑ€ÑиÑми, monotone.
-
-ИнÑÑ‚Ñ€ÑƒÐºÑ†Ð¸Ñ ÐºÐ°Ðº правильно Ñохранить перевод конÑоли I2P маршрутизатора в monotone.
-Вам надо переводить вÑÑŽ конÑоль I2P маршрутизатора чтобы получить первую награду.
-
-ИнÑÑ‚Ñ€ÑƒÐºÑ†Ð¸Ñ ÐºÐ°Ðº правильно Ñохранить перевод I2P веб-Ñайта в monotone.
-Вам надо переводить Ñледующие Ñтраницы чтобы получить вторую награду.
+<p>
+Ðта награда разделена на 2 подзадачи:
+<br>
+ЧаÑÑ‚ÑŒ 1 - Ñто перевод веб-Ñайта. <br>
+</p>
+<p>
+Ð”Ð»Ñ Ð¿Ð¾Ð»ÑƒÑ‡ÐµÐ½Ð¸Ñ Ð¿ÐµÑ€Ð²Ð¾Ð¹ награды в размере $115 USD вам нужно перевеÑти Ñледующие
+Ñтраницы:
http://www.i2p2.de/index.html <br>
http://www.i2p2.de/download.html <br>
http://www.i2p2.de/intro.html <br>
@@ -25,12 +24,21 @@ http://www.i2p2.de/bounty_vuzeplugin <br>
http://www.i2p2.de/getinvolved.html <br>
http://www.i2p2.de/donate.html <br>
-СудьÑ: даритель
-
+</p>
+<p>
+ЧаÑÑ‚ÑŒ 2 - Ñто перевод конÑоли маршрутизатора. Ð”Ð»Ñ Ð¿Ð¾Ð»ÑƒÑ‡ÐµÐ½Ð¸Ñ Ð²Ñ‚Ð¾Ñ€Ð¾Ð¹ награды в
+размере $115 USD вам нужно перевеÑти конÑоль маршрутизатора целиком.
+</p>
<p>
+СудьÑ: руÑÑкий ÑпонÑор.
</p>
-<p><i>bounty amounts may be increased by further donations. Do
-you think these are important? <a href="donate">Add in your donation</a>,
-marking the amount for this translation bounty!</i></p>
+<p>
+Переводы должны быть Ñохранены в ÑиÑтеме ÑƒÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð²ÐµÑ€ÑиÑми monotone.
+<a href="newtranslators">ИнÑÑ‚Ñ€ÑƒÐºÑ†Ð¸Ñ Ð´Ð»Ñ Ð¿ÐµÑ€ÐµÐ²Ð¾Ð´Ñ‡Ð¸ÐºÐ¾Ð².</a>
+</p>
+
+<p><i>Размеры награды могут быть увеличены поÑледующими пожертвованиÑми.
+ Ñчитаете Ñту задачу важной? <a href="donate_ru">Сдейлайте Ñвой вклад</a>,
+указав размер награды Ð´Ð»Ñ Ñтого перевода!</i></p>
{% endblock %}
diff --git a/www.i2p2/pages/bounty_silc.html b/www.i2p2/pages/bounty_silc.html
new file mode 100644
index 0000000000000000000000000000000000000000..7989923c10ab1b5f8c691e2f4aa65790dc36cda8
--- /dev/null
+++ b/www.i2p2/pages/bounty_silc.html
@@ -0,0 +1,28 @@
+{% extends "_layout.html" %}
+{% block title %}Bounty migrate I2P IRC to SILC {% endblock %}
+{% block content %}
+<!-- file version 2012.01.01.01 -->
+<p>For a future of I2P and attract more people
+into I2P this bounty is to setup and host a I2P SILC server.
+This will allow people to send files over their messaging servers and have intrinsic security built into the protocol.
+Judge is An Anonymous Secret Society, society@mail.i2p.
+</p>
+<p>
+A silc server needs to be set up and run for at least 3 month time to get payed.
+A second server should be set up, to.
+</p>
+<p>
+Bounty was withdrawn and money donated to returningnovice and general fund.
+</p>
+<br>
+<p>
+Note:
+To claim the bounty the author must not be paid by other organizations or teams
+for this work (e.g. GSoC students are not valid).</p>
+
+
+<p><i>Note 2: bounty amounts may be increased by further donations. Do
+you think these are important? <a href="donate">Add in your donation</a>,
+marking the amount for the I2P silc server bounty!</i></p>
+{% endblock %}
+
diff --git a/www.i2p2/pages/bounty_unittests.html b/www.i2p2/pages/bounty_unittests.html
index b9ccdc9cc5263f7a17d3bc30001a262e71291a9a..d9c3a127a89ccd2d279b8fa4c61e34866d150c69 100644
--- a/www.i2p2/pages/bounty_unittests.html
+++ b/www.i2p2/pages/bounty_unittests.html
@@ -1,48 +1,97 @@
{% extends "_layout.html" %}
{% block title %}Bounty unittests{% endblock %}
-{% block content %}<p>To improve I2P's maintainability, we want to have a solid set of
+{% block content %}
+<!-- file version 2012.04.16.01 -->
+<p>To improve I2P's maintainability, we want to have a solid set of
automated unit tests for the critical code. While we do have some
-unit tests at the moment, they are ad-hoc. This bounty is for
-someone to move the tests over to jUnit, automate their execution,
-extend them to provide better code coverage, and publish the report
-online. Its a massive effort, but can be broken down into phases,
-listed below (phase 1 must occur first, but further phases may happen
-in any order)</p>
-
-<h2>Phase 1: <a name="sdk">SDK test migration</a></h2>
-<b>Bounty: $300</b> <i>CLAIMED! By ComWiz</i><br />
-
-<p>To collect this bounty, the existing SDK tests must be moved over
-to jUnit, integrated into the ant build scripts ("ant test"), and
-tied in with a code coverage tool (e.g.
+unit tests at the moment, they are ad-hoc and partly unfinished.
+This bounty is for someone to check the existing tests and move over
+old ones to jUnit, automate their execution, extend them to provide
+better code coverage, and publish the report online. Its a massive
+effort, but can be broken down into phases, listed below (phase 2
+must occur first, but further phases may happen in any order).
+As this needs some reading of code, it is the best start point for
+new devs to get a good overview of I2P code and coding. A good job
+for college students, interns or anyone who is just interested.
+</p>
+
+<h2>Phase 1: <a name="jenkins">CI jenkins and IRC bot</a></h2>
+<b>Bounty: 500 €</b><i> in work by MathiasDM</i><br />
+
+<p>
+To collect this bounty, a continuous integration server (Jenkins,
+old name was Hudson) must be set up and a connected IRC bot needs
+to set up in the channel #i2p-dev on IRC2p network to print out
+results of build tests.<br>
+The server needs to be run long term.
+</p>
+<br>
+
+<h2>Phase 2: <a name="sdk">Check existing SDK tests </a></h2>
+<b>Bounty: 150 €</b> paid to str4d <br />
+
+<p>
+To collect this bounty, the existing SDK tests must be checked
+and made to work again. The need to be integrated into the ant
+build scripts ("ant test"), and tied in with a code coverage tool (e.g.
<a href="http://www.cenqua.com/clover/">Clover</a>). The ant script
must be capable of generating test status results as a web page,
-which will be published online.</p>
+which will be published online.
+</p>
+<br>
-<h2>Phase 2: <a name="sdk_coverage">SDK test coverage</a></h2>
-<b>Bounty: $300</b><br />
+<h2>Phase 3: <a name="sdk_coverage">SDK test coverage</a></h2>
+<b>Bounty: 200 €</b> in work by str4d<br />
-<p>To collect this bounty, the automated unit tests must meet a
-measured code coverage of 90% of the SDK (i2p/core/java/src).</p>
+<p>
+To collect this bounty, the automated unit tests must meet a
+measured code coverage of 90% of the SDK (i2p/core/java/src).
+</p>
+<br>
-<h2>Phase 3: <a name="router">Router test migration</a></h2>
-<b>Bounty: $300</b><br />
+<h2>Phase 4: <a name="router">Router test migration</a></h2>
+<b>Bounty: 150 €</b> paid to str4d<br />
-<p>As with phase 1, the existing unit tests for the router must be
-moved over to the automated system.</p>
+<p>
+As with phase 2, the existing unit tests for the router must be
+moved over to the automated system.
+</p>
+<br>
-<h2>Phase 4: <a name="router_coverage">Router test coverage</a></h2>
-<b>Bounty: $300</b><br />
+<h2>Phase 5: <a name="router_coverage">Router test coverage</a></h2>
+<b>Bounty: 200 €</b> in work by str4d<br />
-<p>To collect this bounty, the automated unit tests must meet a
-measured code coverage of 90% of the router (i2p/router/java/src).</p>
+<p>
+To collect this bounty, the automated unit tests must meet a
+measured code coverage of 90% of the router (i2p/router/java/src).
+</p>
+<br>
-<h2>Phase 5: <a name="streaming">Streaming lib tests</a></h2>
-<b>Bounty: $300</b><br />
+<h2>Phase 6: <a name="streaming">Streaming lib tests</a></h2>
+<b>Bounty: 300 €</b><br />
-<p>To collect this bounty, a new set of unit tests must meet a
+<p>
+To collect this bounty, a new set of unit tests must meet a
measured code coverage of 90% of the streaming lib
-(i2p/apps/ministreaming/ and i2p/apps/streaming/).</p>
+(i2p/apps/ministreaming/ and i2p/apps/streaming/).
+</p>
+<br>
+
+<h2>Phase 7: <a name="multirouter">MultiRouter simulation</a></h2>
+<b>Bounty: 1500 €</b> will be split in more sub-tasks<br />
+
+<p>
+To collect this bounty, the existing in-memory multi-router
+simulation must be checked, made work again and extend to simulate
+lots of routers in memory on a single machine. This bounty will
+be split in more fine grained subworks.
+</p>
+<br>
+
+<p>
+Judge on all these works is the donor and donor decides if a phase is
+called succesfull done and money can be paid.
+</p>
<p><i>Note: bounty amounts may be increased by further donations. Do
you think these are important? <a href="donate">Add in your donation</a>,
diff --git a/www.i2p2/pages/bounty_unittests_de.html b/www.i2p2/pages/bounty_unittests_de.html
index 42c051c852ab7041db4c1ffa8dc0ea10f316c4c4..e55e8d8d547ef53902e8eb4f0ee9c8ade0102896 100644
--- a/www.i2p2/pages/bounty_unittests_de.html
+++ b/www.i2p2/pages/bounty_unittests_de.html
@@ -1,15 +1,111 @@
{% extends "_layout_de.html" %}
{% block title %}Bounty Unittests{% endblock %}
-{% block content %}<p>Um die Wartung von I2P zu vereinfachen benötigen
+{% block content %}
+<!-- file version 2012.04.16.01 -->
+<p>Um die Wartung von I2P zu vereinfachen benötigen
wir einen stabilen und umfassenden Satz an automatischen Unittests für den
wichtigsten Quelltext. Die wenigen derzeitigen Unittets sind nur zusätzlich
zum Quelltext. Diese Bounty wird für das migrieren der Tests au jUnit, deren
-automatische Ausführung, Ausbau der Uniettests zum testen von mehr
+automatische Ausführung, Ausbau der Unittests zum testen von mehr
Quelltexten und öffentlichem publizieren der Ergebnisse ausgezahlt.
Es ist eine grosse Aufgabe, die jedoch in kleinere Phasen heruntergebrochen
werden kann. Diese Phasen sind folgende (Phase 1 muss zuerst erledigt sein, der
Rest kann in beliebiger Reihenfolge erfolgen):</p>
+<h2>Phase 1: <a name="jenkins">CI Jenkins und IRC bot</a></h2>
+<b>Bounty: 500 €</b><i> in Arbeit von MathiasDM</i><br />
+
+<p>Um diese Belohnung zu bekommen, muss ein Integrations Server (
+Jenkins, alter Name war Hudson) aufgesetzt werde. Dieser muss mit
+einem IRC Bot im #i2p-dev Kanal im IRC2p Netzwerk verbunden sein
+und die Ergebnisse der Kompiliertests ausgeben.<br>
+Der Server muss langfristig verfügbar sein.
+</p>
+<br>
+
+<h2>Phase 2: <a name="sdk">Existierende SDK Tests überprüfen </a></h2>
+<b>Bounty: 150 €</b> ausgezahlt an str4d <br />
+
+<p> Für diese Belohnung müssen die bestehenden SDK Tests
+kontrolliert werden und wieder zum funktionieren gebracht werden.
+Sie müssen in die ANT Bauskripte integriert werden ("ant test")
+und in einem Codecoverage Programm (z.B. <a href="http://www.cenqua.com/clover/">Clover</a>)
+integriert werden. Das ANT Skript sollte eine Webseite aus den
+Testergebnissen erstellen, die Online gestellt wird.
+</p>
+<br>
+
+<h2>Phase 3: <a name="sdk_coverage">SDK Test Abdeckung</a></h2>
+<b>Bounty: 200 €</b> in Arbeit von str4d<br />
+
+<p>
+Hierfür sollten die automatischen Unittests mindestens
+90% des SDK (i2p/core/java/src) abdecken.
+</p>
+<br>
+
+<h2>Phase 4: <a name="router">Router Test Migration</a></h2>
+<b>Bounty: 150 €</b> bezahlt an str4d<br />
+
+<p>
+Wie Phase 2 müssen die automatischen Unittests für den
+Router auf das automatische System migriert werden.
+</p>
+<br>
+
+
+<h2>Phase 5: <a name="router_coverage">Router Test Abdeckung</a></h2>
+<b>Bounty: 200 €</b> in Arbeit von str4d<br />
+
+<p>
+Hierfür müssen die automatischen Unittests mindestens
+90% des I2P Router Codes (i2p/router/java/src) abdecken.
+</p>
+<br>
+
+<h2>Phase 6: <a name="streaming">Streaming Lib Tests</a></h2>
+<b>Bounty: 300 €</b><br />
+
+<p>
+Hier müssen mindestens 90% des Streaming Lib Codes
+(i2p/apps/ministreaming/ and i2p/apps/streaming/) mit Hilfe
+der automatischen Unittests überprüpft werden.
+</p>
+<br>
+
+<h2>Phase 7: <a name="multirouter">MultiRouter Simulation</a></h2>
+<b>Bounty: 1500 €</b> in kleinen Sub-Bounties, die noch definiert werden<br />
+
+<p>
+Für diese Belohnung muss die existierende speicherinterne
+Multi-Router Simulation kontrolliert werden und in einen
+funktionsfähigen Zustand versetzt werden. Weiters muss
+diese entsprechend erwitert werden, so dass viele Router im
+Speicher auf einem PC simuliert werden können.
+Diese Belohnung wird in weitere, kleinere Teile aufgeteilt werden.
+</p>
+<br>
+
+<p>
+Der Spender der Belohnung entscheidet über die erfolgreiche
+Bearbeitung der einzelnen Aufgaben und die Auszahlung der einzelnen
+Gelder.
+</p>
+
+<p>
+<i>Hinweis: Die Höhe des Betrags kann durch weitere Spenden steigen.
+Findest Du diese Teile wichtig? <a href="donate_de">Spende einen Betrag</a>
+für diese Unittests Bounties!</i>
+</p>
+
+
+
+<p>
+HINWEIS: Folgend ist aus historischen Gründen der Dokumentation
+der alte Status der alten Unittest-Belohnung notiert.
+Aktuell ist das obige geschriebene!
+</p>
+
<h2>Phase 1: <a name="sdk">SDK Test Umsetzung</a></h2>
<b>Bounty: $300</b> <i>Ausgezahlt! An ComWiz</i><br />
@@ -46,7 +142,4 @@ mindestens 90% des router Quelltextes (i2p/router/java/src) umfassen.</p>
mindestens 90% des Quelltextes der Streaming Bibliothek
(i2p/apps/ministreaming/ und i2p/apps/streaming/) umfassen.</p>
-<p><i>Hinweis: Die Höhe des Betrags kann durch weitere Spenden steigen.
-Findest Du diese Teile wichtig? <a href="donate_de">Spende einen Betrag</a>
-für diese Unittests Bounties!</i></p>
{% endblock %}
diff --git a/www.i2p2/pages/common_structures_spec.html b/www.i2p2/pages/common_structures_spec.html
index 37af7f812a30ccdaa5780db260d8e75ffb2c74fe..8b85525a9c3de8f5218e171325f74938908f7d96 100644
--- a/www.i2p2/pages/common_structures_spec.html
+++ b/www.i2p2/pages/common_structures_spec.html
@@ -1,9 +1,14 @@
{% extends "_layout.html" %}
{% block title %}Common structure Specification{% endblock %}
{% block content %}
+Updated March 2012, current as of router version 0.8.13
<h1>Data types Specification</h1>
<p>
- This document describes some data types common to all I2P-protocols, like I2NP, I2CP, NTCP, etc.
+ This document describes some data types common to all I2P protocols, like
+ <a href="i2np.html">I2NP</a>,
+ <a href="i2cp.html">I2CP</a>,
+ <a href="udp.html">SSU</a>,
+ etc.
</p>
<h2 id="type_Integer">Integer</h2>
@@ -34,7 +39,7 @@
</p>
<h4>Contents</h4>
<p>
- 1 or more bytes where the first byte is the number of bytes(not characters!) in the string and the remaining 0-255 bytes are the non-null terminated UTF-8 encoded character array
+ 1 or more bytes where the first byte is the number of bytes (not characters!) in the string and the remaining 0-255 bytes are the non-null terminated UTF-8 encoded character array
</p>
<h2 id="type_Boolean">Boolean</h2>
@@ -53,26 +58,28 @@ Deprecated - unused
<h2 id="type_PublicKey">PublicKey</h2>
<h4>Description</h4>
<p>
- This structure is used in ElGamal encryption, representing only the exponent, not the primes, which are constant and defined in the appropriate spec.
+ This structure is used in ElGamal encryption, representing only the exponent, not the primes, which are constant and defined in
+ <a href="how_cryptography.html#elgamal">the cryptography specification</a>.
</p>
<h4>Contents</h4>
<p>
256 bytes
</p>
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/PublicKey.html">Javadoc</a></h4>
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/PublicKey.html">Javadoc</a></h4>
<h2 id="type_PrivateKey">PrivateKey</h2>
<h4>Description</h4>
<p>
- This structure is used in ElGamal decryption, representing only the exponent, not the primes which are constant and defined in the appropriate spec.
+ This structure is used in ElGamal decryption, representing only the exponent, not the primes which are constant and defined in
+ <a href="how_cryptography.html#elgamal">the cryptography specification</a>.
</p>
<h4>Contents</h4>
<p>
256 bytes
</p>
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/PrivateKey.html">Javadoc</a></h4>
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/PrivateKey.html">Javadoc</a></h4>
<h2 id="type_SessionKey">SessionKey</h2>
<h4>Description</h4>
@@ -84,43 +91,43 @@ Deprecated - unused
32 bytes
</p>
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/SessionKey.html">Javadoc</a></h4>
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/SessionKey.html">Javadoc</a></h4>
<h2 id="type_SigningPublicKey">SigningPublicKey</h2>
<h4>Description</h4>
<p>
- This structure is used for verifying DSA signatures.
+ This structure is used for verifying <a href="how_cryptography.html#DSA">DSA</a> signatures.
</p>
<h4>Contents</h4>
<p>
128 bytes
</p>
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/SigningPublicKey.html">Javadoc</a></h4>
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/SigningPublicKey.html">Javadoc</a></h4>
<h2 id="type_SigningPrivateKey">SigningPrivateKey</h2>
<h4>Description</h4>
<p>
- This structure is used for creating DSA signatures.
+ This structure is used for creating <a href="how_cryptography.html#DSA">DSA</a> signatures.
</p>
<h4>Contents</h4>
<p>
20 bytes
</p>
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/SigningPrivateKey.html">Javadoc</a></h4>
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/SigningPrivateKey.html">Javadoc</a></h4>
<h2 id="type_Signature">Signature</h2>
<h4>Description</h4>
<p>
- This structure represents the DSA signature of some data.
+ This structure represents the <a href="how_cryptography.html#DSA">DSA</a> signature of some data.
</p>
<h4>Contents</h4>
<p>
40 bytes
</p>
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/Signature.html">Javadoc</a></h4>
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/Signature.html">Javadoc</a></h4>
<h2 id="type_Hash">Hash</h2>
<h4>Description</h4>
@@ -132,7 +139,7 @@ Deprecated - unused
32 bytes
</p>
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/Hash.html">Javadoc</a></h4>
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/Hash.html">Javadoc</a></h4>
<h2 id="type_SessionTag">Session Tag</h2>
<h4>Description</h4>
@@ -144,19 +151,19 @@ Deprecated - unused
32 bytes
</p>
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/SessionTag.html">Javadoc</a></h4>
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/SessionTag.html">Javadoc</a></h4>
<h2 id="type_TunnelId">TunnelId</h2>
<h4>Description</h4>
<p>
- Defines an identifier that is unique within a particular set of routers for a tunnel.
+ Defines an identifier that is unique to each router in a tunnel.
</p>
<h4>Contents</h4>
<p>
4 byte <a href="#type_Integer">Integer</a>
</p>
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/TunnelID.html">Javadoc</a></h4>
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/TunnelID.html">Javadoc</a></h4>
<h2 id="type_Certificate">Certificate</h2>
<h4>Description</h4>
@@ -190,7 +197,71 @@ payload :: data
{% endfilter %}
</pre>
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/Certificate.html">Javadoc</a></h4>
+<h4>Notes</h4>
+<ul>
+<li>
+For <a href="#struct_RouterIdentity">Router Identities</a>, the Certificate is always NULL, no others are currently implemented.
+</li><li>
+For <a href="i2np_spec.html#struct_GarlicClove">Garlic Cloves</a>, the Certificate is always NULL, no others are currently implemented.
+</li><li>
+For <a href="i2np_spec.html#msg_Garlic">Garlic Messages</a>, the Certificate is always NULL, no others are currently implemented.
+</li><li>
+For <a href="#struct_Destination">Destinations</a>, the Certificate may be non-NULL,
+however non-NULL certs are not widely used, and any checking is left to the application-level.
+</li></ul>
+
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/Certificate.html">Javadoc</a></h4>
+
+
+<h2 id="type_Mapping">Mapping</h2>
+<h4>Description</h4>
+<p>
+ A set of key/value mappings or properties
+</p>
+<h4>Contents</h4>
+<p>
+ A 2-byte size Integer followed by a series of String=String; pairs
+</p>
+<pre>
+{% filter escape %}
++----+----+----+----+----+----+----+----+
+| size |key string (len + data) | = |
++----+----+----+----+----+----+----+----+
+| val string (len + data) | ; | ...
++----+----+----+----+----+----+----+
+size :: Integer
+ length -> 2 bytes
+ Total number of bytes that follow
+
+key string :: String
+ A string (one byte length followed by UTF-8 encoded characters)
+
+= :: A single byte containing '='
+
+val string :: String
+ A string (one byte length followed by UTF-8 encoded characters)
+
+; :: A single byte containing ';'
+
+{% endfilter %}
+</pre>
+
+<h4>Notes</h4>
+<ul>
+<li>
+The encoding isn't optimal - we either need the '=' and ';' characters, or the string lengths, but not both
+<li>
+Some documentation says that the strings may not include '=' or ';' but this encoding supports them
+<li>
+Strings are defined to be UTF-8 but in the current implementation, I2CP uses UTF-8 but I2NP does not.
+For example,
+UTF-8 strings in a RouterInfo options mapping in a I2NP Database Store Message will be corrupted.
+<li>
+Mappings contained in I2NP messages (i.e. in a RouterAddress or RouterInfo)
+must be sorted by key so that the signature will be invariant.
+</ul>
+
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/DataHelper.html">Javadoc</a></h4>
@@ -203,7 +274,7 @@ payload :: data
</p>
<h4>Contents</h4>
<p>
- <a href="#type_PublicKey">PublicKey</a> followed by <a href="#type_SigningPublicKey">SigningPublicKey</a> and then a <a href="#type_Certificate">Certificate</a> entangled with the <a href="#type_PublicKey">PublicKey</a>
+ <a href="#type_PublicKey">PublicKey</a> followed by <a href="#type_SigningPublicKey">SigningPublicKey</a> and then a <a href="#type_Certificate">Certificate</a>
</p>
<pre>
{% filter escape %}
@@ -236,10 +307,14 @@ signing_key :: SigningPublicKey
certificate :: Certificate
length -> >= 3 bytes
+Total length: 387+ bytes
{% endfilter %}
</pre>
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/RouterIdentity.html">Javadoc</a></h4>
+<h4>Notes</h4>
+The certificate for a RouterIdentity is currently unused and is always NULL.
+
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/RouterIdentity.html">Javadoc</a></h4>
<h2 id="struct_Destination">Destination</h2>
<h4>Description</h4>
@@ -248,7 +323,7 @@ certificate :: Certificate
</p>
<h4>Contents</h4>
<p>
- <a href="#type_PublicKey">PublicKey</a> followed by a <a href="#type_SigningPublicKey">SigningPublicKey</a> and then a <a href="#type_Certificate">Certificate</a> entangled with the <a href="#type_PublicKey">PublicKey</a>.
+ <a href="#type_PublicKey">PublicKey</a> followed by a <a href="#type_SigningPublicKey">SigningPublicKey</a> and then a <a href="#type_Certificate">Certificate</a>
</p>
<pre>
{% filter escape %}
@@ -280,10 +355,12 @@ signing_public_key :: SigningPublicKey
certificate :: Certificate
length -> >= 3 bytes
+
+Total length: 387+ bytes
{% endfilter %}
</pre>
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/Destination.html">Javadoc</a></h4>
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/Destination.html">Javadoc</a></h4>
<h2 id="struct_Lease">Lease</h2>
<h4>Description</h4>
@@ -292,6 +369,7 @@ certificate :: Certificate
</p>
<h4>Contents</h4>
<p>
+ SHA256 <a href="#type_Hash">Hash</a> of the
<a href="#struct_RouterIdentity">RouterIdentity</a> of the gateway router, then the <a href="#type_TunnelId">TunnelId</a>, and finally an end <a href="#type_Date">Date</a>
</p>
<pre>
@@ -300,18 +378,18 @@ certificate :: Certificate
| tunnel_gw |
+ +
| |
-~ ~
-
-~ ~
++ +
+| |
++ +
| |
-+ +----+----+----+----+
-| | tunnel_id |
+----+----+----+----+----+----+----+----+
-| end_date |
+| tunnel_id | end_date
+----+----+----+----+----+----+----+----+
+ |
++----+----+----+----+
-tunnel_gw :: RouterIdentity
- length -> >= 387 bytes
+tunnel_gw :: Hash of the RouterIdentity of the tunnel gateway
+ length -> >= 32 bytes
tunnel_id :: TunnelId
length -> 4 bytes
@@ -321,13 +399,20 @@ end_date :: Date
{% endfilter %}
</pre>
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/Lease.html">Javadoc</a></h4>
+<h4>Notes</h4>
+<ul>
+<li>
+Total size: 44 bytes
+</li></ul>
+
+
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/Lease.html">Javadoc</a></h4>
<h2 id="struct_LeaseSet">LeaseSet</h2>
<h4>Description</h4>
<p>
Contains all of the currently authorized <a href="#struct_Lease">Lease</a>s for a particular <a href="#struct_Destination">Destination</a>, the <a href="#type_PublicKey">PublicKey</a> to which garlic messages can be encrypted,
- and then the the <a href="#type_SigningPublicKey">public key</a> that can be used to revoke this particular version of the structure. The <a href="#struct_LeaseSet">LeaseSet</a> is one of the two structures stored in the network database(
+ and then the <a href="#type_SigningPublicKey">public key</a> that can be used to revoke this particular version of the structure. The <a href="#struct_LeaseSet">LeaseSet</a> is one of the two structures stored in the network database(
the other being <a href="#struct_RouterInfo">RouterInfo</a>), and is keyed under the SHA256 of the contained <a href="#struct_Destination">Destination</a>.
</p>
<h4>Contents</h4>
@@ -335,7 +420,6 @@ end_date :: Date
<a href="#struct_Destination">Destination</a>, followed by a <a href="#type_PublicKey">PublicKey</a> for encryption, then a <a href="#type_SigningPublicKey">SigningPublicKey</a> which can be used to revoke this version of the <a href="#struct_LeaseSet">LeaseSet</a>,
then a 1 byte <a href="#type_Integer">Integer</a> specifying how many <a href="#struct_Lease">Lease</a> structures are in the set, followed by the actual <a href="#struct_Lease">Lease</a> structures and finally a <a href="#type_Signature">Signature</a> of the previous
bytes signed by the <a href="#struct_Destination">Destination's</a> <a href="#type_SigningPrivateKey">SigningPrivateKey</a>
-<p/>
<pre>
{% filter escape %}
+----+----+----+----+----+----+----+----+
@@ -402,7 +486,7 @@ end_date :: Date
+----+----+----+----+----+----+----+----+
destination :: Destination
- length -> >= 397 bytes
+ length -> >= 387 bytes
encryption_key :: PublicKey
length -> 256 bytes
@@ -412,9 +496,10 @@ signing_key :: SigningPublicKey
num :: Integer
length -> 1 byte
+ value: 0 <= num <= 6
leases :: [Lease]
- length -> >= $num*399 bytes
+ length -> >= $num*44 bytes
signature :: Signature
length -> 40 bytes
@@ -423,9 +508,20 @@ signature :: Signature
</pre>
<h4>Notes</h4>
+<ul><li>
+The public key of the destination was used for the old i2cp-to-i2cp encryption
+which was disabled in version 0.6, it is currently unused?
+</li><li>
+The encryption key is used for end-to-end <a href="how_elgamalaes.html">ElGamal/AES+SessionTag</a> encryption.
+It is currently generated anew at every router startup, it is not persistent.
+</li><li>
+The signature may be verified using the signing public key of the destination.
+</li><li>
The signing_key is currently unused. It was intended for LeaseSet revocation, which is unimplemented.
+It is currently generated anew at every router startup, it is not persistent.
+</li></ul>
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/LeaseSet.html">Javadoc</a></h4>
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/LeaseSet.html">Javadoc</a></h4>
@@ -470,7 +566,16 @@ options :: Mapping
{% endfilter %}
</pre>
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/RouterAddress.html">Javadoc</a></h4>
+<h4>Notes</h4>
+<ul>
+<li>
+Cost is typically 5 or 6 for SSU, and 10 or 11 for NTCP.
+</li><li>
+Expiration is currently unused, always null (all zeroes))
+</li></ul>
+
+
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/RouterAddress.html">Javadoc</a></h4>
<h2 id="struct_RouterInfo">RouterInfo</h2>
<h4>Description</h4>
@@ -523,6 +628,16 @@ options :: Mapping
+----+----+----+----+-//-+----+----+----+
|psiz| options |
+----+----+----+----+-//-+----+----+----+
+| signature |
++ +
+| |
++ +
+| |
++ +
+| |
++ +
+| |
++----+----+----+----+----+----+----+----+
router_ident :: RouterIdentity
length -> >= 387 bytes
@@ -542,13 +657,23 @@ peer_size :: Integer
value -> 0
options :: Mapping
+
+signature :: Signature
+ length -> 40 bytes
+
{% endfilter %}
</pre>
<h4>Notes</h4>
The peer_size Integer may be followed by a list of that many router hashes.
This is currently unused. It was intended for a form of restricted routes, which is unimplemented.
+<p>
+The signature may be verified using the signing public key of the router_ident.
+
+<h4><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/RouterInfo.html">Javadoc</a></h4>
+
-<h4><a href="http://docs.i2p2.de/core/net/i2p/data/RouterInfo.html">Javadoc</a></h4>
+<h2 id="struct_DeliveryInstructions">Delivery Instructions</h2>
+Defined in the <a href="tunnel_message_spec.html#delivery">Tunnel Message Specification</a>.
{% endblock %}
diff --git a/www.i2p2/pages/datagrams.html b/www.i2p2/pages/datagrams.html
index e117aa4f9b05e07c97643b7ca43c0563c4827a34..6af812b05c45a2e3fb9c8f61beedf46883a0a5f4 100644
--- a/www.i2p2/pages/datagrams.html
+++ b/www.i2p2/pages/datagrams.html
@@ -1,13 +1,172 @@
{% extends "_layout.html" %}
-{% block title %}Datagrams{% endblock %}
-{% block content %}<p>Datagrams build upon the base <a href="i2cp">I2CP</a> to provide authenticated
+{% block title %}Datagram Specification{% endblock %}
+{% block content %}
+
+Updated August 2010, current as of router version 0.8
+
+<h2>Datagram Overview</h2>
+<p>Datagrams build upon the base <a href="i2cp.html">I2CP</a> to provide authenticated
and repliable messages in a standard format. This lets applications reliably read
the "from" address out of a datagram and know that the address really sent the
message. This is necessary for some applications since the base I2P message is
completely raw - it has no "from" address (unlike IP packets). In addition, the
-message and sender is authenticated by signing the payload.</p>
+message and sender are authenticated by signing the payload.</p>
+<p>
+Datagrams, like <a href="streaming.html">streaming library packets</a>,
+are an application-level construct.
+These protocols are independent of the low-level <a href="transports.html">transports</a>;
+the protocols are converted to I2NP messages by the router, and
+either protocol may be carried by either transport.
+</p>
+
+<h2>Application Guide</h2>
+<p>Applications written in Java may use the
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/datagram/package-summary.html">datagram API</a>,
+while applications in other languages
+can use <a href="sam">SAM</a>'s datagram support.
+There is also limited support in i2ptunnel in the <a href="socks.html">SOCKS proxy</a>,
+the 'streamr' tunnel types, and udpTunnel classes.
+</p>
+
+<h3>Datagram Length</h3>
+<p>
+The application designer should carefully consider the tradeoff of repliable vs. non-repliable
+datagrams. Also, the datagram size will affect reliability, due to tunnel fragmentation into 1KB
+tunnel messages. The more message fragments, the more likely that one of them will be dropped
+by an intermediate hop. Messages larger than a few KB are not recommended.
+</p>
+<p>
+Also note that the various overheads added by lower layers, in particular asymmetric
+<a href="how_elgamalaes.html">ElGamal/AES</a>, place a large burden on intermittent messages
+such as used by a Kademlia-over-UDP application. The implementations are currently tuned
+for frequent traffic using the streaming library. There are a high number
+of session tags delivered, and a short session tag lifetime, for example.
+There are currently no configuration parameters available within I2CP to tune
+the ElGamal Session Tag parameters.
+</p>
+
+<h3>I2CP Protocol Number and Ports</h3>
+<p>
+The standard I2CP protocol number for datagrams is 17. Applications may or may not choose to set the
+protocol in the I2CP header. It is not set by default.
+It must be set to demultiplex datagram and streaming traffic received on the same Destination.
+</p>
+<p>
+As datagrams are not connection-oriented, the application may require
+port numbers to correlate datagrams with particular peers or communications sessions,
+as is traditional with UDP over IP.
+Applications may add 'from' and 'to' ports to the I2CP (gzip) header as described in
+the <a href="i2cp.html#format">I2CP page</a>.
+</p>
+<p>
+There is no method within the datagram API to specify whether it is non-repliable (raw)
+or repliable. The application should be designed to expect the appropriate type.
+The I2CP protocol number or port could also be used by the application to
+indicate datagram type.
+</p>
+<p>
+The protocols and ports may be set in I2CP's
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/I2PSession.html">I2PSession API</a>,
+as implemented in
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/I2PSessionMuxedImpl.html">I2PSessionMuxedImpl</a>.
+</p>
+
+<h3>Data Integrity</h3>
+Data integrity is assured by the gzip CRC-32 checksum implemented in
+<a href="i2cp.html#format">the I2CP layer</a>.
+There is no checksum field in the datagram protocol.
+
+<h3>Packet Encapsulation</h3>
+Each datagram is sent through I2P as a single message (or as an individual clove in a
+<a href="how_garlicrouting.html">Garlic Message</a>).
+Message encapsulation is implemented in the underlying
+<a href="i2cp.html">I2CP</a>,
+<a href="i2np.html">I2NP</a>, and
+<a href="tunnel_message_spec.html">tunnel message</a> layers.
+There is no packet delimiter mechanism or length field in the datagram protocol.
+
+
+<h2 id="spec">Specification</h2>
+
+<h3 id="raw">Non-Repliable Datagrams</h3>
+Non-repliable datagrams have no 'from' address and are not authenticated.
+They are also called "raw" datagrams.
+Strictly speaking, they are not "datagrams" at all, they are just raw data.
+They are not handled by the datagram API.
+However, SAM and the I2PTunnel classes support "raw datagrams".
+
+<h4>Format</h4>
+<pre>
++----+----+----+----+----//
+| payload...
++----+----+----+----+----//
+
+
+Length: 0 - unlimited (see notes)
+</pre>
+
+<h4>Notes</h4>
+The practical length is limited by lower layers of protocols - the
+<a href="tunnel_message_spec.html#notes">tunnel message spec</a>
+limits messages to about 61.2 KB and the
+<a href="transports.html">transports</a>
+currently limit messages to about 32 KB, although this may be raised in the future.
+
+
+<h3 id="repliable">Repliable Datagrams</h3>
+Repliable datagrams contain a 'from' address and a signature. These add 427 bytes of overhead.
+<h4>Format</h4>
+<pre>
++----+----+----+----+----+----+----+----+
+| from |
++ +
+| |
+~ ~
+~ ~
+| |
++ +
+| |
+| |
++----+----+----+----+----+----+----+----+
+| signature |
++ +
+| |
++ +
+| |
++ +
+| |
++ +
+| |
++----+----+----+----+----+----+----+----+
+| payload...
++----+----+----+----//
+
+
+
+from :: a <a href="common_structures_spec#type_Destination">Destination</a>
+ length: 387+ bytes
+ The originator and signer of the datagram
+
+signature :: a <a href="common_structures_spec#type_Signature">Signature</a>
+ length: 40 bytes
+ The <a href="how_cryptography.html#DSA">DSA</a> signature of the SHA256 hash of the payload, which may be verified by the
+ DSA signing public key of the 'from' Destination
+
+payload :: The data
+ Length: 0 - 32 KB (see notes)
+
+Total length: Payload length + 427+
+
+
+</pre>
+
+<h4>Notes</h4>
+The practical length is limited by lower layers of protocols - the
+<a href="transports.html">transports</a>
+currently limit messages to about 32 KB, so the data length here is limited to about
+31.5 KB.
+
+
+
-<p>Applications written in Java that want to use datagrams can access the
-<a href="http://www.i2p.net/javadoc/net/i2p/client/datagram/package-summary.html">net.i2p.client.datagram</a>
-package (a part of the core SDK in i2p.jar), while applications in other languages
-can use <a href="sam">SAM</a>'s datagram support.</p>{% endblock %}
\ No newline at end of file
+{% endblock %}
diff --git a/www.i2p2/pages/datagrams_de.html b/www.i2p2/pages/datagrams_de.html
index 0df3f454174704e8e2cac887c6940c9967de01cf..3ede0edf66a5e433f0c17cd56772534b09900f94 100644
--- a/www.i2p2/pages/datagrams_de.html
+++ b/www.i2p2/pages/datagrams_de.html
@@ -1,6 +1,7 @@
{% extends "_layout_de.html" %}
{% block title %}Datagramme{% endblock %}
-{% block content %}<p>Datagramme werden auf der Basis von <a href="i2cp_de">I2CP</a> aufgebaut
+{% block content %}<p>Die Webseite wird gerade überholt und dieses Dokument kann alte Informationen enthalten</p>
+<p>Datagramme werden auf der Basis von <a href="i2cp_de">I2CP</a> aufgebaut
um authentifizierte und beantwortbare Nachrichten in einem Standardformat anzubieten. Somit
könen Anwendungen verlässlich die "von" Adresse aus den Datagrammen auslesen und
somit wirklich wissen, wer die Nachricht gesendet hat. Dieses ist für manche Anwendungen
diff --git a/www.i2p2/pages/debian.html b/www.i2p2/pages/debian.html
new file mode 100644
index 0000000000000000000000000000000000000000..71a19ba654c5e1ea2633038809478a2132f5d362
--- /dev/null
+++ b/www.i2p2/pages/debian.html
@@ -0,0 +1,112 @@
+{% extends "_layout.html" %}
+{% block title %}Debian/Ubuntu{% endblock %}
+{% block content %}
+<h1>Debian I2P Packages</h1>
+
+The packages hosted on <a href="https://launchpad.net/%7Ei2p-maintainers/+archive/i2p">the I2P Launchpad site</a>
+have been tested and <span style="font-style: italic;">should </span>work on x86/x86_64 platforms running
+<ul>
+ <li><a href="debian#ubuntu">Ubuntu</a> (Hardy <span style="font-style: italic;">8.04</span> and newer)</li><li><a href="debian.html#ubuntu">Mint</a> <span style="font-style: italic;">11</span></li>
+ <li><a href="debian#debian">Debian Linux</a> (Lenny and newer) & <a href="#nonlinux">kFreeBSD</a> (Wheezy)</li>
+ <li><a href="debian#debian">Knoppix</a></li>
+ <li><a href="debian#debian">Simply MEPIS</a> <span style="font-style: italic;">8.5.03-rel1</span></li>
+ <li><a href="debian#ubuntu">Trisque</a>l <span style="font-style: italic;">4.5.1</span></li>
+ <li><a href="debian#debian">gNewSense</a> <span style="font-style: italic;">2.3</span></li>
+ <li><a href="debian#nonlinux">Nexenta</a> <span style="font-style: italic;">3.0.1</span></li>
+</ul>
+The I2P packages <span style="font-style: italic;">may</span> work on systems not listed above. Please report any issues with these packages on <a href="http://trac.i2p2.de/">Trac</a> at <a href="http://trac.i2p2.de">http://trac.i2p2.de</a>.
+<ul>
+ <li>Option 1: <a href="debian#ubuntu">Recent versions</a> of Ubuntu and its derivatives (<span style="font-style: italic;">Try this if you're not using Debian)</span></li>
+ <li>Option 2: <a href="debian#debian">Debian</a> (including systems based on Debian and older versions of Ubuntu)</li>
+ <li>Option 3: <a href="debian#nonlinux">Non-Linux</a> (and possibly Non-x86 architectures)</li>
+</ul>
+<h2 id="ubuntu">Instructions for Ubuntu Lucid Lynx (and newer) and derivatives like Linux Mint & Trisquel</h2>
+<h5>Adding the PPA via the command line and installing I2P</h5>
+<ol>
+ <li>Open a terminal and enter: <br />
+ <code> sudo apt-add-repository ppa:i2p-maintainers/i2p</code><br />
+This command will add the PPA to /etc/apt/sources.list.d and fetch the
+gpg key that the repository has been signed with. The GPG key ensures
+that the packages have not been tampered with since being built.</li>
+ <li>Notify your package manager of the new PPA by entering<br />
+ <code> sudo apt-get update</code><br />
+This command will retrieve the latest list of software from each
+repository that is enabled on your system, including the I2P PPA that
+was added with the earlier command.</li>
+ <li>You are now ready to install I2P! <br />
+ <code> sudo apt-get install i2p</code></li>
+</ol>
+<h5>Adding the PPA Using Synaptic</h5>
+<ol>
+<li>Open Synaptic (System -> Administration -> Synaptic Package Manager).</li>
+<li>Once Synaptic opens, select <span style="font-style: italic;">Repositories</span> from the <span style="font-style: italic;">Settings</span> menu.</li>
+<li>Click the <span style="font-style: italic;">Other Sources</span> tab and click <span style="font-style: italic;">Add</span>. Paste <code>ppa:i2p-maintainers/i2p</code> into the APT-line field and click <span style="font-style: italic;">Add Source</span>. Click the <span style="font-style: italic;">Close</span> button then <span style="font-style: italic;">Reload</span>.</li>
+<li>In the Quick Filter box, type in <code>i2p</code> and press enter. When <code>i2p</code> is returned in the results list, right click <code>i2p</code> and select <span style="font-style: italic;">Mark for Installation</span>. After doing so you may see a <span style="font-style: italic;">Mark additional required changes?</span> popup. If so, click <span style="font-style: italic;">Mark</span> then <span style="font-style: italic;">Apply</span>.</li>
+</ol>
+
+After the installation process completes you can move on to the next
+part of <a href="debian#Post-install_work">starting I2P</a> and configuring it for your system.
+
+<h2 id="debian">Instructions for Debian Lenny and newer</h2>
+The steps below should be performed with root access (i.e., switching
+user to root with "su" or by prefixing each command with "sudo").
+<ol>
+ <li>Add the GPG key that signs the repository with the following command:<br />
+ <code>apt-key adv --keyserver keyserver.ubuntu.com --recv-keys <a href="http://keyserver.ubuntu.com:11371/pks/lookup?search=0x474BC46576FAE76E97C1A1A1AB9660B9EB2CC88B&op=index">EB2CC88B</a></code><br />
+You'll have output like the following if the command was successful: <br />
+ <img src="/_static/images/add-key-terminal.png" alt="" /></li>
+ <li>For Debian Oldstable (Lenny) and Stable (Squeeze): Add the following entries to <code>/etc/apt/sources.list.d/i2p.list</code><br />
+ <code> deb http://ppa.launchpad.net/i2p-maintainers/i2p/ubuntu natty main <br />
+ deb-src http://ppa.launchpad.net/i2p-maintainers/i2p/ubuntu natty main </code><br />
+<br />
+For Debian Testing (Wheezy) or Unstable (Sid), use the following: <br />
+ <code> deb http://ppa.launchpad.net/i2p-maintainers/i2p/ubuntu precise main <br />
+ deb-src http://ppa.launchpad.net/i2p-maintainers/i2p/ubuntu precise main </code><br /></li>
+ <li>Notify your package manager of the new PPA by entering<br />
+ <code> apt-get update</code><br />
+This command will retrieve the latest list of software from every
+repository enabled on your system, including the I2P PPA added in step
+1.</li>
+ <li>You are now ready to install I2P! <br />
+ <code> apt-get install i2p</code></li>
+</ol>
+After the installation process completes you can move on to the next part of <a href="#Post-install_work">starting I2P</a> and configuring it for your system.
+<h2 id="nonlinux">Instructions for Non-Linux / Non-x86</h2>
+The steps below should be performed with root access (i.e., switching
+user to root with "<code>su</code>" or by prefixing each command with "<code>sudo</code>").<br />
+<ol>
+ <li>Download the <a href="http://ppa.launchpad.net/i2p-maintainers/i2p/ubuntu/pool/main/i/i2p/">i2p-router</a> package from the <a href="http://ppa.launchpad.net/i2p-maintainers/i2p/ubuntu/pool/main/i/i2p/">PPA</a>.</li>
+ <li>Make sure that you have Java installed. Running <span style="font-style: italic;"><code>apt-get install default-jre</code></span> should be sufficient.<br />
+You are now ready to install I2P! <br />
+ <code> dpkg -i i2p-router_*.deb</code></li>
+ <li>It is recommended to compile <a href="/jbigi">jbigi</a> for your system to achieve better performance. Instructions are available <a href="/jbigi">here</a>.</li>
+</ol>
+After the installation process completes you can move on to the next part of <a href="debian#Post-install_work">starting I2P</a> and configuring it for your system.
+<h2 id="Post-install_work">Post-install work</h2>
+Using these I2P packages the I2P router can be started in the following
+three ways:
+<ul>
+ <li>"on demand" using the i2prouter script. Simply run "<code>i2prouter
+start</code>" from a command prompt. (Note: Do <span style="font-weight: bold; text-decoration: underline;">not</span> use
+sudo or run it as root!)</li>
+ <li>"on demand" without the <a href="http://wrapper.tanukisoftware.com/">java service wrapper</a>
+(needed on non-Linux/non-x86 systems) by running "<code>i2prouter-nowrapper</code>".
+(Note: Do <span style="font-weight: bold; text-decoration: underline;">not</span>
+use sudo or run it as root!)</li>
+ <li>as a service that automatically runs when your system boots, even
+before logging in. The service can be enabled with "<code>dpkg-reconfigure
+i2p</code>" as root or using sudo. This is the recommended means of operation.</li>
+</ul>
+<p>When installing for the first time, please remember to <b>adjust
+your NAT/firewall</b>
+if you can. The ports to forward can be found on the <a href="http://127.0.0.1:7657/confignet">
+ network configuration page</a> in the router console. If guidance with respect to forwarding ports is needed,
+you may <a href="http://www.portforward.com">portforward.com</a> to be helpful.
+</p>
+<p>Please review and <b>adjust the bandwidth settings</b> on the
+<a href="http://127.0.0.1:7657/config.jsp">configuration page</a>,
+as the default settings of 96 KB/s down / 40 KB/s up are fairly conservative.
+</p>
+<p>
+If you want to reach eepsites via your browser, have a look on the <a href="htproxyports.html">browser proxy setup</a> page for an easy howto.</p>
+{% endblock %}
diff --git a/www.i2p2/pages/debian_fr.html b/www.i2p2/pages/debian_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..bc7c08974868c8c1b47ad7462e4ee30d81fe1074
--- /dev/null
+++ b/www.i2p2/pages/debian_fr.html
@@ -0,0 +1,132 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Debian/Ubuntu{% endblock %}
+{% block content %}
+<h1>Paquets I2P pour Debian</h1>
+
+The paquets hébergés sur <a href="https://launchpad.net/%7Ei2p-maintainers/+archive/i2p">le site Launchpad I2P</a>
+ont été testés et <span style="font-style: italic;">devraient</span> fonctionner sur x86/x86_64 avec
+<ul>
+ <li><a href="debian_fr#ubuntu">Ubuntu</a> (Hardy <span style="font-style: italic;">8.04</span> et ultérieures)</li>
+ <li><a href="debian_fr#ubuntu">Mint</a> <span style="font-style: italic;">11</span></li>
+ <li><a href="debian_fr#debian">Debian Linux</a> (Lenny et ultérieures) & <a href="#nonlinux">kFreeBSD</a> (Wheezy)</li>
+ <li><a href="debian_fr#debian">Knoppix</a></li>
+ <li><a href="debian_fr#debian">Simply MEPIS</a> <span style="font-style: italic;">8.5.03-rel1</span></li>
+ <li><a href="debian_fr#ubuntu">Trisque</a>l <span style="font-style: italic;">4.5.1</span></li>
+ <li><a href="debian_fr#debian">gNewSense</a> <span style="font-style: italic;">2.3</span></li>
+ <li><a href="debian_fr#nonlinux">Nexenta</a> <span style="font-style: italic;">3.0.1</span></li>
+</ul>
+Les paquets I2P <span style="font-style: italic;">peuvent</span> marcher sur des systèmes non listés ci-dessus.
+Merci de rapporter tout problème avec ces paquets dans <a href="http://trac.i2p2.de/">Trac</a> sur
+<a href="http://trac.i2p2.de">http://trac.i2p2.de</a>.
+<ul>
+ <li>Option 1: <a href="debian_fr#ubuntu">Versions récentes </a> d'Ubuntu et ses dérivées
+(<span style="font-style: italic;">À essayer si vous n'utilisez pas Debian)</span></li>
+ <li>Option 2: <a href="debian_fr#debian">Debian</a> (dont les systèmes basés sur Debian et les anciennes versions
+d'Ubuntu)</li>
+ <li>Option 3: <a href="debian_fr#nonlinux">Non-Linux</a> (et peut-être les architectures non x-86)</li>
+</ul>
+<h2 id="ubuntu">Instructions pour Ubuntu Lucid Lynx (et plus récentes) et ses dérivées comme Linux Mint & Trisquel</h2>
+<h5>Ajout du PPA via la ligne de commande et installation d'I2P</h5>
+<ol>
+ <li>Ouvrez un terminal et entrez: <br />
+ <code> sudo apt-add-repository ppa:i2p-maintainers/i2p</code><br />
+Cette commande ajoutera la PPA à /etc/apt/sources.list.d et répliquera la clé gpg avec laquelle le dépôt a été signé.
+La clé GPG assure que le paquet n'a pas été modifié depuis sa fabrication.</li>
+ <li>Indiquez la nouvelle PPA Ã votre gestionnaire de paquets<br />
+ <code> sudo apt-get update</code><br />
+Cette commande va récupérer la dernière liste de logiciels de chaque dépôt activé sur votre système, dont la PPA I2P
+ajoutée par la commande précédente.</li>
+ <li>Vous êtes maintenant prêt à installer I2P! <br />
+ <code> sudo apt-get install i2p</code></li>
+</ol>
+<h5>Ajout de la PPA et installation avec Synaptic</h5>
+<ol>
+<li>Ouvrez Synaptic (Système -> Administration -> Gestionnaire de paquets Synaptic).</li>
+<li>Une fois Synaptic lancé, sélectionnez <span style="font-weight: bold;"><u>D</u>épôts</span> dans le menu
+<span style="font-weight: bold;"><u>C</u>onfiguration</span>.</li>
+<li>Cliquez sur l'onglet <span style="font-weight: bold;">Autres logiciels</span> et cliquez sur le bouton
+<span style="font-weight: bold;">Ajouter...</span>. Collez <code>ppa:i2p-maintainers/i2p</code>
+dans le champ "Ligne APT" puis cliquez sur le bouton
+<span style="font-weight: bold;">"+ <u>A</u>joutez une source de mise à jour"</span>. Cliquez sur le bouton
+<span style="font-weight: bold;"><u>F</u>ermer</span> (et éventuellement une deuxième fois sur la notification de
+modification de dépôts "Dépôts modifiés"), puis sur le bouton <span style="font-weight: bold;">Recharger</span>
+de la barre d'outils.</li>
+
+<li>Dans le champ "Filtre rapide", tapez <code>i2p</code>. Quand <code>i2p</code> s'affiche dans la liste de résultats,
+faites dessus un clic-droit et choisissez <span style="font-weight: bold;">Sélectionner pour installation</span>.
+Après ceci, vous verrez peut-être une fenêtre
+<span style="font-style: italic;">"Prévoir d'effectuer d'autres changements?"</span>. Si oui,
+cliquez sur <span style="font-weight: bold;">Ajouter à la sélection</span> puis dans la barre d'outils sur le bouton
+<span style="font-weight: bold;">Appliquer</span>.</li>
+</ol>
+
+<h5>À la fin du processus d'installation vous pouvez passer à l'étape suivante pour
+<a href="debian_fr#Post-install_work">démarrer I2P</a> et le configurer pour votre système.</h5>
+
+<h2 id="debian">Instructions pour Debian Lenny et plus récentes</h2>
+Les étapes suivantes doivent être effectuées avec l'accès root (c.à d. en basculant de l'utilisateur en cours à root
+avec "su" ou en préfixant chaque commande avec "sudo").
+<ol>
+ <li>Ajoutez les entrées suivantes à <code>/etc/apt/sources.list.d/i2p.list</code><br />
+ <code> deb http://ppa.launchpad.net/i2p-maintainers/i2p/ubuntu natty main <br />
+ deb-src http://ppa.launchpad.net/i2p-maintainers/i2p/ubuntu natty main </code><br />
+Ces deux lignes devraient fonctionner quelle que soit la version de Debian installée.</li>
+ <li>Ajouter la clé GPG de signature du dépôt avec la commande suivante:<br />
+
+<code>apt-key adv --keyserver keyserver.ubuntu.com --recv-keys <a href="http://keyserver.ubuntu.com:11371/pks/lookup?search=0x474BC46576FAE76E97C1A1A1AB9660B9EB2CC88B&op=index">EB2CC88B</a></code><br />
+Vous obtiendrez une sortie semblable à la suivante si la commande a réussi: <br />
+ <img src="/_static/images/add-key-terminal.png" alt="" /></li>
+ <li>Instruisez votre gestionnaire de paquets de la nouvelle PPA en entrant<br />
+ <code> apt-get update</code><br />
+Cette commande va récupérer la dernière liste de logiciels depuis chaque dépôt activé sur votre système, dont ceux de
+la
+PPA I2P ajoutée à l'étape 1.</li>
+ <li>Vous êtes maintenant prêt à installer I2P! <br />
+ <code> apt-get install i2p</code></li>
+</ol>
+À la fin du processus d'installation vous pouvez passer à l'étape suivante pour
+<a href="#Post-install_work">démarrer I2P</a> et le configurer pour votre système.
+<h2 id="nonlinux">Instructions pour Non-Linux / Non-x86</h2>
+Les étapes suivantes doivent être effectuées avec l'accès root (c.à d. en basculant de l'utilisateur en cours à root
+avec "<code>su</code>" ou en préfixant chaque commande avec "<code>sudo</code>").<br />
+<ol>
+ <li>Téléchargez le paquet <a href="http://ppa.launchpad.net/i2p-maintainers/i2p/ubuntu/pool/main/i/i2p/">i2p-router</a>
+depuis la <a href="http://ppa.launchpad.net/i2p-maintainers/i2p/ubuntu/pool/main/i/i2p/">PPA</a>.</li>
+ <li>Assurez-vous que Java est installé. Lancer <span style="font-style: italic;">
+<code>apt-get install default-jvm</code></span> devrait suffire.<br />
+Vous êtes maintenant prêt à installer I2P! <br />
+ <code> dpkg -i i2p-router_*.deb</code></li>
+ <li>On recommande de compiler <a href="/jbigi">jbigi</a> pour votre système pour obtenir les meilleures performances.
+Les instructions sont disponibles <a href="/jbigi">ici</a>.</li>
+</ol>
+À la fin du processus d'installation vous pouvez passer à l'étape suivante pour
+<a href="#Post-install_work">démarrer I2P</a> et le configurer pour votre système.
+<h2 id="Post-install_work">Après l'installation</h2>
+L'utilisation de ces paquets I2P vous permet de lancer le routeur de l'une de ces trois façons:
+<ul>
+ <li>"À la demande", en utilisant le script i2prouter. Lancez simplement "<code>i2prouter
+start</code>" depuis une invite de commande.
+(Note: <span style="font-weight: bold; text-decoration: underline;">N'utilisez pas</span> sudo, ni ne l'exécutez
+en tant que root!)</li>
+ <li>"À la demande" sans le <a href="http://wrapper.tanukisoftware.com/">wrapper de service java</a>
+(requis sur les systèmes non-Linux/non-x86) en lançant "<code>i2prouter-nowrapper</code>".
+(Note: <span style="font-weight: bold; text-decoration: underline;">N'utilisez pas</span> sudo, ni ne l'exécutez
+en tant que root!)</li>
+ <li>"En tant que service" qui démarre en même temps que le système, avant même l'ouverture de session. Le service
+peut être activé avec "<code>dpkg-reconfigure i2p</code>" en tant que root ou avec sudo. C'est la méthode recommandée.</li>
+</ul>
+<p>À la première installation, pensez à <b>régler votre pare-feu/NAT</b> si vous pouvez, en gardant à l'esprit les ports
+tournés vers Internet qu'utilise I2P,
+<a href="faq_fr#ports">décrits ici</a> entre autres. Si vous avez correctement ouvert votre port TCP aux connexions
+entrantes, activez également les connexions TCP entrantes sur la
+<a href="http://localhost:7657/config.jsp">page de configuration</a>.
+</p>
+<p>Pour finir, contrôlez et <b>réglez votre bande passante</b> sur la
+<a href="http://localhost:7657/config.jsp">page de configuration</a>, les réglages par défaut de 96 ko/s descendants /
+40 ko/s montants étant volontairement trop faibles pour une utilisation normale.
+</p>
+<p>
+Si vous voulez atteindre des sites eep avec votre navigateur, consultez la page de
+<a href="htproxyports_fr.html">réglage du proxy de navigateur</a> pour une méthode facile.</p>
+Vous pourriez préférer utiliser I2Pfox, un profil Firefox prêt à l'emploi.
+{% endblock %}
diff --git a/www.i2p2/pages/dev-guidelines.html b/www.i2p2/pages/dev-guidelines.html
new file mode 100644
index 0000000000000000000000000000000000000000..2943f1ada5b8fcd0dd6a5a30bea382c919ad0835
--- /dev/null
+++ b/www.i2p2/pages/dev-guidelines.html
@@ -0,0 +1,130 @@
+{% extends "_layout.html" %}
+{% block title %}Developer Guidelines and Coding Style{% endblock %}
+{% block content %}
+<p>
+ Read the <a href="newdevelopers.html">new developers guide</a> first.
+</p>
+
+<h2>Basic Guidelines and Coding Style</h2>
+
+<p>
+ Most of the following should be common sense for anybody who has worked on open source or in a commercial
+ programming envrionment.
+ The following applies mostly to the main development branch i2p.i2p.
+ Guidelines for other branches, plugins, and external apps may be substantially different;
+ check with the appropriate developer for guidance.
+</p>
+
+<h3>Community</h3>
+<ul>
+<li>
+Please don't just "write code". If you can, participate in other development activities, including:
+development discussions and support on IRC, zzz.i2p, and forum.i2p; testing;
+bug reporting and responses; documentation; code reviews; etc.
+</li><li>
+Active devs should be available periodically on IRC #i2p-dev.
+Be aware of the current release cycle.
+Adhere to release milestones such as feature freeze, tag freeze, and
+the checkin deadline for a release.
+</li></ul>
+
+<h3>Monotone</h3>
+<ul>
+<li>
+Have a basic understanding of distributed source control systems, even if you haven't
+used monotone before. Ask for help if you need it.
+Once pushed, checkins are forever, there is no undo. Please be careful.
+If you have not used monotone before, start with baby steps.
+Check in some small changes and see how it goes.
+</li><li>
+Test your changes before checking them in.
+If you prefer the checkin-before-test development model,
+use your own development branch (e.g. i2p.i2p.yourname.test)
+and propagate back to i2p.i2p once it is working well.
+Do not break the build. Do not cause regressions.
+In case you do (it happens), please do not vanish for a long period after
+you push your change.
+</li><li>
+If your change is non-trivial, or you want people to test it and need good test reports
+to know whether your change was tested or not, add a checkin comment to history.txt
+and increment the build revision in RouterVersion.java.
+</li><li>
+Ensure that you have the latest monotonerc file in _MTN.
+Do not check in on top of untrusted revisions.
+</li><li>
+Ensure that you pull the latest revision before you check in.
+If you inadvertently diverge, merge and push as soon as possible.
+Don't routinely make others merge for you.
+Yes, we know that monotone says you should push and then merge,
+but in our experience, in-workspace merge works just as well as in-database merge,
+without creating a merge revision.
+</li><li>
+Do not check in major changes into the main i2p.i2p branch late in the release cycle.
+If a project will take you more than a couple days, create your own branch in monotone
+and do the development there so you do not block releases.
+</li></ul>
+
+<h3>Coding Style</h3>
+<ul>
+<li>
+Coding style throughout most of the code is 4-spaces for indentation. Do not use tabs.
+Do not reformat code. If your IDE or editor wants to reformat everything, get control of it.
+Yes, we know 4 spaces is a pain, but perhaps you can configure your editor appropriately.
+In some places, the coding style is different.
+Use common sense. Emulate the style in the file you are modifying.
+</li><li>
+New classes and methods require at least brief javadocs. Add @since release-number.
+</li><li>
+Classes in core/ (i2p.jar) and portions of i2ptunnel are part of our official API.
+There are several out-of-tree plugins and other applications that rely on this API.
+Be careful not to make any changes that break compatibility.
+Don't add methods to the API unless they are of general utility.
+Javadocs for API methods should be clear and complete.
+If you add or change the API, also update the documentation on the website (i2p.www branch).
+</li><li>
+Tag strings for translation where appropriate.
+Don't change existing tagged strings unless really necessary, as it will break existing translations.
+Do not add or change tagged strings after the "tag freeze" in the release cycle so that
+translators have a chance to update before the release.
+</li><li>
+Use generics and concurrent classes where possible. I2P is a highly multi-threaded application.
+</li><li>
+We require Java 6 to build but only Java 5 to run I2P.
+Do not use Java 6 classes or methods without handling the class not found exceptions
+and providing alternate Java 5 code. See classes in net.i2p.util for examples.
+</li><li>
+Explicitly convert between primitive types and classes;
+don't rely on autoboxing/unboxing.
+</li></ul>
+
+<h3>Licenses</h3>
+<ul>
+<li>
+Only check in code that you wrote yourself.
+Before checking in any code or library jars from other sources,
+justify why it is necessary,
+verify the license is compatible,
+and obtain approval from the lead developer.
+</li><li>
+For any images checked in from external sources,
+it is your responsibility to first verify the license is compatible.
+Include the license and source information in the checkin comment.
+</li></ul>
+
+<h3>Bugs</h3>
+<ul>
+<li>
+Managing Trac tickets is everybody's job, please help.
+Monitor trac.i2p2.i2p for tickets you have been assigned or can help with.
+Asssign, categorize, comment on, fix, or close tickets if you can.
+</li><li>
+Close a ticket when you think you've fixed it.
+We don't have a test department to verify and close tickets.
+If you arent sure you fixed it, close it and add a note saying
+"I think I fixed it, please test and reopen if it's still broken".
+Add a comment with the dev build number or revision and set
+the milestone to the next release.
+</li>
+</ul>
+
+{% endblock %}
diff --git a/www.i2p2/pages/donate.html b/www.i2p2/pages/donate.html
index 6b0c8f8f83ed534d3cfdbeea9dbf3ee0e83d4278..5652ee67000826e7e997fec3486eb2e48709c72e 100644
--- a/www.i2p2/pages/donate.html
+++ b/www.i2p2/pages/donate.html
@@ -3,11 +3,9 @@
{% block content %}<p>Thank you for your interest in contributing to I2P!
The details of how you
can make your contribution are provided below.</p>
-NOTE: The direct links to donate money works til yet only via normal net. I need to setup a HTTPS proxy first to let them work in .i2p space!<br />
-Til that day, use this link in your non-I2P browser:<br />
-<a href="http://www.i2p2.de/donate.html">I2P donate page non-I2P</a>.
-<h2><a href="http://www.paypal.com/" target="_new">PayPal</a></h2>
+
+<h2><a href="http://www.paypal.com/">PayPal</a></h2>
<br />
You can donate direct via PayPal to the account "echelon@i2pmail.org".<br />
<br />
@@ -15,78 +13,83 @@ You can donate direct via PayPal to the account "echelon@i2pmail.org".<br />
<tr>
<td>One time donation:</td>
<td>
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
-<input type="hidden" name="cmd" value="_s-xclick">
-<input type="hidden" name="hosted_button_id" value="3031758">
-<input type="hidden" name="no_note" value="0">
-<input type="hidden" name="no_shipping" value="1">
-<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="">
-<img alt="" border="0" src="https://www.paypal.com/de_DE/i/scr/pixel.gif" width="1" height="1">
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post"><fieldset style="border:none;">
+<input type="hidden" name="cmd" value="_s-xclick" />
+<input type="hidden" name="hosted_button_id" value="3031758" />
+<input type="hidden" name="no_note" value="0" />
+<input type="hidden" name="no_shipping" value="1" />
+<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif" style="border:0;" name="submit" alt="" />
+<img alt="" style="border:0;width:1;height:1" src="https://www.paypal.com/de_DE/i/scr/pixel.gif" /></fieldset>
</form>
</td>
</tr>
<tr>
-<td>Donate 10 €/month due 12 month: </td>
+<td>Donate 10 €/month for 12 months: </td>
<td>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
-<input type="hidden" name="cmd" value="_s-xclick">
-<input type="hidden" name="hosted_button_id" value="3031934">
-<input type="hidden" name="no_note" value="0">
-<input type="hidden" name="no_shipping" value="1">
-<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_subscribeCC_LG.gif" border="0" name="submit" alt="I2P donation">
-<img alt="" border="0" src="https://www.paypal.com/de_DE/i/scr/pixel.gif" width="1" height="1">
+<fieldset style="border:none;">
+<input type="hidden" name="cmd" value="_s-xclick" />
+<input type="hidden" name="hosted_button_id" value="3031934" />
+<input type="hidden" name="no_note" value="0" />
+<input type="hidden" name="no_shipping" value="1" />
+<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_subscribeCC_LG.gif" style="border:0;" name="submit" alt="I2P donation" />
+<img alt="" style="border:0;width:1;height:1" src="https://www.paypal.com/de_DE/i/scr/pixel.gif" /></fieldset>
</form>
</td>
</tr>
<tr>
-<td>Donate 20 €/month due 12 months: </td>
+<td>Donate 20 €/month for 12 months: </td>
<td>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
-<input type="hidden" name="cmd" value="_s-xclick">
-<input type="hidden" name="hosted_button_id" value="KALQ2V9SQF348">
-<input type="image" src="https://www.paypal.com/de_DE/AT/i/btn/btn_subscribeCC_LG.gif" border="0" name="submit" alt="I2P donation">
-<img alt="" border="0" src="https://www.paypal.com/de_DE/i/scr/pixel.gif" width="1" height="1">
+<fieldset style="border:none;">
+<input type="hidden" name="cmd" value="_s-xclick" />
+<input type="hidden" name="hosted_button_id" value="KALQ2V9SQF348" />
+<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_subscribeCC_LG.gif" style="border:0;" name="submit" alt="I2P donation" />
+<img alt="" style="border:0;width:1;height:1" src="https://www.paypal.com/de_DE/i/scr/pixel.gif" /></fieldset>
</form>
</td>
</tr>
<tr>
-<td>Donate 30 €/month due 12 months: </td>
+<td>Donate 30 €/month for 12 months: </td>
<td>
-<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
-<input type="hidden" name="cmd" value="_s-xclick">
-<input type="hidden" name="hosted_button_id" value="QSU89XWKB7N3U">
-<input type="image" src="https://www.paypal.com/de_DE/AT/i/btn/btn_subscribeCC_LG.gif" border="0" name="submit" alt="I2P donation">
-<img alt="" border="0" src="https://www.paypal.com/de_DE/i/scr/pixel.gif" width="1" height="1">
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post" >
+<fieldset style="border:none;">
+<input type="hidden" name="cmd" value="_s-xclick" />
+<input type="hidden" name="hosted_button_id" value="QSU89XWKB7N3U" />
+<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_subscribeCC_LG.gif" style="border:0;" name="submit" alt="I2P donation" />
+<img alt="" style="border:0;width:1;height:1" src="https://www.paypal.com/de_DE/i/scr/pixel.gif" /></fieldset>
</form>
</td>
</tr>
<tr>
-<td>Donate 50 €/month due 12 months: </td>
+<td>Donate 50 €/month for 12 months: </td>
<td>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
-<input type="hidden" name="cmd" value="_s-xclick">
-<input type="hidden" name="hosted_button_id" value="8ENENJMVN6TL8">
-<input type="image" src="https://www.paypal.com/de_DE/AT/i/btn/btn_subscribeCC_LG.gif" border="0" name="submit" alt="I2P donation">
-<img alt="" border="0" src="https://www.paypal.com/de_DE/i/scr/pixel.gif" width="1" height="1">
+<fieldset style="border:none;">
+<input type="hidden" name="cmd" value="_s-xclick" />
+<input type="hidden" name="hosted_button_id" value="8ENENJMVN6TL8" />
+<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_subscribeCC_LG.gif" style="border:0;" name="submit" alt="I2P donation" />
+<img alt="" style="border:0;width:1;height:1" src="https://www.paypal.com/de_DE/i/scr/pixel.gif" /></fieldset>
</form>
</td>
</tr>
</table>
-<br>
-NEW! I2P on flattr!<br>
-<a href="http://flattr.com/thing/13523/Invisible-Internet-Project-I2P" target="_blank">
-<img src="http://api.flattr.com/button/button-static-50x60.png" title="Flattr this" border="0" /></a>
-<br>
-<br>
-If you want to keep more or less anonymous, the option to send money via mail is also available. But it is less secure
-as the envelope can be lost on the way to us. <br />
-But if you want to spend via snail mail, contact us at <a href="mailto:echelon@i2pmail.org?subject=information about snailmail donation">echelon@i2pmail.org</a>
- and we send out information on howto.<br />
<br />
+<h2><a href="http://www.flattr.com/">Flattr</a></h2>
+<a href="http://flattr.com/thing/13523/Invisible-Internet-Project-I2P">
+<img src="http://api.flattr.com/button/button-static-50x60.png" title="Flattr this" style="border:0;" alt="Flattr this" /></a>
<br />
-Meanwhile have a look on the generous donators having spent some great amount to make I2P live in the <a href="halloffame.html">hall of fame</a>.<br />
-
+<br />
+<h2><a href="http://www.bitcoin.org/">Bitcoin</a></h2>
+<p>As of December 2010, eche|on has been running a <a href="http://www.bitcoin.org">Bitcoin</a> account for the I2P project.
+If you'd like to donate using Bitcoin, just transfer your desired amount of coins to the account
+<b>1HkJCceXf7of1sTNRVJbXiZHfDTLL71Siy</b> and leave eche|on a note if you'd like your donation to be mentioned on the I2P webpage.<br />
+</p>
+<p>If you want to keep more or less anonymous, the option to send money via mail is also available. But it is less secure
+as the envelope can be lost on the way to us. </p>
+<p>If you'd like to donate via snail mail, send an email to <a href="mailto:echelon@i2pmail.org?subject=information about snailmail donation">echelon@i2pmail.org</a>
+ and you'll receive an email with instructions detailing how to proceed.</p>
-<br /><br />
+<p>In the meantime, feel free to take a look at the generous donations that have been given in support of the I2P Project at the <a href="halloffame.html">hall of fame</a>.</p>
{% endblock %}
diff --git a/www.i2p2/pages/donate_ar.html b/www.i2p2/pages/donate_ar.html
new file mode 100644
index 0000000000000000000000000000000000000000..c61599c38733f71ceaa874d5ab943cb3584fbed1
--- /dev/null
+++ b/www.i2p2/pages/donate_ar.html
@@ -0,0 +1,104 @@
+{% extends "_layout_ar.html" %}
+{% block title %}تبرع{% endblock %}
+{% block content %}<p>
+نشكركم على اهتمامكم ÙÙŠ المساهمة ÙÙŠ I2P!
+التÙاصيل عن كيÙية التي
+يمكن أن تقدم مساهمة أدناه.
+</p>
+
+
+<h2><a href="http://www.paypal.com/" target="_new">PayPal</a></h2>
+<br />
+يمكنك ارسال تبرع مالي عن طريق PayPa الى Øساب "echelon@i2pmail.org"
+<br />
+<br />
+<table>
+<tr>
+<td>:تبرع مرة واØدة</td>
+<td>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<input type="hidden" name="cmd" value="_s-xclick">
+<input type="hidden" name="hosted_button_id" value="3031758">
+<input type="hidden" name="no_note" value="0">
+<input type="hidden" name="no_shipping" value="1">
+<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="">
+<img alt="" border="0" src="https://www.paypal.com/de_DE/i/scr/pixel.gif" width="1" height="1">
+</form>
+</td>
+</tr>
+
+<tr>
+<td>تبرع 10 €/كل شهر لمدة 12 شهر
+</td>
+<td>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<input type="hidden" name="cmd" value="_s-xclick">
+<input type="hidden" name="hosted_button_id" value="3031934">
+<input type="hidden" name="no_note" value="0">
+<input type="hidden" name="no_shipping" value="1">
+<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_subscribeCC_LG.gif" border="0" name="submit" alt="I2P donation">
+<img alt="" border="0" src="https://www.paypal.com/de_DE/i/scr/pixel.gif" width="1" height="1">
+</form>
+</td>
+</tr>
+<tr>
+<td>تبرع 20 €/كل شهر لمدة 12 شهر: </td>
+<td>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<input type="hidden" name="cmd" value="_s-xclick">
+<input type="hidden" name="hosted_button_id" value="KALQ2V9SQF348">
+<input type="image" src="https://www.paypal.com/de_DE/AT/i/btn/btn_subscribeCC_LG.gif" border="0" name="submit" alt="I2P donation">
+<img alt="" border="0" src="https://www.paypal.com/de_DE/i/scr/pixel.gif" width="1" height="1">
+</form>
+</td>
+</tr>
+<tr>
+<td>تبرع 30 €/كل شهر لمدة 12 شهر </td>
+<td>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<input type="hidden" name="cmd" value="_s-xclick">
+<input type="hidden" name="hosted_button_id" value="QSU89XWKB7N3U">
+<input type="image" src="https://www.paypal.com/de_DE/AT/i/btn/btn_subscribeCC_LG.gif" border="0" name="submit" alt="I2P donation">
+<img alt="" border="0" src="https://www.paypal.com/de_DE/i/scr/pixel.gif" width="1" height="1">
+</form>
+</td>
+</tr>
+<tr>
+<td>تبرع 50 €/كل شهر لمدة 12 شهر </td>
+<td>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
+<input type="hidden" name="cmd" value="_s-xclick">
+<input type="hidden" name="hosted_button_id" value="8ENENJMVN6TL8">
+<input type="image" src="https://www.paypal.com/de_DE/AT/i/btn/btn_subscribeCC_LG.gif" border="0" name="submit" alt="I2P donation">
+<img alt="" border="0" src="https://www.paypal.com/de_DE/i/scr/pixel.gif" width="1" height="1">
+</form>
+</td>
+</tr>
+</table>
+<br>
+<h2><a href="http://www.flattr.com/" target="_new">Flattr</a></h2>
+<a href="http://flattr.com/thing/13523/Invisible-Internet-Project-I2P" target="_blank">
+<img src="http://api.flattr.com/button/button-static-50x60.png" title="Flattr this" border="0" /></a>
+<br>
+<br>
+<h2><a href="http://www.bitcoin.org/" target="_new">Bitcoin</a></h2>
+
+ابتداء من 2010 اقوم بتشغيل <a href="http://www.bitcoin.org">Bitcoin</a> Øساب لـ I2P project.
+اذا رغبت ÙÙŠ التبرع باستعمال BitcoinØŒ ارسل قدر من المال الى Øساب
+<b>1HkJCceXf7of1sTNRVJbXiZHfDTLL71Siy</b>
+واترك لي رسالة اذا رغبت ÙÙŠ اضاÙØ© اسمك ÙÙŠ صÙØØ© المتبرعين I2P.
+<br>
+<br>
+اذا رغبت بالØÙاظ على المزيد من الخصوصية يمكنك ارسال المال عبر البريد العادي غير انه اقل امانا لأن الرسالة قد تتل٠ÙÙŠ طريقها الينا.
+ <br />
+للمزيد من المعلومات Øول مراسلتنا عبر البريد
+<a href="mailto:echelon@i2pmail.org?subject=information about snailmail donation">echelon@i2pmail.org</a>
+وسنرسل لك العنوان<br />
+<br />
+<br />
+يمكنك ايضا الاطلاع على قائمة المتبرعين الذين ساعدوا المشروع
+ <a href="halloffame.html">قائمة المساهمين</a>.<br />
+
+
+<br /><br />
+{% endblock %}
diff --git a/www.i2p2/pages/donate_de.html b/www.i2p2/pages/donate_de.html
index f58dc4ecd5f2e35a1184312280d5c7d629b05c40..55b3e333cb9e88c440eca38ccf6a4fe9ed3be9f5 100644
--- a/www.i2p2/pages/donate_de.html
+++ b/www.i2p2/pages/donate_de.html
@@ -2,9 +2,6 @@
{% block title %}Spenden{% endblock %}
{% block content %}<p>Vielen Dank für dein Interesse am Spenden für I2P!
Die Details zu einer möglichen Spende folgen hier.</p>
-HINWEIS: Da ich noch kein https Proxy aufgesetzt habe, funktionieren die Buttons zum Spenden bisher NUR im normalen Internet, nicht im .i2p Netz!<br />
-Hier der Link zu dieser Seite im "normalen Internet":<br />
-<a href="http://www.i2p2.de/donate.html">I2P Spendenseite nicht anonym</a>.
<br />
<h2><a href="http://www.paypal.com/" target="_new">PayPal</a></h2>
@@ -75,10 +72,17 @@ Du kannst auch direkt an das PayPal Konto "echelon@i2pmail.org" Geld spenden!<br
</table>
<br>
-Neu! I2P bei flattr!<br>
+<h2><a href="http://www.flattr.com/" target="_new">Flattr</a></h2>
<a href="http://flattr.com/thing/13523/Invisible-Internet-Project-I2P" target="_blank">
<img src="http://api.flattr.com/button/button-static-50x60.png" title="Flattr this" border="0" /></a>
<br>
+<h2><a href="http://www.bitcoin.org/" target="_new">Bitcoin</a></h2>
+Seit Anfang Dezember 2010 betreibe ich einen <a href="http://www.bitcoin.org">Bitcoin</a>
+Account für das I2P Projekt. Falls Du uns mit Bitcoin eine Spende zukommen
+lassen möchtest, sende einfach die Coins an den Account mit der ID
+<b>1HkJCceXf7of1sTNRVJbXiZHfDTLL71Siy</b> und sende <a href="mailto:echelon@i2pmail.org?subject=information about snailmail donation"> uns </a>
+eine Nachricht falls dein Name als Spender auf der Webseite erscheinen soll.
+<br>
<br>
Falls Du jedoch mehr oder weniger anonym Geld spenden möchtest, kannst du dieses auch per Post machen.<br />
diff --git a/www.i2p2/pages/donate_fr.html b/www.i2p2/pages/donate_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..6076f65fe162e3332362e7d4d0a6988b00a67872
--- /dev/null
+++ b/www.i2p2/pages/donate_fr.html
@@ -0,0 +1,101 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Faire un don{% endblock %}
+{% block content %}<p>Merci pour votre participation à I2P!
+Vous trouverez ci-dessous les détails sur les façons dont vous pouvez contribuer.</p>
+
+
+<h2><a href="http://www.paypal.fr/">PayPal</a></h2>
+<br />
+vous pouvez faire un don directement via PayPal pour le compte "echelon@i2pmail.org".<br />
+<br />
+<table>
+<tr>
+<td>Don simple (en une seule fois):</td>
+<td>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post"><fieldset style="border:none;">
+<input type="hidden" name="cmd" value="_s-xclick" />
+<input type="hidden" name="lc" value="FR" />
+<input type="hidden" name="hosted_button_id" value="3031758" />
+<input type="hidden" name="no_note" value="0" />
+<input type="hidden" name="no_shipping" value="1" />
+<input type="image" src="https://www.paypal.com/fr_FR/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="" />
+<img alt="" border="0" src="https://www.paypal.com/fr_FR/i/scr/pixel.gif" width="1" height="1" /></fieldset>
+</form>
+</td>
+</tr>
+
+<tr>
+<td>Don régulier de 10 €/mois pendant un an: </td>
+<td>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post"><fieldset style="border:none;">
+<input type="hidden" name="cmd" value="_s-xclick" />
+<input type="hidden" name="lc" value="FR" />
+<input type="hidden" name="hosted_button_id" value="3031934" />
+<input type="hidden" name="no_note" value="0" />
+<input type="hidden" name="no_shipping" value="1" />
+<input type="image" src="https://www.paypal.com/fr_FR/i/btn/btn_subscribeCC_LG.gif" border="0" name="submit" alt="I2P donation">
+<img alt="" border="0" src="https://www.paypal.com/fr_FR/i/scr/pixel.gif" width="1" height="1" /></fieldset>
+</form>
+</td>
+</tr>
+<tr>
+<td>Don régulier de 20 €/mois pendant un an: </td>
+<td>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post"><fieldset style="border:none;">
+<input type="hidden" name="cmd" value="_s-xclick" />
+<input type="hidden" name="lc" value="FR" />
+<input type="hidden" name="hosted_button_id" value="KALQ2V9SQF348" />
+<input type="image" src="https://www.paypal.com/fr_FR/i/btn/btn_subscribeCC_LG.gif" border="0" name="submit" alt="I2P donation">
+<img alt="" border="0" src="https://www.paypal.com/fr_FR/i/scr/pixel.gif" width="1" height="1" /></fieldset>
+</form>
+</td>
+</tr>
+<tr>
+<td>Don régulier de 30 €/mois pendant un an: </td>
+<td>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post"><fieldset style="border:none;">
+<input type="hidden" name="cmd" value="_s-xclick" />
+<input type="hidden" name="lc" value="FR" />
+<input type="hidden" name="hosted_button_id" value="QSU89XWKB7N3U" />
+<input type="image" src="https://www.paypal.com/fr_FR/i/btn/btn_subscribeCC_LG.gif" border="0" name="submit" alt="I2P donation">
+<img alt="" border="0" src="https://www.paypal.com/fr_FR/i/scr/pixel.gif" width="1" height="1" /></fieldset>
+</form>
+</td>
+</tr>
+<tr>
+<td>Don régulier de 50 €/mois pendant un an: </td>
+<td>
+<form action="https://www.paypal.com/cgi-bin/webscr" method="post"><fieldset style="border:none;">
+<input type="hidden" name="cmd" value="_s-xclick" />
+<input type="hidden" name="lc" value="FR" />
+<input type="hidden" name="hosted_button_id" value="8ENENJMVN6TL8" />
+<input type="image" src="https://www.paypal.com/fr_FR/i/btn/btn_subscribeCC_LG.gif" border="0" name="submit" alt="I2P donation">
+<img alt="" border="0" src="https://www.paypal.com/fr_FR/i/scr/pixel.gif" width="1" height="1" /></fieldset>
+</form>
+</td>
+</tr>
+</table>
+<br>
+<h2><a href="http://www.flattr.com/">Flattr</a></h2>
+<a href="http://flattr.com/thing/13523/Invisible-Internet-Project-I2P" target="_blank">
+<img src="http://api.flattr.com/button/button-static-50x60.png" title="Flattr this" border="0" /></a>
+<br>
+<br>
+<h2><a href="http://www.bitcoin.org/fr/home">Bitcoin</a></h2>
+Depuis décembre 2010, eche|on a un compte <a href="http://www.bitcoin.org/fr/home">Bitcoin</a> pour le projet I2P.
+Si vous voulez faire un don via Bitcoin, transférez simplement le montant des pièces vers le compte
+<b>1HkJCceXf7of1sTNRVJbXiZHfDTLL71Siy</b> et laissez moi un petit mot si vous voulez être listés sur la page I2P
+ des donateurs.<br>
+<br>
+Si vous voulez rester plus ou moins anonyme, l'option d'envoi d'argent par mail est également disponible.
+Mais elle est moins sécurisée car l'enveloppe pourrait se perdre en route. <br />
+Mais si vous voulez donner par les services postaux classiques, contactez-nous à <a href="mailto:echelon@i2pmail.org?subject=information about snailmail donation">echelon@i2pmail.org</a>
+ et nous vous enverrons les informations sur la façon de vous y prendre.<br />
+<br />
+<br />
+Entre temps, jettez un coup d'œil sur la page des généreux donateurs qui ont dépensé
+des sommes conséquentes pour faire vivre I2P sur le <a href="halloffame.html">temple des héros</a>.<br />
+
+
+<br /><br />
+{% endblock %}
diff --git a/www.i2p2/pages/download_ar.html b/www.i2p2/pages/download_ar.html
new file mode 100644
index 0000000000000000000000000000000000000000..0b19bbf878acdefd227a60a0ef67ace5c76eab1c
--- /dev/null
+++ b/www.i2p2/pages/download_ar.html
@@ -0,0 +1,132 @@
+{% extends "_layout_ar.html" %}
+{% block title %}تØميل{% endblock %}
+{% block content %}
+<h1>تØميل I2P</h1>
+<h3>المتطلبات البرمجية</h3>
+اصدار 1.5 من Java Runtime (أو أعلى)
+(<a href="http://java.com/download/">Oracle/Sun Java Version 6</a>,
+<a href="http://openjdk.java.net/install/">OpenJDK 6</a>, or
+<a href="http://icedtea.classpath.org/wiki/Main_Page">IcedTea6</a>
+ Ù…Ù†ØµÙˆØ Ø¨Ù‡Ù…)
+<br>
+<a href="http://java.com/en/download/installed.jsp?detect=jre&try=1">اعر٠نسخة الجاÙا المثبتة لديك من هنا</a>
+أو تنÙيذ الأمر <tt>java -version</tt> ÙÙŠ سطر الأوامر لديك
+<h3>التثبيت لأول مرة</h3>
+<ul class="downloadlist">
+<li><b>Windows</b> التثبيت عن طريق الواجهة الرسومية :<br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe">i2pinstall_0.9.1_windows.exe</a>
+ (SHA256
+0727af83988e82f32e0972a9e12c72ac14c3c0da0815c5902193d6b13d356371
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe.sig">sig</a>)
+</li>
+
+<li><b>Linux / OS X / BSD / Solaris</b> التثبيت عن طريق الواجهة الرسومية :<br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar">i2pinstall_0.9.1.jar</a>
+ (SHA256
+39c19c0df042ad231a14fdf1c20e4927651a2af0f0cf734b46eba0d2b8419314
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar.sig">sig</a>)<br />
+ Download that file and double-click it (if that works) or
+ type <code>java -jar i2pinstall_0.9.1.jar</code> in a terminal to run the
+ installer.
+ On some platforms you may be able to right-click and select
+ "Open with Java".
+ Øمل المل٠و Ù†Ùّذه ،و اذا كان نظام التشغيل لديك غير ويندوز Ù†Ùّذ الأمر التالي
+ <code>java -jar i2pinstall_0.9.1.jar</code></li>
+
+
+<li><b>Linux / OS X / BSD / Solaris</b> التثبيت عن طريق سطر الأوامر :<br />
+ Øمل مل٠التثبيت عن طريق الواجهة الرسومية المذكور مسبقاً ثمّ Ù†ÙØ° الأمر
+ <code>java -jar i2pinstall_0.9.1.jar -console</code> ÙÙŠ سطر الأوامر لديك
+ هذا ينطبق على أنظمة ويندوز Ùˆ لينكس Ùˆ ما كنتوش (نعم ØŒØقاً !)
+</li>
+
+<li><a href="/debian.html">Packages for Debian & Ubuntu</a></li>
+
+<li>تØميل النص المصدري :<br />
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2">i2psource_0.9.1.tar.bz2</a>
+ (SHA256
+8603c928a210ced77b6498bf8ee07cb000be9641adc389b34c3c8a10ac4f0677
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2.sig">sig</a>)<br />
+ بشكل بديل ØŒ يمكن الØصول على الرماز المصدري من <a href="newdevelopers">monotone</a>.
+ <br/>
+ Ù†Ùّذ الأمر<code>(tar xjvf i2psource_0.9.1.tar.bz2 ; cd i2p-0.9.1 ; ant pkg)</code>ثمّ شغل التثبيت عبر الواجهة الرسومية أو سطر الأوامر كما ذكر مسبقاً</li>
+</ul>
+
+الملÙات موقّعة بواسطة zzz
+<a href="release-signing-key.html">Ùˆ Ù…ÙتاØÙ‡ على الرابط</a>.
+
+<h3>مهام ما بعد التثبيت</h3>
+
+<p>بعد تنÙيذ برنامج التثبيت ÙÙŠ ويندوز ØŒ قم بنقر زر البدء بـ
+ I2P أو Start I2P والذي سيظهر لك واجهة <a href="http://localhost:7657/index.jsp">التØكم بالموجه</a>,
+Ùˆ التي تØوي المزيد من الأوامر</p>
+
+<p>يمكن تشغيل البرنامج كخدمة تØت أنظمة يونكس باستعمال سكريبت
+
+"i2prouter"
+الموجود ÙÙŠ مكان تنصيب برنامج I2P.
+بالدخول الى المجلد عبر الطرÙية وكتابة "sh i2prouter status" يمكنك التعر٠على Øالة الروتر. أوامر "start"ØŒ "stop" Ùˆ "restart" تتØكم ÙÙŠ توقيÙØŒ تشغيل أو اعادة تشغيل الخدمة.
+يمكن الوصول الى الموجه عبر <a href="http://localhost:7657/index.jsp">router console</a> ÙÙŠ المتصÙØ.
+لمستخدمين OpenSolaris وباقي الأنظمة التي لا تدعم i2psvc، يمكن تشغيل الموجه (router) باستعمال "sh runplain.sh".
+</p>
+
+<p>عند التثبيت لأول مرة تذكر<b>تغيير اعدادات NAT/firewall</b>
+يمكنك تØديد المناÙØ° التي يستعملها I2P
+<a href="faq#ports">المØددة هنا</a> مع باقي المناÙØ°.
+اذا قمت بÙØªØ Ø¨Ù†Ø¬Ø§Ø Ø§Ù„Ù…Ù†Ø§ÙØ° TCPØŒ يمكن تØديدها هنا
+<a href="http://localhost:7657/confignet.jsp">صÙØØ© الاعدادات</a>.
+</p>
+
+<p>ثم قم بمراجعة <b>Øدد خيارات سرعة النترنت</b> on the
+<a href="http://localhost:7657/config.jsp">صÙØØ© الاعدادات</a>,
+الاعدادات 96KBps down / 40 KBps up .
+</p>
+
+<p>
+اذا رغبت ÙÙŠ الوصول الى مواقع eepsites عبر المتصÙØ <a href="htproxyports.html">اعدادات البروكسي للمتصÙØ</a> .
+</p>
+
+<h3>تØديث من اصدار سابق</h3>
+<p>
+التØديثات اليدوية Ùˆ الالية موجودة لهذا الاصدار.
+</p><p>
+اذا كنت من مستعملي اصدار 0.7.5 او اØدث . انقر زر 'Øمل تØديث'.
+
+اذا كنت من مستعملين اصدار 0.7.4 أنظر اسÙله
+<a href=release-0.7.5.html> 0.7.5 اصدار</a>
+للØصول على معلومات مهمة Øول كيÙية اعداد الموجه.
+</p><p>
+اذا كنت من مستخدمي اصدار 0.6.1.30 او اصدار سابق
+<a href=upgrade-0.6.1.30.html>إرشادات</a>
+للمزيد من المعلومات Øول اعدادات الموجه.
+</p>
+
+<ol>
+<li>اذا قمت بتعديل الموجه باتباع <a href=upgrade-0.6.1.30.html>إرشادات</a>سترى وصلة ÙÙŠ
+ <a href="http://localhost:7657/index.jsp">شاشة الموجه</a> التي يتمكنك من تØميل آخر اصدار</li>
+<li>يمكنك استخدام الطريقة اليدوية المØددة ادناه</li>
+</ol>
+
+<h3>(تØديث من اصدار سابق (الطريقة اليدوية:</h3>
+<ol>
+<li>تØميل <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip">i2pupdate_0.9.1.zip</a>
+ (SHA256
+136b74435b93aededef5884d39cfbc513f57184b74c8481580bcd5324aa23b1a
+ <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip.sig">sig</a> الى مجلد التثبيت <b>اعد التسمية الى i2pupdate.zip</b>.
+او يمكنك تØميل النص المصدري Ùˆ كتابة ÙÙŠ سطر الأوامر ant updater
+ثم تقوم بنسخ المل٠i2pupdate.zip الى مجلد الذي اخترته لتنصيب برنامج I2P لتتم الترقية بطريقة آلية.انت لست بØاجة الى ÙÙƒ ضغط هذا الملÙ.
+ </li>
+<li>أنقر <a href="http://localhost:7657/configservice.jsp">اعادة التشغيل</a></li>
+<li>انتظر بعض دقائق</li>
+</ol>
+
+البرنامج موقع الكترونيا من طر٠المطور zzz
+<a href="release-signing-key.html">Ù…ÙØªØ§Ø Ø§Ù„Ø´Ùرة موجود هنا</a>.
+
+<h3>Previous Releases</h3>
+Previous releases are available on <a href="http://code.google.com/p/i2p/downloads/list?can=1">Google Code</a>
+and within the I2P network on <a href="http://echelon.i2p/">echelon.i2p</a>.
+
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/download_cs.html b/www.i2p2/pages/download_cs.html
new file mode 100644
index 0000000000000000000000000000000000000000..85b1a738a7a4847e188f6a8d3c6cc03563e598e3
--- /dev/null
+++ b/www.i2p2/pages/download_cs.html
@@ -0,0 +1,124 @@
+{% extends "_layout_cs.html" %}
+{% block title %}Stáhnout{% endblock %}
+{% block content %}
+<h1>Stáhnout I2P</h1>
+<h3>Požadavky pro instalaci</h3>
+<a href="http://java.com/download/">Sun Java</a> 1.5 nebo novÄ›jÅ¡Ã (doporuÄená verze <a href="http://java.com/download/">Sun Java 1.6</a>), nebo ekvivalentnà JRE.
+<br>
+Svou aktuálnà nainstalovanou verzi Javy si můžete ověřit <a href="http://java.com/en/download/installed.jsp?detect=jre&try=1">na této stránce</a>
+nebo z pÅ™Ãkazové řádky pomocà pÅ™Ãkazu <tt>java -version</tt>
+<h3>Nová instalace</h3>
+<ul class="downloadlist">
+<li><b>Windows Grafický instalaÄnà program:</b><br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe">i2pinstall_0.9.1_windows.exe</a>
+ (SHA256
+0727af83988e82f32e0972a9e12c72ac14c3c0da0815c5902193d6b13d356371
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe.sig">sig</a>) <br />
+ Pod Windows: stáhněte soubor a spusťte ho.
+</li>
+
+<li><b>Linux / OS X / BSD / Solaris Grafický instalaÄnà program:</b><br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar">i2pinstall_0.9.1.jar</a>
+ (SHA256
+39c19c0df042ad231a14fdf1c20e4927651a2af0f0cf734b46eba0d2b8419314
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar.sig">sig</a>)<br />
+ Download that file and double-click it (if that works) or
+ type <code>java -jar i2pinstall_0.9.1.jar</code> in a terminal to run the
+ installer.
+ On some platforms you may be able to right-click and select
+ "Open with Java".</li>
+
+<li><b>Linux / OS X / BSD / Solaris Instalace z pÅ™Ãkazové řádky:</b><br />
+ StáhnÄ›te si grafický instalaÄnà program (viz výše) a spusÅ¥te ho pÅ™Ãkazem <code>java -jar i2pinstall_0.9.1.jar -console</code>
+</li>
+
+<li><a href="/debian.html">Packages for Debian & Ubuntu</a></li>
+
+<li><b>Instalace ze zdrojového kódu:</b><br />
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2">i2psource_0.9.1.tar.bz2</a>
+ (SHA256
+8603c928a210ced77b6498bf8ee07cb000be9641adc389b34c3c8a10ac4f0677
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2.sig">sig</a>)<br />
+ Alternativně lze zdrojový kód stáhnout <a href="newdevelopers">z repozitáře monotone</a>.<br/>
+ SpusÅ¥te sestavenà programu pÅ™Ãkazem <code>(tar xjvf i2psource_0.9.1.tar.bz2 ; cd i2p-0.9.1 ; ant pkg)</code> a potom
+ spusÅ¥te grafický instalaÄnà program nebo instalaci z pÅ™Ãkazové řádky (viz výše).</li>
+</ul>
+
+Tyto soubory jsou podepsány uživatelem zzz,
+<a href="release-signing-key.html">jehož klÃÄ je k dispozici zde</a>.
+
+<h3>Po dokonÄenà instalace</h3>
+
+<p>Windows: Klikněte na ikonu "Start I2P". Otevře se nové okno s
+<a href="http://localhost:7657/index.jsp">ovládacÃm panelem</a>,
+které obsahuje dalšà pokyny.</p>
+
+<p>Unix a kompatibilnà systémy: I2P lze spustit jako službu skriptem "i2prouter".
+Naleznete ho ve složce, kde jste nainstalovali I2P. Stav služby lze zjistit pÅ™Ãkazem
+"sh i2prouter status". Službu lze ovládat pomocà argumentů "start", "stop" a "restart".
+Po jejÃm spuÅ¡tÄ›nà je k dispozici <a href="http://localhost:7657/index.jsp">ovládacà panel</a>.
+
+OpenSolaris a dalšà systémy, pro které nenà podporován wrapper (i2psvc) mohou proces
+spustit pomocà pÅ™Ãkazu "sh runplain.sh"
+</p>
+
+<p>PÅ™i prvnà instalaci prosÃm nezapomeňte <b>nastavit NAT/firewall</b>. Je-li to možné,
+otevřete Internetové porty I2P <a href="faq#ports">popsané zde</a>. Pokud jste úspěšně
+otevÅ™eli TCP port pro pÅ™Ãchozà spojenÃ, nastavte jej i na
+<a href="http://localhost:7657/confignet.jsp">konfiguraÄnà stránce</a>.
+</p>
+
+<p>Na <a href="http://localhost:7657/config.jsp">konfiguraÄnà stránce</a>
+také prosÃm nastavte <b>povolenou pÅ™enosovou kapacitu</b>. PoÄáteÄnà nastavenÃ
+96 kB/s pro pÅ™Ãchozà a 40 kB/s pro odchozà data je pomÄ›rnÄ› pomalé.
+</p>
+
+<h3>Aktualizace z pÅ™edchozÃch verzÃ:</h3>
+<p>
+K dispozici je buÄ automatická nebo manuálnà aktualizace.
+</p><p>
+Provozujete-li verzi 0.7.5 nebo novÄ›jÅ¡Ã, váš router by mÄ›l detekovat novou verzi.
+KliknÄ›te na odkaz 'Download Update' (Stáhnout aktualizaci) v ovládacÃm panelu, když se zobrazÃ.
+</p><p>
+Zvláštnà pÅ™Ãpady
+<ul>
+<li>Vzhledem k závadÄ› ve verzi 0.7.6 můžete za jistých podmÃnek obdržet chybové hlášenÃ
+"downloaded version is not greater than current version" (stažená verze nenà novějšà než
+aktuálnà verze). V takovém pÅ™ÃpadÄ› použijte manuálnà aktualizaci popsanou nÞe.
+</li>
+<li>Provozujete-li verzi 0.7.4 nebo starÅ¡Ã, pÅ™eÄtÄ›te si prosÃm
+<a href=release-0.7.5.html>poznámky k verzi 0.7.5</a>, které popisujà jak nastavit router
+pro automatickou detekci nových verzÃ.
+</li>
+<li>Provozujete-li verzi 0.6.1.30 nebo starÅ¡Ã, pÅ™eÄtÄ›te si prosÃm
+<a href=upgrade-0.6.1.30.html>tyto instrukce</a> jak nastavit router pro automatickou detekci
+nových verzÃ.
+</li>
+</ul>
+</p>
+
+<h3>Aktualizace z pÅ™edchozÃch verzà (manuálnà postup):</h3>
+<ol>
+<li>Stáhněte si <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip">i2pupdate_0.9.1.zip</a>
+ (SHA256
+136b74435b93aededef5884d39cfbc513f57184b74c8481580bcd5324aa23b1a
+ <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip.sig">sig</a>) a uložte jej do
+ instalaÄnà složky I2P. <b>PÅ™ejmenujte tento soubor na i2pupdate.zip</b>.
+ (Alternativně si můžete stáhnout zdrojový kód jak je popsáno výše a spustit
+ "ant updater", výsledný soubor i2pupdate.zip pak nakopÃrovat do instalaÄnà složky
+ I2P.) Tento soubor nerozbalujte.</li>
+<li>KliknÄ›te na tlaÄÃtko "Restart" (hladký restart) na stránce
+ <a href="http://localhost:7657/configservice.jsp">konfigurace služby I2P</a>.</li>
+<li>Dejte si šálek kávy a vraťte se za 11 minut.</li>
+</ol>
+
+<p>Soubor je podepsán uživatelem zzz,
+<a href="release-signing-key.html">jehož klÃÄ je k dispozici zde</a>.
+</p>
+
+<h3>Previous Releases</h3>
+Previous releases are available on <a href="http://code.google.com/p/i2p/downloads/list?can=1">Google Code</a>
+and within the I2P network on <a href="http://echelon.i2p/">echelon.i2p</a>.
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/download_de.html b/www.i2p2/pages/download_de.html
index dd09e83bb56d5432200dc699f7e2bddd19365497..56b990c2315b22895852207edbe205777cf5ee26 100644
--- a/www.i2p2/pages/download_de.html
+++ b/www.i2p2/pages/download_de.html
@@ -3,44 +3,54 @@
{% block content %}
<h1>Download I2P</h1>
<h3>Abhängigkeiten</h3>
-<a href="http://java.com/de/download/">Sun Java</a> 1.5 oder neuer, oder equivalent JRE.
-(<a href="http://java.com/de/download/">Sun Java 1.6</a> recommended)
+Java Runtime 1.5 oder neuer.
+(<a href="http://java.com/download/">Oracle/Sun Java Version 6</a>,
+<a href="http://openjdk.java.net/install/">OpenJDK 6</a>, oder
+<a href="http://icedtea.classpath.org/wiki/Main_Page">IcedTea6</a>
+ recommended)
<br>
-<a href="http://java.com/de/download/installed.jsp?detect=jre&try=1">Determine your installed Java version here</a>
-or type <tt>java -version</tt> at your command prompt.
+<a href="http://java.com/de/download/installed.jsp?detect=jre&try=1">Bestimme hier deine Java Version</a>
+oder gebe <tt>java -version</tt> in die Kommandozeile ein.
<h3>Frische Installation</h3>
<ul class="downloadlist">
-<li>Graphischer Installer:<br />
- <a href="http://mirror.i2p2.de/i2pinstall_0.8.exe">i2pinstall_0.8.exe</a>
+<li><b>Windows GUI Installer:</b><br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe">i2pinstall_0.9.1_windows.exe</a>
(SHA256
-d14ef28ffff7ef95e5627d7bbeac8f5aad57c82b89d2071383787f2124152ca9
- <a href="http://mirror.i2p2.de/i2pinstall_0.8.exe.sig">sig</a>)<br />
- Downloade die Datei und führe sie aus. Wenn du nicht Windows nutzt, kannst Du
- <code>java -jar i2pinstall_0.8.exe</code> eingeben (ja, wirklich)</li>
-<li>Command line (headless) Installation:<br />
+0727af83988e82f32e0972a9e12c72ac14c3c0da0815c5902193d6b13d356371
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe.sig">sig</a>)<br />
+ Downloade die Datei und führe sie aus. </li>
+
+<li><b>Linux / OS X / BSD / Solaris GUI Installer:</b><br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar">i2pinstall_0.9.1.jar</a>
+ (SHA256
+39c19c0df042ad231a14fdf1c20e4927651a2af0f0cf734b46eba0d2b8419314
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar.sig">sig</a>)<br />
+ Hole die Datei und führe sie mit Doppelklick aus (falls es funktioniert)
+ oder gebe <code>java -jar i2pinstall_0.9.1.jar</code> in einm Terminal ein um
+ die Installation zu starten.
+ Auf einigen Plattformen muss die Datei gegebenfall mit Rechts-Klick und der
+ Option "Öffne mit Java" geöffnet werden.</li>
+
+<li><b>Linux / OS X / BSD / Solaris Kommandozeilen (Headless) Installation:</b><br />
Downloade die normale Installationsdatei von oben und rufe
- <code>java -jar i2pinstall_0.8.exe -console</code> auf der Kommandozeile auf.
- Dieses funktioniert auf Windows, Linux und Mac OS X (ja, wirklich).
+ <code>java -jar i2pinstall_0.9.1.jar -console</code> in der Kommandozeile auf.
</li>
-<li>Quelltext Installation:<br />
- <a href="http://mirror.i2p2.de/i2psource_0.8.tar.bz2">i2psource_0.8.tar.bz2</a>
+
+<li><a href="/debian.html">Pakete für Debian & Ubuntu</a></li>
+
+<li><b>Quelltext Installation:</b><br />
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2">i2psource_0.9.1.tar.bz2</a>
(SHA256
-a179fc478279383af3420c84699a014a40f9cb0da87ab2a2d2b890639345b999
- <a href="http://mirror.i2p2.de/i2psource_0.8.tar.bz2.sig">sig</a>)<br />
+8603c928a210ced77b6498bf8ee07cb000be9641adc389b34c3c8a10ac4f0677
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2.sig">sig</a>)<br />
Alternativ kannst Du den Quelltext aus <a href="newdevelopers_de">Monotone</a> kopieren.
<br/>
- Führe aus: <code>(tar xjvf i2psource_0.8.tar.bz2 ; cd i2p_0.8 ; ant pkg)</code> und dann
- starte den GUI installer oder die headless Installation wie oben</li>
+ Führe folgendes aus: <code>(tar xjvf i2psource_0.9.1.tar.bz2 ; cd i2p_0.9.1 ; ant pkg)</code>
+ und starte dann den GUI Installer oder die headless Installation wie oben beschrieben</li>
</ul>
-Die Dateien sind von zzz signiert,
-<a href="release-signing-key.html">wessen Schlüssel hier ist</a>.
+Die Dateien sind von zzz mit <a href="release-signing-key.html">diesem Schlüssel</a> signiert.
-<h3>Hinweis an alle Vista Nutzer!</h3>
-Vista hat einige Änderungen mit den Rechten auf Programmen gebracht.
-Bitte auf dem deutschen Vista I2P NICHT in den vorgesehenen Pfad installieren!</br>
-Stattdessen I2P am besten in C:\I2P\ installieren (jedenfalls NICHT in C:\Programme\).
-</br>
</br>
<h3>Arbeit nach dem Installieren</h3>
@@ -61,7 +71,7 @@ nicht unterstützt ist, startest Du den Router stattdessen mit "runplain.sh"
<p>Bei der Erstinstallation bitte nicht vergessen, die <b>Firewall und ggf das NAT</b>
anzupassen. Bitte beachte dabei die Ports, die I2P nutzt, <a href="faq#ports">hier beschrieben</a>.
Nachdem Du deinen Port für eingehenden TCP Verkehr geöffnet hast, aktiviere
-auch den eigehenden TCP Verkehr auf der <a href="http://localhost:7657/config.jsp">Konfigurations Seite</a>.
+auch den eigehenden TCP Verkehr auf der <a href="http://localhost:7657/confignet.jsp">Konfigurations Seite</a>.
</p>
<p>Ebenso kontrolliere und <b>passe bitte die Bandbreiten Einstellungen</b> auf der
@@ -97,18 +107,24 @@ werden kann.
<h3>Aktualisieren von älteren Versionen (Manuelle Methode):</h3>
<ol>
-<li>Downloade <a href="http://mirror.i2p2.de/i2pupdate_0.8.zip">i2pupdate_0.8.zip</a>
+<li>Downloade <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip">i2pupdate_0.9.1.zip</a>
(SHA256
-57c6dd9dab15dc52613e35ba538842de948ad5f230d17f693cdcc86fa056f97c
- <a href="http://mirror.i2p2.de/i2pupdate_0.8.zip.sig">sig</a>) in dein I2P
+136b74435b93aededef5884d39cfbc513f57184b74c8481580bcd5324aa23b1a
+ <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip.sig">sig</a>) in dein I2P
Installationsverzeichnis und <b>bennene es i2pupdate.zip</b>.
(alternativ kannst den Quelltest besorgen und "ant updater" laufen lassen, kopiere dann
das erstellte i2pupdate.zip in dein I2P Installationsverzeichnis). Du brauchst
das ZIP Archive NICHT entpacken, I2P macht das von alleine.</li>
-<li>Klicke auf <a href="http://localhost:7657/configservice.jsp">"Graceful restart"</a></li>
+<li>Klicke auf <a href="http://localhost:7657/configservice.jsp">"Restart"</a></li>
<li>Hole dir eine Tasse Kaffee und schaue in 11 Minuten wieder nach.</li>
</ol>
Diese Datei ist signiert von zzz, wessen Schlüssel <a href="release-signing-key.html">hier ist</a>.
+<h3>Previous Releases</h3>
+Previous releases are available on <a href="http://code.google.com/p/i2p/downloads/list?can=1">Google Code</a>
+and within the I2P network on <a href="http://echelon.i2p/">echelon.i2p</a>.
+
+
+
{% endblock %}
diff --git a/www.i2p2/pages/download_es.html b/www.i2p2/pages/download_es.html
new file mode 100644
index 0000000000000000000000000000000000000000..76ca1a5122538486536b543190ab8876f6753979
--- /dev/null
+++ b/www.i2p2/pages/download_es.html
@@ -0,0 +1,129 @@
+{% extends "_layout_es.html" %}
+{% block title %}Descarga{% endblock %}
+{% block content %}
+<h1>Descargar I2P</h1>
+<h3>Dependencias</h3>
+Java Runtime 1.5 o superior.
+(<a href="http://java.com/download/">Oracle/Sun Java Versión 6</a>,
+<a href="http://openjdk.java.net/install/">OpenJDK 6</a>, o
+<a href="http://icedtea.classpath.org/wiki/Main_Page">IcedTea6</a>
+ recomendado)
+<br>
+<a href="http://java.com/en/download/installed.jsp?detect=jre&try=1">Determina aquà tu versión instalada de Java</a>
+o teclea <tt>java -version</tt> en tu lÃnea de comandos.
+<h3>Instalaciones limpias</h3>
+<ul class="downloadlist">
+<li><b>Windows Instalador gráfico:</b><br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe">i2pinstall_0.9.1_windows.exe</a>
+ (SHA256
+0727af83988e82f32e0972a9e12c72ac14c3c0da0815c5902193d6b13d356371
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe.sig">sig</a>)
+</li>
+
+<li><b>Linux / OS X / BSD / Solaris Instalador gráfico:</b><br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar">i2pinstall_0.9.1.jar</a>
+ (SHA256
+39c19c0df042ad231a14fdf1c20e4927651a2af0f0cf734b46eba0d2b8419314
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar.sig">sig</a>)<br />
+ Download that file and double-click it (if that works) or
+ type <code>java -jar i2pinstall_0.9.1.jar</code> in a terminal to run the
+ installer.
+ On some platforms you may be able to right-click and select
+ "Open with Java".</li>
+
+<li><b>Linux / OS X / BSD / Solaris Instalación desde la lÃnea de comandos (headless):</b><br />
+ Descarga el archivo del instalador gráfico y
+ arranca <code>java -jar i2pinstall_0.9.1.jar -console</code> desde la lÃnea de comandos.
+</li>
+
+<li><a href="/debian.html">Packages for Debian & Ubuntu</a></li>
+
+<li><b>Instalación desde el código fuente:</b><br />
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2">i2psource_0.9.1.tar.bz2</a>
+ (SHA256
+8603c928a210ced77b6498bf8ee07cb000be9641adc389b34c3c8a10ac4f0677
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2.sig">sig</a>)<br />
+ De forma alternativa, puedes obtener las fuentes usando <a href="newdevelopers">monotone</a>.
+ <br/>
+ Ejecuta <code>tar xjvf i2psource_0.9.1.tar.bz2 ; cd i2p-0.9.1 ; ant pkg ;</code> después puedes arrancar el instalador gráfico o bien hacer la instalación desde la lÃnea de comandos descritas anteriormente.</li>
+</ul>
+
+Los archivos están firmados por zzz,
+<a href="release-signing-key.html">cuya clave está aquÃ</a>.
+
+<h3>Trabajo post-instalación</h3>
+
+<p>Tras ejecutar el instalador en Windows, simplemente haz click en el botón "Start I2P", el cual hará emerger la <a href="http://localhost:7657/index.jsp">consola del router</a> , que tiene más instrucciones.</p>
+
+<p>En sistemas estilo Unix se puede iniciar I2P como un servicio
+utilizando el script "i2prouter", ubicado en el directorio que seleccionaste para I2P.
+Cambiando a ese directorio en la consola y tecleando "sh i2prouter status"
+deberÃa decirte el estado del router. Las opciones "start", "stop" y "restart"
+controlan el servicio. Se puede acceder a la <a href="http://localhost:7657/index.jsp"> consola del router</a> en su localización habitual.
+Los usuarios de OpenSolaris y otros sistemas donde no está soportado el envoltorio (i2psvc) deberán arrancar el router con "sh runplain.sh".
+</p>
+
+<p> Si se trata de la primera instalación de I2P, por favor recuerda <b>ajustar tu NAT/cortafuegos</b> si puedes, teniendo en cuenta los puertos que I2P usa de cara a Internet, <a href="faq#ports">descritos aquÃ</a> entre otros puertos.
+Si tienes abierto correctamente tu puerto TCP entrante activa también el puerto entrante en la <a href="http://localhost:7657/confignet.jsp">página de configuración</a>.
+</p>
+
+<p>Revisa también y <b>ajusta la configuración del ancho de banda</b>
+en la <a href="http://localhost:7657/config.jsp">página de configuración</a>,
+ya que la configuración por defecto de 96 KBps de bajada / 40 KBps de subida
+es bastante lenta.
+</p>
+
+<p>
+Si deseas navegar por eepsites con tu navegador, echa un vistazo a la página
+<a href="htproxyports.html">configuración del proxy en el navegador</a> para
+un howto fácil.
+</p>
+
+<h3>Actualizar desde versiones anteriores:</h3>
+<p>
+Hay dos opciones de actualizaciones, manual y automática.
+</p><p>
+Si estás usando la 0.7.5 o posterior, tu router deberÃa detectar las nuevas versiones. Para actualizar, simplemente haz click en el botón "Descargar Actualización"
+cuando aparezca en la consola de tu router.
+</p><p>
+Debido a un fallo en la versión 0.7.6, aquellos que usaron dicha versión como primera instalación de I2P y no hayan actualizado manualmente, obtendrán un error
+"downloaded version is not greater than current version" y deberán usar el método manual de actualización descrito a continuación.
+</p><p>
+Si estás usando la 0.7.4 o anterior, por favor lee
+<a href=release-0.7.5.html>the 0.7.5 release notes</a> que contiene información importante acerca de cómo configurar tu router para recibir la actualización automáticamente.
+</p><p>
+Si estás usando 0.6.1.30 o anteriores, por favor mira las
+<a href=upgrade-0.6.1.30.html>instrucciones</a>
+para información importante acerca de cómo configurar tu router para obterner
+la actualización automáticamente.
+</p>
+
+<ol>
+<li>Si has reconfigurado tu router siguiendo las <a href=upgrade-0.6.1.30.html>instrucciones</a>, deberÃas ver un enlace en la
+ <a href="http://localhost:7657/index.jsp">consola de tu router</a> permitiéndote descargar e instalar la nueva versión simplemente haciendo click en ese enlace.
+</li>
+<li>De forma alternativa, puedes usar el método manual como se especifica seguidamente.</li>
+</ol>
+
+<h3>Actualizar desde versiones anteriores (método manual):</h3>
+<ol>
+<li>Descarga <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip">i2pupdate_0.9.1.zip</a>
+ (SHA256
+136b74435b93aededef5884d39cfbc513f57184b74c8481580bcd5324aa23b1a
+ <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip.sig">sig</a>)
+a tu directorio de instalación I2P y <b>renómbralo como i2pupdate.zip</b>.
+ (Como alternativa, puedes obtener el código fuente tal y como se explicó anteriormente y ejecutar "ant updater", después copia el i2pupdate.zip resultante en tu directorio de instalación I2P). NO es necesario descomprimir ese archivo.</li>
+<li>Click <a href="http://localhost:7657/configservice.jsp">"Restart"</a></li>
+<li>Tómate una taza de café y vuelve en 11 minutos</li>
+</ol>
+
+El archivo está firmado por zzz,
+<a href="release-signing-key.html">cuya clave está aquÃ</a>.
+
+<h3>Previous Releases</h3>
+Previous releases are available on <a href="http://code.google.com/p/i2p/downloads/list?can=1">Google Code</a>
+and within the I2P network on <a href="http://echelon.i2p/">echelon.i2p</a>.
+
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/download_fr.html b/www.i2p2/pages/download_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..a72a2a366a3cae1d21ebb987dc10df86f7f78d3d
--- /dev/null
+++ b/www.i2p2/pages/download_fr.html
@@ -0,0 +1,142 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Téléchargements{% endblock %}
+{% block content %}
+Traduction de juillet 2011. <a href="download.html">Version anglaise actuelle</a>
+<h1>Télécharger I2P</h1>
+<h3>Prérequis</h3>
+Java Runtime 1.5 ou plus récent.
+(<a href="http://java.com/download/">Oracle/Sun Java Version 6</a>,
+<a href="http://openjdk.java.net/install/">OpenJDK 6</a>, ou
+<a href="http://icedtea.classpath.org/wiki/Main_Page">IcedTea6</a>
+ recommandé)
+<br>
+<a href="http://java.com/en/download/installed.jsp?detect=jre&try=1">Déterminez la version de Java installée</a>
+ou tapez <tt>java -version</tt> Ã l'invite de commande.
+<h3>Installation initiale</h3>
+<ul class="downloadlist">
+<li><b>Windows Installeur graphique:</b><br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe">i2pinstall_0.9.1_windows.exe</a>
+ (SHA256 0727af83988e82f32e0972a9e12c72ac14c3c0da0815c5902193d6b13d356371
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe.sig">sig</a>)<br />
+ Téléchargez ce fichier et exécutez-le.
+</li>
+
+<li><b>Linux / OS X / BSD / Solaris Installeur graphique:</b><br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar">i2pinstall_0.9.1.jar</a>
+ (SHA256
+39c19c0df042ad231a14fdf1c20e4927651a2af0f0cf734b46eba0d2b8419314
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar.sig">sig</a>)<br />
+ Téléchargez ce fichier et exécutez-le.
+ Vous pouvez
+ taper <code>java -jar i2pinstall_0.9.1.jar</code>
+</li>
+
+<li><b>Linux / OS X / BSD / Solaris Installation en ligne de commande (facile):</b><br />
+ Téléchargez le fichier de l'installeur graphique ci-dessus et
+ exécutez <code>java -jar i2pinstall_0.9.1.jar -console</code> sur la ligne de commande.
+</li>
+
+<li><a href="/debian_fr.html">Packages for Debian & Ubuntu</a></li>
+
+<li><b>À partir des sources:</b><br />
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2">i2psource_0.9.1.tar.bz2</a>
+ (SHA256 8603c928a210ced77b6498bf8ee07cb000be9641adc389b34c3c8a10ac4f0677
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2.sig">sig</a>)<br />
+ Vous pouvez si vous préférez récupérer les sources sur <a href="newdevelopers">monotone</a>.
+ <br/>
+ Exécuter <code>(tar xjvf i2psource_0.9.1.tar.bz2 ; cd i2p-0.9.1 ; ant pkg)</code> puis, soit
+ lancer l'installeur graphique, soit passer par la ligne de commande.</li>
+</ul>
+
+Les fichiers sont signés par zzz,
+<a href="release-signing-key.html">dont la signature est ici</a>.
+
+<h3>Après l'installation</h3>
+
+<p>Sous Windows, une fois l'installation effectuée, cliquez tout simplement sur l'icône "Start I2P".
+Ceci lance le
+routeur I2P et vous présente la page web de <a href="http://localhost:7657/index.jsp">gestion du routeur</a>
+(dite console), qui affiche plus d'instructions.</p>
+
+<p>Sur les systèmes de style Unix, I2P peut être lancé en tant que service en utilisant le script
+"i2prouter", situé dans le répertoire que vous avez choisi pour installer I2P.
+Rendez-vous dans ce répertoire par un terminal et lancez la commande "sh i2prouter status" qui vous
+indiquera l'état du routeur. Les arguments "start", "stop" et "restart" contrôlent le service.
+La <a href="http://localhost:7657/index.jsp">console</a> est accessible à son emplacement habituel.
+Pour les utilisateurs de OpenSolaris et autres systèmes sur lesquels l'interface système
+(le wrapper i2psvc) n'est
+ pas supporté, lancez le routeur avec la commande "sh runplain.sh".
+</p>
+
+<p>Après l'installation initiale, pensez à <b>régler votre NAT et/ou pare-feu</b> si vous pouvez,
+ en gardant à l'esprit les ports tournés vers Internet qu'I2P utilise,
+<a href="faq_fr#ports">décrits ici</a> parmi les autres.
+Quand vous aurez ouvert votre port d'entrée TCP/UDP dédié à I2P,
+activez alors les connexions entrantes TCP dans la
+<a href="http://localhost:7657/confignet.jsp">page de configuration</a>.
+</p>
+
+<p>Réglez aussi votre <b>bande passante</b> sur la
+<a href="http://localhost:7657/config.jsp">page de configuration</a>,
+car les réglages de base (96 ko/s entrants et 40 ko/s) sont volontairement très faibles.
+</p>
+
+<p>
+Si vous voulez accéder aux sites eep avec votre navigateur, consultez la page <a href="htproxyports_fr.html">
+réglage du proxy du navigateur</a> pour des instructions simples.
+</p>
+
+<h3>Mises à jour d'anciennes versions:</h3>
+<p>
+Les mises à jour automatiques et manuelles sont possibles.
+</p><p>
+Si vous êtes en v0.7.5 ou ultérieure, votre routeur doit détecter la nouvelle version.
+ Pour mettre à jour, cliquez le lien ...'Mettre à jour' en haut de la console lors qu'il apparaÎt.
+</p><p>
+En raison d'un bug dans la v0.7.6, si c'était votre installation initiale et que vous n'avez pas fait
+une mise à jour manuelle,
+ vous recevrez un message d'erreur "La version téléchargée n'est pas plus récente que l'actuelle"
+("downloaded version is not greater than current version").
+Il vous faudra suivre la méthode manuelle décrite ci-dessous.
+</p><p>
+Si vous êtes en v0.7.4 ou antérieure, merci de voir
+<a href=release-0.7.5.html>les notes de version de la v0.7.5</a>
+ pour une importante information concernant la configuration du routeur en vue de la réception automatique de
+la dernière version.
+</p><p>
+Si vous êtes en v0.6.1.30 ou antérieure,
+voyez dans ces <a href=upgrade-0.6.1.30.html>instructions</a> comment configurer
+ le routeur en vue de la réception automatique de la dernière version.
+</p>
+
+<ol>
+<li>Si vous avez reconfiguré votre routeur suivant ces <a href=upgrade-0.6.1.30.html>instructions</a>,
+vous devriez y voir un lien
+ dans la <a href="http://localhost:7657/index.jsp">console de gestion</a> vous permettant simplement en y
+cliquant dessus
+ de télécharger et d'installer la dernière version.</li>
+<li>Vous pouvez également utiliser la méthode manuelle décrite ci-dessous.</li>
+</ol>
+
+<h3>Mises à jour de versions plus anciennes (méthode manuelle):</h3>
+<ol>
+<li>Téléchargez <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip">i2pupdate_0.9.1.zip</a>
+ (SHA256 136b74435b93aededef5884d39cfbc513f57184b74c8481580bcd5324aa23b1a
+ <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip.sig">sig</a>) dans votre répertoire d'installation d'I2P
+ et <b>renommez-le i2pupdate.zip</b>.
+ (sinon, prenez les sources - voir plus haut - et lancez "ant updater", puis copiez/déplacez le i2pupdate.zip généré
+ vers votre répertoire d'installation d'I2P). Il n'est pas nécessaire de décompresser ce fichier.</li>
+<li>Cliquez sur <a href="http://localhost:7657/configservice.jsp">"Rédémarrage respectueux"</a>,</li>
+<li>servez-vous un café et revenez dans 11 minutes</li>
+</ol>
+
+Le fichier est signé par zzz,
+<a href="release-signing-key.html">dont la signature est ici</a>.
+
+<h3>Previous Releases</h3>
+Previous releases are available on <a href="http://code.google.com/p/i2p/downloads/list?can=1">Google Code</a>
+and within the I2P network on <a href="http://echelon.i2p/">echelon.i2p</a>.
+
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/download_ru.html b/www.i2p2/pages/download_ru.html
index fd8c306ca6ccee7a174c24c4b642334f7cac02cc..13797495ba2795390c5669f011e30646219c5583 100644
--- a/www.i2p2/pages/download_ru.html
+++ b/www.i2p2/pages/download_ru.html
@@ -14,30 +14,41 @@
<ul class="downloadlist">
-<li>ГрафичеÑкий инÑталлÑтор:<br />
- <a href="http://mirror.i2p2.de/i2pinstall_0.8.exe">i2pinstall_0.8.exe</a>
+<li><b>ГрафичеÑкий инÑталлÑтор Ð´Ð»Ñ Windows:</b><br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe">i2pinstall_0.9.1_windows.exe</a>
(SHA256
-d14ef28ffff7ef95e5627d7bbeac8f5aad57c82b89d2071383787f2124152ca9
- <a href="http://mirror.i2p2.de/i2pinstall_0.8.exe.sig">sig</a>)<br />
-
- Под Windows: Ñкачайте Ñтот файл и запуÑтите его. Под другими операционными ÑиÑтемами его можно запуÑтить из командной Ñтроки командой <code>java -jar i2pinstall_0.8.exe</code>
+0727af83988e82f32e0972a9e12c72ac14c3c0da0815c5902193d6b13d356371
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe.sig">sig</a>)<br />
+ Под Windows: Ñкачайте Ñтот файл и запуÑтите его.
+</li>
+
+<li><b>ГрафичеÑкий инÑталлÑтор Ð´Ð»Ñ Linux / OS X / BSD / Solaris:</b><br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar">i2pinstall_0.9.1.jar</a>
+ (SHA256
+39c19c0df042ad231a14fdf1c20e4927651a2af0f0cf734b46eba0d2b8419314
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar.sig">sig</a>)<br />
+ Скачайте Ñтот файл и запуÑтите двойным кликом, или выполните в конÑоли
+ команду <code>java -jar i2pinstall_0.9.1.jar</code> Ð´Ð»Ñ Ð·Ð°Ð¿ÑƒÑка инÑталлÑтора.
+ Ðа некоторых платформах вы можете вызвать контекÑтное меню и выбрать
+ "Open with Java".
</li>
-<li>УÑтановка из командной Ñтроки:<br />
+<li><b>УÑтановка из командной Ñтроки в Linux / OS X / BSD / Solaris:</b><br />
-Скачайте графичеÑкий инÑталлÑтор по ÑÑылке выше и запуÑтите из командной Ñтроки <code>java -jar i2pinstall_0.8.exe -console</code> <br />
-Такой ÑпоÑоб работает в Windows, Linux и Mac OS X.
+Скачайте графичеÑкий инÑталлÑтор по ÑÑылке выше и запуÑтите из командной Ñтроки <code>java -jar i2pinstall_0.9.1.jar -console</code> <br />
</li>
-<li>УÑтановка из иÑходного кода:<br />
- <a href="http://mirror.i2p2.de/i2psource_0.8.tar.bz2">i2psource_0.8.tar.bz2</a>
+<li><a href="/debian.html">Packages for Debian & Ubuntu</a></li>
+
+<li><b>УÑтановка из иÑходного кода:</b><br />
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2">i2psource_0.9.1.tar.bz2</a>
(SHA256
-a179fc478279383af3420c84699a014a40f9cb0da87ab2a2d2b890639345b999
- <a href="http://mirror.i2p2.de/i2psource_0.8.tar.bz2.sig">sig</a>)<br />
+8603c928a210ced77b6498bf8ee07cb000be9641adc389b34c3c8a10ac4f0677
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2.sig">sig</a>)<br />
(Как вариант, можете Ñкачать текущий иÑходный код из <a href="newdevelopers">monotone-репозиториÑ</a>.)
<br/>
- ЗапуÑтите процеÑÑ Ñборки <code>(tar xjvf i2psource_0.8.tar.bz2 ; cd i2p-0.8 ; ant pkg)</code>, затем воÑпользуйтеÑÑŒ Ñобранным инÑталлÑтором в графичеÑком или конÑольном режиме (Ñм. предыдущие ÑпоÑобы уÑтановки).
+ ЗапуÑтите процеÑÑ Ñборки <code>(tar xjvf i2psource_0.9.1.tar.bz2 ; cd i2p-0.9.1 ; ant pkg)</code>, затем воÑпользуйтеÑÑŒ Ñобранным инÑталлÑтором в графичеÑком или конÑольном режиме (Ñм. предыдущие ÑпоÑобы уÑтановки).
</li>
</ul>
@@ -50,13 +61,13 @@ Windows: поÑле Ð·Ð°Ð²ÐµÑ€ÑˆÐµÐ½Ð¸Ñ Ñ€Ð°Ð±Ð¾Ñ‚Ñ‹ инÑталлÑтора
</p>
<p>
-Unix-ÑовмеÑтимые ÑиÑтемы: I2P можно запуÑтить в виде ÑервиÑа через Ñкрипт «i2prouter», раÑположенный в директории, которую Ð’Ñ‹ выбрали Ð´Ð»Ñ ÑƒÑтановки I2P. Ð¡Ñ‚Ð°Ñ‚ÑƒÑ Ð¼Ð°Ñ€ÑˆÑ€ÑƒÑ‚Ð¸Ð·Ð°Ñ‚Ð¾Ñ€Ð° можно поÑмотреть через команду «sh i2prouter status». Управление ÑервиÑом оÑущеÑтвлÑетÑÑ Ð¿Ñ€Ð¸ помощи параметров «start», «stop» и «restart». ÐÐ´Ñ€ÐµÑ [<a href="http://localhost:7657/index.jsp">конÑоли маршрутизатора</a> в таком режиме находитÑÑ Ð½Ð° обычном меÑте.
+Unix-ÑовмеÑтимые ÑиÑтемы: I2P можно запуÑтить в виде ÑервиÑа через Ñкрипт «i2prouter», раÑположенный в директории, которую Ð’Ñ‹ выбрали Ð´Ð»Ñ ÑƒÑтановки I2P. Ð¡Ñ‚Ð°Ñ‚ÑƒÑ Ð¼Ð°Ñ€ÑˆÑ€ÑƒÑ‚Ð¸Ð·Ð°Ñ‚Ð¾Ñ€Ð° можно поÑмотреть через команду «sh i2prouter status». Управление ÑервиÑом оÑущеÑтвлÑетÑÑ Ð¿Ñ€Ð¸ помощи параметров «start», «stop» и «restart». ÐÐ´Ñ€ÐµÑ <a href="http://localhost:7657/index.jsp">конÑоли маршрутизатора</a> в таком режиме находитÑÑ Ð½Ð° обычном меÑте.
Ð’ OpenSolaris и других ÑиÑтемах, где не поддерживаетÑÑ ÑервиÑный враппер (i2psvc) — запуÑкайте маршрутизатор командой «sh runplain.sh».
</p>
<p>
-При первом запуÑке I2P не забудьте <b>наÑтроить NAT/брандмауÑÑ€</b>, еÑли они у Ð’Ð°Ñ Ð¸ÑпользуютÑÑ Ð¸ у Ð’Ð°Ñ ÐµÑÑ‚ÑŒ права Ð´Ð»Ñ Ð¸Ñ… наÑтройки. СпиÑок иÑпользуемых I2P внешних портов <a href="faq#ports">перечиÑлен в FAQ</a>. ЕÑли Вам удалоÑÑŒ открыть порт Ð´Ð»Ñ Ð²Ñ…Ð¾Ð´Ñщих TCP-Ñоединений, включите иÑпользование входÑщих TCP-Ñоединений на <a href="http://localhost:7657/config.jsp">Ñтранице наÑтроек</a> Вашего I2P маршрутизатора.
+При первом запуÑке I2P не забудьте <b>наÑтроить NAT/брандмауÑÑ€</b>, еÑли они у Ð’Ð°Ñ Ð¸ÑпользуютÑÑ Ð¸ у Ð’Ð°Ñ ÐµÑÑ‚ÑŒ права Ð´Ð»Ñ Ð¸Ñ… наÑтройки. СпиÑок иÑпользуемых I2P внешних портов <a href="faq#ports">перечиÑлен в FAQ</a>. ЕÑли Вам удалоÑÑŒ открыть порт Ð´Ð»Ñ Ð²Ñ…Ð¾Ð´Ñщих TCP-Ñоединений, включите иÑпользование входÑщих TCP-Ñоединений на <a href="http://localhost:7657/confignet.jsp">Ñтранице наÑтроек</a> Вашего I2P маршрутизатора.
</p>
<p>
@@ -88,10 +99,10 @@ Unix-ÑовмеÑтимые ÑиÑтемы: I2P можно запуÑтить в
<ol>
<li>Скачайте
- <a href="http://mirror.i2p2.de/i2pupdate_0.8.zip">i2pupdate_0.8.zip</a>
+ <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip">i2pupdate_0.9.1.zip</a>
(SHA256
-57c6dd9dab15dc52613e35ba538842de948ad5f230d17f693cdcc86fa056f97c
- <a href="http://mirror.i2p2.de/i2pupdate_0.8.zip.sig">sig</a>)
+136b74435b93aededef5884d39cfbc513f57184b74c8481580bcd5324aa23b1a
+ <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip.sig">sig</a>)
в директорию, где у Ð’Ð°Ñ ÑƒÑтановлен I2P и <b>переименуйте в i2pupdate.zip</b>. (Как вариант, можно Ñкачать иÑходный код и запуÑтить Ñборку командой «ant updater», поÑле чего Ñкопировать полученный i2pupdate.zip в директорию, где у Ð’Ð°Ñ ÑƒÑтановлен I2P.) Вам ÐЕ надо раÑпаковывать Ñтот zip-файл.
</li>
<li>Ðажмите <a href="http://localhost:7657/configservice.jsp">«Перезагрузить плавно»</a></li>
@@ -100,4 +111,10 @@ Unix-ÑовмеÑтимые ÑиÑтемы: I2P можно запуÑтить в
Ðтот файл подпиÑан zzz, <a href="release-signing-key.html">чей ключ можно взÑÑ‚ÑŒ тут</a>.
+<h3>Previous Releases</h3>
+Previous releases are available on <a href="http://code.google.com/p/i2p/downloads/list?can=1">Google Code</a>
+and within the I2P network on <a href="http://echelon.i2p/">echelon.i2p</a>.
+
+
+
{% endblock %}
diff --git a/www.i2p2/pages/download_zh.html b/www.i2p2/pages/download_zh.html
index b0b8f49b60e03cfaa226885803ab4f37a4d1f5d2..24848f9a42242ca1f9985faf39236893f99e54d1 100644
--- a/www.i2p2/pages/download_zh.html
+++ b/www.i2p2/pages/download_zh.html
@@ -10,20 +10,37 @@
或在命令行ä¸è¾“å…¥ <tt>java -version</tt> 。
<h3>全新安装</h3>
<ul class="downloadlist">
-<li>图形安装程åº:<br />
- <a href="http://mirror.i2p2.de/i2pinstall_0.8.exe">i2pinstall_0.8.exe</a>
+<li><b>Windows</b> 图形安装程åº:<br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe">i2pinstall_0.9.1_windows.exe</a>
<br/>(SHA256
-d14ef28ffff7ef95e5627d7bbeac8f5aad57c82b89d2071383787f2124152ca9
- <a href="http://mirror.i2p2.de/i2pinstall_0.8.exe.sig">sig</a>)
- <br />下载以上文件并è¿è¡Œå¦‚æžœä½ ä¸æ˜¯ windows 用户,å¯ä»¥è¾“å…¥ <code>java -jar i2pinstall_0.8.exe</code> (没错,就这么写)</li>
-<li>命令行安装(å³æ— 头安装):<br />
- 下载上é¢çš„图形安装程åºå¹¶åœ¨å‘½ä»¤è¡ŒçŠ¶æ€ä¸‹è¿è¡Œ <code>java -jar i2pinstall_0.8.exe -console</code>。
- 以上方法适用于 windows,linux, å’Œ mac (没错,确实å¯è¡Œ).</li>
+0727af83988e82f32e0972a9e12c72ac14c3c0da0815c5902193d6b13d356371
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1_windows.exe.sig">sig</a>)
+</li>
+
+<li><b>Linux / OS X / BSD / Solaris</b> 图形安装程åº:<br />
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar">i2pinstall_0.9.1.jar</a>
+ (SHA256
+39c19c0df042ad231a14fdf1c20e4927651a2af0f0cf734b46eba0d2b8419314
+ <a href="http://mirror.i2p2.de/i2pinstall_0.9.1.jar.sig">sig</a>)<br />
+ Download that file and double-click it (if that works) or
+ type <code>java -jar i2pinstall_0.9.1.jar</code> in a terminal to run the
+ installer.
+ On some platforms you may be able to right-click and select
+ "Open with Java".
+ <br />下载以上文件并è¿è¡Œå¦‚æžœä½ ä¸æ˜¯ windows 用户,å¯ä»¥è¾“å…¥ <code>java -jar i2pinstall_0.9.1.jar</code>
+</li>
+
+<li><b>Linux / OS X / BSD / Solaris</b> 命令行安装(å³æ— 头安装):<br />
+ 下载上é¢çš„图形安装程åºå¹¶åœ¨å‘½ä»¤è¡ŒçŠ¶æ€ä¸‹è¿è¡Œ <code>java -jar i2pinstall_0.9.1.jar -console</code>。
+</li>
+
+<li><a href="/debian.html">Packages for Debian & Ubuntu</a></li>
+
<li>用æºç 安装:<br />
- <a href="http://mirror.i2p2.de/i2psource_0.8.tar.bz2">i2psource_0.8.tar.bz2</a>
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2">i2psource_0.9.1.tar.bz2</a>
<br/>(SHA256
-a179fc478279383af3420c84699a014a40f9cb0da87ab2a2d2b890639345b999
- <a href="http://mirror.i2p2.de/i2psource_0.8.tar.bz2.sig">sig</a>)<br />æ¤å¤–ï¼Œä½ ä¹Ÿå¯ä»¥ä»Ž <a href="newdevelopers">monotone</a> ä¸ä¸‹è½½æºç 。<br/>执行 <code>(tar xjvf i2psource_0.8.tar.bz2 ; cd i2p_0.8 ; ant pkg)</code>
+8603c928a210ced77b6498bf8ee07cb000be9641adc389b34c3c8a10ac4f0677
+ <a href="http://mirror.i2p2.de/i2psource_0.9.1.tar.bz2.sig">sig</a>)<br />æ¤å¤–ï¼Œä½ ä¹Ÿå¯ä»¥ä»Ž <a href="newdevelopers">monotone</a> ä¸ä¸‹è½½æºç 。<br/>执行 <code>(tar xjvf i2psource_0.9.1.tar.bz2 ; cd i2p_0.9.1 ; ant pkg)</code>
,然åŽè¿è¡Œå›¾å½¢å®‰è£…程åºæˆ–进行命令行安装。</li>
</ul>
@@ -36,7 +53,7 @@ a179fc478279383af3420c84699a014a40f9cb0da87ab2a2d2b890639345b999
<p>在类 Unix 系统ä¸ï¼Œä½¿ç”¨ "i2prouter" 脚本å¯ä»¥å°† I2P 以æœåŠ¡æ–¹å¼è¿è¡Œã€‚该脚本ä½äºŽ I2P 文件夹ä¸ã€‚在命令行控制å°ä¸åˆ‡æ¢åˆ°ä»¥ä¸Šç›®å½•ï¼Œæ‰§è¡Œ "sh i2prouter status" å¯ä»¥æ˜¾ç¤ºè·¯ç”±å™¨çš„状æ€ã€‚ "start", "stop" å’Œ "restart" å‚æ•°å¯ä»¥æŽ§åˆ¶æœåŠ¡çŠ¶æ€ã€‚路由控制å°æ€»å¯ä»¥é€šè¿‡<a href="http://localhost:7657/index.jsp">这个地å€</a>访问。如果用户使用 OpenSolaris åŠå…¶å®ƒä¸æ”¯æŒå°è£… (i2psvc) 的系统,å¯ä»¥é€šè¿‡æ‰§è¡Œ "sh runplain.sh" å¯åŠ¨i2p路由器。</p>
-<p>第一次安装时,如果å¯èƒ½è¯·è®°å¾— <b>调整您的 NAT/防ç«å¢™ </b> 。 è®°ä½ I2P 所使用的公网端å£(å¯ä»¥è‡ªå®šä¹‰),它与相关端å£çš„<a href="faq#ports">æ述在这里</a> 。如果您在防ç«å¢™/路由器里æˆåŠŸçš„打开了TCP的入站端å£ï¼Œè¯·åœ¨I2P路由的 <a href="http://localhost:7657/config.jsp">é…ç½®</a> 页é¢åŒæ—¶æ‰“开入站TCP功能。</p>
+<p>第一次安装时,如果å¯èƒ½è¯·è®°å¾— <b>调整您的 NAT/防ç«å¢™ </b> 。 è®°ä½ I2P 所使用的公网端å£(å¯ä»¥è‡ªå®šä¹‰),它与相关端å£çš„<a href="faq#ports">æ述在这里</a> 。如果您在防ç«å¢™/路由器里æˆåŠŸçš„打开了TCP的入站端å£ï¼Œè¯·åœ¨I2P路由的 <a href="http://localhost:7657/confignet.jsp">é…ç½®</a> 页é¢åŒæ—¶æ‰“开入站TCP功能。</p>
<p>åŒæ—¶ï¼ŒæŸ¥çœ‹å¹¶è°ƒæ•´<a href="http://localhost:7657/config.jsp">设置</a>页é¢ä¸çš„ <b>带宽设置</b> 。默认的 96 KBps 下载 / 40 KBps ä¸Šä¼ é€Ÿåº¦å¾ˆç¼“æ…¢ã€‚</p>
@@ -53,14 +70,20 @@ a179fc478279383af3420c84699a014a40f9cb0da87ab2a2d2b890639345b999
<h3>旧版å‡çº§ (手动方法):</h3>
<ol>
-<li>下载 <a href="http://mirror.i2p2.de/i2pupdate_0.8.zip">i2pupdate_0.8.zip</a> <br/>(SHA256
-57c6dd9dab15dc52613e35ba538842de948ad5f230d17f693cdcc86fa056f97c
- <a href="http://mirror.i2p2.de/i2pupdate_0.8.zip.sig">sig</a>) 放入 I2P 安装文件夹并 <b>改å为 i2pupdate.zip</b>. (æ¤å¤–,您还å¯ä»¥åœ¨å¾—到å‰è¿°çš„æºç 包åŽè¿è¡Œ "ant updater",将生æˆçš„ i2pupdate.zip å¤åˆ¶åˆ°æ‚¨çš„ I2P 安装目录ä¸)。<b>ä¸è¦</b>å°†æ¤æ–‡ä»¶è§£åŽ‹ç¼©ã€‚</li>
-<li>点击 <a href="http://localhost:7657/configservice.jsp">"Graceful restart"</a>(平滑é‡å¯)</li>
+<li>下载 <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip">i2pupdate_0.9.1.zip</a> <br/>(SHA256
+136b74435b93aededef5884d39cfbc513f57184b74c8481580bcd5324aa23b1a
+ <a href="http://mirror.i2p2.de/i2pupdate_0.9.1.zip.sig">sig</a>) 放入 I2P 安装文件夹并 <b>改å为 i2pupdate.zip</b>. (æ¤å¤–,您还å¯ä»¥åœ¨å¾—到å‰è¿°çš„æºç 包åŽè¿è¡Œ "ant updater",将生æˆçš„ i2pupdate.zip å¤åˆ¶åˆ°æ‚¨çš„ I2P 安装目录ä¸)。<b>ä¸è¦</b>å°†æ¤æ–‡ä»¶è§£åŽ‹ç¼©ã€‚</li>
+<li>点击 <a href="http://localhost:7657/configservice.jsp">"Restart"</a>(平滑é‡å¯)</li>
<li>去å–æ¯å’–啡,11分钟åŽå°±å®Œæˆäº†ã€‚</li>
</ol>
本文件已由 zzz ç¾å,
<a href="release-signing-key.html">ç¾å公钥</a>。
+<h3>Previous Releases</h3>
+Previous releases are available on <a href="http://code.google.com/p/i2p/downloads/list?can=1">Google Code</a>
+and within the I2P network on <a href="http://echelon.i2p/">echelon.i2p</a>.
+
+
+
{% endblock %}
diff --git a/www.i2p2/pages/faq.html b/www.i2p2/pages/faq.html
index 4440ef991e5321e5430913db7091f3ac1b3e8bac..f0b3f451b64054ccb2a141c41f7d68f6f27edfbe 100644
--- a/www.i2p2/pages/faq.html
+++ b/www.i2p2/pages/faq.html
@@ -3,51 +3,66 @@
{% block content %}
<h1>I2P - FREQUENTLY ASKED QUESTIONS</h1>
<h3 id="index"> Index </h3>
-<p><ol>
+<ol>
+<li style="list-style: none; display: inline">
<h4>General</h4>
-<li><a href="#eepsite">Whats an "eepsite"?
-</a></li><li><a href="#peers">My router has very few active peers, is this OK?
-</a></li><li><a href="#active">What do the Active x/y numbers mean in the router console?
-</a></li><li><a href="#vary">My active peers / known peers / participating tunnels / connections / bandwidth vary dramatically over time! Is anything wrong?
-</a></li><li><a href="#proxy_safe">Is using an outproxy safe?
-</a></li><li><a href="#down">Most of the eepsites within I2P are down?
-</a></li><li><a href="#ports">What ports does I2P use?
-</a></li><li><a href="#bug">I think I found a bug, where can I report it?
-</a></li><li><a href="#jrandom">What happened to *.i2p.net? What happened to jrandom? Is I2P dead?
-</a></li><li><a href="#question">I have a question!
-</a></li>
+</li>
+<li><a href="#systems">What systems will I2P run on?</a></li>
+<li><a href="#eepsite">Whats an "eepsite" and how do I configure my browser so I can use them?</a></li>
+<li><a href="#peers">My router has very few active peers, is this OK?</a></li>
+<li><a href="#active">What do the Active x/y numbers mean in the router console?</a></li>
+<li><a href="#vary">My active peers / known peers / participating tunnels / connections / bandwidth vary dramatically over time! Is anything wrong?</a></li>
+<li><a href="#proxy_safe">Is using an outproxy safe?</a></li>
+<li><a href="#down">Most of the eepsites within I2P are down?</a></li>
+<li><a href="#ports">What ports does I2P use?</a></li>
+<li><a href="#port32000">Why is I2P listening for connections on port 32000?</a></li>
+<li><a href="#bug">I think I found a bug, where can I report it?</a></li>
+<li><a href="#jrandom">What happened to *.i2p.net? What happened to jrandom? Is I2P dead?</a></li>
+<li><a href="#question">I have a question!</a></li>
+<li style="list-style: none; display: inline">
<h4>Setup</h4>
-<li><a href="#reseed">My router has been up for several minutes and has zero or very few connections
-</a></li><li><a href="#slow">Why is I2P so slow?
-</a></li><li><a href="#subscriptions">I'm missing lots of hosts in my addressbook. What are some good subscription links?
-</a></li><li><a href="#myeepsite">How do I set up my own eepsite?
-</a></li><li><a href="#snark">Bittorrent / I2PSnark / Azureus I2P Plugin Questions?
-</a></li><li><a href="#irc">How do I connect to IRC within I2P?
-</a></li><li><a href="#outproxy">I can't access regular Internet sites through I2P.
-</a></li><li><a href="#https">I can't access https:// or ftp:// sites through I2P.
-</a></li><li><a href="#socks">Is it possible to use I2P as a SOCKS proxy?
-</a></li><li><a href="#remote_webconsole">How can I access the web console from my other machines or password protect it?
-</a></li><li><a href="#remote_i2cp">How can I use applications from my other machines?
-</a></li><li><a href="#manual_reseed">How do I reseed manually?
-</a></li><li><a href="#cpu">My router is using too much CPU?!?
-</a></li>
+</li>
+<li><a href="#reseed">My router has been up for several minutes and has zero or very few connections</a></li>
+<li><a href="#slow">Why is I2P so slow?</a></li>
+<li><a href="#subscriptions">I'm missing lots of hosts in my addressbook. What are some good subscription links?</a></li>
+<li><a href="#myeepsite">How do I set up my own eepsite?</a></li>
+<li><a href="#snark">Bittorrent / I2PSnark / Azureus I2P Plugin Questions?</a></li>
+<li><a href="#irc">How do I connect to IRC within I2P?</a></li>
+<li><a href="#outproxy">I can't access regular Internet sites through I2P.</a></li>
+<li><a href="#https">I can't access https:// or ftp:// sites through I2P.</a></li>
+<li><a href="#socks">Is it possible to use I2P as a SOCKS proxy?</a></li>
+<li><a href="#browserproxy">How do I configure my browser?</a></li>
+<li><a href="#remote_webconsole">How can I access the web console from my other machines or password protect it?</a></li>
+<li><a href="#remote_i2cp">How can I use applications from my other machines?</a></li>
+<li><a href="#manual_reseed">How do I reseed manually?</a></li>
+<li><a href="#cpu">My router is using too much CPU?!?</a></li>
+<li style="list-style: none; display: inline">
<h4>Misconception</h4>
-<li><a href="#proxy_other">How do I access IRC, BitTorrent, or other services on the regular Internet?
-</a></li><li><a href="#exit">Is my router an "exit node"(outproxy) to the regular Internet? I don't want it to be.
-</a></li><li><a href="#content">I am opposed to certain types of content. How do I keep from distributing, storing, or accessing them?
-</a></li>
-</ol></p>
+</li>
+<li><a href="#proxy_other">How do I access IRC, BitTorrent, or other services on the regular Internet?</a></li>
+<li><a href="#exit">Is my router an "exit node"(outproxy) to the regular Internet? I don't want it to be.</a></li>
+<li><a href="#content">I am opposed to certain types of content. How do I keep from distributing, storing, or accessing them?</a></li>
+<li style="list-style: none; display: inline">
+<h4>Errors and Their Solutions</h4>
+</li>
+<li><a href="#compat6x">I'm using FreeBSD and when I start I2P I receive an error about <code>libm.so.4</code>!</a></li>
+<li><a href="#protocolfamily">In <code>wrapper.log</code> I see an error stating <code>Protocol family unavailable</code> when I2P is loading</a></li>
+</ol>
+<h3 id="systems">What systems will I2P run on?
+<span class="permalink">(<a href="#systems">link</a>)</span></h3>
+<p>While I2P has been reported to run PCs as meagre as a low-end Pentium II with 64 MB of RAM, you'll have a much better experience on a Pentium III (or better) with 128MB of RAM (or more). A <a href="http://trac.i2p2.de/wiki/java">chart comparing the performance</a> of the various JREs can be found at <a href="http://trac.i2p2.de/wiki/java">http://trac.i2p2.de/wiki/java</a>, but in short: it's at all possible, use Sun/Oracle Java or OpenJDK.</p>
+<p>I2P has been tested on Windows, Linux, FreeBSD (see the note <a href="#compat6x">below</a>), OSX, and OpenSolaris. There is work underway to bring I2P to the Android platform.</p>
+
+
<h3 id="bug">I think I found a bug, where can I report it?
<span class="permalink">(<a href="#bug">link</a>)</span></h3>
-<p>
+
Here are some places, pick one or more.
<ul>
-<li><a href="http://trac.i2p2.i2p/newticket">trac.i2p2.i2p</a> ticket
-<li><a href="http://forum.i2p/viewforum.php?f=10">forum.i2p</a>
-<li><a href="http://paste.i2p2.i2p/">paste.i2p2.i2p</a> and follow up on IRC #i2p
-<li>Discuss with the developers on IRC #i2p
-</ul>
-</p>
+<li><a href="http://trac.i2p2.de/report/1">trac.i2p2.de</a> ticket (preferred method)</li>
+<li><a href="http://pastethis.i2p/">pastethis.i2p</a> and follow up on IRC in #i2p</li>
+<li>Discuss with the developers on IRC in #i2p-dev</li></ul>
+
<p>
Please include relevant information from the router logs and wrapper logs.
</p>
@@ -57,9 +72,8 @@ Please include relevant information from the router logs and wrapper logs.
<p>
The default subscription is to http://www.i2p2.i2p/hosts.txt which is updated rarely.
If you don't have another subscription, you may often have to use "jump" links which
-is annoying.
-</p><p>
-Here are some other public addressbook subscription links. You may wish to add one or two
+is annoying.</p>
+<p>Here are some other public addressbook subscription links. You may wish to add one or two
to your <a href="http://localhost:7657/susidns/subscriptions.jsp">susidns subscription list</a>.
You don't need to add all of them, as they sync with each other periodically.
The links using a cgi-bin application employ various strategies to minimize
@@ -68,81 +82,80 @@ Note that subscribing to a hosts.txt service is an act of "trust", as a maliciou
subscription could give you incorrect addresses. So think about whether you
want to trust any of these.
The operators of these services may have various policies for listing hosts.
-Presence on this list does not imply endorsement.
+Presence on this list does not imply endorsement.</p>
<div class="links">
<ul>
-<li><a href="http://i2host.i2p/cgi-bin/i2hostetag">http://i2host.i2p/cgi-bin/i2hostetag</a>
-<li><a href="http://stats.i2p/cgi-bin/newhosts.txt">http://stats.i2p/cgi-bin/newhosts.txt</a>
-<li><a href="http://tino.i2p/hosts.txt">http://tino.i2p/hosts.txt</a>
-</ul>
+<li><a href="http://i2host.i2p/cgi-bin/i2hostetag">http://i2host.i2p/cgi-bin/i2hostetag</a></li>
+<li><a href="http://stats.i2p/cgi-bin/newhosts.txt">http://stats.i2p/cgi-bin/newhosts.txt</a></li>
</div>
-</p>
+
<h3 id="jrandom">What happened to *.i2p.net? What happened to jrandom? Is I2P dead?
<span class="permalink">(<a href="#jrandom">link</a>)</span></h3>
-<p>
-Jrandom was the lead developer of i2p and
+<p>Jrandom was the lead developer of I2P and
<a href="http://syndie.i2p2.de/">Syndie</a> for several years.
-We expect jrandom to be absent for at least the remainder of 2008.
+We do not know if or when jrandom will return.
The *.i2p.net domains were left in a non-functioning state after a power
-outage at the hosting company.
-</p><p>
-See <a href="jrandom-awol.html">this page</a> for jrandom's parting message and additional information
- on the migration of *.i2p.net to
-<a href="index.html">this website</a>.
-</p><p>
-I2P is not dead, it remains in active development and we anticipate
-several releases in 2010.
-</p>
+outage at the hosting company.</p>
+<p>See <a href="jrandom-awol.html">this page</a> for jrandom's parting message and additional information
+ on the migration of *.i2p.net to <a href="index.html">this website</a>.</p>
+<p>I2P remains in active development.</p>
-<h3 id="CPU">My router is using too much CPU?!?
-<span class="permalink">(<a href="#CPU">link</a>)</span></h3>
+<h3 id="cpu">My router is using too much CPU?!?
+<span class="permalink">(<a href="#cpu">link</a>)</span></h3>
<p>
There are many possible causes of high CPU usage. Here is a checklist:
</p><ul>
<li>
-Are you using Sun Java or some other version? (type java -version at a command prompt to find out)
-We have several reports of high CPU usage when using other Java versions.
+Try to use either OpenJDK or Sun/Oracle Java if it's available for your system. You can check
+which version of java you have installed by typing <code>java -version</code> at a
+command/shell prompt. Performance tends to suffer with other implementations of java.
+</li>
<li>
-Are you running a BitTorrent client over i2p? Try reducing the number of torrents, the bandwidth limits,
+Are you running a BitTorrent client over I2P? Try reducing the number of torrents, the bandwidth limits,
or try turning it off completely to see if that helps.
+</li>
<li>
-Are your bandwidth limits too high? Perhaps too much traffic is going through your
-computer, and it is overloaded. Try reducing share bandwidth percentage on config.jsp.
+Are your bandwidth limits set too high? It is possible that too much traffic is going through your
+I2P router and it is overloaded. Try reducing the setting for <em>share bandwidth percentage</em> on the <a href="http://localhost:7657/config">configuration</a> page.
+</li>
<li>
-Are you running the latest version of I2P? Recent versions have several performance improvements
-and bug fixes.
+Make sure that you're running the latest version of I2P to get the benefits of increased performance and bug fixes.
+</li>
<li>
-Have you configured I2P with enough memory? Look at the memory graph on graphs.jsp to see
-if the memory usage is "pegged", which means the JVM is spending most of its time in
-garbage collection. Increase the wrapper.java.maxmemory setting in wrapper.config.
+Has enough memory been set aside for use by I2P? Look at the memory graph on <a href="http://localhost:7657/graphs">the graphs page</a> to see
+if the memory usage is "pegged"—the JVM is spending most of its time in
+garbage collection. Increase the setting <code>wrapper.java.maxmemory</code> in <code>wrapper.config</code>.
+</li>
<li>
Is the CPU usage simply higher than you would like, or is it pegged at 100% for a long time?
If it's pegged, this could be a bug. Look in the logs for clues.
+</li>
<li>
You may be using the Java-based BigInteger library instead of the native version,
-especially if you are running on a new or unusual OS or hardware (64-bit, OS X, OpenSolaris, etc.).
+especially if you are running on a new or unusual OS or hardware (OpenSolaris, mipsel, etc.).
See the <a href="jbigi.html">jbigi page</a> for instructions on
diagnosing, building, and testing methods.
+</li>
<li>
If your native jbigi library is working fine, the biggest user of
CPU may be routing traffic for participating tunnels. This uses CPU
because at each hop a layer of encryption must be decoded.
You can limit participating traffic in two ways - by reducing the
share bandwidth on
-<a href="http://localhost:7657/config.jsp">config.jsp</a>,
+<a href="http://localhost:7657/confignet.jsp">confignet.jsp</a>,
or by setting <tt>router.maxParticipatingTunnels=nnn</tt> on
<a href="http://localhost:7657/configadvanced.jsp">configadvanced.jsp</a>.
-</ul>
+</li></ul>
<h3 id="content">I am opposed to certain types of content. How do I keep from distributing, storing, or accessing them?
<span class="permalink">(<a href="#content">link</a>)</span></h3>
<p>
Hmm. I2P is an anonymous network, so that's a tricky one.
-I2P is designed for everyone and not to censor out some/any kind of data.
-The best way to keep your PC free of (encrypted) traffic you dislike is to not use I2P.
+I2P is designed to withstand censorship, providing a means for everyone to communicate freely.
+The best way to keep your PC free of (encrypted) traffic that you dislike is to not use I2P.
Freedom of speech has some costs.
-But let's address your question in three parts:
+But let's address your question in three parts:</p>
<ul>
<li><b>Distribution</b> - All traffic on I2P is encrypted in multiple layers. You don't know
a message's contents, source, or destination.
@@ -151,13 +164,14 @@ Your only alternative is to refuse to route
<i>any</i> traffic, by setting your share bandwidth or maximum participating tunnels to 0 (see above).
It would be nice if you didn't do this, you should help the network by routing traffic for others.
Over 95% of users route traffic for others.
-<li><b>Storage</b> - I2P does not do distributed storage of content. You must be thinking of
+</li><li><b>Storage</b> - I2P does not do distributed storage of content. You must be thinking of
<a href="http://freenetproject.org/">Freenet</a>.
-You are not storing anybody else's content.
+Nobody's content is being stored on your computer by running I2P.
+</li>
<li><b>Access</b> - If there are some eepsites you don't like, don't go there.
Or, use a blocking proxy like Privoxy or some type of "net nanny".
-</ul>
-</p>
+</li></ul>
+
<h3 id="vary">My active peers / known peers / participating tunnels / connections / bandwidth vary dramatically over time! Is anything wrong?
<span class="permalink">(<a href="#vary">link</a>)</span></h3>
@@ -169,7 +183,9 @@ All routers adjust dynamically to changing network conditions and demands.
<h3 id="reseed">My router has been up for several minutes and has zero or very few connections
<span class="permalink">(<a href="#reseed">link</a>)</span></h3>
<p>
- The reseed URL has changed. If this is your first install and you have installed
+ You may need to reseed your I2P router. With recent versions of I2P you can go to <a href="http://localhost:7657/configreseed">http://localhost:7657/configreseed</a> and click the <em>Save Changes and Reseed Now</em> button. If this method doesn't work—or you're using a very old version—you may need to <a href="#manual_reseed">reseed manually</a>.</p>
+ <p>
+ The reseed URL changed a few years ago. If this is your first install and you have installed
an old (0.6.1.30 or earlier) release, or
you have not run I2P in a long time, you must change the URL and then
click "Reseed" on the console to find other routers.
@@ -183,20 +199,21 @@ All routers adjust dynamically to changing network conditions and demands.
If you are running release 0.6.1.31 or later, you probably don't need to do this.
If you are running release 0.6.1.26 or earlier, either follow the
<a href="#manual_reseed">manual reseed instructions</a> below
- or install the <a href="download.html">latest release</a>.
+ or install the <a href="download">latest release</a>.
Possible alternate method - add
<tt>wrapper.java.additional.5=-Di2p.reseedURL=http://netdb.i2p2.de/</tt>
to wrapper.config, shutdown the router completely, then start again, then click "reseed".
Let us know if this works.
</p>
+<p>...but you *really* should <a href="download">upgrade</a> to the latest version.</p>
<h3 id="peers">My router has very few active peers, is this OK?
<span class="permalink">(<a href="#peers">link</a>)</span></h3>
<p>
-If it has 10 or more, it is OK. Changes in releases 0.6.1.31 and 0.6.1.32 improved the
+If your router has 10 or more active peers, everything is fine. Changes in releases 0.6.1.31 and 0.6.1.32 improved the
efficiency of the router and effectively reduced the number of active peers.
The router <i>should</i> maintain connections to a few peers at all times.
-The best way to stay "better-connected" to the network is to share more bandwidth.
+The best way to stay "better-connected" to the network is to <a href="http://localhost:7657/config">share more bandwidth</a>.
</p>
<h3 id="exit">Is my router an "exit node" to the regular Internet? I don't want it to be.
@@ -205,7 +222,7 @@ The best way to stay "better-connected" to the network is to share more bandwidt
No. Unlike <a href="http://www.torproject.org/">Tor</a>,
"exit nodes" or "outproxies" are not an inherent part of the network.
Only volunteers who set up and run separate applications will relay traffic to the regular Internet.
- There are very very few of these.
+ There are very, very few of these.
</p>
<h3 id="outproxy">I can't access regular Internet sites through I2P.
@@ -229,48 +246,43 @@ The best way to stay "better-connected" to the network is to share more bandwidt
Within I2P, there is no need for HTTPS, as all traffic is encrypted end-to-end.
FTP is not supported for technical reasons.
</p><p>
- For HTTPS or FTP access to the regular Internet, there are no HTTPS or FTP "outproxies".
- HTTPS is possible if somebody would like to set one up. FTP is probably not.
- Actually, just about any other sort of outproxy might work, try setting it up with a standard
- tunnel and see.
- As explained several times above, outproxies of any type are not a core
- part of the network, they are services run by individuals and they may or may not
- be operational at any given time.
+ There are no FTP "outproxies" to the Internet—it may not even be possible to set up one.
+ Any other kind of outproxy may work if it's set up with a standard tunnel.
If you would like to set up some type of outproxy, carefully research the potential risks.
- The I2P community may or may not be able to help with the technical aspects, feel free to ask.
-</p><p>
- <b><l>Update</b></l>: Thanks to h2ik and mer'd, they provide service to demonstrate i2p's capability to support https outproxy.
- the client side setup is not hard at all, if you follow the instruction strictly ;) :
+ The I2P community may or may not be able to help with the technical aspects, feel free to ask.</p>
+ <p>As explained several times above, any existing outproxy isn't a core part of the network.
+ They are services run by individuals and they may or may not
+ be operational at any given time.
+
+</p>
+ <p><b>Update</b>: Thanks to the work of h2ik, there is an https outproxy available for use via I2P. Starting with I2P 0.8.4 <a href="http://localhost:7657/i2ptunnel/edit?tunnel=6">the tunnel</a> is configured out of the box.<br />
+ In case the https outproxy is not available in your version of I2P, you can add it easily by doing the following:</p>
<ol><li>Open <a href="http://localhost:7657/i2ptunnel/index.jsp">i2p tunnel manager</a>. Scroll down to the bottom.
</li><li>Choose <b>CONNECT</b> from <b>New Client Tunnel</b> dropdown list, click <b>Create</b>
</li><li>In the new page, <b>name</b> and <b>describe</b> your new https tunnel as you like.
- The <b>Access Point</b> is your local port for the new https proxy recommended port's <l>4445</l>.
- <b>Outproxy</b> should be the outproxy's .i2p address which support https.
- In this case <a href="http://forum.i2p/viewtopic.php?t=4416">mer.d</a>
- and <a href="http://forum.i2p/viewtopic.php?t=3861">h2ik</a>(see the link for address).
+ The <b>Access Point</b> is your local port for the new https proxy recommended port's <b>4445</b>.
+ <b>Outproxy</b> should be the outproxy's .i2p address which supports https.
+ See this forum post of <a href="http://forum.i2p/viewtopic.php?p=31356#31356">h2ik</a>'s for the address.
Make sure <b>Shared Client</b>, <b>Delay Connect</b>, <b>AutoStart</b> are checked.
- Other option as default, Click Save. In tunnel manger, click the <b>Start</b> button next to your new tunnel.
+ Other options should be left at the defaults. Click Save. In tunnel manger, click the <b>Start</b> button next to your new tunnel.
</li><li>In firefox, click through <b>Tools</b>><b>Options</b>><b>Advanced</b>><b>Network</b>><b>Setting</b>.
Untick <b>Use this proxy for all protocol</b>, set <b>SSL proxy:</b> to localhost:4445.
-</li><li>Done. If you think their service is valuable, you can thank them in their post.
- If the service is down, you can ask them nicely in their post too. See the link in step 3.
- If you are a tor operator and you think you can help, you can ask in irc for assistance.
+</li><li>Done.
</li></ol>
-</p>
+
+
<h3 id="proxy_safe">Is using an outproxy safe?
<span class="permalink">(<a href="#proxy_safe">link</a>)</span></h3>
<p>
- You have to decide for yourself.
- It depends on what you are doing, your
+ This is a question that only you can answer because the correct answer depends on your behaviours, your
<a href="how_threatmodel.html">threat model</a>, and how much you trust the outproxy operator.
</p><p>
Like Tor, I2P does not magically encrypt the Internet.
- You are vulnerable to snooping by the outproxy operator.
+ You are vulnerable to snooping by the outproxy operators.
The <a href="https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#ExitEavesdroppers">Tor FAQ</a>
does a good job of explaining this.
- There is no HTTPS outproxy in I2P, and you cannot hide your traffic from an HTTP outproxy operator.
-</p><p>
+ </p><p>
In addition, you may be vulnerable to collusion between the outproxy operator
and operators of other I2P services, if you use the same tunnels ("shared clients").
There is additional discussion about this on <a href="http://zzz.i2p/topics/217">zzz.i2p</a>.
@@ -279,11 +291,9 @@ The best way to stay "better-connected" to the network is to share more bandwidt
<h3 id="proxy_other">How do I access IRC, BitTorrent, or other services on the regular Internet?
<span class="permalink">(<a href="#proxy_other">link</a>)</span></h3>
<p>
- You can't.
- Somebody must set up an outproxy for each service.
- There are only two types of outproxies running right now: HTTP and email.
- There is no SOCKS outproxy.
- If you need this you should probably try <a href="http://www.torproject.org/">Tor</a>.
+ Unless an outproxy has been set up for the service you want to connect to, this cannot be done.
+ There are only three types of outproxies running right now: HTTP, HTTPS, and email. Note that there is not a SOCKS outproxy.
+ If this type of service is required, try <a href="http://www.torproject.org/">Tor</a>.
</p>
<h3 id="down">Most of the eepsites within I2P are down?
@@ -292,15 +302,14 @@ The best way to stay "better-connected" to the network is to share more bandwidt
If you consider every eepsite that has ever been created, yes, most of them are down.
People and eepsites come and go.
A good way to get started in I2P is check out a list of eepsites that are currently up.
- <a href="http://inproxy.tino.i2p/status.php">inproxy.tino.i2p</a> and
- <a href="http://perv.i2p/stats.cgi">perv.i2p</a> track active eepsites.
+ <a href="http://perv.i2p/stats.cgi">perv.i2p</a> tracks active eepsites.
</p>
<h3 id="myeepsite">How do I set up my own eepsite?
<span class="permalink">(<a href="#myeepsite">link</a>)</span></h3>
<p>
- Click on the <a href="http://localhost:7658/">My Eepsite Link</a>
- on the top of your router console for instructions.
+ Click on the <a href="http://localhost:7658/">Website</a> link
+ at the top of your router console for instructions.
</p>
<h3 id="slow">Why is I2P so slow?
@@ -312,7 +321,7 @@ Anonymity isn't free.
</p>
<p>
In addition, you and everybody else probably need to increase your bandwidth limits.
-Two key settings are the inbound and outbound bandwidth limiters on
+Two key settings are the inbound and outbound bandwidth limiters on
<a href="http://localhost:7657/config.jsp">the configuration page</a>.
With the default settings of 32KBps you will generally get no better than 15KBps data transfer in I2PSnark.
Increasing the settings (but keeping within your actual connection limitations)
@@ -333,7 +342,7 @@ If you haven't, <a href="download.html">install the latest release</a>.
See the
<a href="http://forum.i2p/viewtopic.php?t=2068">I2P Bittorrent FAQ</a>
<a href="http://forum.i2p2.de/viewtopic.php?t=2068">(outside I2P)</a>
-
+</p>
<h3 id="irc">How do I connect to IRC within I2P?
<span class="permalink">(<a href="#irc">link</a>)</span></h3>
<p>
@@ -341,7 +350,7 @@ On the
<a href="http://localhost:7657/i2ptunnel/index.jsp">I2PTunnel configuration page</a>,
start the ircProxy.
Then tell your IRC client to connect to localhost port 6668.
-
+</p>
<h3 id="remote_webconsole">How can I access the web console from my other machines or password protect it?
<span class="permalink">(<a href="#remote_webconsole">link</a>)</span></h3>
<p>
@@ -351,8 +360,8 @@ Then tell your IRC client to connect to localhost port 6668.
</p>
<ol>
-<li>Open up clients.config and replace<br />
- <code>clientApp.0.args=7657 127.0.0.1 ./webapps/</code><br />
+ <li>Open <code>~/.i2p/clients.config</code> and replace<br />
+ <code>clientApp.0.args=7657 ::1,127.0.0.1 ./webapps/</code><br />
with <br />
<code>clientApp.0.args=7657 0.0.0.0 ./webapps/</code></li>
<li>Go to <a href="http://localhost:7657/configadvanced.jsp">http://localhost:7657/configadvanced.jsp</a>
@@ -385,6 +394,15 @@ router advanced configuration option <tt>i2cp.tcp.bindAllInterfaces=true</tt> an
listens on localhost port 4444), and browsing to the site.
</p>
+<h3 id="browserproxy">How do I configure my browser?
+<span class="permalink">(<a href="#browserproxy">link</a>)</span></h3>
+<p>
+ The proxy config for different browsers is on a <a href="htproxyports.html">
+ separate page</a> with screenshots. More advanced configs with external tools
+ are possible but could introduce leaks in your setup.
+</p>
+
+
<h3 id="active">What do the Active x/y numbers mean in the router console?
<span class="permalink">(<a href="#active">link</a>)</span></h3>
<p>
@@ -419,33 +437,33 @@ router advanced configuration option <tt>i2cp.tcp.bindAllInterfaces=true</tt> an
through various settings, of course):
</p>
-<p>
- <ul><p>
+
+ <ul>
<li><b>Internet-facing ports</b>
Note: New installs as of release 0.7.8 do not use port 8887; they select a random port
- between 9000 and 32000 when the program is run for the first time.
- The selected port is shown on the router <a href="http://127.0.0.1:7657/config.jsp">configuration page.</a>
+ between 9000 and 31000 when the program is run for the first time.
+ The selected port is shown on the router <a href="http://127.0.0.1:7657/confignet.jsp">configuration page.</a>
<ul>
- <li><b>Outbound UDP from the random port noted on the <a href="http://127.0.0.1:7657/config.jsp">configuration page</a> to arbitrary remote UDP ports, allowing replies</b></li>
+ <li><b>Outbound UDP from the random port noted on the <a href="http://127.0.0.1:7657/confignet.jsp">configuration page</a> to arbitrary remote UDP ports, allowing replies</b></li>
<li><b>Outbound TCP from random high ports to arbitrary remote TCP ports</b></li>
- <li><b>(optional, but recommended) Inbound UDP to the port noted on <a href="http://127.0.0.1:7657/config.jsp">configuration page</a> from arbitrary locations</b></li>
- <li><b>(optional, but recommended) Inbound TCP to the port noted on <a href="http://127.0.0.1:7657/config.jsp">configuration page</a> from arbitrary locations</b><br />
- Inbound TCP may be disabled on the <a href="http://127.0.0.1:7657/config.jsp">configuration page.</a></li>
+ <li><b>(optional, but recommended) Inbound UDP to the port noted on <a href="http://127.0.0.1:7657/confignet.jsp">configuration page</a> from arbitrary locations</b></li>
+ <li><b>(optional, but recommended) Inbound TCP to the port noted on <a href="http://127.0.0.1:7657/confignet.jsp">configuration page</a> from arbitrary locations</b><br />
+ Inbound TCP may be disabled on the <a href="http://127.0.0.1:7657/confignet.jsp">configuration page.</a></li>
<li><b>Outbound UDP on port 123, allowing replies</b><br />
This is necessary for I2P's internal time sync (via SNTP -
querying a random SNTP host in pool.ntp.org or another
server you specify)</li>
</ul>
</li>
- </p></ul>
+ </ul>
- <ul><p>
+ <ul>
<li><b>Local I2P ports</b>, listening only to local connections by default,
except where noted:
<ul>
<li><b>1900:</b> UPnP SSDP UDP multicast listener.
<i>Cannot be changed. Binds to all interfaces.
- May be disabled on <a href="http://localhost:7657/config.jsp">config.jsp</a>.
+ May be disabled on <a href="http://localhost:7657/confignet.jsp">confignet.jsp</a>.
</i></li>
<li><b>2827:</b> BOB bridge, a higher level socket API for clients
<i>Disabled by default.
@@ -456,6 +474,10 @@ router advanced configuration option <tt>i2cp.tcp.bindAllInterfaces=true</tt> an
<i>May be disabled or changed on the i2ptunnel page in the router console.
May also be configured to be bound to a specific interface or all interfaces.
</i></li>
+ <li><b>4445:</b> HTTPS proxy
+ <i>May be disabled or changed on the i2ptunnel page in the router console.
+ May also be configured to be bound to a specific interface or all interfaces.
+ </i></li>
<li><b>6668:</b> IRC proxy
<i>May be disabled or changed on the i2ptunnel page in the router console.
May also be configured to be bound to a specific interface or all interfaces.
@@ -463,20 +485,19 @@ router advanced configuration option <tt>i2cp.tcp.bindAllInterfaces=true</tt> an
<li><b>7652:</b> UPnP HTTP TCP event listener.
<i>Binds to the LAN address.
May be changed with advanced config i2np.upnp.HTTPPort=nnnn.
- May be disabled on <a href="http://localhost:7657/config.jsp">config.jsp</a>.
+ May be disabled on <a href="http://localhost:7657/confignet.jsp">confignet.jsp</a>.
</i></li>
<li><b>7653:</b> UPnP SSDP UDP search response listener.
<i>Binds to all interfaces.
May be changed with advanced config i2np.upnp.SSDPPort=nnnn.
- May be disabled on <a href="http://localhost:7657/config.jsp">config.jsp</a>.
+ May be disabled on <a href="http://localhost:7657/confignet.jsp">confignet.jsp</a>.
</i></li>
<li><b>7654:</b> I2P Client Protocol port, used by client apps.
- <i>May be changed with the advanced configuration option</i> <tt>i2cp.port</tt>
+ <i>May be changed to a different port on
+ <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>
but this is not recommended.
- May be changed to bind to all interfaces with the advanced configuration option
- <tt>i2cp.tcp.bindAllInterfaces=true</tt>.
- May be changed to bind to a specific interface with the advanced configuration option
- <tt>i2cp.hostname=1.2.3.4</tt>.
+ May be to bind to a different interface or all interfaces, or disabled, on
+ <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>.
</i></li>
<li><b>7655:</b> UDP for SAM bridge, a higher level socket API for clients
<i>Only opened when a SAM V3 client requests a UDP session.
@@ -508,11 +529,22 @@ router advanced configuration option <tt>i2cp.tcp.bindAllInterfaces=true</tt> an
<i>May be disabled or changed on the i2ptunnel page in the router console.
May also be configured to be bound to a specific interface or all interfaces.
</i></li>
- <li><b>32000:</b> local control channel for the service wrapper</li>
+ <li><b>31000:</b> Local connection to the wrapper control channel port.
+ <i>Outbound to 32000 only, does not listen on this port.
+ Starts at 31000 and will increment until 31999 looking for a free port.
+ To change, see the
+ <a href="http://wrapper.tanukisoftware.com/doc/english/prop-port.html">wrapper documentation</a>.
+ For more information see <a href="#port32000">below</a>.
+ </i></li>
+ <li><b>32000:</b> Local control channel for the service wrapper.
+ <i>To change, see the
+ <a href="http://wrapper.tanukisoftware.com/doc/english/prop-port.html">wrapper documentation</a>.
+ For more information see <a href="#port32000">below</a>.
+ </i></li>
</ul>
</li>
- </p></ul>
-</p>
+ </ul>
+
<p>
The local I2P ports and the I2PTunnel ports do not need to be reachable from
@@ -524,16 +556,25 @@ router advanced configuration option <tt>i2cp.tcp.bindAllInterfaces=true</tt> an
<p>
So, to summarize, nothing needs to be reachable by unsolicited remote peers, but
- if you can configure your NAT/firewall to allow inbound UDP and TCP to port 8887, you'll
+ if you can configure your NAT/firewall to allow inbound UDP and TCP the <a href="http://localhost:7657/config">outbound facing port</a>, you'll
get better performance. You will also need to be able to send outbound UDP packets
to arbitrary remote peers (blocking IPs randomly with something like PeerGuardian
only hurts you - don't do it).
</p>
+<h3 id="port32000">Why is I2P listening on port 32000?
+<span class="permalink">(<a href="#port32000">link</a>)</span></h3>
+<p>The Tanuki java service wrapper that we use opens this port—bound to localhost—in order
+to communicate with software running inside the JVM. When the JVM is launched it is given a key
+so it can connect to the wrapper. After the JVM establishes its connection
+to the wrapper, the wrapper refuses any additional connections.</p>
+<p>More information can be found in the
+<a href="http://wrapper.tanukisoftware.com/doc/english/prop-port.html">wrapper documentation</a>.</p>
+
<h3 id="manual_reseed">How do I reseed manually?
<span class="permalink">(<a href="#manual_reseed">link</a>)</span></h3>
<p>
- An I2P router only needs to reseed once, to join the network for the first time.
+ An I2P router only needs to be seeded once, to join the network for the first time.
Reseeding is nothing more than sending plain HTTP GET requests
to fetch a directory listing and download multiple "routerInfo" files
from a predefined reseed URL.
@@ -546,19 +587,54 @@ router advanced configuration option <tt>i2cp.tcp.bindAllInterfaces=true</tt> an
if your firewall limits outbound traffic, and blocked the reseed request.
</p>
-<p>
To reseed an I2P router manually, do the following:
<ul>
- <li>Stop your I2P router</li>
- <li>Open <a href="http://i2pdb.tin0.de/netDb/">http://i2pdb.tin0.de/netDb/</a> or
- <a href="http://netdb.i2p2.de/">http://netdb.i2p2.de/</a> using a web browser</li>
- <li>Save a dozen "routerInfo" files to your I2P "netDb" directory (ignore the "leaseSet" files)</li>
- <li>Alternate method (easier): Download <a href="http://i2pdb.tin0.de/latest.zip">http://i2pdb.tin0.de/latest.zip</a>
+ <li>Stop your I2P router
+ </li><li>Open <!-- DOWN <a href="http://i2pdb.tin0.de/netDb/">http://i2pdb.tin0.de/netDb/</a> or -->
+ <a href="http://netdb.i2p2.de/">http://netdb.i2p2.de/</a> using a web browser
+ </li><li>Save a dozen "routerInfo" files to your I2P "netDb" directory
+ <!-- DOWN
+ </li><li>Alternate method (easier): Download <a href="http://i2pdb.tin0.de/latest.zip">http://i2pdb.tin0.de/latest.zip</a>
and unzip it into your I2P "netDb" directory.
- <li>Start your I2P router</li>
- </ul>
-</p>
+ -->
+ </li><li>Start your I2P router
+ </li></ul>
+<h3 id="compat6x">I'm using FreeBSD and when I start I2P I receive an error about <code>libm.so.4</code>!
+<span class="permalink">(<a href="#compat6x">link</a>)</span></h3>
+When trying to start the router using "i2prouter start", you may see output like the following:<br />
+<code> $ ./i2prouter start<br />
+ Starting I2P Service...<br />
+ /libexec/ld-elf.so.1: Shared object "libm.so.4" not found, required by "i2psvc"
+</code>
+<p>In order to be inclusive and try to ensure that I2P will run on as many systems
+ as possible, up until I2P 0.8.9 we used a <a href="http://wrapper.tanukisoftware.com/">java wrapper</a>
+ compiled for FreeBSD 6.x. If you're receiving this error you most likely are missing the necessary compatibility libraries.
+ These libraries may be installed by performing the following steps:</p>
+<ul>
+ <li>Switch to the root user with <code>su</code> or log in as <code>root</code>.</li>
+ <li><code>cd /usr/ports/misc/compat6x</code></li>
+ <li><code>make install</code></li>
+</ul>
+<p>If you cannot install these compatibility libraries (or do not want to), other possibilities would be to compile the wrapper for <a href="manualwrapper">your system</a>,
+ starting I2P with the <code>runplain.sh</code> script, or you can replace the wrapper with one from the source tarball.</p>
+<p>For the 0.8.9 release of I2P, the wrapper was upgraded to v3.5.12 and compiled on systems running FreeBSD 7.2.</p>
+<h3 id="protocolfamily">In <code>wrapper.log</code> I see an error that states "<code>Protocol family unavailable</code>" when loading the Router Console
+<span class="permalink">(<a href="#protocolfamily">link</a>)</span></h3>
+<p>Often this error will occur with any network enabled java software on some systems that are configured to use IPv6 by default. There are a few ways to solve this:</p>
+<ul>
+ <li>On Linux based systems, you can <code>echo 0 > /proc/sys/net/ipv6/bindv6only</code></li>
+ <li>Look for the following lines in <code>wrapper.config</code>.<br />
+<code>#wrapper.java.additional.5=-Djava.net.preferIPv4Stack=true<br />
+ #wrapper.java.additional.6=-Djava.net.preferIPv6Addresses=false<br />
+</code><br />
+ If the lines are there, uncomment them by removing the "#"s. If the lines are not there, add them without the "#"s.<br /></li>
+ </ul>
+Another option would be to remove the <strong>::1</strong> from <code>~/.i2p/clients.config</code>
+<p><strong>WARNING</strong>: For any changes to <code>wrapper.config</code> to take effect, you must completely
+stop the router and the wrapper. Clicking <em>Restart</em> on your
+router console will NOT reread this file! You must
+click <em>Shutdown</em>, wait 11 minutes, then start I2P.</p>
<hr />
<h3 id="question">I have a question!
<span class="permalink">(<a href="#question">link</a>)</span></h3>
diff --git a/www.i2p2/pages/faq_ar.html b/www.i2p2/pages/faq_ar.html
new file mode 100644
index 0000000000000000000000000000000000000000..59f1e9d32aeadd95ee4488aa420214a8111815a8
--- /dev/null
+++ b/www.i2p2/pages/faq_ar.html
@@ -0,0 +1,469 @@
+{% extends "_layout_ar.html" %}
+{% block title %}اسئلة شائعة{% endblock %}
+{% block content %}
+<h1>I2P اسئلة شائعة Øول</h1>
+<h3 id="index"> الÙهرس </h3>
+<p><ol>
+<h4>اسئلة عامة</h4>
+<li><a href="#eepsite">؟"eepsite" ماهو
+</a></li><li><a href="#peers">موجه لايجد سوى عدد قليل من النظائر، هل هذا طبيعي؟
+</a></li><li><a href="#active">ماذا تعني ارقام المÙعلة ÙÙŠ شاشة الموجه؟
+</a></li><li><a href="#vary">الانÙاق المشاركة / الاتصالات/ السرعة تتÙير طوال الوقت. هل هناك مشكلة؟
+</a></li><li><a href="#proxy_safe">هل استعمال بروكسي خارجي آمن؟
+</a></li><li><a href="#down">لاتعمل؟ eepsite لماذا غالبية
+</a></li><li><a href="#ports">ØŸ I2P ماهي المناÙØ° التي يستعملها
+</a></li><li><a href="#bug">أظن انني وجدت مشكل ÙÙŠ البرنامج أين يمكنني التبليغ عنه؟
+</a></li><li><a href="#jrandom">؟*.i2p.net ماذا وقع لموقع
+</a></li><li><a href="#question">لدي سؤال آخر!
+</a></li>
+<h4>اعدادات</h4>
+<li><a href="#reseed">موجهي يشتغل منذ عدة دقائق ولديه صÙر نظير او عدد قليل من الاتصالات
+</a></li><li><a href="#slow"> لماذا الشبكة ثقيلة؟
+</a></li><li><a href="#subscriptions">انا بØاجة لعناوين لاضاÙتها ÙÙŠ دÙتر عناويني. ماهي الاشتراكات التي يمكنني اضاÙتها؟
+</a></li><li><a href="#myeepsite">كي٠يمكنني انشاء موقعي الخاص
+</a></li><li><a href="#snark">Bittorrent / I2PSnark / Azureus I2P اسئلة Øول
+</a></li><li><a href="#irc">IRCكي٠يمكنني الاتصال ب
+</a></li><li><a href="#outproxy"> I2P لايمكني الاتصال بمواقع انترنت عادية خارج الشبكة المجهولة
+</a></li><li><a href="#https">لايمكن الاتصال https:// أو ftp:// بمواقع I2P.
+</a></li><li><a href="#socks">هل يمكن استعمال؟ I2P كبروكسي SOCKS
+</a></li><li><a href="#browserproxy">كي٠يمكن تغيير اعدادات المتصÙØØŸ
+</a></li><li><a href="#remote_webconsole">كي٠يمكنني الوصول الى الطرÙية من أجهزة أخرى او Øمايتها بكلمة سر؟
+</a></li><li><a href="#remote_i2cp">كي٠يمكنني استعمال البرامج عن طريق جهاز آخر؟
+</a></li><li><a href="#manual_reseed">كي٠يمكنني اعادة التوجيه يدويا؟
+</a></li><li><a href="#cpu">الموجه يستعمل قدر كبير من سرعة الجهاز
+</a></li>
+<h4>Ø£Ùكار خاطئة</h4>
+<li><a href="#proxy_other">كي٠يمكنني الاتصال بـ IRC، BitTorrent، وباقي الخدمات على الانترنت العادية؟
+</a></li><li><a href="#exit">هل موجهي عبارة عن بروكسي خارجي للأنترنت العادية؟ انا لا اريد ذلك.
+</a></li><li><a href="#content">انا ضد بعض انواع البيانات. كي٠يمكنني منع نشرها او تخزينها او الوصول اليها؟
+</a></li>
+</ol></p>
+<h3 id="bug">أظن انني وجدت مشكلة ÙÙŠ البرنامج، اين يمكنني التبليغ عنها؟
+<span class="permalink">(<a href="#bug">وصلة</a>)</span></h3>
+<p>
+هناك عدة مواقع اختر Ø£Øدها.
+<ul>
+<li><a href="http://trac.i2p2.de/report/1">trac.i2p2.de</a> ticket (طريقة Ù…Ùضلة)
+</li><li><a href="http://pastethis.i2p/">pastethis.i2p</a> ثم انضم على القناة IRC #i2p
+</li><li>تكلم مع المطورين IRC #i2p-dev
+</li></ul>
+</p>
+
+
+<h3 id="subscriptions">انا بØاجة لعناوين لاضاÙتها ÙÙŠ دÙتر عناويني. ماهي الاشتراكات التي يمكنني اضاÙتها؟
+<span class="permalink">(<a href="#subscriptions">link</a>)</span></h3>
+<p>
+الاشتراك العادي هو http://www.i2p2.i2p/hosts.txt الذي نادرا ما يتم تØديثه. اذا لم تض٠عنوان اشتراك جديد يمكنك الضغط
+على وصلة "jump".
+</p><p>
+هذه بعض الوصلات التي يمكنك اضاÙتها الى
+ <a href="http://localhost:7657/susidns/subscriptions.jsp">susidns قائمة الاشتراك</a>.
+لست بØاجة الى ان تضي٠جميع العناوين Øيث يتم تبادل العناوين الجديدة Ùيما بينها.
+
+<div class="links">
+<ul>
+<li><a href="http://i2host.i2p/cgi-bin/i2hostetag">http://i2host.i2p/cgi-bin/i2hostetag</a>
+</li><li><a href="http://stats.i2p/cgi-bin/newhosts.txt">http://stats.i2p/cgi-bin/newhosts.txt</a>
+</li></ul>
+</div>
+</p>
+
+<h3 id="jrandom">؟*.i2p.net ماذا وقع لموقع
+<span class="permalink">(<a href="#jrandom">وصلة</a>)</span></h3>
+<p>
+ Jrandom كان المطور الرئيسي للمشروع
+
+<a href="http://syndie.i2p2.de/">Syndie</a> لعدة سنوات
+نتوقع ان يستمر غياب jrandom ابتداء من 2008. كما ان i2p.net اصيب بعطب تقني لشركة المستضيÙØ© للموقع.
+
+</p><p>
+أنظر <a href="jrandom-awol.html">هذه الصÙØØ©</a>للمزيد من المعلومات
+</p><p>
+مشروع I2P لو يمت ولا يزال قيد تطوير مستمر ونتوقع اصدارات جديدة ÙÙŠ 2010.
+</p>
+
+<h3 id="cpu">لماذا الشبكة ثقيلة؟
+<span class="permalink">(<a href="#cpu">link</a>)</span></h3>
+<p>
+هناك عدة اسباب لاستخدام البرنامج لقدر كبير من سرعة الجهاز هذه قائمة:
+</p><ul>
+<li>
+هل تستعمل Sun Java او اصدار آخر (قم بكتابة java -version ÙÙŠ سطر الأوامر).
+</li><li>
+هل تستخدم BitTorrent Ùوق شبكة I2PØŸ Øاول تقليل من عدد تورنت، تقليل السرعة مشاركة الملÙات، لو توقي٠البرنامج.
+</li><li>
+هل تشارك بقدر كبير من من سرعة الشبكة؟ ربما الكثير من البيانات تمر عبر جهازك مما يقوم بتأخيره. Øاول تقليل نسبة المشاركة ÙÙŠ مل٠config.jsp.
+</li><li>
+هل تستعمل آخر اصدار من I2P؟ الاصدارات الجديدة اكثر سرعة.
+</li><li>
+هل قمت بتخصيص قدر كاÙÙŠ من الذاكرة لـI2PØŸ انظر الى استعمال الذاكرة ÙÙŠ graphs.jsp لرؤية Øجم الذاكرة المستخدمة.
+
+ قم بزيادة wrapper.java.maxmemory ÙÙŠ wrapper.config.
+
+</ul>
+
+<h3 id="content">انا ضد بعض انواع البيانات. كي٠يمكنني منع نشرها او تخزينها او الوصول اليها؟
+<span class="permalink">(<a href="#content">link</a>)</span></h3>
+<p>
+شبكة I2P مصممة لتكون شبكة مجهولة، Ùمن الصعب التØكم ÙÙŠ Ù…Øتواها.
+شبكة I2P مصممة لاتاØØ© الجميع التعبير بØرية وتجاوز الØجب ومراقبة اي نوع من البيانات.
+Ø£Ùضل طريقة اذا كنت لا تتÙÙ‚ مع هذه الأÙكار هي ان لا تستعمل الشبكة.
+Øرية التعبير لها ثمن.
+يمكن الجواب عن هذا السؤال عبر ثلاثة Ù…Øاور:
+<ul>
+<li><b>التوزيع</b>
+جميع البيانات ÙÙŠ شبكة I2P مشÙرة على عدة مستويات. لايمكنك معرÙØ© Ù…Øتوى البيانات، مصدرها، او اتجاهها.
+كل البيانات التي تقوم بتمريرها هي داخلية وخاصة بالشبكة، انت لست
+ <a href="#exit">بروكسي خارجي</a>
+انت تقوم بمساعدة الشبكة عبر تمرير البيانات للآخرين وبالتالي جعلها اكثر أمانا.
+
+</li><li><b>التخزين</b>
+انت لا تقوم بتخزين البيانات لمستخدمين آخرين
+Ùهذا المشروع يختل٠عن طريقة اشتغال<a href="http://freenetproject.org/">Freenet</a>.
+
+</li><li><b>التصÙØ</b> اذا لم تعجبك بعض المواقع، ببساطة لا تدخلها.
+</li></ul>
+</p>
+
+<h3 id="vary">الانÙاق المشاركة / الاتصالات/ السرعة تتÙير طوال الوقت. هل هناك مشكلة؟
+<span class="permalink">(<a href="#vary">link</a>)</span></h3>
+<p>
+هذا طبيعي.
+الموجه يتغير ليتلائم مع Øالة الشبكة.
+</p>
+
+<h3 id="reseed">موجهي يشتغل منذ عدة دقائق ولديه صÙر نظير او عدد قليل من الاتصالات
+<span class="permalink">(<a href="#reseed">link</a>)</span></h3>
+<p>
+تم نغيير العنوان. اذا قمت بتثبيث اول مرة او قمت بتثبيت اصدار قديم (0.6.1.30 او ماقبل) عليك تغيير العنوان.
+
+
+ انقر "Reseed" ÙÙŠ الموجه للØصول على عنوان جديد. ثم اذهب الى
+
+ <a href="http://localhost:7657/configadvanced.jsp">configadvanced.jsp</a>,
+ ثم اض٠السطر <tt>i2p.reseedURL=http://netdb.i2p2.de/</tt>
+ او <tt>i2p.reseedURL=http://i2pdb.tin0.de/netDb/</tt> (either should work),
+ ثم انقر "Ùعل", ثم انقر "reseed" .
+
+<h3 id="peers">موجه لايجد سوى عدد قليل من النظائر، هل هذا طبيعي؟
+<span class="permalink">(<a href="#peers">link</a>)</span></h3>
+<p>
+اذا كان لديه 10 او اكثر.هذا طبيعي. تغييرات ÙÙŠ اصدار 0.6.1.31 Ùˆ 0.6.1.32 تم زيادة Ùعالية العثور على النظاشر المÙعلة.
+الموجه يستعمل عدد قليل من النظائر لاتمام الاتصال.
+</p>
+
+<h3 id="exit">هل موجهي عبارة عن بروكسي خارجي للأنترنت العادية؟ انا لا اريد ذلك.
+<span class="permalink">(<a href="#exit">link</a>)</span></h3>
+<p>
+ لا. بخلا٠<a href="http://www.torproject.org/">Tor</a>
+البروكسي الخارجي ليس جزئ من تصميم الشبكة. Ùقط المتطوعين الذين يثبتون برامج خاصة لربط بشبكة انترنت خارجية وهم قلائل جدا.
+</p>
+
+<h3 id="outproxy">I2P لايمكني الاتصال بمواقع انترنت عادية خارج الشبكة المجهولة
+<span class="permalink">(<a href="#outproxy">link</a>)</span></h3>
+<p>
+انظر اعلاه. هناك عدد قليل من بروكسي HTTP خارجي زيادة على ان البروكسي الخارجي الوØيد الذي يشتغل الآن هو false.i2p.
+لاستعماله Øرر <a href="http://localhost:7657/i2ptunnel/edit.jsp?tunnel=0">i2ptunnel settings for eepProxy</a> ثم ضع ÙÙŠ القائمة 'false.i2p' (Ùقط).
+ثم اوق٠وأعد التشغيل
+اذا كانت رغبتك الأساسية من استعمال شبكة مجهولية هو الوصول الى مواقع انترنت عادية، ننصØÙƒ بستعمال
+<a href="http://www.torproject.org/">Tor</a>.
+</p>
+
+<h3 id="https">لا استطيع الوصول الى مواقع https:// او ftp:// عبر I2P.
+<span class="permalink">(<a href="#https">link</a>)</span></h3>
+<p>
+داخل شبكة I2P لاتوجد Øاجة لـ HTTPS لأن جميع الاتصالات مشÙرة. FTP غير مدعوم لأسباب تقنية.
+
+</p><p>
+<h3 id="proxy_safe">هل استعمال بروكسي خارجي آمن؟
+<span class="permalink">(<a href="#proxy_safe">link</a>)</span></h3>
+<p>
+عليك أن تقرر بنÙسك.
+هذا يعتمد على ما تقوم به،
+
+ <a href="how_threatmodel.html">و درجة المخاطرة</a>وقدر التقة لمزود البروكسي الخارجي
+</p><p>
+مثل تور I2P لا يقوم بتشÙير كل الانترنت بطريقة سØرية. انت معرض لتجسس من طر٠مزود البروكسي الخارجي.
+
+ موقع <a href="https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#ExitEavesdroppers">Tor FAQ</a>
+ يقدم المزيد من الشروØ.
+</p><p>
+زيادة على ذلك يمكن ان يعرضك الى مشاكل امنية، للمزيدمن التÙاصيل ÙÙŠ هذه الصÙØØ©
+ <a href="http://zzz.i2p/topics/217">zzz.i2p</a>.
+</p>
+
+<h3 id="proxy_other"> كي٠يمكنني الوصول الى تورنت والدردشة وباقي الخدمات؟
+<span class="permalink">(<a href="#proxy_other">link</a>)</span></h3>
+<p>
+لا يمكنك.
+اØدهم يجب ان يقوم بانشاء بروكسي لكل خدمة.
+هناك نوعين Ùقط من بروكسي مستخدمة الآن: HTTP والبريد الالكتروني.
+لايوجد بروكسي خارجي SOCKS.
+اذا كنت بØاجة لهذا زر موقع تور<a href="http://www.torproject.org/">Tor</a>.
+</p>
+
+<h3 id="down">لاتعمل؟ eepsite لماذا غالبية
+<span class="permalink">(<a href="#down">link</a>)</span></h3>
+<p>
+يمكن التØقق من المواقع eepsite الموجودة بزيارة
+
+ <a href="http://perv.i2p/stats.cgi">perv.i2p</a> tracks active eepsites.
+</p>
+
+<h3 id="myeepsite">؟eepsites كي٠يمكنني انشاء موقعي الخاص
+<span class="permalink">(<a href="#myeepsite">link</a>)</span></h3>
+<p>
+ انقر على<a href="http://localhost:7658/"> Eepsite وصلة</a>
+ÙÙŠ اعلى الموجه لتÙاصيل.
+</p>
+
+<h3 id="slow">لماذا الشبكة ثقيلة؟
+<span class="permalink">(<a href="#slow">link</a>)</span></h3>
+<p>
+لماذا التØميل وتورنت وتصÙØ Ø§Ù„ÙˆÙŠØ¨ ثقيل ÙÙŠ شبكة I2PØŸ
+التشÙير ونقل البيانات يستهلك سرعة الاتصال. الØرية والمجهولية لها ثمن.
+</p>
+<p>
+زيادة على ذلك انت والجميع عليكم زيادة القدر المشارك مع الآخرين من سرعة الاتصال. ÙÙŠ
+
+<a href="http://localhost:7657/config.jsp">صÙØØ© الاعدادات</a>.
+
+الشبكة لازالت قيد التطوير. والعديد من التعديلات هي قيد الانجاز، وعموما استخدام آخر اصدار يساهم ÙÙŠ تجنب المشاكل.
+اذا لم تقم بذلك <a href="download.html">تبث آخر اصدار</a>.
+</p>
+
+<h3 id="snark">ØŸ Bittorrent / I2PSnark / Azureus I2P Plugin اسئلة Øول
+<span class="permalink">(<a href="#snark">link</a>)</span></h3>
+<p>
+أنظر
+<a href="http://forum.i2p/viewtopic.php?t=2068">I2P Bittorrent اسئلة</a>
+<a href="http://forum.i2p2.de/viewtopic.php?t=2068">( I2P خارج شبكة)</a>
+
+<h3 id="irc">؟I2P داخل IRC كي٠اتصل بـ
+<span class="permalink">(<a href="#irc">link</a>)</span></h3>
+<p>
+On the
+<a href="http://localhost:7657/i2ptunnel/index.jsp">I2PTunnel اعدادات صÙØØ©</a>
+شغل ircProxy.
+ثم ضع ÙÙŠ اعدادات برنامج IRC localhost ومنÙØ° 6668.
+
+<h3 id="remote_webconsole"> كي٠اتصل بالطرÙية من جهاز آخر
+<span class="permalink">(<a href="#remote_webconsole">link</a>)</span></h3>
+<p>
+لأسباب أمنية لا يمكن الوصول الى شاشة الموجه من أجهزة أخرى. لكن يمكن تعديله للاتصال عن بعد.
+
+</p>
+
+<ol>
+<li>اÙØªØ clients.config وغير<br />
+ <code>clientApp.0.args=7657 ::1,127.0.0.1 ./webapps/</code><br />
+ الى <br />
+ <code>clientApp.0.args=7657 0.0.0.0 ./webapps/</code></li>
+<li>اذهب الى <a href="http://localhost:7657/configadvanced.jsp">http://localhost:7657/configadvanced.jsp</a>
+ ثم اض٠<code>consolePassword=foo</code> (اختر كلمة السر التي ترغبها)</li>
+<li>Go to <a href="http://localhost:7657/index.jsp">http://localhost:7657/index.jsp</a>
+ and hit "Graceful restart", which restarts the JVM and reloads the client applications</li>
+</ol>
+
+<p>
+عندما يشتغل، يمكنك الوصول الى الطرÙية عن بعد.سيطلب منك كلمة المستخدم وكلمة السر - كلمة المستخدم هي "admin"
+وكلمة السر هي التي استخدمتها ÙÙŠ المرØلة السابقة. لاØظ:
+
+ <code>0.0.0.0</code>يدل على <i>interface</i>وليس الشبكة or netmask. 0.0.0.0
+ means "bind to all interfaces", so it can be reachable on 127.0.0.1:7657 as well as
+ any LAN/WAN IP.
+</p>
+
+<h3 id="remote_i2cp">كي٠يمكنني استعمال برامج من أجهزة أخرى؟
+<span class="permalink">(<a href="#remote_i2cp">link</a>)</span></h3>
+<p>
+By default, the router I2CP interface (port 7654) binds to address 127.0.0.1. To bind to 0.0.0.0, set the
+router advanced configuration option <tt>i2cp.tcp.bindAllInterfaces=true</tt> and restart.
+</p>
+
+<h3 id="eepsite">؟ "eepsite" ماهو
+<span class="permalink">(<a href="#eepsite">link</a>)</span></h3>
+<p>
+موقع مجهول eepsite هو موقع يمكن الوصول اليه Ùقط عبر بروكسي بالمتصÙØ ÙˆÙŠØ¨ (عادة على 127.0.0.1 Ùˆ منÙØ° 4444 )
+</p>
+
+<h3 id="active">ماذا تعني ارقام المÙعلة ÙÙŠ شاشة الموجه؟
+<span class="permalink">(<a href="#active">link</a>)</span></h3>
+<p>
+عدد الاتصالات المستقبلة يمثلها الرقم الأول و الرقم الثاني يمثل عدد النظائر المتصلة.
+
+</p>
+
+<h3 id="socks">هل يمكن استعمال؟ I2P كبروكسي SOCKS
+<span class="permalink">(<a href="#socks">link</a>)</span></h3>
+<p>
+بروكسي SOCKS 4/4a/5 مدعم ابتداء من اصدار 0.7.1ØŒ بروكسي SOCKS خارجي غير مدعم لاهميته القليلة زيادة على ان العديد من البرامج ترسل معلومات يمكن ان تكش٠عن هويتك ÙÙŠ الانترنت.
+
+</p><p>
+زيادة على ذلك العديد من البرامد ترسل بيانات Øساسة عن المستخدم التي يمكن ان تؤدي الى التعر٠على هويتك على الانترنت. I2P يقوم Ùقط بÙلترة بيانات الاتصال، لكن اذا كان البرنامج يرسلها ضمن بياناته Ù I2P لن يستطيع القيام بشئ لضمان مجهوليتك.
+ على سبيل المثال، Ùإن بعض تطبيقات البريد تقوم بإرسال عنوان IP لجهازك
+ .Ùˆ لا توجد وسيلة لتصÙية I2P
+ وبالتالي استخدام I2P 'socksify' لتطبيقات الموجودة هو ممكن ، ولكن
+ ÙÙŠ غاية الخطورة.
+ </p><p>
+اذا رغبت ÙÙŠ المزيد من المعلومات Øول بروكسي socks
+
+ <a href="socks.html">socks صÙØØ©</a>.
+</p>
+
+<h3 id="browserproxy">كي٠يمكن اعداد المتصÙØØŸ
+<span class="permalink">(<a href="#browserproxy">link</a>)</span></h3>
+<p>
+
+ اعدادات بروكسي لعدة متصÙØات <a href="htproxyports.html">
+ ÙÙŠ صÙØØ© مستقلة</a> مع صور واعدادات متقدمة.
+ </p>
+
+<h3 id="ports">ماهي المناÙØ° التي يستعملها؟
+<span class="permalink">(<a href="#ports">link</a>)</span></h3>
+<p>
+ هذه قائمة بالمناÙØ° المستخدمة
+</p>
+
+<p>
+ <ul><p>
+ <li><b>المناÙØ° المتصلة بالأنترنت</b>
+ملاØظة: الاصدارات الجديدة ابتداء من 0.7.8 لا تستعمل منÙØ° 8887ØŒ تختار منÙØ° عشوائي بين 9000 Ùˆ32000 عندما يشتغل البرنامج لأول مرة.
+ المنÙØ° المختار Ù…Øدد <a href="http://127.0.0.1:7657/confignet.jsp">صÙØØ© الاعدادات.</a>
+ <ul>
+ <li><b>UDP المنÙØ° الخارجي <a href="http://127.0.0.1:7657/confignet.jsp">صÙØØ© الاعدادات</a> to arbitrary remote UDP ports, allowing replies</b></li>
+ <li><b> TCP منÙØ° خارجي</b></li>
+ <li><b>(optional, but recommended) Inbound UDP to the port noted on <a href="http://127.0.0.1:7657/confignet.jsp">صÙØØ© الاعدادات</a> from arbitrary locations</b></li>
+ <li><b>(optional, but recommended) Inbound TCP to the port noted on <a href="http://127.0.0.1:7657/confignet.jsp">صÙØØ© الاعدادات</a> من عدة اماكن</b><br />
+ Inbound TCP may be disabled on the <a href="http://127.0.0.1:7657/confignet.jsp">صÙØØ© الاعدادات</a></li>
+ <li><b>Outbound UDP on port 123, allowing replies</b><br />
+ This is necessary for I2P's internal time sync (via SNTP -
+ querying a random SNTP host in pool.ntp.org or another
+ server you specify)</li>
+ </ul>
+ </li>
+ </p></ul>
+
+ <ul><p>
+ <li><b>المناÙØ° المØلية</b>, listening only to local connections by default,
+ except where noted:
+ <ul>
+ <li><b>1900:</b> UPnP SSDP UDP multicast listener.
+ <i>Cannot be changed. Binds to all interfaces.
+ May be disabled on <a href="http://localhost:7657/confignet.jsp">confignet.jsp</a>.
+ </i></li>
+ <li><b>2827:</b> BOB bridge, a higher level socket API for clients
+ <i>Disabled by default.
+ May be enabled/disabled on <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>.
+ May be changed in the bob.config file.
+ </i></li>
+ <li><b>4444:</b> HTTP proxy
+ <i>May be disabled or changed on the i2ptunnel page in the router console.
+ May also be configured to be bound to a specific interface or all interfaces.
+ </i></li>
+ <li><b>4445:</b> HTTPS proxy
+ <i>May be disabled or changed on the i2ptunnel page in the router console.
+ May also be configured to be bound to a specific interface or all interfaces.
+ </i></li>
+ <li><b>6668:</b> IRC proxy
+ <i>May be disabled or changed on the i2ptunnel page in the router console.
+ May also be configured to be bound to a specific interface or all interfaces.
+ </i></li>
+ <li><b>7652:</b> UPnP HTTP TCP event listener.
+ <i>Binds to the LAN address.
+ May be changed with advanced config i2np.upnp.HTTPPort=nnnn.
+ May be disabled on <a href="http://localhost:7657/confignet.jsp">confignet.jsp</a>.
+ </i></li>
+ <li><b>7653:</b> UPnP SSDP UDP search response listener.
+ <i>Binds to all interfaces.
+ May be changed with advanced config i2np.upnp.SSDPPort=nnnn.
+ May be disabled on <a href="http://localhost:7657/confignet.jsp">confignet.jsp</a>.
+ </i></li>
+ <li><b>7654:</b> I2P Client Protocol port, used by client apps.
+ <i>May be changed to a different port on
+ <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>
+ but this is not recommended.
+ May be to bind to a different interface or all interfaces, or disabled, on
+ <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>.
+ </i></li>
+ <li><b>7655:</b> UDP for SAM bridge, a higher level socket API for clients
+ <i>Only opened when a SAM V3 client requests a UDP session.
+ May be enabled/disabled on <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>.
+ May be changed in the clients.config file with the SAM command line option sam.udp.port=nnnn.
+ </i></li>
+ <li><b>7656:</b> SAM bridge, a higher level socket API for clients
+ <i>Disabled by default for new installs as of release 0.6.5.
+ May be enabled/disabled on <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>.
+ May be changed in the clients.config file.
+ </i></li>
+ <li><b>7657:</b> Your router console
+ <i>May be disabled in the clients.config file.
+ May also be configured to be bound to a specific interface or all interfaces in that file.
+ </i></li>
+ <li><b>7658:</b> Your eepsite
+ <i>May be disabled in the clients.config file.
+ May also be configured to be bound to a specific interface or all interfaces in the jetty.xml file.
+ </i></li>
+ <li><b>7659:</b> Outgoing mail to smtp.postman.i2p
+ <i>May be disabled or changed on the i2ptunnel page in the router console.
+ May also be configured to be bound to a specific interface or all interfaces.
+ </i></li>
+ <li><b>7660:</b> Incoming mail from pop.postman.i2p
+ <i>May be disabled or changed on the i2ptunnel page in the router console.
+ May also be configured to be bound to a specific interface or all interfaces.
+ </i></li>
+ <li><b>8998:</b> mtn.i2p2.i2p (Monotone - disabled by default)
+ <i>May be disabled or changed on the i2ptunnel page in the router console.
+ May also be configured to be bound to a specific interface or all interfaces.
+ </i></li>
+ <li><b>32000:</b> local control channel for the service wrapper</li>
+ </ul>
+ </li>
+ </p></ul>
+</p>
+
+<p>
+المناÙØ° المØلية Ù„I2P لا تØتاج الاتصال بها من الخارج، لكن يجب ان يمكن الاتصال الداخلي.
+يمكنك انشاء انÙاق I2PTunnel جديدة عبر http://localhost:7657/i2ptunnel وعليك اعداد الجدار الناري لتمكين الاتصال.
+ </p>
+
+
+
+<h3 id="manual_reseed">How do I reseed manually?
+<span class="permalink">(<a href="#manual_reseed">link</a>)</span></h3>
+<p>
+شبكة I2P تØتاج Ùقط الاتصال للمرة الأولى، للوصول الى الشبكة. اعادة الاتصال تقوم Ùقط بارسال امر HTTP GET لتØميل
+مجلد للعديد من معلومات Øول الموجه لاتمام الاتصال.
+
+</p>
+
+<p>
+ A typical symptom of a failed reseed is the "Known" indicator
+ (on the left sidebar of the router console) displaying a very small value
+ (often less than 5) which does not increase. This can occur, among other things,
+ if your firewall limits outbound traffic, and blocked the reseed request.
+</p>
+
+<p>
+ لاعادة الاتصال بالشبكة يدويا، قم بالتالي:
+ <ul>
+ <li> I2P اوق٠الموجه
+ </li><li>ÙØªØ <!-- <a href="http://i2pdb.tin0.de/netDb/">http://i2pdb.tin0.de/netDb/</a> or -->
+ <a href="http://netdb.i2p2.de/">http://netdb.i2p2.de/</a> using a web browser
+ </li><li>Save a dozen "routerInfo" files to your I2P "netDb" directory
+<!--
+ </li><li>طريقة أخرى: تØميل <a href="http://i2pdb.tin0.de/latest.zip">http://i2pdb.tin0.de/latest.zip</a>
+ and unzip it into your I2P "netDb" directory.
+-->
+ </li><li>I2P شغل الموجه
+ </li></ul>
+</p>
+
+<hr />
+<h3 id="question">!لدي سؤال
+<span class="permalink">(<a href="#question">link</a>)</span></h3>
+<p>
+ عظيم! يمكنك التØدث معنا على IRC irc.freenode.net #i2p او كتابة ÙÙŠ
+ <a href="http://forum.i2p2.de/">المنتدى</a> وسنجيب عنه هنا
+</p>
+{% endblock %}
diff --git a/www.i2p2/pages/faq_de.html b/www.i2p2/pages/faq_de.html
index 69324f491d148e135403a6545beb4519a468284e..d359224ad0d27ee61f17d482169ed3e120efff2a 100644
--- a/www.i2p2/pages/faq_de.html
+++ b/www.i2p2/pages/faq_de.html
@@ -2,17 +2,17 @@
{% block title %}FAQ{% endblock %}
{% block content %}
<h1>I2P - FREQUENTLY ASKED QUESTIONS</h1>
+<p>Die Webseite wird gerade überholt und dieses Dokument kann alte Informationen enthalten</p>
<h3 id="bug">Ich glaub ich habe einen Fehler gefunden, wo kann ich den melden?
<span class="permalink">(<a href="#bug">link</a>)</span></h3>
-<p>
+
Hier sind ein paar Stellen, wähle einen oder mehrere
<ul>
-<li><a href="http://trac.i2p2.i2p/newticket">trac.i2p2.i2p</a> Ticket
-<li><a href="http://forum.i2p/viewforum.php?f=10">forum.i2p</a>
-<li><a href="http://paste.i2p2.i2p/">paste.i2p2.i2p</a> und melde den Link im IRC Kanal #i2p
-<li>Diskussion mit den Entwicklern im IRC Kanal #i2p
+<li><a href="http://trac.i2p2.de/report/1">trac.i2p2.de</a> Ticket</li>
+<li><a href="http://pastethis.i2p/">pastethis.i2p</a> und melde den Link im IRC Kanal #i2p</li>
+<li>Diskussion mit den Entwicklern im IRC Kanal #i2p-dev</li>
</ul>
-</p>
+
<p>
Bitte füge relevante Informationen aus den Router und Wrapper Logs mit an.
</p>
@@ -33,13 +33,13 @@ Strategien um die Anzahl der ausgesendeten doppelten Adressen zu minimieren,
somit sollten sie effizienter sein. Bitte bedenke, das das eintragen einer Bezugsquelle
ein "Akt des Vertrauens" ist, da eine böswillige Bezugsquelle dir falsche
Adressen senden kann. Demzufolge bedenke bitte deine Wahl der Bezugsquelle und
-welcher Du vertraust. Diese Liste erhebt keinen Anspruch auf Vollständigkeit.
+welcher Du vertraust. Diese Liste erhebt keinen Anspruch auf Vollständigkeit.</p>
<ul>
-<li>http://i2host.i2p/cgi-bin/i2hostetag
-<li>http://stats.i2p/cgi-bin/newhosts.txt
-<li>http://tino.i2p/hosts.txt
+<li>http://i2host.i2p/cgi-bin/i2hostetag</li>
+<li>http://stats.i2p/cgi-bin/newhosts.txt</li>
+<li>http://inr.i2p/export/alive-hosts.txt</li>
+
</ul>
-</p>
<h3 id="jrandom">Was passierte mit *.i2p.net? Was passierte mit jrandom? Ist I2P tot?
<span class="permalink">(<a href="#jrandom">link</a>)</span></h3>
@@ -86,22 +86,21 @@ Der Beste Weg um deinen PC frei von (verschlüsseltem) Material, welches Du
nicht magst, zu halten, ist I2P nicht zu nutzen.
Die Redefreiheit für jeden (Freedom of Speech) hat gewisse Kosten, die wir
akzeptieren müssen.
-Aber lass uns die Frage in 3 Teilen beantworten:
+Aber lass uns die Frage in 3 Teilen beantworten:</p>
<ul>
<li><b>Verteilen</b> - Alle Daten in I2P sind in mehreren Schichten verschlüsselt. Du
kennst weder den Inhalt der Nachricht noch ihren Ausgangspunkt oder ihr Ziel. Deine einzige
Auswahl ist nur, generell keine Daten zu routen, indem Du die "Share" Bandbreite oder die
maximale Anzahl der "Participating Tunnel" auf 0 setzt (siehe oben). Es wäre schön, wenn
du dieses nicht machst, du solltest dem Netzwerk helfen, in dem du fremde Daten weiter
-leitest.
+leitest.</li>
<li><b>Speichern</b> - I2P hat keinen verteilten Datenspeicher, du musst an
<a href="http://freenetproject.org/">Freenet</a> denken.
-Du speicherst keine Daten für jemand anderen.
+Du speicherst keine Daten für jemand anderen.</li>
<li><b>Zugriff</b> - Falls es Eepsites gibt, die Du nicht magst, besuche sie nicht!
Oder benutze einen Proxy wie Privoxy, der den Zugriff dazu für dich sperrt.
-
+</li>
</ul>
-</p>
<h3 id="vary">Meine active Peers / known Peers / Participating Tunnel / Verbindungen / Bandbeite
ändern sich stark! Ist irgendwas kaputt?
@@ -197,7 +196,6 @@ von höheren Bandbreitenlimits (Mehr Bandbreite freigeben).
sind offline. Personen und Eepsite kommen und gehen.
ein guter Weg um mit I2P zu starten ist es, die Liste der Eepsites, die erreichbar sind,
zu checken.
- <a href="http://inproxy.tino.i2p/status.php">inproxy.tino.i2p</a> und
<a href="http://perv.i2p/stats.cgi">perv.i2p</a> listen den Status der Eepsites auf..
</p>
@@ -245,7 +243,7 @@ deiner Performance im Netzwerk hilft.
Schaue nach auf der
<a href="http://forum.i2p/viewtopic.php?t=2068">I2P Bittorrent FAQ</a>
<a href="http://forum.i2p2.de/viewtopic.php?t=2068">(ausserhalb von I2P)</a>
-
+</p>
<h3 id="irc">Wie verbinde ich mich mit dem IRC innerhalb von I2P?
<span class="permalink">(<a href="#irc">link</a>)</span></h3>
<p>
@@ -328,14 +326,14 @@ verbinden oder mit einem Passwort sichern?
Ok, hier ist eine Liste der Standard Ports (natürlich ist
alles mit verschiedenen Einstellungen konfigurierbar):
</p>
-<p>
- <ul><p>
+
+ <ul>
<li><b>Ports ins Internet</b>
- <br>
- Hinweis: Neue Installation seit der Version 0.7.8 benutzen nicht mehr den Port 8887;<br>
- diese nutzen einen zufälligen Port zwischen Port 9000 and 32000.<br>
+ <br />
+ Hinweis: Neue Installation seit der Version 0.7.8 benutzen nicht mehr den Port 8887;<br />
+ diese nutzen einen zufälligen Port zwischen Port 9000 and 32000.<br />
Dieser wird beim ersten Start gesetzt. Der genutzte Port wird auf der
- <a href="http://127.0.0.1:7657/config.jsp">Einstellungsseite</a> angezeigt.
+ <a href="http://127.0.0.1:7657/confignet.jsp">Einstellungsseite</a> angezeigt.
<ul>
<li><b>Ausgehender UDP Transport von diesem zufälligem Port an verschiedene UDP Ports, Antworten erlaubt</b></li>
<li><b>Ausgehender TCP Transport von verschiedenen hohen Ports an verschiedene TCP Ports</b></li>
@@ -351,9 +349,9 @@ verbinden oder mit einem Passwort sichern?
SNTP Server im pool.ntp.org Pool oder einen von dir eingestellten Server ab.</li>
</ul>
</li>
- </p></ul>
+ </ul>
- <ul><p>
+ <ul>
<li><b>Lokale I2P Ports</b>, per default nur auf lokale Verbindungen lauschend:
<ul>
<li><b>7654:</b> I2P Klient Protokol Port, von Klient Applikationen benutzt</li>
@@ -368,9 +366,9 @@ verbinden oder mit einem Passwort sichern?
<li><b>32000:</b> Lokaler Kontrollkanal für den Java Service Wrapper</li>
</ul>
</li>
- </p></ul>
+ </ul>
- <ul><p>
+ <ul>
<li><b>Default I2PTunnel Ports</b>, per default nur auf lokale Verbindungen lauschend:
<i>Alle können auf der I2PTunnel Seite in der Router Konsole deaktiviert sein</i>
<ul>
@@ -381,8 +379,8 @@ verbinden oder mit einem Passwort sichern?
<li><b>8998:</b> mtn.i2p2.i2p (Monotone - deaktiviert per default)</li>
</ul>
</li>
- </p></ul>
-</p>
+ </ul>
+
<p>
Eie lokale I2P und die I2P Tunnel Ports brauchen nicht von anderen PCs aus
@@ -417,18 +415,20 @@ verbinden oder mit einem Passwort sichern?
deine Firewall eingehenden Transfer limitiert und die Reseed Anfragen blockiert.
</p>
-<p>
+
Um manuell einen I2P Router zu reseeden, mache folgendes:
<ul>
<li>Stoppe deinen I2P Router</li>
- <li>Öffne <a href="http://i2pdb.tin0.de/netDb/">http://i2pdb.tin0.de/netDb/</a> oder
+ <li>Öffne <!-- <a href="http://i2pdb.tin0.de/netDb/">http://i2pdb.tin0.de/netDb/</a> oder -->
<a href="http://netdb.i2p2.de/">http://netdb.i2p2.de/</a> mit einem Webbrowser</li>
- <li>Speichere einige "routerInfo" Dateien in dein I2P "netDb" Verzeichnis (ignoriere die "leaseSet" Dateien)</li>
+ <li>Speichere einige "routerInfo" Dateien in dein I2P "netDb" Verzeichnis</li>
+<!--
<li>Alternative Methode (einfacher): Downloade <a href="http://i2pdb.tin0.de/latest.zip">http://i2pdb.tin0.de/latest.zip</a>
- und unzipe es in dein I2P "netDb" Verzeichnis.
+ und unzipe es in dein I2P "netDb" Verzeichnis.</li>
+-->
<li>Starte deinen I2P Router</li>
</ul>
-</p>
+
<hr />
<h3 id="question">Ich habe eine Frage!
diff --git a/www.i2p2/pages/faq_fr.html b/www.i2p2/pages/faq_fr.html
index 3a05649d5e8460c8a725b99fe3d56bf0e678595f..e4881f60a18f4441605126e3067762f8ad7f83fd 100644
--- a/www.i2p2/pages/faq_fr.html
+++ b/www.i2p2/pages/faq_fr.html
@@ -1,504 +1,645 @@
{% extends "_layout_fr.html" %}
{% block title %}FAQ{% endblock %}
{% block content %}
+Traduction de juillet 2011. <a href="faq.html">Version anglaise actuelle</a>
<h1>I2P - Foire aux questions</h1>
-(en cours de traduction, toute aide est la bienvenue)
-<h3 id="bug">Je pense avoir trouvé un bug, comment je peux vous en faire part ?
-<span class="permalink">(<a href="#bug">lien</a>)</span></h3>
-<p>
-Voici les endroits ou vous pouvez le faire, utilisez en un ou plus :
-<ul>
-<li><a href="http://trac.i2p2.i2p/newticket">trac.i2p2.i2p</a> ticket
-<li><a href="http://forum.i2p/viewforum.php?f=10">forum.i2p</a>
-<li><a href="http://paste.i2p2.i2p/">paste.i2p2.i2p</a> et suivez le sur IRC #i2p
-<li>Discutez avec les développeurs d'I2P sur IRC #i2p
-</ul>
+<h3 id="index"> Sommaire </h3>
+<p><ol>
+<h4>Divers</h4>
+<li><a href="#systems">Sur quels systèmes I2P fonctionne-t-il?</a></li>
+<li><a href="#eepsite">Qu'est-ce qu'un "eepsite"?</a></li>
+<li><a href="#peers">Mon routeur a très peu de pairs actifs, est-ce normal?</a></li>
+<li><a href="#active">Que signifient les nombres "Actifs x/y" dans la console?</a></li>
+<li><a href="#vary">Mes informations pairs actifs / pairs connus / tunnels participants / connexions / bande passante changent énormément dans le temps! C'est un problème?</a></li>
+<li><a href="#proxy_safe">Est-il dangereux d'utiliser un outproxy?</a></li>
+<li><a href="#down">La plupart des eepsites sont-ils arrêtés?</a></li>
+<li><a href="#ports">Quels ports I2P utilise-t-il?</a></li>
+<li><a href="#port32000">Pourquoi I2P écoute-t-il sur le port 32000?</a></li>
+<li><a href="#bug">Je pense avoir trouvé un bug. Comment puis-je le signaler?</a></li>
+<li><a href="#jrandom">Qu'est-il advenu de *.i2p.net? Qu'est devenu jrandom? I2P est-il abandonné?</a></li>
+<li><a href="#question">J'ai une question!</a></li>
+
+<h4>Réglages</h4>
+<li><a href="#reseed">Mon routeur est lancé depuis plusieurs minutes et n'a que très peu de connexions, voire aucune.
+</a></li><li><a href="#slow">Pourquoi I2P est-il si lent?
+</a></li><li><a href="#subscriptions">Il me manque beaucoup d'hôtes dans mon carnet d'adresses. Quels sont les bons liens d'abonnements aux mises à jour?
+</a></li><li><a href="#myeepsite">Comment dois-je faire pour créer mon propre eepsite?
+</a></li><li><a href="#snark">Questions sur les greffons I2P Bittorrent / I2PSnark / Azureus.
+</a></li><li><a href="#irc">Comment se connecter sur IRC depuis I2P?
+</a></li><li><a href="#outproxy">Je ne peux plus accéder aux sites Internet traditionnels via I2P.
+</a></li><li><a href="#https">Je ne peux plus accéder aux sites sécurisés ou FTP (https:// ou ftp://) via I2P.
+</a></li><li><a href="#socks">Est-il possible d'utiliser I2P en tant que proxy SOCKS?
+</a></li><li><a href="#browserproxy">Comment configurer mon navigateur Internet?
+</a></li><li><a href="#remote_webconsole">Comment accéder à la console depuis un autre ordinateur et/ou la protéger par un mot de passe?
+</a></li><li><a href="#remote_i2cp">Comment utiliser les applications depuis mes autres ordinateurs?
+</a></li><li><a href="#manual_reseed">Comment puis-je réamorcer manuellement?
+</a></li><li><a href="#cpu">Mon routeur utilise trop de puissance UC?!?
+</a></li>
+<h4>Idées fausses</h4>
+<li><a href="#proxy_other">Comment accéder à IRC, BitTorrent, ou autres services sur l'Internet classique?</a></li>
+<li><a href="#exit">Mon routeur est-il un nœud de sortie (outproxy) vers l'Internet classique? Je ne le veux pas.</a></li>
+<li><a href="#content">Je suis opposé à certains contenus. Comment me prémunir de les diffuser, de les stocker, ou d'y accéder?</a></li>
+<h4>Erreurs et leurs solutions</h4>
+<li><a href="#compat6x">Sur FreeBSD, j'ai une erreur concernant <code>libm.so.4</code> au démarrage d'I2P !</a></li>
+<li><a href="#protocolfamily">Erreur <code>Protocol family unavailable</code> dans le <code>wrapper.log</code> au démarrage de la console I2P.</a></li>
+</ol></p>
+
+<h3 id="systems">Sur quels systèmes I2P fonctionne-t-il?
+<span class="permalink">(<a href="#systems">lien</a>)</span></h3>
+<p>Bien qu'I2P ait réussi à fonctionner sur des PCs aussi anciens que des Pentium II avec 64 Mo de RAM,
+vous en tirerez plus à partir de Pentium III avec 128Mo de RAM. Un
+<a href="http://trac.i2p2.de/wiki/java">tableau de performances comparées</a> des divers JREs se trouve sur
+<a href="http://trac.i2p2.de/wiki/java">http://trac.i2p2.de/wiki/java</a>, mais en bref, utilisez Jave de Sun/Oracle ou
+OpenJDK.</p>
+<p>I2P a été testé sur Windows, Linux, FreeBSD (voir la note <a href="#compat6x">plus bas</a>), OSX, et OpenSolaris.
+Un travail de portage sur Android est en cours.</p>
+
+<h3 id="eepsite">Qu'est-ce qu'un "eepsite"?
+<span class="permalink">(<a href="#eepsite">lien</a>)</span></h3>
+<p>
+ Un eepsite est un site web hébergé anonymement - vous pouvez y accéder en réglant
+ votre navigateur pour qu'il utilise le proxy HTTP intégré au routeur I2P (par défaut, il
+ écoute sur le port 4444 de l'adresse locale "localhost" ou 127.0.0.1), et en navigant vers ce site.
</p>
+
+<h3 id="peers">Mon routeur a très peu de pairs actifs, est-ce normal?
+<span class="permalink">(<a href="#peers">lien</a>)</span></h3>
<p>
-Merci d'inclure dans tout rapport de bug, des informations pertinantes sur le routeur et les logs.
+S'il en a plus de 10, c'est bon. Des changements dans les versions 0.6.1.31 et 0.6.1.32 ont amélioré l'efficacité
+du routeur et effectivement réduit le nombre de pairs actifs.
+Le routeur <i>devrait</i> maintenir des connexions vers un petit nombre de pairs en permanence.
+La meilleure façon de rester "mieux-connecté" au réseau est de <a href="http://localhost:7657/config">partager plus de bande passante</a>.
</p>
-<h3 id="subscriptions">I'm missing lots of hosts in my addressbook. What are some good subscription links?
-Il me manque beaucoup d'hosts dans mon fichier d'adresses (addressbook). Quels sont les bons fichiers de souscritption ?
-<span class="permalink">(<a href="#subscriptions">liens</a>)</span></h3>
+<h3 id="active">Que signifient les nombres "Actifs x/y" dans la console?
+<span class="permalink">(<a href="#active">lien</a>)</span></h3>
<p>
-La souscription par dé est http://www.i2p.i2p/hosts.txt qui est rarement mis à jour.
-Si vous n'avez pas d'autres souscription, vous aurez souvent à utiliser un service de saut 'jump' ce qui
-est fastidieux.
-</p><p>
-Here are some other public addressbook subscription links.
-Vous trouverez ci dessous d'autres lien de souscription public, vous devriez en ajouter un ou deux
-à votre <a href="http://localhost:7657/susidns/subscriptions.jsp">susidns souscriptions listes</a>.
-Vous n'avez pas besoin de toutes les ajouter, elles se synchronisent ensemble régulièrement.
-Les liens utilisent un logiciel cgi-bin qui emploie diverses stratégies pour minimiser
-le nombre d'adresses identiques qui sont délivrées, ils doivent en être plus efficaces.
-IMPORTANT : accepter une liste d'hôtes est un acte de confiance. Un acte malveillant pourrait vous donner
-de fausses adresse. Donc, réfléchissez avant d'accepter.
-La présence sur cette liste ne signifie pas l'aval d'I2P.
-<div class="links">
-<ul>
-<li><a href="http://i2host.i2p/cgi-bin/i2hostetag">http://i2host.i2p/cgi-bin/i2hostetag</a>
-<li><a href="http://stats.i2p/cgi-bin/newhosts.txt">http://stats.i2p/cgi-bin/newhosts.txt</a>
-<li><a href="http://tino.i2p/hosts.txt">http://tino.i2p/hosts.txt</a>
-</ul>
-</div>
+ <b>x</b> est le nombre pairs avec qui vous avez réussi à échanger un message dans la dernière minute (ou dans l'intervale
+ de rafraîchissement de la console), et <b>y</b> est le nombre de pairs vus pendant la dernière heure ou environ.
</p>
-<h3 id="jrandom">
-Qu'est il arrivé à *.i2p.net ? Qu'esst il arrivé à jrandom ? Est ce qu'I2P est mort ?
-<span class="permalink">(<a href="#jrandom">lien</a>)</span></h3>
+
+<h3 id="vary">Mes informations pairs actifs / pairs connus / tunnels participants / connexions / bande passante changent énormément dans le temps! C'est un problème?
+<span class="permalink">(<a href="#vary">lien</a>)</span></h3>
+<p>Non. C'est normal. Tous les routeurs s'adaptent dynamiquement à l'état du réseau et aux demandes.
+</p>
+<h3 id="proxy_safe">Est-il dangereux d'utiliser un outproxy?
+<span class="permalink">(<a href="#proxy_safe">lien</a>)</span></h3>
<p>
-Jrandom était le développeur responsable d'I2P et
-<a href="http://syndie.i2p2.de/">Syndie</a> pendant de nombreuses années.
-Nous nous attendons à ce qu'il soit absent au moins jusqu'à la fin 2008.
-Les domaines *.i2p.net sont resté non fonctionnels suite à une panne de l'hébergement.
+ C'est à vous de décider, car tout dépend de ce que vous faites, de votre
+ <a href="how_threatmodel_fr.html">conception d'une menace</a>, et de la confiance que vous accordez Ã
+ l'opérateur du nœud de sortie vers l'Internet classique.
</p><p>
-Regardez <a href="jrandom-awol.html">cette page (en englais)</a> pour avoir plus d'informations sur le départ de Jrandom et la migration des sites vers
-<a href="index.html">celui ci</a>.
+ À l'instar de Tor, I2P ne crypte pas magiquement l'Internet.
+ Vous êtes vulnérable à l'éventuelle curiosité (malsaine) des opérateurs des nœuds de sortie.
+ La FAQ de Tor contient une <a href="https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#ExitEavesdroppers">
+ bonne explication</a> Ã ce sujet. Il n'y a pas d'outproxy HTTPS dans I2P, et vous ne pouvez pas cacher
+ votre trafic à l'opérateur du nœud de sortie, pas plus d'ailleurs que vous ne pouvez le cacher à toute personne
+pouvant se brancher d'une façon ou d'une autre sur le lien entre vous et votre correspondant quand vous utilisez
+l'Internet classique (votre FAI ne vous l'a jamais dit? Comme c'est bizarre!).
</p><p>
-I2P n'est pas mort, il est en développement actif et nous avons anticipé plusieurs versions en 2010.
+ De plus, vous pourriez être vulnérable à une collusion entre l'opérateur du outproxy et des opérateurs
+ d'autres services I2P, si vous utilisez les mêmes tunnels (clients partagés "shared clients").
+ Il y a une autre explication pour ça sur le site de zzz <a href="http://zzz.i2p/topics/217">ici</a>.
</p>
-<h3 id="CPU">Mon routeur consomme trop de ressources processeur ?!
-<span class="permalink">(<a href="#CPU">lien</a>)</span></h3>
+<h3 id="down">La plupart des sites i2p sont-ils arrêtés?
+<span class="permalink">(<a href="#down">lien</a>)</span></h3>
<p>
-Il y a plusieurs causes à une grande charge processeur. Voici quelques unes :
-</p><ul>
-<li>
-Utilisez vous Java de Sun ou une autre version ? (tapez java -version dans une console pour savoir).
-Nous avons plusieurs retours concernant une grande charge processeur lorsqu'on utilise d'autres versions de Java.
-<li>
-Si vous utilisez un client bittorent à travers I2P vous pouvez tenter de baisser le nombres de torrent simultanés
-ou bien essayez directement de le couper complètement et de surveiller si la charge diminue.
-<li>
-Est ce que votre réglage de bande passante n'est pas trop haut ? Trop de trafic routé
-à travers votre pc peu charger le processeur.
-Essayez dans ce cas de réduire la bande passante partagée dans la config.
-<li>
-Pensez à mettre I2P à jour à chaque nouvelle version, chaque version apporte son lot de nouveautées et augmente les
-performance du logiciel. Les bugs rapportés sont aussi corrigés.
-<li>
-Avez vous configuré avec suffisament de mémoire ? Regardez le graphique mémoire sur "graphs.jsp"
-pour voir si l'utilisation mémoire est coincée en charge maximum, ce qui sous entends que JVM passe sont temps à faire le "ramasse miettes" ou "garbage collector - gc -".
-Dans ce cas, augmentez le paramètre "wrapper.java.maxmemory" dans "wrapper.config"
-
-<li>
-La charge du CPU est seuleument plus haute que ce que vous attendez ou il reste longtemps à 100% de charge ?
-Si il est en charge souvent c'est peut être un bug, cherchez des informations pouvant le confirmer dans les logs.
-<li>
-Vous devriez peut être utiliser la "Java-based BigInterger library" à la place de celle installée en natif surtout si
-vous utilisez un nouveau système d'exploitation ou bien un nouveau matériel (64 bits, os X, opensolaris etc.)
-Voir la page de <a href="jbigi.html">jbigi</a> pour avoir des informations sur les manières de construire, tester et diagnostiquer.
-<li>
-If your native jbigi library is working fine, the biggest user of
-CPU may be routing traffic for participating tunnels. This uses CPU
-because at each hop a layer of encryption must be decoded.
-You can limit participating traffic in two ways - by reducing the
-share bandwidth on
-<a href="http://localhost:7657/config.jsp">config.jsp</a>,
-or by setting <tt>router.maxParticipatingTunnels=nnn</tt> on
-<a href="http://localhost:7657/configadvanced.jsp">configadvanced.jsp</a>.
-</ul>
+ En prenant en compte tous les sites i2p jamais créés, oui, la plupart sont morts! Comme les gens, les sites i2p
+ viennent, puis s'en vont... les sites classiques aussi, au fait. Une bonne façon de démarrer dans I2P consiste à vérifier la liste
+ des eepsites qui sont actuellement actifs:
+ <a href="http://perv.i2p/stats.cgi">perv.i2p</a> suivent les sites i2p actifs.
+</p>
-<h3 id="content">I am opposed to certain types of content. How do I keep from distributing, storing, or accessing them?
-<span class="permalink">(<a href="#content">link</a>)</span></h3>
+<h3 id="ports">Quels ports I2P utilise-t-il?
+<span class="permalink">(<a href="#ports">lien</a>)</span></h3>
<p>
-Hmm. I2P is an anonymous network, so that's a tricky one.
-I2P is designed for everyone and not to censor out some/any kind of data.
-The best way to keep your PC free of (encrypted) traffic you dislike is to not use I2P.
-Freedom of speech has some costs.
-But let's address your question in three parts:
-<ul>
-<li><b>Distribution</b> - All traffic on I2P is encrypted in multiple layers. You don't know
-a message's contents, source, or destination.
-All traffic you route is internal to the I2P network, you are not an <a href="#exit">exit node</a> (outproxy).
-Your only alternative is to refuse to route
-<i>any</i> traffic, by setting your share bandwidth or maximum participating tunnels to 0 (see above).
-It would be nice if you didn't do this, you should help the network by routing traffic for others.
-Over 95% of users route traffic for others.
-<li><b>Storage</b> - I2P does not do distributed storage of content. You must be thinking of
-<a href="http://freenetproject.org/">Freenet</a>.
-You are not storing anybody else's content.
-<li><b>Access</b> - If there are some eepsites you don't like, don't go there.
-Or, use a blocking proxy like Privoxy or some type of "net nanny".
-</ul>
+ Voici une plongée dans les ports par défaut (tout est bien entendu configurable par divers réglages):
</p>
-<h3 id="vary">My active peers / known peers / participating tunnels / connections / bandwidth vary dramatically over time! Is anything wrong?
-<span class="permalink">(<a href="#vary">link</a>)</span></h3>
<p>
-No. This is normal.
-All routers adjust dynamically to changing network conditions and demands.
-</p>
+ <ul><p>
+ <li><b>Ports en face à face avec Internet</b>
+ Note: les installations à partir de la v0.7.8 n'utilisent plus le port 8887; lorsque le programme
+ d'installation est exécuté pour la première fois, il sélectionne aléatoirement un port UDP entre 9000 et 32000.
+ Il est affiché et modifiable sur la page </b><a href="http://127.0.0.1:7657/confignet.jsp">CONFIGURATION</a><b> dans la console du routeur.</b>
+ <ul>
+ <li><b>Sortie UDP depuis ce port indiqué dans la </b><a href="http://127.0.0.1:7657/confignet.jsp">CONFIGURATION</a><b> vers des ports UPD distants indéfinis, en permettant les réponses.</b></li>
+ <li><b>Sortie TCP depuis les ports hauts (>1023) vers des ports TCP distants indéfinis.</b></li>
+ <li><b>(optionnellement, mais recommandé) entrée UDP vers le port UDP noté sur </b><a href="http://127.0.0.1:7657/confignet.jsp">CONFIGURATION</a><b> depuis des endroits indéfinis</b></li>
+ <li><b>(optionnellement, mais recommandé) entrée TCP vers le port TCP noté sur </b><a href="http://127.0.0.1:7657/confignet.jsp">CONFIGURATION</a><b> depuis des endroits indéfinis</b><br />
+ L'entrée en TCP peut être désactivée dans la <a href="http://127.0.0.1:7657/confignet.jsp">CONFIGURATION</a>.</li>
+ <li><b>Sortie UDP depuis le port 123, permettant les réponses.</b><br />
+ Ceci est nécessaire à la synchronisation horaire interne d'I2P (par SNTP qui interroge
+ un serveur de temps aléatoire dans le pool.ntp.org, ou un autre spécifiable à votre guise).</li>
+ </ul>
+ </li>
+ </p></ul>
-<h3 id="reseed">My router has been up for several minutes and has zero or very few connections
-<span class="permalink">(<a href="#reseed">link</a>)</span></h3>
-<p>
- The reseed URL has changed. If this is your first install and you have installed
- an old (0.6.1.30 or earlier) release, or
- you have not run I2P in a long time, you must change the URL and then
- click "Reseed" on the console to find other routers.
- After your router is running,
- on <a href="http://localhost:7657/configadvanced.jsp">configadvanced.jsp</a>,
- add the line <tt>i2p.reseedURL=http://netdb.i2p2.de/</tt>
- OR <tt>i2p.reseedURL=http://i2pdb.tin0.de/netDb/</tt> (either should work),
- then click "Apply", then click the "reseed" link on the left.
-</p><p>
- This works if you are running 0.6.1.27 or later.
- If you are running release 0.6.1.31 or later, you probably don't need to do this.
- If you are running release 0.6.1.26 or earlier, either follow the
- <a href="#manual_reseed">manual reseed instructions</a> below
- or install the <a href="download.html">latest release</a>.
- Possible alternate method - add
- <tt>wrapper.java.additional.5=-Di2p.reseedURL=http://netdb.i2p2.de/</tt>
- to wrapper.config, shutdown the router completely, then start again, then click "reseed".
- Let us know if this works.
+ <ul><p>
+ <li><b>Ports locaux pour I2P</b>, n'écoutant par défaut que des connexions locales,
+ sauf spécifié:
+ <ul>
+ <li><b>1900:</b> écouteur multicast UDP SSDP UPnP.
+ <i>non modifiable. Il s'attache à toutes les interfaces. Désactivable dans ...
+ <a href="http://localhost:7657/confignet.jsp">la conf</a>.
+ </i></li>
+ <li><b>2827:</b> pour le pont BOB, une API de connexion de haut niveau pour programmes clients.
+ <i>Désactivé par défaut.
+ Peut être activé/désactivé sur la page <a href="http://localhost:7657/configclients.jsp">SERVICES I2P</a>
+ et aussi modifié dans le fichier </i>bob.config.
+ </li>
+ <li><b>4444:</b> proxy HTTP.
+ <i>Peut être désactivé ou modifié sur la page i2ptunnel de la console. Par exemple pour être
+ attaché à une interface particulière ou à toutes.
+ </i></li>
+ <li><b>4445:</b> proxy HTTPS.
+ <i>Peut être désactivé ou modifié sur la page i2ptunnel de la console. Également par exemple pour être
+ attaché à une interface particulière ou à toutes.
+ </i></li>
+ <li><b>6668:</b> proxy IRC.
+ <i> Même remarque.
+ </i></li>
+ <li><b>7652:</b> écouteur TCP HTTP UPnP.
+ <i>S'attache à toutes les adresses du LAN.
+ Modifiable dans la configuration avancée </i>(i2np.upnp.HTTPPort=nnnn).<i>
+ Désactivable dans la <a href="http://localhost:7657/confignet.jsp">CONFIGURATION</a>.
+ </i></li>
+ <li><b>7653:</b> écouteur de réponses aux recherches UDP SSDP UPnP.
+ <i> S'attache à toutes les interfaces.
+ Modifiable dans la configuration avancée </i>(i2np.upnp.SSDPPort=nnnn).<i>
+ Désactivable dans la <a href="http://localhost:7657/confignet.jsp">CONFIGURATION</a>.
+ </i></li>
+ <li><b>7654:</b> port du Protocole Client I2P (I2PCP), utilisé pas les applications clientes.
+ <i>Modifiable sur
+ <a href="http://localhost:7657/configclients.jsp">SERVICES I2P</a>
+ mais ça n'est pas recommandé.
+ À éventuellement lier à une interface différente, ou à toutes, ou désactiver.
+ </i></li>
+ <li><b>7655:</b> en UDP pour le pont SAM, une API de connexion de haut niveau pour programmes clients.
+ <i>Ouvert uniquement quand un client SAM V3 demande une session UDP.
+ Activable/désactivable sur <a href="http://localhost:7657/configclients.jsp">SERVICES I2P</a>.
+ Modifiable dans le fichier </i>clients.config<i> par l'option de ligne de commande SAM </i>sam.udp.port=nnnn
+ </i></li>
+ <li><b>7656:</b> pour le pont SAM.
+ <i>Désactivé par défaut depuis les installations initiales en v0.6.5.
+ Activable/désactivable sur <a href="http://localhost:7657/configclients.jsp">SERVICES I2P</a>.
+ Modifiable dans le fichier </i>clients.config.
+ </li>
+ <li><b>7657:</b> la console du routeur.
+ <i>Désactivable dans le fichier </i>clients.config<i>.
+ Configurable pour être attachée à une interface spécifique ou toutes les interfaces indiquées
+ dans le fichier.
+ </i></li>
+ <li><b>7658:</b> Votre eepsite.
+ <i>Désactivable dans le fichier </i>clients.config<i> ou dans <a href="http://localhost:7657/configclients.jsp">SERVICES I2P</a>.
+ Configurable pour être attachée à une interface spécifique ou toutes les interfaces indiquées dans le fichier </i>jetty.xml.
+ </i></li>
+ <li><b>7659:</b> Mails sortants par smtp.postman.i2p
+ <i>Désactivable ou modifiable sur la page i2ptunnel de la console.
+ Attachable à une interface spécifique ou toutes les interfaces.
+ </i></li>
+ <li><b>7660:</b> Mails arrivants de pop.postman.i2p
+ <i>Désactivable ou modifiable sur la page i2ptunnel de la console.
+ Attachable à une interface spécifique ou toutes les interfaces.
+ </i></li>
+ <li><b>8998:</b> port pour le serveur Monotone mtn.i2p2.i2p (désactivé par défaut).
+ <i>Désactivable ou modifiable sur la page i2ptunnel de la console.
+ Attachable à une interface spécifique ou toutes les interfaces.
+ </i></li>
+ <li><b>32000:</b> port du canal de contrôle local pour le service wrapper</li>
+ </ul>
+ </li>
+ </p></ul>
</p>
-<h3 id="peers">My router has very few active peers, is this OK?
-<span class="permalink">(<a href="#peers">link</a>)</span></h3>
<p>
-If it has 10 or more, it is OK. Changes in releases 0.6.1.31 and 0.6.1.32 improved the
-efficiency of the router and effectively reduced the number of active peers.
-The router <i>should</i> maintain connections to a few peers at all times.
-The best way to stay "better-connected" to the network is to share more bandwidth.
+ Les port locaux I2P et les ports de tunnel I2PTunnel n'ont pas besoin d'être joignable depuis
+ les machines distantes, mais *devraient* être joignables localement. Vous pouvez aussi créer des
+ ports supplémentaires pour des instances I2PTunnel via http://localhost:7657/i2ptunnel/
+ (et alors, autoriser votre pare-feu à vous y donner l'accès local, mais pas d'accès distant sauf besoin spécial).
</p>
-<h3 id="exit">Is my router an "exit node" to the regular internet? I don't want it to be.
-<span class="permalink">(<a href="#exit">link</a>)</span></h3>
<p>
- No. Unlike <a href="http://www.torproject.org/">Tor</a>,
- "exit nodes" or "outproxies" are not an inherent part of the network.
- Only volunteers who set up and run separate applications will relay traffic to the regular internet.
- There are very very few of these.
+ Donc, en résumé, rien ne doit être accessible aux pairs non sollicités, mais si vous pouvez configurer
+ votre NAT/pare-feu pour qu'il autorise les entrées UDP et TCP sur le
+ <a href="http://localhost:7657/config">port Internet sortant</a>, vous obtiendrez un
+ meilleur fonctionnement. Vous devez aussi pouvoir envoyer des paquets UDP Ã des pairs quelconques.
+ (le blocage d'IP aléatoire avec un outil comme PeerGuardian ne fera que vous embêter. Ne le faites pas.)
</p>
-<h3 id="outproxy">I can't access regular internet sites through I2P.
-<span class="permalink">(<a href="#outproxy">link</a>)</span></h3>
-<p>
- See above. There are very few HTTP "outproxies", they are not an inherent part of the network,
- and they may not be up.
- In addition, the old outproxies squid.i2p, true.i2p, and krabs.i2p have vanished.
- The only outproxy at the moment is false.i2p.
- To use it, edit your <a href="http://localhost:7657/i2ptunnel/edit.jsp?tunnel=0">i2ptunnel settings for eepProxy</a>
- and set your outproxy list to 'false.i2p' (only).
- Then stop and restart the eepProxy.
- If it doesn't work, the outproxy is not up. It is not I2P's fault.
- If your primary reason to use an anonymous network is to anonymously access sites
- on the regular internet, you should probably try <a href="http://www.torproject.org/">Tor</a>.
+<h3 id="port32000">Pourquoi I2P écoute-t-il sur le port 32000?
+<span class="permalink">(<a href="#port32000">lien</a>)</span></h3>
+<p>L'émulateur de service (Wrapper) Java de TanukiSoftware que nous utilisons ouvre ce port — attaché à l'hôte local —
+pour communiquer avec le logiciel s'exécutant dans la JVM. Quand la JVM est lancée une clé lui est attribuée pour qu'elle
+puisse se connecter au Wrapper. Une fois établie cette connexion, le Wrapper refuse toute autre connexion.</p>
+<p>Vous trouverez plus d'informations dans la
+<a href="http://wrapper.tanukisoftware.com/doc/english/prop-port.html">documentation de Wrapper</a>.</p>
+
+<h3 id="bug">Je pense avoir trouvé un bug, comment je puis-je le signaler?
+<span class="permalink">(<a href="#bug">lien</a>)</span></h3>
+<p>
+Voici les endroits où vous pouvez le faire, utilisez en un ou plus :
+<ul>
+<li>Postez un ticket sur <a href="http://trac.i2p2.de/report/1">trac.i2p2.de</a> (méthode préférentielle)
+<li>Sur <a href="http://pastethis.i2p/">pastethis.i2p</a> et suivez le canal IRC #i2p
+<li>Discutez avec les développeurs d'I2P sur IRC #i2p-dev
+</ul>
+</p>
+<p>
+Merci d'inclure dans tout rapport de bug les informations pertinentes des historiques du routeur et du wrapper.
+Pensez à enlever les informations personnelles (voir note en bas de l'en-tête
+de page <a href="http://127.0.0.1:7657/logs">Fichiers trace</a>).
</p>
-<h3 id="https">I can't access https:// or ftp:// sites through I2P.
-<span class="permalink">(<a href="#https">link</a>)</span></h3>
+<h3 id="jrandom">
+Qu'est-il advenu de *.i2p.net? Qu'est devenu jrandom? I2P est-il abandonné?
+<span class="permalink">(<a href="#jrandom">lien</a>)</span></h3>
<p>
- Within I2P, there is no need for HTTPS, as all traffic is encrypted end-to-end.
- FTP is not supported for technical reasons.
+Jrandom était le développeur principal d'I2P et de
+<a href="http://syndie.i2p2.de/">Syndie</a> pendant de nombreuses années.
+Nous ignorons s'il reviendra un jour.
+Les domaines <b>*.i2p.net</b> ont été laissés en état non fonctionnel à suite d'une panne d'alimentation chez l'hébergeur.
+</p><p>
+Regardez la page (en anglais) sur l'<a href="jrandom-awol.html">au-revoir</a> de Jrandom et la migration des sites vers
+<a href="index.html">celui-ci</a>.
</p><p>
- For HTTPS or FTP access to the regular internet, there are no HTTPS or FTP "outproxies".
- HTTPS is possible if somebody would like to set one up. FTP is probably not.
- Actually, just about any other sort of outproxy might work, try setting it up with a standard
- tunnel and see.
- As explained several times above, outproxies of any type are not a core
- part of the network, they are services run by individuals and they may or may not
- be operational at any given time.
- If you would like to set up some type of outproxy, carefully research the potential risks.
- The I2P community may or may not be able to help with the technical aspects, feel free to ask.
+I2P reste en développement actif.
</p>
-<h3 id="proxy_safe">Is using an outproxy safe?
-<span class="permalink">(<a href="#proxy_safe">link</a>)</span></h3>
+<h3 id="reseed">Mon routeur est lancé depuis plusieurs minutes et n'a que très peu de connexions, voire aucune.
+<span class="permalink">(<a href="#reseed">lien</a>)</span></h3>
+<p>
+ Il vous faut peut-être réamorcer votre routeur: dans les versions récentes d'I2P vous pouvez allez sur
+<a href="http://localhost:7657/configreseed">http://localhost:7657/configreseed</a> et cliquer sur le bouton
+<em>Sauvegarder et réamorcer</em>. si cette méthode ne donne rien — ou si vous utilisez une très vieille version
+— vous aurez peut-être à <a href="#manual_reseed">réamorcer manuellement</a>.</p>
+ <p>
+ L'URL de réamorçage a changé il y a quelques années. Si c'est votre première installation et que vous avez installé
+ une vielle version (0.6.1.30 ou antérieure), ou
+ que vous n'avez pas utilisé I2P depuis longtemps, vous devez changer l'URL puis cliquer sur "Reseeding"
+ dans la console pour trouver d'autres routeurs.
+ Une fois le routeur lancé, dans <a href="http://localhost:7657/configadvanced.jsp">Avancé</a> (ou
+ <a href="http://localhost:7657/configreseed">Reseeding</a> si dispo),
+ ajoutez la ligne <tt>i2p.reseedURL=http://netdb.i2p2.de/</tt>
+ OU <tt>i2p.reseedURL=http://i2pdb.tin0.de/netDb/</tt> (n'importe laquelle des deux fait l'affaire),
+ puis cliquez "Appliquer", puis sur le lien "reseed" sur la gauche (ou le bouton "Enregistrer et réamorcer").
+</p><p>
+ Ceci marche pour les v0.6.1.27 ou ultérieures.
+ En v0.6.1.31 ou ultérieures, vous n'aurez probablement jamais besoin de ça.
+ En v0.6.1.26 ou antérieures, suivez les
+ <a href="#manual_reseed">instructions de réamorçage manuel</a> ci-dessous
+ ou intallez la <a href="download_fr.html">dernière version</a>.
+ Méthode alternative: ajoutez
+ <tt>wrapper.java.additional.5=-Di2p.reseedURL=http://netdb.i2p2.de/</tt>
+ dans le fichier, arrêtez complètement le routeur, relancez-le, puis cliquez sur "reseed".
+ Faites-nous savoir si ça marche.
+</p>
+<p>...mais vous devriez *vraiment* <a href="download_fr">mettre à jour</a> à la dernière version.</p>
+
+<h3 id="slow">Pourquoi I2P est-il si lent?
+<span class="permalink">(<a href="#slow">lien</a>)</span></h3>
+<p>
+Pourquoi les téléchargements, les torrents, l'exploration web, et tout le reste sont-ils si lents sur I2P?
+Le cryptage et le routage dans le réseau I2P ajoute une surcharge substantielle et réduisent la bande passante utile.
+L'anonymat a un prix.
+</p>
<p>
- You have to decide for yourself.
- It depends on what you are doing, your
- <a href="how_threatmodel.html">threat model</a>, and how much you trust the outproxy operator.
+D'abord, vous et tout le monde avez besoin d'augmenter vos limites de bande passante. Les deux réglages principaux
+sont les limiteurs de bande passante montante et descendante sur la page de
+<a href="http://localhost:7657/config.jsp">configuration</a>.
+Avec les réglages de 32ko/s vous n'obtiendrez rien de mieux que 15Ko/s de transfert de donnée avec I2PSnark.
+L'augmentation de ces réglages (mais en prenant soin de les garder dans les limites de votre accès à Internet)
+augmentera vos possibilités de taux de transfert pour I2PSnark et toutes les autres applications I2P.
</p><p>
- Like Tor, I2P does not magically encrypt the internet.
- You are vulnerable to snooping by the outproxy operator.
- The <a href="https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#ExitEavesdroppers">Tor FAQ</a>
- does a good job of explaining this.
- There is no HTTPS outproxy in I2P, and you cannot hide your traffic from an HTTP outproxy operator.
+Ensuite, avez-vous suffisamment configuré le taux de bande passante partagée pour permettre aux tunnels participants
+de router à travers votre propre routeur? Croyez-le pas, permettre le trafic participant
+vous maintiens bien intégré dans le réseau et améliore vos propres vitesses de transfert.
</p><p>
- In addition, you may be vulnerable to collusion between the outproxy operator
- and operators of other I2P services, if you use the same tunnels ("shared clients").
- There is additional discussion about this on <a href="http://zzz.i2p/topics/217">zzz.i2p</a>.
+I2P est un chantier en cours. De nombreuses améliorations et corrections sont régulièrement implémentées, et
+d'une façon générale, l'utilisation de la dernière version procure toujours un gain de performances.
+Si ce n'est pas déjà fait, <a href="download.html">installez la dernière version</a>.
</p>
-<h3 id="proxy_other">How do I access IRC, bittorrent, or other services on the regular internet?
-<span class="permalink">(<a href="#proxy_other">link</a>)</span></h3>
+<h3 id="subscriptions">
+Il me manque beaucoup d'hôtes dans mon carnet d'adresses (addressbook). Quels sont les bons liens de mise à jour?
+<span class="permalink">(<a href="#subscriptions">liens</a>)</span></h3>
<p>
- You can't.
- Somebody must set up an outproxy for each service.
- There are only two types of outproxies running right now: HTTP and email.
- There is no SOCKS outproxy.
- If you need this you should probably try <a href="http://www.torproject.org/">Tor</a>.
+La souscription par défaut est http://www.i2p.i2p/hosts.txt qui est rarement mis à jour.
+Si vous n'avez pas d'autre souscription, vous aurez souvent à utiliser un service de saut 'jump' ce qui
+est fastidieux.
+</p><p>
+Vous trouverez ci dessous d'autres liens de souscriptions publics. Vous devriez en ajouter un ou deux
+Ã votre <a href="http://localhost:7657/susidns/subscriptions.jsp">liste de souscriptions de susidns</a>.
+Vous n'avez pas besoin de toutes les ajouter car elles se synchronisent mutuellement régulièrement.
+Les liens qui utilisent du code cgi-bin emploient diverses stratégies pour minimiser
+le nombre de duplication d'adresses et sont donc plus efficaces.
+IMPORTANT : accepter une liste d'hôtes est un acte de confiance. Une souscription pernicieuse pourrait vous donner
+de fausses adresses. Donc, réfléchissez avant d'accepter.
+La présence sur cette page ne signifie pas l'aval d'I2P.
+<div class="links">
+<ul>
+<li><a href="http://i2host.i2p/cgi-bin/i2hostetag">http://i2host.i2p/cgi-bin/i2hostetag</a></li>
+<li><a href="http://stats.i2p/cgi-bin/newhosts.txt">http://stats.i2p/cgi-bin/newhosts.txt</a></li>
+<!-- <li><a href="http://inr.i2p/export/alive-hosts.txt">http://inr.i2p/export/alive-hosts.txt</a></li> -->
+</ul>
+</div>
</p>
-<h3 id="down">Most of the eepsites within I2P are down?
-<span class="permalink">(<a href="#down">link</a>)</span></h3>
+
+<h3 id="myeepsite">Comment dois-je faire pour créer mon propre eepsite?
+<span class="permalink">(<a href="#myeepsite">lien</a>)</span></h3>
<p>
- If you consider every eepsite that has ever been created, yes, most of them are down.
- People and eepsites come and go.
- A good way to get started in I2P is check out a list of eepsites that are currently up.
- <a href="http://inproxy.tino.i2p/status.php">inproxy.tino.i2p</a> and
- <a href="http://perv.i2p/stats.cgi">perv.i2p</a> track active eepsites.
+ Cliquez sur le lien <a href="http://localhost:7658/">Serveur web</a> dans la console pour les instructions.
</p>
-<h3 id="myeepsite">How do I set up my own eepsite?
-<span class="permalink">(<a href="#myeepsite">link</a>)</span></h3>
-<p>
- Click on the <a href="http://localhost:7658/">My Eepsite Link</a>
- on the top of your router console for instructions.
+<h3 id="snark">Questions sur les greffons I2P Bittorrent / I2PSnark / Azureus.
+<span class="permalink">(<a href="#snark">lien</a>)</span></h3>
+<p>
+Voir ici (eepsite)
+<a href="http://forum.i2p/viewtopic.php?t=2068">FAQ Bittorrent I2P</a> ou là sur le web classique:
+<a href="http://forum.i2p2.de/viewtopic.php?t=2068">(mirroir)</a>
+
+<h3 id="irc">Comment se connecter sur IRC depuis I2P?
+<span class="permalink">(<a href="#irc">lien</a>)</span></h3>
+<p>
+Sur la page de configuration
+<a href="http://localhost:7657/i2ptunnel/index.jsp">I2PTunnel</a>,
+démarrez le serveur proxy IRC, puis indiquez à votre client IRC de se connecter sur l'adresse locale au port 6668 (localhost:6668).
+
+<h3 id="outproxy">Je ne peux plus accéder aux sites Internet traditionnels via I2P.
+<span class="permalink">(<a href="#outproxy">lien</a>)</span></h3>
+<p>
+ Voir <a href="#exit">ici</a> pourquoi. Il y a très peu proxies HTTP sortants, ils ne font pas partie intégrante du réseau,
+ et ils sont peut-être à l'arrêt. De plus les anciens outproxies squid.i2p, true.i2p, and krabs.i2p ont disparu.
+ Le seul outproxy disponible actuellement est false.i2p.
+ Pour l'utiliser, modifiez votre réglage
+ <a href="http://localhost:7657/i2ptunnel/edit.jsp?tunnel=0">I2Ptunnel</a> pour le proxy HTTP
+ en indiquant 'false.i2p' tout seul dans liste. Puis arrêtez et relancez le proxy HTTP.
+ Si ça ne marche pas c'est que le proxy sortant HTTP false.i2p n'est pas en fonctionnement. Ce n'est pas un problème
+ dû à I2P.
+ Si votre principale raison d'utiliser un réseau anonyme est d'accéder à des sites de l'Internet classique,
+ vous devriez plutôt vous tourner vers <a href="http://www.torproject.org/">Tor</a>.
</p>
-<h3 id="slow">Why is I2P so slow?
-<span class="permalink">(<a href="#slow">link</a>)</span></h3>
+<h3 id="https">Je ne peux plus accéder aux sites sécurisés ou FTP (https:// ou ftp://) via I2P.
+<span class="permalink">(<a href="#https">link</a>)</span></h3>
<p>
-Why are downloads, torrents, web browsing, and everything else so slow on I2P?
-The encryption and routing within the I2P network adds a substantial amount of overhead and limits bandwidth.
-Anonymity isn't free.
+ Au sein d'I2P, il n'y aucun besoin d'HTTPS vu que le trafic est crypté de bout en bout.
+ Il n'y a pas de support FTP pour des raisons techniques.
+ </p><p>
+ Il n'y a pas de proxies sortants FTP vers l'Internet traditionnel — c'est sûrement impossible à réaliser.
+ N'importe quel autre type d'outproxy devrait marcher pour peu qu'il soit monté avec un tunnel standard.
+ Si vous voulez mettre en Å“uvre un certain type d'outproxy, passez bien en revue les risques potentiels.
+ La communauté I2P ne saura pas forcément vous aider sur certains aspects techniques, mais n'hésitez pas à demander.
+ Comme exposé plusieur fois ici, les outproxies ne sont pas une partie indispensable du réseau,
+ mais plutôt des services mis à disposition par des particuliers bénévoles et ils peuvent donc être
+ opérationnels ou pas à un certain moment sans que leurs opérateurs aient à s'en justifier.
+</p><p>
+ <b><l>Mise à jour</l></b>: grâce au travail de mer'd et h2ik, il y a un proxy HTTPS qui fonctionne avec I2P.
+ Depuis la v0.8.4 <a href="http://localhost:7657/i2ptunnel/edit?tunnel=6">le tunnel</a> est configuré d'origine.<br />
+ Si vous avez une vielle version, vous pouvez facilement l'ajouter:</p>
+<ol><li>Ouvrez le <a href="http://localhost:7657/i2ptunnel/index.jsp">gestionnaire de tunnels I2P</a>.
+ Descendez tout en bas.
+</li><li>Choisissez <b>CONNECT</b> à partir de la liste déroulante <b>Nouveau tunnel client</b>, puis cliquez sur <b>Créer</b>.
+</li><li>Dans la nouvelle page, <b>Nom</b>mez et décrivez <b>(Description)</b> votre nouveau tunnel https comme vous le souhaitez.
+ Le port <b>Point d'accès</b> est le port local du nouveau mandataire https (<b>4445</b> recommandé).
+Le champ <b>Outproxy</b> doit recevoir l'adresse .i2p du serveur qui fournit le support du service https.
+Voir cet article du forum de <a href="http://forum.i2p/viewtopic.php?p=31356#31356">h2ik</a> pour l'adresse.
+Assurez-vous que <b>Client partagé</b>, <b>Delay Connect</b>, et <b>AutoStart</b> sont cochées.
+Les autres options restant par defaut, cliquez sur Enregistrer. Dans la page de gestion des tunnels,
+cliquez sur le bouton <b>Démarrer</b> en face du nouveau tunnel.
+
+</li><li>Dans Firefox, passez par <b>Outils</b>><b>Options</b>(Windows) ou <b>Édition</b>><b>Préférences</b> (Linux) ><b>Avancé</b>><b>Réseau</b>><b>Connexion - Paramètres</b>,
+ décochez <b>Utiliser ce serveur proxy pour tous les protocoles</b>, réglez <b>Proxy SSL:</b> à localhost et <b>Port:</b> à 4445.
+</li><li>"Et voilà "
+</li></ol>
</p>
+
+<h3 id="socks">Est-il possible d'utiliser I2P en tant que proxy SOCKS?
+<span class="permalink">(<a href="#socks">lien</a>)</span></h3>
<p>
-In addition, you and everybody else probably need to increase your bandwidth limits.
-Two key settings are the inbound and outbund bandwidth limiters on
-<a href="http://localhost:7657/config.jsp">the configuration page</a>.
-With the default settings of 32KBps you will generally get no better than 15KBps data transfer in I2PSnark.
-Increasing the settings (but keeping within your actual connection limitations)
-will increase the potential transfer rate for I2PSnark and all other applications.
+ Le proxy SOCKS marche depuis la v0.7.1 et supporte SOCKS en v4/v4a et v5.
+ Il n'y a pas de mandataire SOCKS sortant, donc ce support est d'un usage limité.
</p><p>
-Also, do you have sufficient share bandwidth configured to allow participating tunnels
-to route through your router? Believe it or not, allowing participating traffic
-keeps you well-integrated in the network and helps your own transfer speeds.
+ De plus, beaucoup d'applications cafardent des informations sensibles qui peuvent
+ permettre de vous identifier sur Internet. I2P ne filtre que les données de connexions,
+ mais ces programmes que vous voudriez utiliser envoient ces infos en tant que contenu,
+ et dans ce cas I2P n'a aucun moyen de protéger votre anonymat.
+ Par exemple, des applications de messagerie envoient au serveur de messagerie l'adresse IP de la machine
+ sur laquelle elles tournent. Il n'est pas possible de filtrer ça avec I2P,
+ en conséquence de quoi l'utilisation d'I2P pour 'socksifier' des application existantes est possible,
+ mais extrêmement dangereuse.
</p><p>
-I2P is a work in progress. Lots of improvements and fixes are being implemented, and
-generally speaking, running the latest release will help your performance.
-If you haven't, <a href="download.html">install the latest release</a>.
+ Si cependant vous voulez en savoir plus sur l'application proxy socks,
+ il y a quelques astuces utiles sur la <a href="socks.html">page socks</a> dédiée.
</p>
-<h3 id="snark">Bittorrent / I2PSnark / Azureus I2P Plugin Questions?
-<span class="permalink">(<a href="#snark">link</a>)</span></h3>
-<p>
-See the
-<a href="http://forum.i2p/viewtopic.php?t=2068">I2P Bittorrent FAQ</a>
-<a href="http://forum.i2p2.de/viewtopic.php?t=2068">(outside I2P)</a>
-
-<h3 id="irc">How do I connect to IRC within I2P?
-<span class="permalink">(<a href="#irc">link</a>)</span></h3>
+<h3 id="browserproxy">Comment configurer mon navigateur Internet?
+<span class="permalink">(<a href="#browserproxy">link</a>)</span></h3>
<p>
-On the
-<a href="http://localhost:7657/i2ptunnel/index.jsp">I2PTunnel configuration page</a>,
-start the ircProxy.
-Then tell your IRC client to connect to localhost port 6668.
+ La configuration des réglages du mandataire (proxy), spécifique à chaque navigateur est
+ présentée sur une <a href="htproxyports_fr.html">page dédiée</a> avec des copies d'écran.
+ Des réglages plus fins sont possibles avec des outils externes mais ils pourraient laisser des
+ trous dans vos réglages ou être incomplets.
+</p>
-<h3 id="remote_webconsole">How can I access the web console from my other machines or password protect it?
+<h3 id="remote_webconsole">Comment accéder à la console depuis un autre ordinateur et/ou la protéger par un mot de passe?
<span class="permalink">(<a href="#remote_webconsole">link</a>)</span></h3>
<p>
- For security purposes, the router's admin console by default only listens
- for connections on the local interface. However, with a little hacking,
- you can make it reachable remotely:
+ Par sécurité, la console d'administration du routeur n'écoute que les connexions à partir de l'interface locale.
+ Cependant, moyennant un petit réglage, on peut y accéder à distance:
</p>
<ol>
-<li>Open up clients.config and replace<br />
- <code>clientApp.0.args=7657 127.0.0.1 ./webapps/</code><br />
- with <br />
+<li>Ouvrir le fichier clients.config et remplacez<br />
+ <code>clientApp.0.args=7657 ::1,127.0.0.1 ./webapps/</code><br />
+ par <br />
<code>clientApp.0.args=7657 0.0.0.0 ./webapps/</code></li>
-<li>Go to <a href="http://localhost:7657/configadvanced.jsp">http://localhost:7657/configadvanced.jsp</a>
- and add a new option: <code>consolePassword=foo</code> (or whatever password you want)</li>
-<li>Go to <a href="http://localhost:7657/index.jsp">http://localhost:7657/index.jsp</a>
- and hit "Graceful restart", which restarts the JVM and reloads the client applications</li>
-</ol>
-
-<p>
- After that fires up, you should now be able to reach your console remotely.
- You will be prompted for a username and password though - the username is
- "admin" and the password is whatever you specified in step 2 above. Note: the
- <code>0.0.0.0</code> above specifies an <i>interface</i>, not a network or netmask. 0.0.0.0
- means "bind to all interfaces", so it can be reachable on 127.0.0.1:7657 as well as
- any LAN/WAN IP.
-</p>
-
-<h3 id="remote_i2cp">How can I use applications from my other machines?
-<span class="permalink">(<a href="#remote_i2cp">link</a>)</span></h3>
-<p>
-By default, the router I2CP interface (port 7654) binds to address 127.0.0.1. To bind to 0.0.0.0, set the
-router advanced configuration option <tt>i2cp.tcp.bindAllInterfaces=true</tt> and restart.
+<li>Allez sur <a href="http://localhost:7657/configadvanced.jsp">Avancé</a>
+ et ajoutez une nouvelle option: <code>consolePassword=foo</code> (ou celui que vous voulez)</li>
+<li>Redémarrez (courtoisement) ;) le routeur sur
+ <a href="http://localhost:7657/index.jsp">http://localhost:7657/index.jsp</a>
+ pour relancer la JVM et recharger les applications clientes</li></ol>
+
+<p>
+ Après ce redémarrage, vous pourrez accéder à votre console à distance.
+ Il faudra rentrer le mot de passe (le nom d'utilisateur est "admin"). Note: la chaîne
+ <code>0.0.0.0</code> ci-dessus spécifie une <i>interface</i>, pas un réseau ou un masque. 0.0.0.0
+ signifie "attache-toi à toutes les interfaces", pour être joignable depuis 127.0.0.1:7657 aussi bien que depuis
+ n'importe quelle IP <b>LAN/WAN</b>.
</p>
-<h3 id="eepsite">Whats an "eepsite"?
-<span class="permalink">(<a href="#eepsite">link</a>)</span></h3>
+<h3 id="remote_i2cp">Comment utiliser les applications depuis mes autres ordinateurs?
+<span class="permalink">(<a href="#remote_i2cp">lien</a>)</span></h3>
<p>
- An eepsite is a website that is hosted anonymously - you can access it by
- setting your web browser's HTTP proxy to use the web proxy (typically it
- listens on localhost port 4444), and browsing to the site.
+Par défaut, l'interface I2CP du routeur (port 7654) s'attache à l'adresse 127.0.0.1. Pour l'attacher à 0.0.0.0,
+réglez l'option de configuration avancée <tt>i2cp.tcp.bindAllInterfaces=true</tt> et redémarrez le routeur.
</p>
-<h3 id="active">What do the Active x/y numbers mean in the router console?
-<span class="permalink">(<a href="#active">link</a>)</span></h3>
+<h3 id="manual_reseed">Comment puis-je réamorcer manuellement?
+<span class="permalink">(<a href="#manual_reseed">lien</a>)</span></h3>
<p>
- x is the number of peers you've sent or received a message from
- successfully in the last minute, y is the number of peers seen in the last
- hour or so.
-</p>
+ Un routeur I2P n'a besoin de s'amorcer qu'une seule fois, à l'occasion de sa première
+ introduction dans le réseau.
+ Le réamorçage n'est rien d'autre que l'envoi d'une requête HTTP GET pour peupler
+ un annuaire et télécharger plusieurs fichiers "routerInfo" à partir d'une URL prédéfinie.</p>
-<h3 id="socks">Is it possible to use I2P as a SOCKS proxy?
-<span class="permalink">(<a href="#socks">link</a>)</span></h3>
<p>
- The SOCKS proxy is working as of release 0.7.1. SOCKS 4/4a/5 are supported.
- There is no SOCKS outproxy so it is of limited use.
-</p><p>
- In addition, many applications leak sensitive
- information that could identify you on the internet. I2P only filters
- connection data, but if the programme you intend to run sends this
- information as content, I2P has no way to protect your anonymity. For
- example, some mail applications will send the IP address of the machine
- they are running on to a mail server. There is no way for I2P to filter
- this, thus using I2P to 'socksify' existing applications is possible, but
- extremely dangerous.
-</p><p>
- If you would like more information on the socks proxy application anyway,
- there are some helpful hints on the <a href="socks.html">socks page</a>.
-</p>
+ Le symptôme caractéristique d'un amorçage défaillant est la très faible valeur (souvent moins de cinq
+ et sans évolution) de l'indicateur "Connus" dans la partie gauche de la console.
+ Ceci peut se produire, entre autres raisons, si votre pare-feu restreint le traffic sortant et a bloqué
+ la requête d'amorçage.</p>
-<h3 id="ports">What ports does I2P use?
-<span class="permalink">(<a href="#ports">link</a>)</span></h3>
<p>
- Ok, here's a rundown of the default ports (everything is configurable
- through various settings, of course):
-</p>
+ Pour réamorcer manuellement suivez les étapes:
+ <ul>
+ <li>Arrêtez le routeur.</li>
+ <li>Ouvrez <!-- <a href="http://i2pdb.tin0.de/netDb/">http://i2pdb.tin0.de/netDb/</a> ou -->
+ <a href="http://netdb.i2p2.de/">http://netdb.i2p2.de/</a> avec votre navigateur.</li>
+ <li>Sauvegardez une douzaine de fichiers "routerInfo" dans votre dossier I2P "netDb".</li>
+<!--
+ <li>Autre méthode plus simple: Téléchargez
+ <a href="http://i2pdb.tin0.de/latest.zip">http://i2pdb.tin0.de/latest.zip</a>
+ et décompressez-le dans le dossier I2P "netDb".
+-->
+ <li>Démarrez le routeur.</li></ul></p>
+
+
+<h3 id="cpu">Mon routeur consomme trop de ressources processeur !?!
+<span class="permalink">(<a href="#cpu">lien</a>)</span></h3>
+<p>
+Il y a plusieurs causes à une trop forte charge processeur. Voici quelques-unes :
+</p><ul>
+<li>
+Préférez OpenJDK ou Java de Sun/Oracle si disponible pour votre système (tapez <code>java -version</code> dans un
+terminal pour connaître votre version). Nous avons eu plusieurs retours concernant une grande charge processeur
+lorsqu'on utilise d'autres versions de Java et les performances sont dégradées.
-<p>
- <ul><p>
- <li><b>Internet-facing ports</b>
- <ul>
- <li><b>Outbound UDP from port 8887 to arbitrary remote UDP ports, allowing replies</b></li>
- <li><b>Outbound TCP from random high ports to arbitrary remote TCP ports</b></li>
- <li><b>(optional, but recommended) Inbound UDP to port 8887 from arbitrary locations</b></li>
- <li><b>(optional, but recommended) Inbound TCP to port 8887 from arbitrary locations</b><br />
- By default, I2P does not listen for inbound TCP connections.<br />
- To start accepting them, you can either tell I2P to autodetect its address and port<br />
- using the UDP transport, or you can manually enter an IP address (or DNS name)<br />
- and a TCP port. You can activate this feature on the Configuration page.</li>
- <li><b>Outbound UDP on port 123, allowing replies</b><br />
- This is necessary for I2P's internal time sync (via SNTP -
- querying a random SNTP host in pool.ntp.org or another
- server you specify)</li>
- </ul>
- </li>
- </p></ul>
+<li>Si vous utilisez un client bittorent à travers I2P vous pouvez tenter de baisser le nombres de torrent simultanés,
+de limiter sa bande passante allouée, ou bien essayez directement de le couper complètement
+et de vérifier si la charge diminue.
+<li>
+Est ce que votre réglage de bande passante n'est pas trop élevé? Trop de trafic routé
+à travers votre routeur peu surcharger le processeur. Essayez dans ce cas de baisser le réglage de bande passante
+partagée dans la <a href="http://localhost:7657/config">configuration</a>.
+<li>Assurez-vous que vous utilisez la dernière version d'I2P pour bénéficier des améliorations de performances et des
+correctifs de bogues.
+<li>
+Avez-vous configuré avec suffisamment de mémoire ? Regardez le <a href="http://localhost:7657/graphs">graphique</a>
+d'utilisation de la mémoire pour voir si l'utilisation mémoire n'est pas au taquet, ce qui signifie que la JVM passe
+son temps à faire le "ramasse miettes" ou "garbage collector - gc -" et/ou à jouer avec le fichier d'échange (swap).
+Dans ce cas, augmentez la valeur du paramètre "wrapper.java.maxmemory" dans le fichier "wrapper.config"
+<li>
+La charge UC est-elle seulement plus élevée que vous ne désirez, ou reste-elle longtemps à 100%?
+Dans ce dernier cas, c'est peut être un bug. Cherchez des pistes pouvant le confirmer dans les logs.
+<li>
+Peut-être utilisez-vous la bibliothèque "Java-based BigInterger" à la place de celle installée en natif,
+en particulier si vous utilisez un système d'exploitation nouveau ou peu courant, ou bien un matériel très
+récent (OS X, OpenSolaris, mipsel etc...).
+Voir la page de <a href="jbigi.html">jbigi</a> pour avoir des informations sur les manières de compiler,
+tester et diagnostiquer.
+<li>
+Si votre bibliothèque native jbigi marche normalement, la plus grosse consommation d'UC
+devrait être le routage pour les tunnels participants. Ceci car à chaque saut,
+un niveau d'encryption doit être décrypté.
+vous pouvez limiter le trafic participants de deux façons: en réduisant la bande passante partagée dans la
+<a href="http://localhost:7657/config.jsp">configuration</a>,
+ou en réglant <tt>router.maxParticipatingTunnels=nnn</tt> dans la configuration
+<a href="http://localhost:7657/configadvanced.jsp">avancée</a>.
+</ul>
- <ul><p>
- <li><b>Local I2P ports</b>, listening only to local connections by default,
- except where noted:
- <ul>
- <li><b>1900:</b> UPnP SSDP UDP multicast listener.
- <i>Cannot be changed. Binds to all interfaces.
- May be disabled on <a href="http://localhost:7657/config.jsp">config.jsp</a>.
- </i></li>
- <li><b>2827:</b> BOB bridge, a higher level socket API for clients
- <i>Disabled by default.
- May be enabled/disabled on <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>.
- May be changed in the bob.config file.
- </i></li>
- <li><b>4444:</b> HTTP proxy
- <i>May be disabled or changed on the i2ptunnel page in the router console.
- </i></li>
- <li><b>6668:</b> IRC proxy
- <i>May be disabled or changed on the i2ptunnel page in the router console.
- </i></li>
- <li><b>7652:</b> UPnP HTTP TCP event listener.
- <i>Binds to the LAN address.
- May be changed with advanced config i2np.upnp.HTTPPort=nnnn.
- May be disabled on <a href="http://localhost:7657/config.jsp">config.jsp</a>.
- </i></li>
- <li><b>7653:</b> UPnP SSDP UDP search response listener.
- <i>Binds to all interfaces.
- May be changed with advanced config i2np.upnp.SSDPPort=nnnn.
- May be disabled on <a href="http://localhost:7657/config.jsp">config.jsp</a>.
- </i></li>
- <li><b>7654:</b> I2P Client Protocol port, used by client apps.
- <i>May be changed with the advanced configuration option</i> <tt>i2cp.port</tt>
- <i>but this is not recommended.
- </i></li>
- <li><b>7655:</b> UDP for SAM bridge, a higher level socket API for clients
- <i>Only opened when a SAM V3 client requests a UDP session.
- May be enabled/disabled on <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>.
- May be changed in the clients.config file with the SAM command line option sam.udp.port=nnnn.
- </i></li>
- <li><b>7656:</b> SAM bridge, a higher level socket API for clients
- <i>Disabled by default for new installs as of release 0.6.5.
- May be enabled/disabled on <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>.
- May be changed in the clients.config file.
- </i></li>
- <li><b>7657:</b> Your router console
- <i>May be changed in the clients.config file</i></li>
- <li><b>7658:</b> Your eepsite
- <i>May be disabled in the clients.config file</i></li>
- <li><b>7659:</b> Outgoing mail to smtp.postman.i2p
- <i>May be disabled or changed on the i2ptunnel page in the router console.
- </i></li>
- <li><b>7660:</b> Incoming mail from pop.postman.i2p
- <i>May be disabled or changed on the i2ptunnel page in the router console.
- </i></li>
- <li><b>8998:</b> mtn.i2p2.i2p (Monotone - disabled by default)
- <i>May be disabled or changed on the i2ptunnel page in the router console.
- </i></li>
- <li><b>32000:</b> local control channel for the service wrapper</li>
- </ul>
- </li>
- </p></ul>
-</p>
+<h3 id="proxy_other">Comment accéder à IRC, BitTorrent, ou autres services sur l'Internet classique?
+<span class="permalink">(<a href="#proxy_other">lien</a>)</span></h3>
<p>
- The local I2P ports and the I2PTunnel ports do not need to be reachable from
- remote machines, but *should* be reachable locally. You can also create
- additional ports for I2PTunnel instances via http://localhost:7657/i2ptunnel/
- (and in turn, would need to get your firewall to allow you local access, but
- not remote access, unless desired).
+ À moins que quelqu'un ne fournisse un mandataire sortant (outproxy) pour le service en question, c'est impossible.
+ Il n'y a que trois types de mandataires sortants pour l'instant: HTTP, HTTPS et email. Remarquez qu'il n'y a pas
+ d'outproxy SOCKS. Si vous avez besoin de ça, il vaut mieux regarder du côté de
+<a href="http://www.torproject.org/">Tor</a>.
</p>
-<p>
- So, to summarize, nothing needs to be reachable by unsolicted remote peers, but
- if you can configure your NAT/firewall to allow inbound UDP and TCP to port 8887, you'll
- get better performance. You will also need to be able to send outbound UDP packets
- to arbitrary remote peers (blocking IPs randomly with something like PeerGuardian
- only hurts you - don't do it).
-</p>
-<h3 id="manual_reseed">How do I reseed manually?
-<span class="permalink">(<a href="#manual_reseed">link</a>)</span></h3>
+<h3 id="exit">Mon routeur est-il un nœud de sortie (outproxy) vers l'Internet classique? Je ne le veux pas.
+<span class="permalink">(<a href="#exit">lien</a>)</span></h3>
<p>
- An I2P router only needs to reseed once, to join the network for the first time.
- Reseeding is nothing more than sending plain HTTP GET requests
- to fetch a directory listing and download multiple "routerInfo" files
- from a predefined reseed URL.
+ Non. contrairement à <a href="http://www.torproject.org/">Tor</a>,
+ les points de sortie ou "outproxies" ne font pas partie intégrante du réseau.
+ Seuls les volontaires qui installent une application séparée relaient le trafic vers l'Internet traditionnel.
+ Et ils sont très peu nombreux.
</p>
-<p>
- A typical symptom of a failed reseed is the "Known" indicator
- (on the left sidebar of the router console) displaying a very small value
- (often less than 5) which does not increase. This can occur, among other things,
- if your firewall limits outbound traffic, and blocked the reseed request.
-</p>
+<h3 id="content">Je suis opposé à certains contenus. Comment me prémunir de les diffuser, de les stocker, ou d'y accéder?
+<span class="permalink">(<a href="#content">lien</a>)</span></h3>
<p>
- To reseed an I2P router manually, do the following:
- <ul>
- <li>Stop your I2P router</li>
- <li>Open <a href="http://i2pdb.tin0.de/netDb/">http://i2pdb.tin0.de/netDb/</a> or
- <a href="http://netdb.i2p2.de/">http://netdb.i2p2.de/</a> using a web browser</li>
- <li>Save a dozen "routerInfo" files to your I2P "netDb" directory (ignore the "leaseSet" files)</li>
- <li>Alternate method (easier): Download <a href="http://i2pdb.tin0.de/latest.zip">http://i2pdb.tin0.de/latest.zip</a>
- and unzip it into your I2P "netDb" directory.
- <li>Start your I2P router</li>
- </ul>
+Mouairf! I2P est un réseau anonyme, et il fait bien son boulot.
+Il est conçu pour tous et pas pour censurer aucune sorte de données que ce soit.
+La meilleure façon de tenir votre PC éloigné du trafic (encrypté) que vous n'aimez pas est de ne pas utiliser I2P.
+La liberté de parole a un prix. Mais examinons votre question en trois point:
+<ul>
+<li><b>Diffusion:</b> tout le trafic sur I2P est crypté en de multiple couches. Vous ne pouvez avoir connaissance
+du contenu des messages, leurs sources, ni leur destinations.
+Tout le trafic que vous routez est interne au réseau: vous n'êtes pas un <a href="#exit">point de sortie</a> (outproxy).
+Votre seule possibilité est de refuser de router
+<i>tout</i> trafic, en réglant votre bande passante partagée ou le maximum de tunnels à 0 (voir plus haut).
+Ça serait bien que vous ne le fissiez pas, car vous aideriez le réseau en routant le trafic pour les autres.
+Plus de 95% des utilisateurs routent pour les autres.
+<li><b>Stockage:</b> I2P ne fait pas de stockage distribué. Vous pensez peut-être Ã
+<a href="http://freenetproject.org/">Freenet</a>.
+vous ne stockez les contenus de personne.
+<li><b>Accès:</b> - S'il y a quelques sites eep que vous n'aimez pas, n'y allez pas.
+Ou utilisez un proxy bloquant comme Privoxy ou quelqu'autre type de "net nanny" ou "Cerbèr'web".
+</ul>
+En résumé, en utilisant I2P vous pourriez router quelque-chose se rapportant Ã
+<a href="http://fr.wikipedia.org/wiki/Voltaire#La_libert.C3.A9_d.27expression">ceci</a>.
</p>
+<h3 id="compat6x">Sur FreeBSD, j'ai une erreur concernant <code>libm.so.4</code> au démarrage d'I2P !
+<span class="permalink">(<a href="#compat6x">lien</a>)</span></h3>
+Quand vous lancez le routeur par la commande "i2prouter start", vous pouvez voir ce genre de sortie:<br />
+<code> $ ./i2prouter start<br />
+ Starting I2P Service...<br />
+ /libexec/ld-elf.so.1: Shared object "libm.so.4" not found, required by "i2psvc"
+</code>
+<p>Pour faire en sorte qu'I2P fonctionne sur le plus de systèmes possibles nous utilisons l'émulateur de service
+<a href="http://wrapper.tanukisoftware.com/">java wrapper</a> compilé pour FreeBSD 6.x. Vous n'avez probablement pas
+installé les bibliothèques nécessaires. Vous pouvez le faire en suivant les étapes suivantes:</p>
+<ul>
+ <li>Basculez en root avec <code>su</code> ou connectez-vous en <code>root</code>.</li>
+ <li><code>cd /usr/ports/misc/compat6x</code></li>
+ <li><code>make install</code></li>
+</ul>
+<p>Si vous ne pouvez (ou ne voulez) pas installer ces bibliothèques de compatibilité, vous pouvez compiler le wrapper
+pour <a href="manualwrapper">votre système</a> ou démarrer I2P avec le script <code>runplain.sh</code>.</p>
+
+<h3 id="protocolfamily">Erreur <code>Protocol family unavailable</code> dans le <code>wrapper.log</code> au démarrage de la console I2P.
+<span class="permalink">(<a href="#protocolfamily">lien</a>)</span></h3>
+<p>Cette erreur se produit souvent avec des logiciels réseau Java sur des systèmes configurés pour utiliser IPv6 par
+défault. Voici quelques manières d'y remédier:</p>
+<ul>
+ <li>Sur systèmes Linux, vous pouvez vérifier par <code>echo 0 > /proc/sys/net/ipv6/bindv6only</code></li>
+ <li>si vous voyez les ligne suivantes sous <code>wrapper.config</code>.<br />
+<code>#wrapper.java.additional.5=-Djava.net.preferIPv4Stack=true<br />
+ #wrapper.java.additional.6=-Djava.net.preferIPv6Addresses=false<br />
+</code><br />
+ Si elles sont présentes, activez-les en enlevant les "#"s de débuts de lignes. Si elles n'y sont pas, ajoutez-les,
+(sans les "#"s).<br /></li>
+Un autre moyen consiste à enlever la séquence <strong>::1</strong> du fichier <code>~/.i2p/clients.config</code>
+ </ul>
+<p><strong>ATTENTION</strong>: pour que tout changement dans le fichier <code>wrapper.config</code> soit effectif vous
+devez arrêter complètement le routeur et le wrapper. Cliquer sur <em>Redémarrer</em> dans la console du routeur ne fait
+pas relire ce fichier! Vous devez cliquer sur <em>Arrêter</em>, attendre 11 minutes, puis lancer I2P.</p>
+
+
+
<hr />
-<h3 id="question">I have a question!
-<span class="permalink">(<a href="#question">link</a>)</span></h3>
+<h3 id="question">J'ai une question!
+<span class="permalink">(<a href="#question">lien</a>)</span></h3>
<p>
- Great! Find us on IRC irc.freenode.net #i2p or post to
- the <a href="http://forum.i2p2.de/">forum</a> and we'll post it here (with
- the answer, hopefully).
+ Chouette! Retrouvez-nous sur le canal #i2p du serveur irc.freenode.net ou postez-la sur le
+ <a href="http://forum.i2p2.de/">forum</a> et nous y répondrons. On la reproduira peut-être même ici (avec la
+ réponse, espérons!).
</p>
{% endblock %}
diff --git a/www.i2p2/pages/faq_zh.html b/www.i2p2/pages/faq_zh.html
index 356c3d93bb1d6f98cf8b6227750177cc3b7a0c42..4154fbc66d6e6ffb58a0dad83b62d0f73e7baf26 100644
--- a/www.i2p2/pages/faq_zh.html
+++ b/www.i2p2/pages/faq_zh.html
@@ -42,10 +42,9 @@
</ol></p>
<h3 id="bug">我想我å‘现了软件的一个错误,到哪报告?<span class="permalink">(<a href="#bug">链接</a>)</span></h3>
<p>以下这些地方都å¯ä»¥ï¼Œæ‚¨å¯ä»¥ä»»é€‰å…¶ä¸€ã€‚<ul>
-<li> <a href="http://trac.i2p2.i2p/newticket">trac.i2p2.i2p</a>申报故障
-</li><li><a href="http://forum.i2p/viewforum.php?f=10">è®ºå› forum.i2p</a>
-</li><li><a href="http://paste.i2p2.i2p/">å°†æ—¥å¿—è´´åˆ°å…¬å…±å‰ªåˆ‡æ¿ paste.i2p2.i2p</a> 然åŽæ¥ IRC #i2p
-</li><li> 到IRCçš„#i2p房间å‘å¼€å‘组å馈问题
+<li> <a href="http://trac.i2p2.de/report/1">trac.i2p2.de</a>申报故障
+</li><li><a href="http://pastethis.i2p/">å°†æ—¥å¿—è´´åˆ°å…¬å…±å‰ªåˆ‡æ¿ pastethis.i2p</a> 然åŽæ¥ IRC #i2p
+</li><li> 到IRCçš„#i2p-dev房间å‘å¼€å‘组å馈问题
</li></ul>
</p>
<p>请æä¾› router logåŠwrapper logä¸çš„相关信æ¯ã€‚</p>
@@ -74,7 +73,6 @@
<ul>
<li><a href="http://i2host.i2p/cgi-bin/i2hostetag">http://i2host.i2p/cgi-bin/i2hostetag</a>
</li><li><a href="http://stats.i2p/cgi-bin/newhosts.txt">http://stats.i2p/cgi-bin/newhosts.txt</a>
-</li><li><a href="http://tino.i2p/hosts.txt">http://tino.i2p/hosts.txt</a>
</li></ul>
</div>
</p>
@@ -212,12 +210,12 @@ several releases in 2010.
<ul><p>
<li><b> I2P 本地端å£</b>,默认情况下,除éžç»è¿‡ç‰¹æ®Šè®¾ç½®ï¼Œåªç›‘å¬æœ¬åœ°è¿žæŽ¥ï¼š
<ul>
- <li><b>1900:</b> UPnP SSDP UDP 多æ’监å¬ç«¯å£ã€‚<i>ä¸èƒ½ä¿®æ”¹ã€‚绑定至所有接å£ã€‚å¯ä»¥åœ¨ <a href="http://localhost:7657/config.jsp">config.jsp</a>ä¸ç¦ç”¨ã€‚</i></li>
+ <li><b>1900:</b> UPnP SSDP UDP 多æ’监å¬ç«¯å£ã€‚<i>ä¸èƒ½ä¿®æ”¹ã€‚绑定至所有接å£ã€‚å¯ä»¥åœ¨ <a href="http://localhost:7657/confignet.jsp">confignet.jsp</a>ä¸ç¦ç”¨ã€‚</i></li>
<li><b>2827:</b> BOB bridge, 供客户程åºç”¨çš„高级 socket API <i>默认关é—。å¯ä»¥åœ¨ <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>ä¸æ‰“å¼€/å…³é—。å¯ä»¥åœ¨ bob.config 文件ä¸è¿›è¡Œä¿®æ”¹ã€‚</i></li>
<li><b>4444:</b> HTTP ä»£ç† <i>å¯ä»¥åœ¨è·¯ç”±æŽ§åˆ¶å°çš„ i2ptunnel 页é¢ä¸ç¦ç”¨æˆ–修改。</i></li>
<li><b>6668:</b> IRC ä»£ç† <i>å¯ä»¥åœ¨è·¯ç”±æŽ§åˆ¶å°çš„ i2ptunnel 页é¢ä¸ç¦ç”¨æˆ–修改。</i></li>
- <li><b>7652:</b> UPnP HTTP TCP 事件监å¬ç«¯å£ã€‚<i>绑定于 LAN 地å€ä¸Šã€‚å¯ä»¥é€šè¿‡é«˜çº§è®¾ç½® i2np.upnp.HTTPPort=nnnn 进行修改。å¯ä»¥åœ¨ <a href="http://localhost:7657/config.jsp">config.jsp</a>ä¸ç¦ç”¨ã€‚</i></li>
- <li><b>7653:</b> UPnP SSDP UDP æœç´¢åº”ç”端å£ã€‚<i>绑定至所有接å£ã€‚å¯ä»¥é€šè¿‡é«˜çº§è®¾ç½® i2np.upnp.SSDPPort=nnnn 修改。å¯ä»¥åœ¨ <a href="http://localhost:7657/config.jsp">config.jsp</a>ä¸ç¦ç”¨ã€‚</i></li>
+ <li><b>7652:</b> UPnP HTTP TCP 事件监å¬ç«¯å£ã€‚<i>绑定于 LAN 地å€ä¸Šã€‚å¯ä»¥é€šè¿‡é«˜çº§è®¾ç½® i2np.upnp.HTTPPort=nnnn 进行修改。å¯ä»¥åœ¨ <a href="http://localhost:7657/confignet.jsp">confignet.jsp</a>ä¸ç¦ç”¨ã€‚</i></li>
+ <li><b>7653:</b> UPnP SSDP UDP æœç´¢åº”ç”端å£ã€‚<i>绑定至所有接å£ã€‚å¯ä»¥é€šè¿‡é«˜çº§è®¾ç½® i2np.upnp.SSDPPort=nnnn 修改。å¯ä»¥åœ¨ <a href="http://localhost:7657/confignet.jsp">confignet.jsp</a>ä¸ç¦ç”¨ã€‚</i></li>
<li><b>7654:</b> I2P 客户程åºå议端å£ï¼Œä¾›å®¢æˆ·ç¨‹åºä½¿ç”¨ã€‚<i>å¯ä»¥é€šè¿‡é«˜çº§è®¾ç½®é€‰é¡¹</i> <tt>i2cp.port</tt>进行修改, <i>但ä¸æŽ¨èè¿™æ ·åšã€‚</i></li>
<li><b>7655:</b> SAM客户å议桥的 UDP 端å£ã€‚供客户程åºä½¿ç”¨çš„高级 socket API <i>仅在 SAM V3 客户端请求 UDP 会è¯æ—¶å¯åŠ¨ã€‚å¯ä»¥åœ¨ <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>ä¸æ‰“å¼€/å…³é—。å¯ä»¥åœ¨ clients.config 文件ä¸é€šè¿‡ SAM 命令行选项 sam.udp.port=nnnn 修改</i></li>
<li><b>7656:</b> SAM bridge, 供客户程åºä½¿ç”¨çš„高级 socket API <i>从0.6.5的开始安装åŽé»˜è®¤å…³é—。å¯ä»¥åœ¨ <a href="http://localhost:7657/configclients.jsp">configclients.jsp</a>ä¸æ‰“å¼€/å…³é—。å¯ä»¥åœ¨ clients.config 文件ä¸ä¿®æ”¹ã€‚</i></li>
@@ -243,9 +241,11 @@ several releases in 2010.
<p>为 I2P 路由器手动补ç§æ–¹æ³•å¦‚下:<ul>
<li>å…³é— I2P 路由器</li>
- <li>用æµè§ˆå™¨æ‰“å¼€ <a href="http://i2pdb.tin0.de/netDb/">http://i2pdb.tin0.de/netDb/</a> 或 <a href="http://netdb.i2p2.de/">http://netdb.i2p2.de/</a> 。</li>
- <li>å°†20个 "routerInfo" 文件å˜å…¥ I2Pçš„"netDb" 文件夹 (忽略 "leaseSet" 文件)</li>
+ <li>用æµè§ˆå™¨æ‰“å¼€ <!-- <a href="http://i2pdb.tin0.de/netDb/">http://i2pdb.tin0.de/netDb/</a> 或 --> <a href="http://netdb.i2p2.de/">http://netdb.i2p2.de/</a> 。</li>
+ <li>å°†20个 "routerInfo" 文件å˜å…¥ I2Pçš„"netDb" 文件夹</li>
+<!--
<li>或者 (简å•æ–¹æ³•): 下载 <a href="http://i2pdb.tin0.de/latest.zip">http://i2pdb.tin0.de/latest.zip</a> 将文件解压到 I2Pçš„ "netDb" 文件夹ä¸ã€‚</li><li>å¯åŠ¨ I2P 路由</li>
+-->
</ul>
</p>
diff --git a/www.i2p2/pages/getinvolved.html b/www.i2p2/pages/getinvolved.html
index a290b6e5ba6e13ffe65cb669bc19f22eb7e70879..6898137339b374e284bafb9eabe41765dc8c7c77 100644
--- a/www.i2p2/pages/getinvolved.html
+++ b/www.i2p2/pages/getinvolved.html
@@ -3,47 +3,50 @@
{% block content %}
<h1>We need your help!</h1>
<p>To get involved, please feel free to join us on the #i2p IRC channel (on
-irc.freenode.net, or within I2P on irc.freshcoffee.i2p or irc.postman.i2p).
+irc.freenode.net, or within I2P on irc.freshcoffee.i2p or irc.postman.i2p).</p>
<p>If you're interested in joining our <a href="team">team</a>, please get in
touch as we're always looking for eager contributors!</p>
<p>
We need help in many areas, and you don't need to know Java to contribute!
-Here's a list to help you get started!
+Here's a list to help you get started!</p>
<ul>
-<li><b>Spread the Word!</b> -
+<li><b>Spread the Word!</b> —
Tell people about I2P on forums, blogs, and comments to articles.
Fix up the Wikipedia article about I2P in your language.
Tell your friends.
-<li><b>Testing</b> -
+</li><li><b>Testing</b> —
Run the latest builds from <a href="monotone.html">monotone</a>
-and report results on #i2p or as bugs on <a href="http://trac.i2p2.i2p/">Trac</a>.
-<li><b>Documentation</b> -
+and report results on #i2p or as bugs on <a href="http://trac.i2p2.de/report/1">Trac</a>.
+</li><li><b>Documentation</b> —
Help fix the parts of the website that are outdated or incomplete.
Translate pages into other languages.
-<li><b>Pictures</b> -
+</li><li><b>Pictures</b> —
Make some more pictures, fix the old ones on the website
-<li><b>Content</b> -
+</li><li><b>Content</b> —
Make an eepsite! Add some content! Contribute to the community!
-<li><b>Services</b> -
+</li><li><b>Services</b> —
Run a service on an eepsite. It could be a proxy, a forum, a tracker,
a naming service, a search engine, an eepsite monitor... many of these
aren't that hard.
-<li><b>Applications</b> -
+</li><li><b>Applications</b> —
Write or port applications for I2P! There's some guidelines and
a list of ideas on the <a href="applications.html">applications page</a>.
-<li><b>Coding</b> -
+</li><li><b>Coding</b> —
There's plenty to do if you know Java or are ready to learn.
-Check for open tickets on <a href="http://trac.i2p2.i2p/">Trac</a>
+Check for open tickets on <a href="http://trac.i2p2.de/report/1">Trac</a>
or the TODO list on <a href="http://zzz.i2p/">zzz.i2p</a> for
some ideas on where to start.
See the <a href="newdevelopers.html">new developer's guide</a> for details.
-<li><b>Analysis</b> -
+</li><li><b>Translation</b> —
+Help translate the website and the software into your language.
+See the <a href="newtranslators.html">new translator's guide</a> for details.
+</li><li><b>Analysis</b> —
Study or test the code to look for vulnerabilities.
Both anonymity vulnerabilities from the various
<a href="how_threatmodel.html">threat models</a>,
and DOS and other weaknesses due to securities holes,
need researching.
-<li><b><a href="donate.html">Donate</a></b>
+</li><li><b><a href="donate.html">Donate</a></b>
-</ol>
+</li></ul>
{% endblock %}
diff --git a/www.i2p2/pages/getinvolved_ar.html b/www.i2p2/pages/getinvolved_ar.html
new file mode 100644
index 0000000000000000000000000000000000000000..cbde2a4cd17f90d6ed0bf014085d30a3c0ec7d97
--- /dev/null
+++ b/www.i2p2/pages/getinvolved_ar.html
@@ -0,0 +1,47 @@
+{% extends "_layout_ar.html" %}
+{% block title %}!ساهم ÙÙŠ المشروع{% endblock %}
+{% block content %}
+<h1>!Ù†ØÙ† بØاجة لمساعدتك</h1>
+<p>للمساهمة يمكنك الانضمام الى قناة الدردشة لتكلم مع المطورين #i2p
+<p>اذا كنت مهتم بالانضمام الى <a href="team">الÙريق</a>ÙÙ†ØÙ† دائما ÙÙŠ Øاجة الى مساهمين جدد</p>
+<p>
+Ù†ØÙ† بØاجة إلى مساعدة ÙÙŠ مجالات كثيرة ØŒ وأنت لا تØتاج إلى معرÙØ© جاÙا للمساهمة!
+هنا قائمة لمساعدتك على البدء!
+<ul>
+<li><b>!انشر الخبر</b>
+عر٠الناس بـ I2P على المنتديات، المدونات ...
+كتابة مقالة ويكيبيديا عن I2P ÙÙŠ لغتك.
+أخبر أصدقائك.
+</li><li><b>تجريب</b> -
+جرب آخر اصدار من <a href="monotone.html">monotone</a>
+ او #i2p ثم عبر عن المشاكل ÙÙŠ<a href="http://trac.i2p2.de/report/1">Trac</a>.
+</li><li><b>وثائق</b>
+ساعد ÙÙŠ تكميل الاجزاء الناقصة او الغير كاملة.
+ترجم الصÙØات الى لغات أخرى.
+</li><li><b>صور</b>
+صمم صور جديدة و عدل الصور الموجودة.
+</li><li><b>المØتوى</b>
+أنشئ eepsite ! أض٠المØتوى للشبكة! ساهم ÙÙŠ المجتمع !
+</li><li><b>خدمات</b>
+انشئ خدمة على eepsite . قد تكون بروكسي، منتدى، Ù…Øرك بØØ«...العديد من هذه الخدمات ليست بالصعبة.
+</li><li><b>برامج</b>
+اكتب بعض البرامج خصيصا لـ I2P! هناك بعض الارشادات واÙكار هنا
+ <a href="applications.html">applications page</a>.
+</li><li><b>برمجة</b>
+هناك العديد من الاشياء التي يمكنك القيام بها اذا كنت تجيد لغة برمجة جاÙا او مستعد للتعلم.
+انظر هنا <a href="http://trac.i2p2.de/report/1">Trac</a>
+ÙˆÙÙŠ قائمة الاعمال <a href="http://zzz.i2p/">zzz.i2p</a>
+للØصول على بعض الاÙكار.
+أنظر <a href="newdevelopers.html">دليل المطورين الجدد</a> .
+</li><li><b>ترجمة</b>
+
+ساهم ÙÙŠ ترجمة الموقع والبرمجيات إلى لغتك.
+انظر<a href="newtranslators.html">دليل المترجم الجديد</a> .
+</li><li><b>دراسة</b>
+ادرس البرنامج والنص المصدري للعثور على ثغرات امنية.
+<a href="how_threatmodel.html">threat models</a>,
+وباقي المشاكل الامنية
+</li><li><b><a href="donate.html">تبرع</a></b>
+
+</li></ul>
+{% endblock %}
diff --git a/www.i2p2/pages/getinvolved_de.html b/www.i2p2/pages/getinvolved_de.html
index 088777e87713719e3154e6feffbe44a24dec2738..5738694fc5fb00c1bc069daa75af636f63262fbf 100644
--- a/www.i2p2/pages/getinvolved_de.html
+++ b/www.i2p2/pages/getinvolved_de.html
@@ -1,45 +1,46 @@
{% extends "_layout_de.html" %}
{% block title %}Beteilige dich!{% endblock %}
{% block content %}
+<p>Die Webseite wird gerade überholt und dieses Dokument kann alte Informationen enthalten</p>
<h1>We need your help!</h1>
<p>Um dich mit einzubringen, scheue dich nicht, uns im #i2p IRC Kanal
(auf irc.freenode.net, oder im I2P auf irc.freshcoffee.i2p oder irc.postman.i2p) zu
-besuchen.
-<p>Falls Du unser <a href"team_de">team_de</a> beitreten willst, bitte kontakte
+besuchen.</p>
+<p>Falls Du unser <a href="team_de">team_de</a> beitreten willst, bitte kontakte
uns, da wir immer fähige und entschlossene Helfer suchen!</p>
<p>
Wir brauchen Hilfe in vielen Gebieten und Du brauchst nicht Java können um
-dich einzubringen! Hier ist eine Liste die dir beim Start hilft:
+dich einzubringen! Hier ist eine Liste die dir beim Start hilft:</p>
<ul>
-<li><b>Testen</b> -
+<li><b>Testen</b> —
Benutze die letzten Versionen aus dem <a href="monotone_de.html">Monotone Archive</a>
-und berichte Ergebnisse in #i2p oder Fehler und Bugs auf <a href="http://trac.i2p2.i2p/">Trac</a>.
-<li><b>Dokumentation</b> -
+und berichte Ergebnisse in #i2p oder Fehler und Bugs auf <a href="http://trac.i2p2.de/report/1">Trac</a>.</li>
+<li><b>Dokumentation</b> —
Hilf mit beim aktualisieren und erstellen der fehlenden Dokumente auf der
-Webseite, übersetze die Webseite in andere Sprachen!
-<li><b>Bilder</b> -
-Mache mehr Bilder, korrigiere die alten Bilder auf der Webseite
-<li><b>Material</b> -
-Erstelle eine Eepsite! Füge Inhalteein! Beteilige dich an der Gemeinschaft!
-<li><b>Dienste</b> -
+Webseite, übersetze die Webseite in andere Sprachen!</li>
+<li><b>Bilder</b> —
+Mache mehr Bilder, korrigiere die alten Bilder auf der Webseite</li>
+<li><b>Material</b> —
+Erstelle eine Eepsite! Füge Inhalteein! Beteilige dich an der Gemeinschaft!</li>
+<li><b>Dienste</b> —
Lasse einen Dienst auf der Eepsite laufen, sei es ein Prox, ein Forum, ein Tracker,
ein Namensdienst, eine Suchmaschine, ein Eepsitemonitor.... Viele davon
-sind nicht schwer aufzusetzen.
-<li><b>Anwendungen</b> -
+sind nicht schwer aufzusetzen.</li>
+<li><b>Anwendungen</b> —
Schreibe oder portiere eine Anwendung für I2P! Es gibt ein paar Richtlienen
-und eine Liste von Ideen auf der <a href="applications_de.html">Anwendungsseite</a>.
-<li><b>Coding</b> -
+und eine Liste von Ideen auf der <a href="applications_de.html">Anwendungsseite</a>.</li>
+<li><b>Coding</b> —
Es gibt viel zu tun falls Du Java kannst oder bereit bist, Java zu lernen.
-Kontrolliere <a href="http://trac.i2p2.i2p/">Trac</a> nach offenen Tickets oder
+Kontrolliere <a href="http://trac.i2p2.de/report/1">Trac</a> nach offenen Tickets oder
die TODO Liste auf <a href="http://zzz.i2p/">zzz.i2p</a> für einige Ideen zum Start.
-Schaue zur <a href="newdevelopers_de.html">Anleitung für neue Entwickler</a> Seite für Details.
-<li><b>Analysen</b> -
+Schaue zur <a href="newdevelopers_de.html">Anleitung für neue Entwickler</a> Seite für Details.</li>
+<li><b>Analysen</b> —
Studiere oder teste den Quelltext auf Schwachstellen.
Sowohl auf die anonymen Schwachstellen aus den verschiedenen
<a href="how_threatmodel_de.html">Angriffszenarien</a>,
als auch auf DOS und andere Schwachstellen aus Sicherheitslöchern
-muss der Quelltext überprüft werden.
-<li><b><a href="donate_de.html">Spenden</a></b>
+muss der Quelltext überprüft werden.</li>
+<li><b><a href="donate_de.html">Spenden</a></b></li>
</ul>
diff --git a/www.i2p2/pages/getinvolved_fr.html b/www.i2p2/pages/getinvolved_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..86775f6ffca8bfe53d25d3e4a6a8af0522c0f33b
--- /dev/null
+++ b/www.i2p2/pages/getinvolved_fr.html
@@ -0,0 +1,49 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Impliquez-vous!{% endblock %}
+{% block content %}
+Traduction de mars 2011. <a href="getinvolved.html">Version anglaise actuelle</a>
+<h1>Nous avons besoin de votre aide!</h1>
+<p>Pour participer, rejoignez-nous sur le canal IRC #i2p (sur le serveur irc.freenode.net, ou depuis I2P, sur
+ irc.freshcoffee.i2p ou irc.postman.i2p).</p>
+<p>Si vous avez envie de rejoindre notre <a href="team_fr">équipe</a>, contactez-nous car nous avons toujours besoin
+ de contributeurs enthousiastes!</p>
+<p>
+Nous avons besoin d'aide dans plusieurs domaines, et vous n'avez pas forcément besoin de connaître Java!
+Voici la liste qui vous donne quelques façons de vous y prendre:</p>
+<ul>
+<li><b>Passez le mot!</b> —
+Parlez d'I2P sur les forums, les blogs, et commentaires d'articles.
+Corrigez ou améliorez l'article <a href="http://fr.wikipedia.org/wiki/I2p">I2P sur Wikipedia</a> dans votre langue.
+Parlez-en à vos amis.
+</li><li><b>Du test</b> —
+Essayez les dernières version à partir de <a href="monotone.html">monotone</a> et donnez vos résultats ou remarques sur
+#i2p ou en tant que bogues sur <a href="http://trac.i2p2.de/report/1">Trac</a>.
+</li><li><b>Documentation</b> —
+Aidez-nous à corriger les parties du site obsolètes ou incomplètes.
+Traduisez les pages dans d'autres langues.
+</li><li><b>images</b> —
+Créez des illustrations, corrigez les anciennes.
+</li><li><b>Content</b> —
+Créez votre site eep! Ajoutez des contenus! Participez à la communauté!
+</li><li><b>Services</b> —
+Proposez un service sur un site eep. Ça pourrait être un proxy, un forum, un tracker, un service de nommage, un moteur
+de recherches, un superviseur de site eep... ça n'est pas si difficile pour la plupart d'entre eux.
+</li><li><b>Applications</b> —
+Écrivez ou portez des applications pour I2P! Il y a quelques guides et une liste d'idées sur
+la <a href="applications.html">page applications</a>.
+</li><li><b>Programmation</b> —
+Il y a beaucoup à faire si vous connaissez Java ou si vous êtes prêts à vous y mettre.
+Vérifiez les tickets ouverts sur <a href="http://trac.i2p2.de/report/1">Trac</a>
+ou la liste de <a href="http://zzz.i2p/">zzz.i2p</a> pour avoir des idées sur un point de départ.
+Voyez le <a href="newdevelopers.html">Guide du nouveau développeur</a>.
+</li><li><b>Traduction</b> —
+Participez en traduisant le site et le logiciel dans votre langue.
+Voyez le <a href="newtranslators_fr.html">Guide du nouveau traducteur</a>.
+</li><li><b>Analyse</b> —
+Étudiez ou testez le code pour y chercher des vulnérabilités. Toutes les vulnérabilités des divers
+<a href="how_threatmodel_fr.html">modèles de sécurité</a>, les dénis de service et autres faiblesses dues à des failles de
+sécurité demandent une surveillance permanente.
+</li><li><b><a href="donate_fr.html">Faites un petit geste pécuniaire</a></b>
+
+</li></ul>
+{% endblock %}
diff --git a/www.i2p2/pages/getinvolved_ru.html b/www.i2p2/pages/getinvolved_ru.html
index 140e38291ff65bf624d697cb19e59d9a2a6bc95c..7175442d072e7461a8fa9282834a9bcf5ebadda0 100644
--- a/www.i2p2/pages/getinvolved_ru.html
+++ b/www.i2p2/pages/getinvolved_ru.html
@@ -9,29 +9,29 @@
<p>ЕÑли Ð’Ñ‹ заинтереÑованы в приÑоединении к нашей <a href="team">команде</a>, пожалуйÑта, ÑвÑжитеÑÑŒ Ñ Ð½Ð°Ð¼Ð¸, поÑкольку мы вÑегда открыты Ð´Ð»Ñ ÑотрудничеÑтва!</p>
-<p>Ðам пригодитÑÑ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒ в очень многих облаÑÑ‚ÑÑ…, так что вам не обÑзательно знать Java Ð´Ð»Ñ ÑƒÑ‡Ð°ÑÑ‚Ð¸Ñ Ð² проекте. Далее приблизительный ÑпиÑок того, что нам нужно:
+<p>Ðам пригодитÑÑ Ð¿Ð¾Ð¼Ð¾Ñ‰ÑŒ в очень многих облаÑÑ‚ÑÑ…, так что вам не обÑзательно знать Java Ð´Ð»Ñ ÑƒÑ‡Ð°ÑÑ‚Ð¸Ñ Ð² проекте. Далее приблизительный ÑпиÑок того, что нам нужно: </p>
<ul>
-<li><b>РаÑÑкажите о наÑ!</b> — РаÑÑкажите знакомым про I2P, дайте ÑÑылку на проект в форумном обÑуждении или в комментариÑÑ… к Ñтатье, прорекламируйте в Ñвоём блоге. Создайте/обновите Ñтатью об I2P в Википедии на Вашем Ñзыке.
+<li><b>РаÑÑкажите о наÑ!</b> — РаÑÑкажите знакомым про I2P, дайте ÑÑылку на проект в форумном обÑуждении или в комментариÑÑ… к Ñтатье, прорекламируйте в Ñвоём блоге. Создайте/обновите Ñтатью об I2P в Википедии на Вашем Ñзыке.</li>
-<li><b>ТеÑтирование</b> — ОбновлÑйтеÑÑŒ до текущего билда из <a href="monotone.html">monotone</a>-Ñ€ÐµÐ¿Ð¾Ð·Ð¸Ñ‚Ð¾Ñ€Ð¸Ñ Ð¸ Ñообщайте обо вÑех обнаруженных ошибках на канале #i2p или в <a href="http://trac.i2p2.i2p/">багтрекере</a>.
+<li><b>ТеÑтирование</b> — ОбновлÑйтеÑÑŒ до текущего билда из <a href="monotone.html">monotone</a>-Ñ€ÐµÐ¿Ð¾Ð·Ð¸Ñ‚Ð¾Ñ€Ð¸Ñ Ð¸ Ñообщайте обо вÑех обнаруженных ошибках на канале #i2p или в <a href="http://trac.i2p2.de/report/1">багтрекере</a>.</li>
-<li><b>ДокументациÑ</b> — ИÑправьте уÑтаревший текÑÑ‚, дополните незавершенные инÑтрукции, добавьте перевод на Ñвой Ñзык.
+<li><b>ДокументациÑ</b> — ИÑправьте уÑтаревший текÑÑ‚, дополните незавершенные инÑтрукции, добавьте перевод на Ñвой Ñзык.</li>
-<li><b>ИллюÑтрации</b> — Ðа Ñайте нам пригодÑÑ‚ÑÑ Ð½Ð¾Ð²Ñ‹Ðµ иллюÑтрации и доработки/иÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð² уже ÑущеÑтвующих.
+<li><b>ИллюÑтрации</b> — Ðа Ñайте нам пригодÑÑ‚ÑÑ Ð½Ð¾Ð²Ñ‹Ðµ иллюÑтрации и доработки/иÑÐ¿Ñ€Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð² уже ÑущеÑтвующих.</li>
-<li><b>Контент</b> — Заведите ÑобÑтвенный I2P-Ñайт! Добавьте на него что-нибудь разумное, доброе, вечное. И при Ñтом полезное Ð´Ð»Ñ Ð´Ñ€ÑƒÐ³Ð¸Ñ….
+<li><b>Контент</b> — Заведите ÑобÑтвенный I2P-Ñайт! Добавьте на него что-нибудь разумное, доброе, вечное. И при Ñтом полезное Ð´Ð»Ñ Ð´Ñ€ÑƒÐ³Ð¸Ñ….</li>
-<li><b>СервиÑÑ‹</b> — Поднимите какой-нибудь ÑÐµÑ€Ð²Ð¸Ñ Ð½Ð° Ñвоем I2P-Ñайте. Ðапример: прокÑи-Ñервер, форум, трекер, адреÑную книгу, поиÑковую машину, монитор I2P-Ñайтов... Многое из перечиÑленного не так уж и Ñложно Ñделать.
+<li><b>СервиÑÑ‹</b> — Поднимите какой-нибудь ÑÐµÑ€Ð²Ð¸Ñ Ð½Ð° Ñвоем I2P-Ñайте. Ðапример: прокÑи-Ñервер, форум, трекер, адреÑную книгу, поиÑковую машину, монитор I2P-Ñайтов... Многое из перечиÑленного не так уж и Ñложно Ñделать.</li>
-<li><b>ПриложениÑ</b> — Создавайте новые I2P-программы или переделайте уже ÑущеÑтвующие под работу через I2P-Ñеть. ÐеÑколько методичеÑких рекомендаций и ÑпиÑок нереализованных задумок можно поÑмотреть на Ñтранице <a href="applications.html">Application Development Guide</a>.
+<li><b>ПриложениÑ</b> — Создавайте новые I2P-программы или переделайте уже ÑущеÑтвующие под работу через I2P-Ñеть. ÐеÑколько методичеÑких рекомендаций и ÑпиÑок нереализованных задумок можно поÑмотреть на Ñтранице <a href="applications.html">Application Development Guide</a>.</li>
-<li><b>Разработка</b> — ЕÑли Ð’Ñ‹ Java-программиÑÑ‚, то перед Вами широкий фронт работ. Ð”Ð»Ñ Ð½Ð°Ñ‡Ð°Ð»Ð° проверьте <a href="http://trac.i2p2.i2p/">багтрекер</a> на наличие открытых тикетов или заглÑните в TODO-ÑпиÑок на форуме <a href="http://zzz.i2p/">zzz.i2p</a>. Подробнее Ñмотрите на Ñтранице <a href="newdevelopers.html">New Developer's Guide</a>
+<li><b>Разработка</b> — ЕÑли Ð’Ñ‹ Java-программиÑÑ‚, то перед Вами широкий фронт работ. Ð”Ð»Ñ Ð½Ð°Ñ‡Ð°Ð»Ð° проверьте <a href="http://trac.i2p2.de/report/1">багтрекер</a> на наличие открытых тикетов или заглÑните в TODO-ÑпиÑок на форуме <a href="http://zzz.i2p/">zzz.i2p</a>. Подробнее Ñмотрите на Ñтранице <a href="newdevelopers.html">New Developer's Guide</a></li>
-<li><b>ПоиÑк уÑзвимоÑтей</b> — Проанализируйте или протеÑтируйте код на Ñлабые меÑта. Требуют Ð²Ð½Ð¸Ð¼Ð°Ð½Ð¸Ñ ÐºÐ°Ðº уÑзвимоÑти, каÑающиеÑÑ Ð°Ð½Ð¾Ð½Ð¸Ð¼Ð½Ð¾Ñти (Ñм. опиÑание на Ñтранице <a href="how_threatmodel.html">I2P's Threat Model</a>), так и DoS-уÑзвимоÑти, и прочие потенциальные угрозы.
+<li><b>ПоиÑк уÑзвимоÑтей</b> — Проанализируйте или протеÑтируйте код на Ñлабые меÑта. Требуют Ð²Ð½Ð¸Ð¼Ð°Ð½Ð¸Ñ ÐºÐ°Ðº уÑзвимоÑти, каÑающиеÑÑ Ð°Ð½Ð¾Ð½Ð¸Ð¼Ð½Ð¾Ñти (Ñм. опиÑание на Ñтранице <a href="how_threatmodel.html">I2P's Threat Model</a>), так и DoS-уÑзвимоÑти, и прочие потенциальные угрозы.</li>
-<li><b><a href="donate_ru.html">Donate!</a></b>
+<li><b><a href="donate_ru.html">Donate!</a></b></li>
-</ol>
+</ul>
{% endblock %}
diff --git a/www.i2p2/pages/glossary.html b/www.i2p2/pages/glossary.html
new file mode 100644
index 0000000000000000000000000000000000000000..578668526f67329035ff1be6451c787ec77552d6
--- /dev/null
+++ b/www.i2p2/pages/glossary.html
@@ -0,0 +1,11 @@
+{% extends "_layout.html" %}
+{% block title %}Glossary{% endblock %}
+{% block content %}
+This page lists often-used terminology when discussing I2P and cryptography.
+<table>
+ <tr>
+ <td>I2P</td>
+ <td>Invisible Internet Project: a project meant to provide an anonymity layer, so user can communicate anonymously using a range of applications.</td>
+ </tr>
+</table>
+{% endblock %}
diff --git a/www.i2p2/pages/halloffame.html b/www.i2p2/pages/halloffame.html
index fc37c1661efbdf0f47e357ec249e64a48499194b..fd21c8cab89908c9b00b4abbdb428021dd138668 100644
--- a/www.i2p2/pages/halloffame.html
+++ b/www.i2p2/pages/halloffame.html
@@ -1,34 +1,252 @@
{% extends "_layout.html" %}
{% block title %}halloffame{% endblock %}
{% block content %}
-<h1>I2P'<font size=-1>s</font> Hall of Fame</h1>
-<b>Current balance: as of 2010-06-05</b><br />
-<b>General fund: 837.80 € and $40 USD</b><br />
-<b><a href="bounty_datastore">Datastorage bounty</a>: 700.0 €</b><br />
-<b><a href="bounty_ipv6"></a>native IPv6 I2P: 50.0 €</b><br />
+<!-- file version 2012.08.01.01 -->
+<h1>I2P'<small>s</small> Hall of Fame</h1>
+<b>Current balance: as of 2012-08-01</b><br />
+<b>General fund: 3471,5 € and 1528,65311242 BTC</b><br />
+<b><a href="bounty_datastore">Datastorage bounty</a>: 115.0 € and 2 BTC</b><br />
+<b><a href="bounty_ipv6">native IPv6 I2P </a>: 100.0 €</b><br />
<b><a href="bounty_i2phex">I2PHex bounty</a>: 60.0 €</b><br />
+<b><a href="bounty_debpack">I2P in debian mirrors</a>: 93.0 €</b><br />
+<b><a href="bounty_btcclient">Bitcoin client for I2P</a>: 30.0 € and 117.34 BTC</b><br />
+<b><a href="bounty_unittests">Unit Tests for I2P router</a>: 2700 €</b><br />
<br />
<b>Current monthly running costs:</b><br />
<table border="1">
- <tr><td>Welterde</td><td>8 €/mo, since January, 2008 - i2p2.de</td></tr>
- <tr><td>eche|on</td><td>32 €/mo since January, 2008 - i2p-projekt.de and domains</td></tr>
+ <tr>
+ <td>Welterde</td>
+ <td>8 €/mo, since January, 2008 - i2p2.de</td>
+ </tr>
+ <tr>
+ <td>eche|on</td>
+ <td>40 €/mo since January, 2008 - i2p-projekt.de and domains</td>
+ </tr>
</table>
-<br />
-<p>This fee went direct to the i2p.net hoster as it has it run out.
-Because of the special <a href="http://www.i2p2.i2p/statnotes0108">situation</a> arisen early 2008
-we decided to let it run til money was out.
-From begin of Feb 2009 on we got a new fund setup. </p>
<p>Big thanks go to the following people who have donated to I2P!</p>
+<p>
+If you have made a donation, please send an email to <a href="mailto:echelon@i2pmail.org">echelon</a>
+with you name or nick (and optionally homepage) so we can list you here.
+</p>
<b>Current monthly subscriptions:</b><br />
<table border="1">
- <tr><td>02/2010-02/2011</td><td>anonymous</td><td>10 €</td><td>General fund</td></tr>
- <tr><td>02/2010-02/2011</td><td>anonymous</td><td>10 €</td><td>General fund</td></tr>
+ <tr><td>01/2012-01/2013</td><td>anonymous</td><td>30 €</td><td>General fund</td></tr>
</table>
<br />
-<b>Previous donations:</b><br />
+<b>2012 donations and costs:</b><br />
+<table border="1">
+ <tr><td>date</td><td>who</td><td>income</td><td>outgoing</td><td>account</td></tr>
+ <tr><td>Jan, 2012</td><td>www.i2p2.de server rent</td><td></td><td>-100 €</td><td>General fund</td></tr>
+ <tr><td>Jan, 2012</td><td>www.i2p-projekt.de/echelon.i2p server rent</td><td></td><td>-200 €</td><td>General fund</td></tr>
+ <tr><td>Jan, 2012</td><td>I2P services sponge</td><td></td><td>-100 €</td><td>General fund</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>500 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>1500 €</td><td></td><td>Bounty Unit Tests</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>10 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>0.01 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>100 BTC</td><td></td><td>Bounty I2P bitcoin client</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>20 €</td><td></td><td>Bounty .deb package</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>25 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2012</td><td>alu-anon</td><td>20 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2012</td><td>maxkoda</td><td>1.00 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2012</td><td>maxkoda</td><td>2.00 BTC</td><td></td><td>Bounty I2P BTC client</td></tr>
+
+ <tr><td>Feb, 2012</td><td>DJ Eugene</td><td>10 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Feb, 2012</td><td>ZZZ new dev workstation</td><td></td><td>522,02 €</td><td>General fund</td></tr>
+ <tr><td>Feb, 2012</td><td>anonymous</td><td>15 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Feb, 2012</td><td>anonymous</td><td>91 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Feb, 2012</td><td>Sponge dev machine</td><td></td><td>52,3 €</td><td>General fund</td></tr>
+ <tr><td>Feb, 2012</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Feb, 2012</td><td>anonymous</td><td>22 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Feb, 2012</td><td>domain cost</td><td></td><td>11,9 €</td><td>General fund</td></tr>
+ <tr><td>Feb, 2012</td><td>domain cost</td><td></td><td>11,9 €</td><td>General fund</td></tr>
+ <tr><td>Feb, 2012</td><td>anonymous</td><td>1.4328 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Feb, 2012</td><td>anonymous</td><td>1000.00 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Feb, 2012</td><td>anonymous</td><td>2.20 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Feb, 2012</td><td>maxkoda</td><td>1.00 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Feb, 2012</td><td>maxkoda</td><td>2.00 BTC</td><td></td><td>Bounty I2P BTC client</td></tr>
+
+ <tr><td>Mar, 2012</td><td>Lautrec</td><td>10 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Mar, 2012</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Mar, 2012</td><td>PayPal fees recalculated</td><td></td><td>188,13 €</td><td>General fund</td></tr>
+ <tr><td>Mar, 2012</td><td>anonymous</td><td>0.25 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Mar, 2012</td><td>anonymous</td><td>2.00 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Mar, 2012</td><td>anonymous</td><td>0.0000491 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Mar, 2012</td><td>anonymous</td><td>1500 €</td><td></td><td>Bounty Unit Tests</td></tr>
+ <tr><td>Mar, 2012</td><td>domain cost</td><td></td><td>11,9 €</td><td>General fund</td></tr>
+ <tr><td>Mar, 2012</td><td>maxkoda</td><td>1.01 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Mar, 2012</td><td>maxkoda</td><td>2.10 BTC</td><td></td><td>Bounty I2P BTC client</td></tr>
+
+ <tr><td>Apr, 2012</td><td>anonymous</td><td>100 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Apr, 2012</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Apr, 2012</td><td>anonymous</td><td>0,50 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Apr, 2012</td><td>anonymous</td><td>0.10 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Apr, 2012</td><td>anonymous</td><td>0.723 BTC</td><td></td><td>General fund</td></tr>
+
+ <tr><td>May, 2012</td><td>anonymous</td><td>0.01 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>May, 2012</td><td>anonymous</td><td>2.00 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>May, 2012</td><td>anonymous</td><td>1.50 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>May, 2012</td><td>anonymous</td><td>150 €</td><td></td><td>General fund</td></tr>
+ <tr><td>May, 2012</td><td>anonymous</td><td>5 €</td><td></td><td>General fund</td></tr>
+ <tr><td>May, 2012</td><td>PayPal fees april</td><td></td><td>11,94 €</td><td>General fund</td></tr>
+
+ <tr><td>May, 2012</td><td>anonymous</td><td>10 €</td><td></td><td>General fund</td></tr>
+ <tr><td>May, 2012</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>May, 2012</td><td>anonymous</td><td>0.25 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>May, 2012</td><td>anonymous</td><td>0,69307046 BTC</td><td></td><td>General fund</td></tr>
+
+ <tr><td>Jun, 2012</td><td>sell 100 BTC</td><td>513.38 €</td><td>100 BTC</td><td>General fund</td></tr>
+ <tr><td>Jun, 2012</td><td>anonymous</td><td>10 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jun, 2012</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jun, 2012</td><td>anonymous</td><td>10 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Jun, 2012</td><td>MaxKoda</td><td>1 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Jun, 2012</td><td>maxkoda</td><td>1 BTC</td><td></td><td>Bounty I2P BTC client</td></tr>
+
+ <tr><td>Jul, 2012</td><td>anonymous</td><td>10 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jul, 2012</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jul, 2012</td><td>anonymous</td><td>1 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Jul, 2012</td><td>anonymous</td><td>4 BTC</td><td></td><td>General fund</td></tr>
+
+
+
+</table>
+<br />
+<br />
+<b>2011 donations and costs:</b><br />
<table border="1">
+ <tr><td>date</td><td>who</td><td>income</td><td>outgoing</td><td>account</td></tr>
+ <tr><td>Jan, 2011</td><td>www.i2p2.de server rent</td><td></td><td>-100 €</td><td>General fund</td></tr>
+ <tr><td>Jan, 2011</td><td>www.i2p-projekt.de/echelon.i2p server rent</td><td></td><td>-200 €</td><td>General fund</td></tr>
+ <tr><td>Jan, 2011</td><td>PayPal fees 2010</td><td></td><td>-40 €</td><td>General fund</td></tr>
+ <tr><td>Jan, 2011</td><td>refund of netstorage bounty,duck,smeghead</td><td>700 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2011</td><td>woodchips</td><td>50 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2011</td><td>anonymous</td><td>13 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2011</td><td>anonymous</td><td>20 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2011</td><td>anonymous</td><td>400 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2011</td><td>Amiga4000</td><td>1000 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2011</td><td>anonymous</td><td>30 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2011</td><td>Mozartito</td><td>8 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2011</td><td>anonymous</td><td>20 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jan, 2011</td><td>Flattr</td><td>69,15 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Feb, 2011</td><td>bv-falcon</td><td>15 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Feb, 2011</td><td>anonymous</td><td>6,66 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Feb, 2011</td><td>anonymous</td><td>100 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Feb, 2011</td><td>anonymous</td><td>20 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Feb, 2011</td><td>anonymous</td><td>25 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Feb, 2011</td><td>3 domains 2011</td><td></td><td>-36 €</td><td>General fund</td></tr>
+ <tr><td>Feb, 2011</td><td>anonymous</td><td>33.41 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Mar, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Mar, 2011</td><td>h2ik</td><td>23 €</td><td></td><td>I2P deb in debian mirrors</td></tr>
+ <tr><td>Mar, 2011</td><td>h2ik</td><td>50 €</td><td></td><td>IPv6 Bounty</td></tr>
+ <tr><td>Mar, 2011</td><td>hamada</td><td></td><td>-80 BTC</td><td>Arabic routerconsole</td></tr>
+ <tr><td>Mar, 2011</td><td>anonymous</td><td>63.01 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Apr, 2011</td><td>I2P</td><td>745.84 €</td><td>-1000 BTC</td><td>General fund</td></tr>
+ <tr><td>Apr, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Apr, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Apr, 2011</td><td>magma</td><td>100 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Apr, 2011</td><td>I2P services sponge</td><td></td><td>-100 €</td><td>General fund</td></tr>
+ <tr><td>Apr, 2011</td><td>anonymous</td><td>20 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Apr, 2011</td><td>anonymous</td><td>50 €</td><td></td><td>I2P debian package bounty</td></tr>
+ <tr><td>Apr, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Apr, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Apr, 2011</td><td>anonymous</td><td>0.06 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>May, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>May, 2011</td><td>anonymous</td><td>5 €</td><td></td><td>General fund</td></tr>
+ <tr><td>May, 2011</td><td>anonymous</td><td>20 €</td><td></td><td>General fund</td></tr>
+ <tr><td>May, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>General fund</td></tr>
+ <tr><td>May, 2011</td><td>Max Koda</td><td>10 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>May, 2011</td><td>anonymous</td><td>1.180001 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>May, 2011</td><td>ZZZ</td><td></td><td>250.06 €</td><td>trimslice dev device for ZZZ</td></tr>
+ <tr><td>Jun, 2011</td><td>An anonymous secret society society@mail.i2p</td><td>200 €</td><td></td><td>SILC bounty</td></tr>
+ <tr><td>Jun, 2011</td><td>Flattr</td><td>104 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jun, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jun, 2011</td><td>anonymous</td><td>3 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jun, 2011</td><td>anonymous</td><td></td><td>-13.6 BTC</td><td>General fund</td></tr>
+ <tr><td>Jun, 2011</td><td>anonymous</td><td>22.5 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Jul, 2011</td><td>hamada</td><td></td><td>-20 BTC</td><td>arabic bounty</td></tr>
+ <tr><td>Jul, 2011</td><td>anonymous</td><td>0.2 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Jul, 2011</td><td>psychonaut</td><td>30 €</td><td></td><td>Bitcoin client bounty</td></tr>
+ <tr><td>Jul, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jul, 2011</td><td>anonymous</td><td>5 GBP</td><td></td><td>General fund</td></tr>
+ <tr><td>Jul, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Jul, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Aug, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Aug, 2011</td><td>An anonymous secret society society@mail.i2p</td><td>20 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Aug, 2011</td><td>anonymous</td><td>15 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Aug, 2011</td><td>ZZZ</td><td></td><td>$150 US</td><td>travel expenses for ZZZ</td></tr>
+ <tr><td>Sep, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Sep, 2011</td><td>anonymous</td><td>5 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Sep, 2011</td><td>maxkoda.i2p</td><td>1.303 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Sep, 2011</td><td>anonymous</td><td>1.2 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Oct, 2011</td><td>anonymous</td><td>12.1347 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Oct, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Oct, 2011</td><td>anonymous</td><td>20 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Oct, 2011</td><td>anonymous</td><td>5 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Oct, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Oct, 2011</td><td>anonymous</td><td>5 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Oct, 2011</td><td>uglic</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Oct, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Oct, 2011</td><td>vention</td><td>73 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Oct, 2011</td><td>anonymous</td><td>20 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Oct, 2011</td><td>4get</td><td></td><td>163 €</td><td>RU translation delayed payment</td></tr>
+ <tr><td>Nov, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Nov, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Nov, 2011</td><td>Daniel Liabeuf</td><td>20 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Nov, 2011</td><td>anonymous</td><td>15 €</td><td></td><td>Bounty eepsites in datastorage</td></tr>
+ <tr><td>Nov, 2011</td><td>maxkoda</td><td>5.23 BTC</td><td></td><td>bounty BTC client in I2P</td></tr>
+ <tr><td>Nov, 2011</td><td>anonymous</td><td>0.512 BTC</td><td></td><td>General fund</td></tr>
+ <tr><td>Dec, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>General fund</td></tr>
+
+ <tr><td>Dec, 2011</td><td>silc bounty</td><td>100 €</td><td></td><td>ReturningNovice</td></tr>
+ <tr><td>Dec, 2011</td><td>silc bounty</td><td>100 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Dec, 2011</td><td>ReturningNovice</td><td>50 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Dec, 2011</td><td>ReturningNovice</td><td>50 €</td><td></td><td>Sponge</td></tr>
+ <tr><td>Dec, 2011</td><td>anonymous</td><td>5 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Dec, 2011</td><td>anonymous</td><td>5 €</td><td></td><td>General fund</td></tr>
+ <tr><td>Dec, 2011</td><td>maxkoda</td><td>5.01 BTC</td><td></td><td>bounty BTC client in I2P</td></tr>
+ <tr><td>Dec, 2011</td><td>anonymous</td><td>0.4825475 BTC</td><td></td><td>Sponge</td></tr>
+ <tr><td>Dec, 2011</td><td>anonymous</td><td>5,54436182 BTC</td><td></td><td>general fund</td></tr>
+ <tr><td>Dec, 2011</td><td>PayPal</td><td></td><td>100 €</td><td>PayPal fees 2011</td></tr>
+
+
+
+</table>
+<br />
+<br />
+<b>Previous to 2011 donations:</b><br />
+<table border="1">
+ <tr><td>Dec, 2010</td><td>anonymous</td><td>20 €</td><td>General fund</td></tr>
+ <tr><td>Dec, 2010</td><td>anonymous</td><td>30 €</td><td>General fund</td></tr>
+ <tr><td>Dec, 2010</td><td>anonymous</td><td>$20 USD</td><td>General fund</td></tr>
+ <tr><td>Dec, 2010</td><td>anonymous</td><td>$10 USD</td><td>General fund</td></tr>
+ <tr><td>Dec, 2010</td><td>anonymous</td><td>20 €</td><td>General fund</td></tr>
+ <tr><td>Dec, 2010</td><td>anonymous</td><td>1.50 €</td><td>General fund</td></tr>
+ <tr><td>Dec, 2010</td><td>anonymous</td><td>10 €</td><td>General fund</td></tr>
+ <tr><td>Nov, 2010</td><td>anonymous</td><td>20 €</td><td>General fund</td></tr>
+ <tr><td>Oct, 2010</td><td>anonymous</td><td>20 €</td><td>General fund</td></tr>
+ <tr><td>Oct, 2010</td><td>anonymous</td><td>15 €</td><td>General fund</td></tr>
+ <tr><td>Oct, 2010</td><td>ru bounty payback</td><td>$230 USD</td><td>General fund</td></tr>
+ <tr><td>Oct, 2010</td><td>R.Schwabe</td><td>10 €</td><td>General fund</td></tr>
+ <tr><td>Oct, 2010</td><td>Flattr</td><td>29,40 €</td><td>General fund</td></tr>
+ <tr><td>Sep, 2010</td><td>anonymous</td><td>10 €</td><td>General fund</td></tr>
+ <tr><td>Sep, 2010</td><td>anonymous</td><td>11 €</td><td>General fund</td></tr>
+ <tr><td>Sep, 2010</td><td>anonymous</td><td>10 €</td><td>General fund</td></tr>
+ <tr><td>Sep, 2010</td><td>anonymous</td><td>20 €</td><td>General fund</td></tr>
+ <tr><td>Sep, 2010</td><td>R.Schwabe</td><td>10 €</td><td>General fund</td></tr>
+ <tr><td>Sep, 2010</td><td>anonymous</td><td>15 €</td><td>General fund</td></tr>
+ <tr><td>Aug, 2010</td><td>anonymous</td><td>20 €</td><td>General fund</td></tr>
+ <tr><td>Aug, 2010</td><td>anonymous</td><td>10 €</td><td>General fund</td></tr>
+ <tr><td>Jul, 2010</td><td>anonymous</td><td>6,50 PLN</td><td>General fund</td></tr>
+ <tr><td>Jul, 2010</td><td>anonymous</td><td>10 €</td><td>General fund</td></tr>
+ <tr><td>Jul, 2010</td><td>anonymous</td><td>5 €</td><td>General fund</td></tr>
+ <tr><td>Jul, 2010</td><td>anonymous</td><td>20 €</td><td>General fund</td></tr>
+ <tr><td>Jul, 2010</td><td>anonymous</td><td>30 €</td><td>General fund</td></tr>
+ <tr><td>Jun, 2010</td><td>anonymous</td><td>5 €</td><td>General fund</td></tr>
+ <tr><td>Jun, 2010</td><td>anonymous</td><td>20 €</td><td>General fund</td></tr>
+ <tr><td>Jun, 2010</td><td>anonymous</td><td>8 €</td><td>General fund</td></tr>
+ <tr><td>Jun, 2010</td><td>anonymous</td><td>10 €</td><td>General fund</td></tr>
<tr><td>May, 2010</td><td>anonymous</td><td>$ 20 CAD</td><td>General fund</td></tr>
<tr><td>May, 2010</td><td>anonymous</td><td>10 €</td><td>General fund</td></tr>
<tr><td>May, 2010</td><td>anonymous</td><td>7 €</td><td>General fund</td></tr>
@@ -47,7 +265,7 @@ From begin of Feb 2009 on we got a new fund setup. </p>
<tr><td>Jan, 2010</td><td>anonymous</td><td>500 €</td><td>General fund</td></tr>
<tr><td>Jan, 2010</td><td>bernerbaer</td><td>50 €</td><td>General fund</td></tr>
<tr><td>Jan, 2010</td><td>anonymous</td><td>15 €</td><td>General fund</td></tr>
- <tr><td>Apr, 2009-Jan, 2010</td><td>neutron</td><td>20 $euro;/month</td><td>outproxy fund</td></tr>
+ <tr><td>Apr, 2009-Jan, 2010</td><td>neutron</td><td>20 €/month</td><td>outproxy fund</td></tr>
<tr><td>Jan, 2010</td><td>anonymous</td><td>$20 USD</td><td>General fund</td></tr>
<tr><td>Jan, 2010</td><td>anonymous</td><td>6.80 €</td><td>General fund</td></tr>
<tr><td>Jan, 2010</td><td>anonymous</td><td>10 €</td><td>General fund</td></tr>
@@ -75,11 +293,8 @@ From begin of Feb 2009 on we got a new fund setup. </p>
<tr><td>Mar, 2009</td><td>[anonymous]</td><td>50 €</td><td>General fund</td></tr>
<tr><td>Feb, 2009</td><td>[anonymous]</td><td>30 €</td><td>General fund</td></tr>
<tr><td>Feb, 2009</td><td>DVT</td><td>20 €</td><td>General fund</td></tr>
- <tr></tr>
<tr><td>Oct, 2008</td><td>eche|on</td><td>500.0 €</td><td>Datastorage bounty</td></tr>
- <tr></tr>
<tr><td>Mar, 2007</td><td>zzz</td><td>$200 USD</td><td>General fund</td></tr>
- <tr></tr>
<tr><td>Nov, 2006-Dec, 2007</td><td>[anonymous]</td><td>$10 USD/month</td><td>general fund</td></tr>
<tr><td>Dec, 2006</td><td>bar</td><td colspan="2">New mac testing machine</td></tr>
<tr><td>Dec, 2006</td><td>[anonymous]</td><td>$200 USD</td><td>General fund</td></tr>
@@ -111,7 +326,6 @@ From begin of Feb 2009 on we got a new fund setup. </p>
<tr><td>Jan, 2006</td><td>[anonymous]</td><td>$40 USD</td><td>I2P general fund</td></tr>
<tr><td>Jan, 2006</td><td>[anonymous]</td><td>$50 USD</td><td>I2P general fund</td></tr>
<tr><td>Jan, 2006</td><td>[anonymous]</td><td>$20 USD</td><td>I2P general fund</td></tr>
- <tr></tr>
<tr><td>Dec, 2005</td><td>[anonymous]</td><td>$10 USD</td><td>I2P general fund</td></tr>
<tr><td>Dec, 2005</td><td>[anonymous]</td><td>$10 USD</td><td>I2P general fund</td></tr>
<tr><td>Nov, 2005-Dec, 2007</td><td>[anonymous]</td><td>$10 USD/month</td><td>general fund</td></tr>
@@ -136,12 +350,11 @@ From begin of Feb 2009 on we got a new fund setup. </p>
<tr><td>Apr, 2005</td><td>Dale Jefferson</td><td>$10 USD</td><td>I2P general fund</td></tr>
<tr><td>Mar, 2005</td><td>Synonymous</td><td>$3.45 USD</td><td>I2P general fund</td></tr>
<tr><td>Mar, 2005-Sep, 2005</td><td>David Hjelm</td><td>$10 USD</td><td>I2P general fund</td></tr>
- <tr><td>Feb, 2005<td>Marcus Felker</td><td>$20 USD</td><td>I2P general fund</td></tr>
+ <tr><td>Feb, 2005</td><td>Marcus Felker</td><td>$20 USD</td><td>I2P general fund</td></tr>
<tr><td>Feb-Dec, 2005</td><td>Sebastian Spaeth</td><td>$200 USD</td><td>I2P general fund</td></tr>
<tr><td>Jan, 2005-Dec, 2007</td><td>[anonymous]</td><td>$10 USD/month</td><td>general fund</td></tr>
<tr><td>Jan, 2005-Jun, 2005</td><td>Martin Stares</td><td>$60 USD</td><td>I2P general fund</td></tr>
<tr><td>Jan, 2005</td><td>Nico Zimmerman</td><td>$2 USD</td><td>I2P general fund</td></tr>
- <tr></tr>
<tr><td>Nov, 2004-Dec, 2007</td><td>jnymo</td><td>$10 USD/month</td><td>general fund</td></tr>
<tr><td>Dec, 2004, May, 2005</td><td>Elliot Turner</td><td>$350 USD</td><td>I2P general fund</td></tr>
<tr><td>Dec, 2004</td><td>[anonymous]</td><td>$5 USD</td><td>I2P general fund</td></tr>
@@ -159,8 +372,5 @@ From begin of Feb 2009 on we got a new fund setup. </p>
<tr><td>Mar, 2004</td><td>bla</td><td>$15 USD</td><td>I2P general fund</td></tr>
<tr><td>Mar, 2004-Apr, 2005</td><td>duck</td><td>$720 USD</td><td>Unit test and other bounties</td></tr>
</table>
-<p>
-If you have made a donation, please send an email to <a href="mailto:echelon@i2pmail.org">echelon</a>
-with you name or nick (and optionally homepage) so we can list you here.
-</p>
+
{% endblock %}
diff --git a/www.i2p2/pages/halloffame_de.html b/www.i2p2/pages/halloffame_de.html
index 1fa2dd140c7c2dcc62173a0f64f8149ed108af9e..240d3e8ccda9559823eeca14310ab703f1abafc2 100644
--- a/www.i2p2/pages/halloffame_de.html
+++ b/www.i2p2/pages/halloffame_de.html
@@ -1,36 +1,247 @@
{% extends "_layout_de.html" %}
{% block title %}Ruhmeshalle{% endblock %}
{% block content %}
+<!-- file version 2012.08.01.01 -->
<h1>I2P'<font size=-1>s</font> Ruhmeshalle</h1>
-<b>Derzeitiger Stand zum 05.06.2010:</b><br />
-<b>Generelles Konto: 837.80 € und $40 USD</b><br />
-<b><a href="bounty_datastore_de">Datencontainer Belohnung</a>: 700.0 €</b><br />
-<b><a href="bounty_ipv6_de.html">native IPv6-I2P </a>: 50.0 €</b><br />
+<b>Derzeitiger Stand zum 01.08.2012:</b><br />
+<b>Generelles Konto: 3471,5 € und 1528,65311242</b><br />
+<b><a href="bounty_datastore_de">Datencontainer Belohnung</a>: 115.0 € und 2 BTC</b><br />
+<b><a href="bounty_ipv6_de.html">native IPv6-I2P </a>: 100.0 €</b><br />
<b><a href="bounty_i2phex_de.html">I2PHex Code Belohnung</a>: 60.0 €</b><br />
-<br />
+<b><a href="bounty_debpack">I2P in Debian Spiegelserver</a>: 93.0 €</b><br />
+<b><a href="bounty_btcclient_de.html">Bitcoin Client für I2P</a>: 30.0 € und 117,34 BTC</b><br />
+<b><a href="bounty_unittests_de">Unit Tests für den I2P Router</a>: 2700 €</b><br />
<b>Derzeitige laufenden monatliche Kosten:</b><br />
<table border="1">
<tr><td>Welterde</td><td>8 €/Mo, seit Januar, 2008 - i2p2.de</td></tr>
- <tr><td>eche|on</td><td>32 €/Mo seit Januar, 2008 - i2p-projekt.de und Domains</td></tr>
+ <tr><td>eche|on</td><td>40 €/Mo seit Januar, 2008 - i2p-projekt.de und Domains</td></tr>
</table>
<br />
-<p>Ein Betrag von $65 USD wurde an den i2p.net Hoster bezahlt bis das
-Restgeld im Spendenkonto aufgebraucht war.
-Wegen der besonderen <a href="http://www.i2p2.i2p/statnotes0108.html">Situation</a>
-Anfang 2008 hatten wir beschlossen, dieses auslaufen zu lassen.
-Zum Anfang 2009 wurde von eche|on eine neue Möglichkeit geschaffen, an I2P
-zu spenden. </p>
<p>Ein grosses Danke Schön geht an folgenden Personen, die Geld an I2P
gespendet haben!</p>
+<p>
+Falls Du eine Spende gemacht hast, sende bitte eine Email an <a href="mailto:echelon@i2pmail.org">echelon</a>
+mit deinem Nick oder deinem Namen (und optional Homepage), damit wir diese hier
+hinzufügen können.
+</p>
+
<b>Derzeitige monatliche Spenden:</b><br />
<table border="1">
- <tr><td>keine</td><td></td><td>keine</td><td></td></tr>
+ <tr><td>01/2012-01/2013</td>
+ <td>anonymous</td>
+ <td>30 €</td>
+ <td>Generelles Konto</td></tr>
</table>
<br />
-<b>Bisherige Spenden:</b><br />
+<b>Spenden und Kosten im Jahre 2012:</b><br />
<table border="1">
+ <tr><td>Datum</td><td>Woher/Wofür</td><td>Eingehend</td><td>Ausgehend</td><td>Konto</td></tr>
+ <tr><td>Jan, 2012</td><td>www.i2p2.de Servermiete</td><td></td><td>-100 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2012</td><td>www.i2p-projekt.de/echelon.i2p Servermiete</td><td></td><td>-200 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2012</td><td>I2P Services sponge</td><td></td><td>-100 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>500 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>1500 €</td><td></td><td>Belohnung Unit Tests</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>10 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>0.01 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>100 BTC</td><td></td><td>Belohnung I2P Bitcoin Klient</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>20 €</td><td></td><td>Belohnun .deb Paket</td></tr>
+ <tr><td>Jan, 2012</td><td>anonymous</td><td>25 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2012</td><td>alu-anon</td><td>20 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2012</td><td>maxkoda</td><td>1.00 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2012</td><td>maxkoda</td><td>2.00 BTC</td><td></td><td>Belohnung I2P BTC Klient</td></tr>
+
+ <tr><td>Feb, 2012</td><td>DJ Eugene</td><td>10 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2012</td><td>Neuer PC für ZZZ</td><td></td><td>522,02 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2012</td><td>anonymous</td><td>15 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2012</td><td>anonymous</td><td>91 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2012</td><td>Hardware für Sponge</td><td></td><td>52,3 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2012</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2012</td><td>anonymous</td><td>22 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2012</td><td>domain Kosten</td><td></td><td>11,9 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2012</td><td>domain Kosten</td><td></td><td>11,9 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2012</td><td>anonymous</td><td>1.4328 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2012</td><td>anonymous</td><td>1000.00 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2012</td><td>anonymous</td><td>2.20 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2012</td><td>maxkoda</td><td>1.00 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2012</td><td>maxkoda</td><td>2.00 BTC</td><td></td><td>Bounty I2P BTC client</td></tr>
+
+ <tr><td>Mar, 2012</td><td>Lautrec</td><td>10 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mar, 2012</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mar, 2012</td><td>PayPal Gebühren neu berechnet</td><td></td><td>188,13 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Mar, 2012</td><td>anonymous</td><td>0.25 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mar, 2012</td><td>anonymous</td><td>2.00 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mar, 2012</td><td>anonymous</td><td>0.0000491 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mar, 2012</td><td>anonymous</td><td>1500 €</td><td></td><td>Bounty Unit Tests</td></tr>
+ <tr><td>Mar, 2012</td><td>domain Kosten</td><td></td><td>11,9 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Mar, 2012</td><td>maxkoda</td><td>1,01 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mar, 2012</td><td>maxkoda</td><td>2,10 BTC</td><td></td><td>Bounty I2P BTC client</td></tr>
+
+ <tr><td>Apr, 2012</td><td>anonymous</td><td>100 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Apr, 2012</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Apr, 2012</td><td>anonymous</td><td>0,50 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Apr, 2012</td><td>anonymous</td><td>0,10 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Apr, 2012</td><td>anonymous</td><td>0,723 BTC</td><td></td><td>Generelles Konto</td></tr>
+
+ <tr><td>Mai, 2012</td><td>anonymous</td><td>0,01 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mai, 2012</td><td>anonymous</td><td>2,00 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mai, 2012</td><td>anonymous</td><td>1,50 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mai, 2012</td><td>anonymous</td><td>150 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mai, 2012</td><td>anonymous</td><td>5 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mai, 2012</td><td>PayPal Gebühren April</td><td></td><td>11,94 €</td><td>Generelles Konto</td></tr>
+
+ <tr><td>Mai, 2012</td><td>anonymous</td><td>10 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mai, 2012</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mai, 2012</td><td>anonymous</td><td>0.25 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mai, 2012</td><td>anonymous</td><td>0,69307046 BTC</td><td></td><td>Generelles Konto</td></tr>
+
+ <tr><td>Jun, 2012</td><td>Verkauf von 100 BTC</td><td>513.38 €</td><td>100 BTC</td><td>Generelles Konto</td></tr>
+ <tr><td>Jun, 2012</td><td>anonymous</td><td>10 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jun, 2012</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jun, 2012</td><td>anonymous</td><td>10 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jun, 2012</td><td>MaxKoda</td><td>1 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jun, 2012</td><td>maxkoda</td><td>1 BTC</td><td></td><td>Belohnung I2P BTC Klient</td></tr>
+
+ <tr><td>Jul, 2012</td><td>anonymous</td><td>10 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jul, 2012</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jul, 2012</td><td>anonymous</td><td>1 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jul, 2012</td><td>anonymous</td><td>4 BTC</td><td></td><td>Generelles Konto</td></tr>
+
+</table>
+<br />
+<br />
+
+<b>Spenden und Kosten im Jahre 2011:</b><br />
+<table border="1">
+ <tr><td>Datum</td><td>Woher/Wofür</td><td>Eingehend</td><td>Ausgehend</td><td>Konto</td></tr>
+ <tr><td>Jan, 2011</td><td>www.i2p2.de Servermiete</td><td></td><td>-100 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2011</td><td>www.i2p-projekt.de/echelon.i2p Servermiete</td><td></td><td>-200 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2011</td><td>PayPal Gebühren 2010</td><td></td><td>-40 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2011</td><td>Gespendet aus Datencontainer Belohnung,duck,smeghead</td><td>700 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2011</td><td>woodchips</td><td>50 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2011</td><td>anonymous</td><td>13 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2011</td><td>anonymous</td><td>20 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2011</td><td>anonymous</td><td>400 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2011</td><td>Amiga4000</td><td>1000 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2011</td><td>anonymous</td><td>30 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2011</td><td>Mozartito</td><td>8 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2011</td><td>anonymous</td><td>20 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jan, 2011</td><td>Flattr</td><td>69,15 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2011</td><td>bv-falcon</td><td>15 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2011</td><td>anonymous</td><td>6,66 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2011</td><td>anonymous</td><td>100 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2011</td><td>anonymous</td><td>20 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2011</td><td>anonymous</td><td>25 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2011</td><td>3 Domains 2011</td><td></td><td>-36 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Feb, 2011</td><td>anonymous</td><td>33.41 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mar, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mar, 2011</td><td>h2ik</td><td>23 €</td><td></td><td>I2P Debian Spiegelserver</td></tr>
+ <tr><td>Mar, 2011</td><td>h2ik</td><td>50 €</td><td></td><td>IPv6 Bounty</td></tr>
+ <tr><td>Mar, 2011</td><td>hamada</td><td></td><td>-80 BTC</td><td>Arabische Routerkonsole</td></tr>
+ <tr><td>mars, 2011</td><td>anonymous</td><td>63.01 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Apr, 2011</td><td>I2P</td><td>745,84 €</td><td>-1000 BTC</td><td>Generelles Konto</td></tr>
+ <tr><td>Apr, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Apr, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Apr, 2011</td><td>magma</td><td>100 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Apr, 2011</td><td>I2P services sponge</td><td></td><td>-100 €</td><td>sponge</td></tr>
+ <tr><td>Apr, 2011</td><td>anonymous</td><td>20 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Apr, 2011</td><td>anonymous</td><td>50 €</td><td></td><td>I2P debian package bounty</td></tr>
+ <tr><td>Apr, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Apr, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Apr, 2011</td><td>anonymous</td><td>0.06 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mai, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mai, 2011</td><td>anonymous</td><td>5 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mai, 2011</td><td>anonymous</td><td>20 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mai, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mai, 2011</td><td>Max Koda</td><td>10 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mai, 2011</td><td>anonymous</td><td>1.180001 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Mai, 2011</td><td>ZZZ</td><td></td><td>250,06 €</td><td>Trimslice Dev System</td></tr>
+ <tr><td>Jun, 2011</td><td>An anonymous secret society society@mail.i2p</td><td>200 €</td><td></td><td>SILC Belohnung</td></tr>
+ <tr><td>Jun, 2011</td><td>Flattr</td><td>104 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jun, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jun, 2011</td><td>anonymous</td><td>3 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jun, 2011</td><td>anonymous</td><td></td><td>-13.6 BTC</td><td>Generelles Konto</td></tr>
+ <tr><td>Jun, 2011</td><td>anonymous</td><td>22.5 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jul, 2011</td><td>hamada</td><td></td><td>-20.0 BTC</td><td>Belohnung arabisch</td></tr>
+ <tr><td>Jul, 2011</td><td>anonymous</td><td>0.2 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jul, 2011</td><td>psychonaut</td><td>30 €</td><td></td><td>Belohnung BTC Client</td></tr>
+ <tr><td>Jul, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jul, 2011</td><td>anonymous</td><td>5 GBP</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Jul, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Aug, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Aug, 2011</td><td>An anonymous secret society society@mail.i2p</td><td>20 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Aug, 2011</td><td>anonymous</td><td>15 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Aug, 2011</td><td>ZZZ</td><td></td><td>$150,06 US</td><td>Reisekostenzuschuss</td></tr>
+ <tr><td>Sep, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Sep, 2011</td><td>anonymous</td><td>5 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Sep, 2011</td><td>maxkoda.i2p</td><td>1,303 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Sep, 2011</td><td>anonymous</td><td>1,2 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Okt, 2011</td><td>anonymous</td><td>12,1347 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Okt, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Okt, 2011</td><td>anonymous</td><td>20 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Okt, 2011</td><td>anonymous</td><td>5 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Okt, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Okt, 2011</td><td>anonymous</td><td>5 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Okt, 2011</td><td>uglic</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Okt, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Okt, 2011</td><td>vention</td><td>73 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Okt, 2011</td><td>anonymous</td><td>20 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Okt, 2011</td><td>4get</td><td></td><td>163 €</td><td>RU Belohnung, 230$</td></tr>
+ <tr><td>Nov, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Nov, 2011</td><td>anonymous</td><td>10 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Nov, 2011</td><td>Daniel Liabeuf</td><td>20 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Nov, 2011</td><td>anonymous</td><td>15 €</td><td></td><td>Belohnung eepsites in datastorage</td></tr>
+ <tr><td>Nov, 2011</td><td>maxkoda</td><td>5.23 BTC</td><td></td><td>Belohnung BTC client in I2P</td></tr>
+ <tr><td>Nov, 2011</td><td>anonymous</td><td>0.512 BTC</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Dec, 2011</td><td>anonymous</td><td>30 €</td><td></td><td>Generelles Konto</td></tr>
+
+ <tr><td>Dec, 2011</td><td>silc Belohnung</td><td>100 €</td><td></td><td>ReturningNovice</td></tr>
+ <tr><td>Dec, 2011</td><td>silc Belohnung</td><td>100 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Dec, 2011</td><td>ReturningNovice</td><td>50 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Dec, 2011</td><td>ReturningNovice</td><td>50 €</td><td></td><td>Sponge</td></tr>
+ <tr><td>Dec, 2011</td><td>anonymous</td><td>5 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Dec, 2011</td><td>anonymous</td><td>5 €</td><td></td><td>Generelles Konto</td></tr>
+ <tr><td>Dec, 2011</td><td>maxkoda</td><td>5.01 BTC</td><td></td><td>Belohnung BTC klient in I2P</td></tr>
+ <tr><td>Dec, 2011</td><td>anonymous</td><td>0.4825475 BTC</td><td></td><td>Sponge</td></tr>
+ <tr><td>Dec, 2011</td><td>PayPal</td><td></td><td>100 €</td><td>PayPal Gebühren 2011</td></tr>
+ <tr><td>Dec, 2011</td><td>anonymous</td><td>5,54436182 BTC</td><td></td><td>Generelles Konto</td></tr>
+
+</table>
+
+<b>Spenden vor 2011:</b><br />
+<table border="1">
+ <tr><td>Dec, 2010</td><td>anonymous</td><td>20 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Dec, 2010</td><td>anonymous</td><td>30 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Dec, 2010</td><td>anonymous</td><td>$20 USD</td><td>Generelles Konto</td></tr>
+ <tr><td>Dec, 2010</td><td>anonymous</td><td>$10 USD</td><td>Generelles Konto</td></tr>
+ <tr><td>Dec, 2010</td><td>anonymous</td><td>20 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Dec, 2010</td><td>anonymous</td><td>1,50 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Dec, 2010</td><td>anonymous</td><td>10 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Nov, 2010</td><td>anonymous</td><td>20 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Oct, 2010</td><td>anonymous</td><td>20 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Oct, 2010</td><td>anonymous</td><td>15 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Oct, 2010</td><td>ru bounty Rückzahlung</td><td>$230 USD</td><td>Generelles Konto</td></tr>
+ <tr><td>Oct, 2010</td><td>R.Schwabe</td><td>10 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Oct, 2010</td><td>Flattr</td><td>29,40 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Oct, 2010</td><td>anonymous</td><td>10 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Sep, 2010</td><td>anonymous</td><td>10 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Sep, 2010</td><td>anonymous</td><td>11 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Sep, 2010</td><td>anonymous</td><td>20 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Sep, 2010</td><td>R.Schwabe</td><td>10 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Sep, 2010</td><td>anonymous</td><td>15 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Aug, 2010</td><td>anonymous</td><td>20 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Aug, 2010</td><td>anonymous</td><td>10 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Jul, 2010</td><td>anonymous</td><td>6,50 PLN</td><td>Generelles Konto</td></tr>
+ <tr><td>Jul, 2010</td><td>anonymous</td><td>10 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Jul, 2010</td><td>anonymous</td><td>5 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Jul, 2010</td><td>anonymous</td><td>20 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Jul, 2010</td><td>anonymous</td><td>30 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Jun, 2010</td><td>anonymous</td><td>5 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Jun, 2010</td><td>anonymous</td><td>20 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Jun, 2010</td><td>anonymous</td><td>8 €</td><td>Generelles Konto</td></tr>
+ <tr><td>Jun, 2010</td><td>anonymous</td><td>10 €</td><td>Generelles Konto</td></tr>
<tr><td>Mai, 2010</td><td>anonymous</td><td>$ 20 CAD</td><td>Generelles Konto</td></tr>
<tr><td>Mai, 2010</td><td>anonymous</td><td>10 €</td><td>Generelles Konto</td></tr>
<tr><td>Mai, 2010</td><td>anonymous</td><td>7 €</td><td>Generelles Konto</td></tr>
@@ -77,9 +288,7 @@ gespendet haben!</p>
<tr><td>Mar, 2009</td><td>[anonymous]</td><td>50 €</td><td>Generelles Konto</td></tr>
<tr><td>Feb, 2009</td><td>[anonymous]</td><td>30 €</td><td>Generelles Konto</td></tr>
<tr><td>Feb, 2009</td><td>DVT</td><td>20 €</td><td>Generelles Konto</td></tr>
- <tr></tr>
- <tr><td>Oct, 2008</td><td>eche|on</td><td>500 €</td><td>Datencontainer Bounty</td>
- <tr></tr>
+ <tr><td>Oct, 2008</td><td>eche|on</td><td>500 €</td><td>Datencontainer Bounty</td></tr>
<tr><td>Mar, 2007</td><td>zzz</td><td>$200 USD</td><td>Generelles Konto</td></tr>
<tr><td>Dec, 2006</td><td>bar</td><td colspan="2">Neuer MAC Test PC</td></tr>
<tr><td>Dec, 2006</td><td>[anonymous]</td><td>$200 USD</td><td>Generelles Konto</td></tr>
@@ -93,7 +302,7 @@ gespendet haben!</p>
<tr><td>Jun, 2006</td><td>[anonymous]</td><td>$10 USD</td><td>Generelles Konto</td></tr>
<tr><td>May, 2006</td><td>athena</td><td>$135 USD</td><td>Generelles Konto</td></tr>
<tr><td>Apr, 2006</td><td>postman</td><td>$300 USD</td><td>Generelles Konto</td></tr>
- <tr><td>Apr, 2006</td><td>[anonymous]</td><td>$300 USD</td><td>General fund</td></tr>
+ <tr><td>Apr, 2006</td><td>[anonymous]</td><td>$300 USD</td><td>Generelles Konto</td></tr>
<tr><td>Apr, 2006</td><td>[anonymous]</td><td>$500 USD</td><td>Generelles Konto</td></tr>
<tr><td>Apr, 2006</td><td>[anonymous]</td><td>$100 USD</td><td>Generelles Konto</td></tr>
<tr><td>Apr, 2006</td><td>[anonymous]</td><td>$10 USD</td><td>Generelles Konto</td></tr>
@@ -112,7 +321,6 @@ gespendet haben!</p>
<tr><td>Jan, 2006</td><td>[anonymous]</td><td>$40 USD</td><td>I2P Generelles Konto</td></tr>
<tr><td>Jan, 2006</td><td>[anonymous]</td><td>$50 USD</td><td>I2P Generelles Konto</td></tr>
<tr><td>Jan, 2006</td><td>[anonymous]</td><td>$20 USD</td><td>I2P Generelles Konto</td></tr>
- <tr></tr>
<tr><td>Dec, 2005</td><td>[anonymous]</td><td>$10 USD</td><td>I2P Generelles Konto</td></tr>
<tr><td>Dec, 2005</td><td>[anonymous]</td><td>$10 USD</td><td>I2P Generelles Konto</td></tr>
<tr><td>Nov, 2005-Dec, 2007</td><td>[anonymous]</td><td>$10 USD/Monat</td><td>I2P Generelles Konto</td></tr>
@@ -137,12 +345,11 @@ gespendet haben!</p>
<tr><td>Apr, 2005</td><td>Dale Jefferson</td><td>$10 USD</td><td>I2P Generelles Konto</td></tr>
<tr><td>Mar, 2005</td><td>Synonymous</td><td>$3.45 USD</td><td>I2P Generelles Konto</td></tr>
<tr><td>Mar, 2005-Sep, 2005</td><td>David Hjelm</td><td>$10 USD</td><td>I2P Generelles Konto</td></tr>
- <tr><td>Feb, 2005<td>Marcus Felker</td><td>$20 USD</td><td>I2P Generelles Konto</td></tr>
+ <tr><td>Feb, 2005</td><td>Marcus Felker</td><td>$20 USD</td><td>I2P Generelles Konto</td></tr>
<tr><td>Feb-Dec, 2005</td><td>Sebastian Spaeth</td><td>$200 USD</td><td>I2P Generelles Konto</td></tr>
<tr><td>Jan, 2005-Jun, 2005</td><td>Martin Stares</td><td>$60 USD</td><td>I2P Generelles Konto</td></tr>
<tr><td>Jan, 2005</td><td>Nico Zimmerman</td><td>$2 USD</td><td>I2P Generelles Konto</td></tr>
<tr><td>Jan, 2005-Dec, 2007</td><td>[anonymous]</td><td>$10 USD/Monat</td><td>I2P Generelles Konto</td></tr>
- <tr></tr>
<tr><td>Dec, 2004, May, 2005</td><td>Elliot Turner</td><td>$350 USD</td><td>I2P Generelles Konto</td></tr>
<tr><td>Dec, 2004</td><td>[anonymous]</td><td>$5 USD</td><td>I2P Generelles Konto</td></tr>
<tr><td>Nov, 2004-Dec, 2007</td><td>jnymo</td><td>$10 USD/Monat</td><td>I2P Generelles Konto</td></tr>
@@ -160,9 +367,5 @@ gespendet haben!</p>
<tr><td>Mar, 2004</td><td>bla</td><td>$15 USD</td><td>I2P Generelles Konto</td></tr>
<tr><td>Mar, 2004-Apr, 2005</td><td>duck</td><td>$720 USD</td><td>Unit Tests und andere Bounties</td></tr>
</table>
-<p>
-Falls Du eine Spende gemacht hast, sende bitte eine Email an <a href="mailto:echelon@i2pmail.org">echelon</a>
-mit deinem Nick oder deinem Namen (und optional Homepage), damit wir diese hier
-hinzufügen können.
-</p>
+
{% endblock %}
diff --git a/www.i2p2/pages/hosts.txt b/www.i2p2/pages/hosts.txt
index 8fa38d61b2737791991eda82345196654f7b0250..5f3e853fd7d59d92722ed0a2bbc9f99d06ff0322 100644
--- a/www.i2p2/pages/hosts.txt
+++ b/www.i2p2/pages/hosts.txt
@@ -266,7 +266,7 @@ lp.i2p=9GCeBnLXaOgCDUrkzxaV3MxB~k4M7AM~-5YROP51QyzRQ~MohC7P20vkfJrIa7CU~5ZSpYLex
amazone.i2p=KloqmDOtO35jYgefz4gmjyaDxSviLGY0A2ZeQyvDKuhVD1BaROvBTLMp2Z2rcC~hVFJkus1UVSFT0fDwQV~is8uYpcfrKal~EUTbV7uWOelwSJFEJBfoIfJ-yj7hfd6kC4Hb0tMudMLnaRmLGVZJ8o2FGTkNmvItZMPXlc6E8DjfxgegvYcdx-BYDaOvJUyD6322xaRyVDJmQc4OjvCgw8fzS-m-3V1eHkfx4UVeoxKy~tuckKXLd7VVVXNijoHG2PHNVXinfMwopUYzPyqsw9n9ucqLZdskXgm9O0BAuCJVJNCVmBQNBzRt8bX-NCypmISU7MN5YYVPumh-duuTPEQsZcks5JixtWlkIfzON~TZ5PaDlUPXvLgdAyKfWbNXBCR9nfE73KkpienPjn4-XAYupkRm1mG80IiojtViGjFAWnyP-awHQGPj0fURPvQvPu~RVTpKcI6x0QaUdd389N-QYjnBA6dJCRx~JrHjUP32GmWM4qNNLwUumo3za6DxAAAA
inproxy.tino.i2p=gNVJ0hpqZafnYkh7KFVHcvHuE~DeeOPZ45T1EFc8ARtd41s4dzKKaADtCtAmQIgQ8UYaiXA1l9eahcGP2rfJ4y3Ap4n3t-kext4UpCjzfwdI-u6s824nUb~ZaNfJIlqhu4sjmN0CK87BwKWU4-fYv3bM7mDDPWFT70ret81nN-SA3dQleKa65EK1T6EjKvAWeWkMhD9KnlsSMCc1OHwKX9Z8rM0Q8uXSYCLiY8VfQDPwOINvpTFUnuToo8GZ3KLQlECIZbE9OVJZ-0ZZEny1Muq~J~mQydFQnnCHB3hvPxjuv0rtO25zsBrAy4oFBrGgaFqy81gfTGDKhLwjaJ4hyYZwjBUNK5K-XLRO6ev03iOcVMvfuEdnCb~3uEUxEGYZTcAFJMUhSswo9CquLe0BodHm-biyki0kPxf~vE-yiCj0OPsUSD6frvqSqpksmAlasBhgQXR9hCJ37qJF1tBT2GaoHlHVhHzMqdNDEUHk-R1WRSeTghRDpwhQpCKb8VThAAAA
kohaar.i2p=2qYXoTui18BY9KtzFiMsdw6-8-rZbeSoEMkVkFzYCP-ztPWp4p7-d-6d9Yjkjo647iqTA2DYcQqIZfI8V9gG7Q0NwpC5AHbbBz~117YPLcm1uf13m7nMiXKy66qzsTC~AzIazw4EUCuCTyubr~SzYrcX3M5c0ccl~ltZrnr233Y5B4zt5-6tkckXYLuOJVXfNhRLOAI-EQ~KGP~MxSWiuItDQW7DFo9-zEzN8J0sdiIHW6XcELDWth02PbAGOyi6OlJFfj53oF5MHPLMnR~o50mvu0wWtlZXR7bOcaFonfcfHdoV-m5Ilj9H5tNBdspg7Gimx3HBW8BoUXkxWoJu403mLHNXOhG2Zw1uK9bx2GJdrkMgvFKyQn9iq2USensMrb7Wf2LgFzc0lI5BsR2BTTp~cB~u1HHhXKlVYSxYKPxpjls6-n7bynIe9NSE-ToAvVOJ7ygW8sKJWxNu3tA-8ZSQ1kB4IRpzT901Nng4lAq4aMYVw8l2Wvo1SgALqUNJAAAA
-TheBreton.i2p=hYx0~K9CvPjbRwzPG~DCONlB3TwOiMGc47o5FoMAFUOoA7c3uMPuXS--1OXP3J7VbcfyRkWpQjmLhRXjeYD1HuCCJ5P8uuQ7w3RhTLActjkUkoF9yE9xH-3chudIbyZmlXRgNQaVxLkueK3hFFNODAFryITAtdH51RHl-CvBt7oQHdexL6TySL9YqlMIRHwjTCDv-mLngXHhltesU-RTwiJyJbmcNx8aq2RHcW0AdNve0nRCgNOt6k9lZ2RW3llmE42RVJiKIa9OYCNUMU7BNyklpBbfDxpoEPMO74aMqsNBhQmXXsZfNYfGAEWWvnYV~FMD40xJ~6bnlUTJj0AF-njN7mVOO57ne~l5wm-2Ltke1tomI9z-o4IhylIhzIJQYXVbNZezxf54Z5x~ydTWrvZE1KLDy3aAw8ODYByN00GRHLFuRJYYDRVUT2DcCk90wqySRUAV8fEO8EPe4Bx1KJh4yFJ6lgWfj~1hvDj4DZIDjsghonvKohTMZ1j3Pdi-AAAA
+thebreton.i2p=hYx0~K9CvPjbRwzPG~DCONlB3TwOiMGc47o5FoMAFUOoA7c3uMPuXS--1OXP3J7VbcfyRkWpQjmLhRXjeYD1HuCCJ5P8uuQ7w3RhTLActjkUkoF9yE9xH-3chudIbyZmlXRgNQaVxLkueK3hFFNODAFryITAtdH51RHl-CvBt7oQHdexL6TySL9YqlMIRHwjTCDv-mLngXHhltesU-RTwiJyJbmcNx8aq2RHcW0AdNve0nRCgNOt6k9lZ2RW3llmE42RVJiKIa9OYCNUMU7BNyklpBbfDxpoEPMO74aMqsNBhQmXXsZfNYfGAEWWvnYV~FMD40xJ~6bnlUTJj0AF-njN7mVOO57ne~l5wm-2Ltke1tomI9z-o4IhylIhzIJQYXVbNZezxf54Z5x~ydTWrvZE1KLDy3aAw8ODYByN00GRHLFuRJYYDRVUT2DcCk90wqySRUAV8fEO8EPe4Bx1KJh4yFJ6lgWfj~1hvDj4DZIDjsghonvKohTMZ1j3Pdi-AAAA
adab.i2p=3Z9v5Fx92js68wHTweMVAdqGlIieQRH7VtUiF~~jGLpf6P62ohcEqVaiCnLyfcWjXrGwz-uX-CvTTM5rwzfqciuqrXcG-asRF751TQAs1ncj-GHq5W0C-uRBtfaa5NPpfKsxAGlk4ILNvnUIgZrbwkNuDUulmaa-FwxjXPCcVYlzuUlGE9JYikk0nKgeTgm2ALBzLNH~EyM4CjYoIhtBGNPThqBckIR24JDo~zYB9plqpTvBIlA5iuskv0~3siXQW6eqnU9y3gIMy10vJYPY7rpbrR6YpAu2NoCxFCKsghpSqYXGpy19~1ymFtJMGDTj7uzz2OW9lvj8gtCp-4To7A6A-P2HNH0FpAANZmsX9sRaqqjSsp3kMuqg7T2XfB-Z29XkLtiTcl-rfr3xZdyznDg7n4mVW2DOeyoCthVTbf3dM2d9PmANLWS0Iy2KUDAIt8Y0RqqSB1CORZztsoE4sh7u-CjcE24mmbcVG6MHyhsK4PLDYJADquDDCgD5boolAAAA
awup.i2p=y1UIT5rcMxuEyY9xQvXWOvg50sZnS4wjWqdeuKJCajMy2r9sLmL9KBVpJbTyO-QGOk5IHpyGSjEzWxQQOvFBPMtVllmaMaaHfZjrZ9h5D1iIqiz-DogfBDSjNetHhSRHEOxG1xF6Xq1ViWd14hKwTypfQTq8c~40tDChSdYHKHMJN8OWoTnicVw1AINu3aib6d6sAl5F9CKu1i949UFsVpoZw3LfiXcxjU0r7zQPIAltzezBsqJmhy-HbgyMvOKJb6MiGQ3niu5bM1J7TFz2uRKLxwM0QOblS3QOHzRXNFziPSinS5PkBIM2gDEyeZVlMDWBwVmRbG06mO5uVx~64Xc1jyjRvdvnzqITZRY389028A5HteLps2ge1fKYYINCxE5k4rq2BLXd-Utd5VArlcBDTTZVhapgaF8dE4xS3XLRF9GNY2VUTusElN6-dvhrOUNG80edhyBksUY0C5SszaBiWVBlb~WEZ0pTwdjCDf7B7sEsZVhRgqm~k3e62SNFAAAA
china.i2p=Dt1dfJgR0VzvhQyfoXhS1SQ6Rq4I5KwDOndFATTcxRmVejxsHpTa2IaU6ebPr-hMxnxin314qj2V5I-Ew9nfnJkI~HgEzwTD9pLiDjDvLx7UG1vTOu-hyQ2buL4Q3lun~YmdDxhwecU1FBwkrxoNDYY1hsbiAmFUzigUZ70iPSpRj7YPRs-O47fOV7Zz--tJXeBa76BUvguWwATYu7bbteaAXAChIAN2VHQLV6qnQEUKayakMYUX9xd~XQv6S9LXrZ~IQvF6JLqmQZoTGAllHkM6BWisu7WKQ2~uKGFgseXlimmu3gJtwdyk4LrMK-xANGxp29IbNzwL4xcpDiagpnVjEzfRDFzjJoOXWn8dcFwvSyEEPaFfGJu2U~H~kh2~t2Dz7OZ2UuXF4NMdZP5sIxCi1IsStggk6EkcQIffMirgbXDFJbQujc-3uHiOX9E0AkPAWamHr6stCJa9pinlPqSmgGLuh6HrLOpYA6R54hOYMB~jBUWg-DIzN9q9g~D9AAAA
@@ -315,7 +315,29 @@ echelon.i2p=w6zK9m4fqSfvJck9EGIR1wRIbWsEQ2DkjZ-VI57ESFqLqbTIA1cD5nOfSSbpELqPyhji
crstrack.i2p=b4G9sCdtfvccMAXh~SaZrPqVQNyGQbhbYMbw6supq2XGzbjU4NcOmjFI0vxQ8w1L05twmkOvg5QERcX6Mi8NQrWnR0stLExu2LucUXg1aYjnggxIR8TIOGygZVIMV3STKH4UQXD--wz0BUrqaLxPhrm2Eh9Hwc8TdB6Na4ShQUq5Xm8D4elzNUVdpM~RtChEyJWuQvoGAHY3ppX-EJJLkiSr1t77neS4Lc-KofMVmgI9a2tSSpNAagBiNI6Ak9L1T0F9uxeDfEG9bBSQPNMOSUbAoEcNxtt7xOW~cNOAyMyGydwPMnrQ5kIYPY8Pd3XudEko970vE0D6gO19yoBMJpKx6Dh50DGgybLQ9CpRaynh2zPULTHxm8rneOGRcQo8D3mE7FQ92m54~SvfjXjD2TwAVGI~ae~n9HDxt8uxOecAAvjjJ3TD4XM63Q9TmB38RmGNzNLDBQMEmJFpqQU8YeuhnS54IVdUoVQFqui5SfDeLXlSkh4vYoMU66pvBfWbAAAA
tracker2.postman.i2p=lnQ6yoBTxQuQU8EQ1FlF395ITIQF-HGJxUeFvzETLFnoczNjQvKDbtSB7aHhn853zjVXrJBgwlB9sO57KakBDaJ50lUZgVPhjlI19TgJ-CxyHhHSCeKx5JzURdEW-ucdONMynr-b2zwhsx8VQCJwCEkARvt21YkOyQDaB9IdV8aTAmP~PUJQxRwceaTMn96FcVenwdXqleE16fI8CVFOV18jbJKrhTOYpTtcZKV4l1wNYBDwKgwPx5c0kcrRzFyw5~bjuAKO~GJ5dR7BQsL7AwBoQUS4k1lwoYrG1kOIBeDD3XF8BWb6K3GOOoyjc1umYKpur3G~FxBuqtHAsDRICkEbKUqJ9mPYQlTSujhNxiRIW-oLwMtvayCFci99oX8MvazPS7~97x0Gsm-onEK1Td9nBdmq30OqDxpRtXBimbzkLbR1IKObbg9HvrKs3L-kSyGwTUmHG9rSQSoZEvFMA-S0EXO~o4g21q1oikmxPMhkeVwQ22VHB0-LZJfmLr4SAAAA
nibble.i2p=V2XQ31BQWcwLcBNz2ywb4xy0Q1GMjdziQyjKql-lGdYPOX7w9g3j8IkA1jfW6YYwNi5QZc0JurjrSNH1yx6Y1goI8SB1l-yWdzst73fGWo6B1UtL45XrfXPg5k34RpktCNa4KoeIsUnGnxHQESSj5hw389hvexKXlkAHXQg9eUfbBYyzZc~~Kt4YdYX4cfMpXXjg443kyEiwKisOaRuiEN-YjqZ8pJTyAQsOKNg8hL3e15XFNPfAAkCSsALPAqj0~HZDwCZDeV0Cp4iaCGjw8tsNQ7xBeSjnhOeMoZKtrPAbbK4vNh7OIcakcVu16ykfEf-FcqbPQQe9rjilMy8V-BcjhggjUcZmtWj9qE7RMfUFpbAIfNHgWXTl5yR5V~brqxxuBxHQWn4oyB5NpY02dBkvvxXwdk~XFzXlSz~uEZKVswvI8rUHR4a2N3YDss5iQ~uscvKwNvsTZiDUaN66~CacZLYU9BtDBNnAxClz9LSu5b9CiunKeacbH6l5qrPpAAAA
+bob.i2p=5uAI6ENnNP8acDkAtYqBjLa-gFqM~uERNZdJBKtRwUvDkuXvIM66pYfYL3-ugTmoR-SIveDl4u3~soprUO2EYErMzroAmd9pfl0L2vYBWFUQfImkiqFhiGebMzy2zT-~00p5mzHtbg59MCvD1TwsFxU3M0Ftig~ErN0ezFYQ9DKOfOTN-As2QBXZo5vhhzpvrUNuG~MLa2aw7ubImX45EQYqmkmIf5bHCM4skSww24fBrVuMgM3lI6hYjcI65K4-U2t65QOM9RseHW3X4qZ3g8SBzC-4YWWxJH4G0Clp4nA0s9wUqyQHEfUKfJUipjH5OiX46UfNJGU6ccgJnl6zmW6QaW~ppzoHtF7Lp19ZLxrmTglm~GN41NXGkMIj-xSFmF3wz-kwfm-6VhcDaYe8Td1hghGxHPqFJVyC66oSwTB7oP9XO7HuBACr-9O2TmrJbYSw6FCtQkgWctqRffJVB0Ecq7qeCbsMliBe1xLsWVV1dcDnYzzGvNxo3RakoqamAAAA
+sponge.i2p=VG4Bd~q1RA3BdoF3z5fSR7p0xe1CTVgDMWVGyFchA9Wm2iXUkIR35G45XE31Uc9~IOt-ktNLL2~TYQZ13Vl8udosngDn8RJG1NtVASH4khsbgkkoFLWd6UuvuOjQKBFKjaEPJgxOzh0kxolRPPNHhFuuAGzNLKvz~LI2MTf0P6nwmRg1lBoRIUpSVocEHY4X306nT2VtY07FixbJcPCU~EeRin24yNoiZop-C3Wi1SGwJJK-NS7mnkNzd8ngDJXDJtR-wLP1vNyyBY6NySgqPiIhENHoVeXd5krlR42HORCxEDb4jhoqlbyJq-PrhTJ5HdH4-~gEq09B~~NIHzy7X02XgmBXhTYRtl6HbLMXs6SI5fq9OFgVp5YZWYUklJjMDI7jOrGrEZGSHhnJK9kT6D3CqVIM0cYEhe4ttmTegbZvC~J6DrRTIAX422qRQJBPsTUnv4iFyuJE-8SodP6ikTjRH21Qx73SxqOvmrOiu7Bsp0lvVDa84aoaYLdiGv87AAAA
docs.i2p2.i2p=BhSHFwXW7zGTLRVTRuTfgxWC1PxKGDyY2OYpS0IrDnYhQklWVFxHz4xVpw8UXo8LTFXAnAjknrcYdLt6DfHcO-ZkFPo5UbOIfywSsHoet4J6BQ1MOt1MLTAejks4Rkj3~sfK2fJHHvHYTjm1v5~f8c13ZH5fPfQ3A71RRCyiYaeO5-VxC6rqvW~z0dNO~-jakjwD7tHtzQL2vQTqarYT859yUiHmLJ~yw5jXfxNBhlxIxaXg0Nat9S5N2W4Eqemy-UYtSGOM4IUGKoM902JxhVpz~O1~iB5H211E3x-o8dKTt9Yz2G5Qcp1kRB0NCO2Noivsxjnfv~64zoUVbPepyJFQKenRtX844HgOESNcUp~FoVzI~QJne5irJDMLK1dNsua3L1kz0MA-2Aev8byWe4TIXeZCuDpYi4bRK6OPKDETwJG8edw7CFtsQaFI-2wGMFu8GDH7pUL8~1qyDjjFv5c~q1MFhty9q8LRUGHHgWP47u9n8OX4zcS4P1~5z2M3AAAA
paste.i2p2.i2p=PbHXL5PXan7siJiFcUAV~VC0JCLxgnoOnZFjyvJ0dbYlQ3fi1K6SD961pjQ51OSeTnbe5iGRzbY2X0~pG4k~hexau4NizxprAdgdiC-4J3-xpVRjZ4IxuMoDXp-V8Nhv8pLCQcxiEXbWft2v7zLvkp2y6uqH7kab8FXL~z568rMMH0DDs8imwAawasyGtLLo77X8n-C0K~7orcWDVZicWABJ-zky1Zlllx~Y~S8RHWyN4dueP6wkH484b81xNbbt3P-HzE3TcKAvUcSV1Bq4J5UNafQYU7DhV7roUtw4HuJYoxiXnlXVeC-uTCGF~bPrjrB-~Yn0KyObmXs5yvAcKHIS2tgmlsP9nahyn1ZOrlZc0L3DEsv4rkfQyzHVBxcCzMUOchWehE09GLy3bviWZ43lB7kU8kRaja7G4xLrD-CXNXq6q7WNYXrqX7EmtsvCo8VDcFn2ODyLb3eyDe~CkO7ES7mv3u8jJxJRQEcjj71pvu7bMzSMh-xN08X6vx9AAAAA
outproxy.h2ik.i2p=Wa-LfCQjQBcJVItWynp6NWNnjbCDNAD9HJl2v6koEq3B3nGfID7Xxbyq17h9mY-dTQRmScduOhdlqjuZwpFOoGBDV3cS9n5F2GnV~ih1FxiRJUrPXD1CNJMTUN9FAv49Wpup0a~HW2u2kvdWQfuw3N1dlpEUxUh6BE2v~ssewSno~6QOl-Bi0FM1qaWig8ct0-JRuG8vxtcNcQBzIHvC~kxwh6e70c6-tRdfYUcqbkEPcd2GKuHlYhHbOOPQIwntuFAZ17FWrGUSNmxrGFb-z5tjhHb1pD2BTjYlRG5NYKGWKqUee1kWpzxB-3O2frbBvMvM-r6lQLaGx1juAk3vypkJs4644vBrvvkDunJdIaFjzdaK9DdIzOTGxOVzPcVMw9AhAmj-nlE-wMsKAowP-DYATk2-SjMEAIXG~oz3Piz0tW1bfBCILgoOkxwsm39noQ8gBjIxQckfeMXYsVLOCiDmsfwJzjXwT1vzKDrErL9f0TM2jqyjdBlEeFQdo0SSAAAA
trac.i2p2.i2p=24SmhWiRDm-GzpV5Gq2sXhuvPpa1OihY7rkxQO4aHy5qKjr6zmEnZ3xQXdkFJJ0Z1lKy73XRmgCyys02G25Hl3cuxlZ2fNbp6KhOzlRKpOIAWFdSWZNF4Fp7sos0x-a-9fxOWnwwQ9MFcRYwixE~iCZf4JG~-Pd-MHgAuDhIX0P3~GmfUvo~9xPjof1ZsnaOV1zC0XUkHxZA5D6V0Bse~Ptfb66lPNcgBxIEntCStBAy~rTjaA3SdAufG29IRWDscpFq1-D4XPaXHnlXu7n7WdpFEM8WWd3ebUMqnq8XvLL1eqoWYzKCe3aaavC3W6~pJp8cxKl2IKrhvSFatHZ0chRg3B4~ja1Cxmw1psisplSkJqMnF921E6pury0i6GH52XAVoj4iiDY~EAvqDhzG-ThwlzTs~2JKzslwxOrD2ejd-dcKdi4i9xvi2JQ4Ib2Mw2ktaQhuAw3Y9EkqAs7oriQQN8N8dwIoYkJLfvh7ousm0iKJJvMt3s55PccM46SoAAAA
+i2plugins.i2p=7oQz2gHOxFXxXTI6uGMk1Giv9UmviBhbubWKDjDqW1Rxvmm55tvC1znaAAZoV0X6YPd9aubYwsvfXAYatPHY1eehlELe3XdrgzqWvj566j62gv8atxhJQHjbaWqF-ZvntYRefVRFJ49sPi~MmAv5EBoSUKGuVu~8Bw-nKlCEhL7PLRdzA98515U5cFC6-srI2poZiWJ35rfbIqbEOLbECC4HbTedXv2PbRyukCiGrU-wPx4GnfSSaMeYMTAtHOf0IiYEKPSExjWkovgWbnCQaBzP4M-fAKIkSIMuOF8T4wmGaGESLCgiHukDoiiXmsTRm3cNeotm-BXncF~tft8sL4OB9cV-SeOtgkgIsaoO1JpQ1ACdtgOzlIB6H032jpuMQ5U9u1OQbTS8CtdRIlBv7Zcd6621MI2KGXLldHpcMs5hecbqctit~it5lB-wSkG6lllT2ZXBn8Yxeu8xo6kdrZ4bkolBYPEH1RPxiCj9GEchhUSPi75dkgb-vgoMnSMgAAAA
+i2pbote.i2p=~taSfBfeiMM5fW~qwUGZr4kAXmSoentWVjlQhTCKWhVj04KV34tLguNQEpHb1cA2eIwlkTpY0TPYUVKt866jLgQEteuIImmNuStVgm6DWh4baPqI22oSNC7O-4EW6PJy1tT9nr1NXu5p4w2jY4P4Css76xthaf6Z5YUOWAIwnMlptyac-qFHmjmU3CFqvKQgBnA4NB0ts7Y2~TcvciANllfsjfsMgFdg--FYpKiwC8bSsTHKJ3~oGb6osMqql~Vzr6kvIzfLnvabbuW8wjG2JvATBuJ3IY-BN59KdT84nc00SuMgmt1ywVvHOl0~n8Cjr1hASYiJ2FTxEQRbQ9WRaxbnk5BO~yeiedCsjw7ImsSES3GzcU5zVVx9p3bgx7P~X0h52VripL6bovj9YJznN3qw0eRCJGjY-du8azFNV6~6ZZ6ss14RNC~HKIzlhR7F5kF~4H2wfC1EdNlmm1cI0iYRdEdwSSVX47LngHyK-ZQbVZOGeEeCU8J8Vhk~8WdLAAAA
+planet.i2p=W0omtMApOdlTkgJoct08QnzDkeb~xc60df5Cx3k3qqOFmyEkRB65NdpSdvldI5STmXmXlZe68f8Hu1dfBMmKvfpBFMpP-mRVYuHbEa4N1dRkp3AOswZFO51lSC~MVPMZKGHAv0cfv5WFaJ9nfuaR7iYYWJF11xotoPTMbJdB-I3XPC8rxHI-73ATlOD4cU9oZ6BYcBE0dun9zw4IHBcRpnFRx~s-TkevNfPnBqujB-NNgA8a5s~QUj0h3FwwUWsNB8f1Uwy~DwoQh7pMp6dsZ3umEyBn2HaXZasSmbzB30qkQRs9vrAtIFdIzCQ~8gI2cHdHEPgExUQX~xlM8QZEgnLXSfS93asWPdpitv~KT7bO-35BgTBdCozHTCcvys6bYJ24UnkFVBE0D2L0t98neelWkJSaEU0QzxdRphoCZY8OABQIaS4qw6PEFD1Un1vxNCh~TDFWcYBZ3Rqsc~ISW0wF7oOS6-DPT3q5O8cGLc8iAEdRchrU9XyAHAKVlEZxAAAA
+exotrack.i2p=Ly1vs4plBuGisqlMiQOjhVkXFZPBMy9joSCrus~tuLXBRXDrPYG9WXJMzY4gb3LiW0VVawv0kLgikX8eeeruXmgKwQW5zB9UPSP0CQnXTRelE3Jn7lev~re4woHvgS-EGBwWikxqXF3f7W8-LhieI0JhBZxItiWhJJME07oncW0kgS8UIMl0wqN2Y-p0sryFCN056TfGNTXigfxrSLqKnpi6a2OyEkF62qvRID3qXzRque0vKQjqvavq2mqxjFrSgLUoyKod5h9Px6qK08gtoAyDKMLPk7fPgReYKj6awiOxRSGfsMpZD3~ZuV0Sts2XtCau3S3myYMIDe5oKziPtZRIej4KBDxT0YYIw5v4RoqzqF88gNgHDfkPZ25JKTOt5xGcPTG8kwYrtx39PX6NrJmv-I~LUz6sZZlIW24k1qbO7zBxZ6mazldQY1~FJGXzn5MNzsxp44iOZdMDJJh18N0Psthk2hqlQOS4L0Ss1Odm1czhBxf1Y~j3L-QsMttcAAAA
+outproxyng.h2ik.i2p=1RqMQd58RgA4D~XT34rCjQteJVQwFKQbPK5P03GetL-DyCfKV6Vg61xyxGOZK-K4KTXXf45PG~oDAWIzE7UY5aXN9oAjHXfPrU9hHxv35BaxFqUpsJLgjWu41OwSjl5aN2-freH4gGVSiL62I1y2bcXHc2kVHlbToQOy8bJoS3KSDHEeU0r79f~cY3xf6rBHpHNMJtdYdnWlLq5KFc2cz~8lIut~sSIAwUEfebBkhfl2ctvdEGdSshBWGTxXiahtQX0xraynF-Cex2hxvBAl0g9aoOnrLx~Gses54WPD-m3RArI3fiaxEALRuFa0mfrrEgjOhBtVU8IlTYrTEkR8JSGofsEmuqqM03FIrwOv6lJZi-xemiNUr3OX6VdO4ckIg69BxpCYzP2IxLO5r8lSwyHqGbYPFxBIjbSMsv6tGWWdglV4Y9sQHTarboA-XDih3DzDpomb1~78cSiV3PRidjj4MDggn1abkQbRVd6WLV~eTi54bctS-JwW-I5Xyqq~AAAA
+inr.i2p=GGB99wXYBnX-wOxQ~Xrvo7AvngoYgifvZZL54ksZWzclcirG7AysqfkAKyv906PxfM4y2DcN2K9m4-D99yFj-1BdnUuIEqfi2yuaaVoWuOffT3h9ne~kZnq3C-wrmczD70Gxk4shvSVxMdUEFvEip8QY4K0R-FiKBsFAfWGTE3b9d-QCzP0H9VP5V-CaYjYVQuMRgMluk9gnoLRipvV7483f~rmGgYX8xwygEAQ3v9P4hrAlJrP0lWJLI1K6KQucP3THIxZ4A9Xxnl0I7EZAT8bHwzschFrcDPYM~DtQdkJTz2VphocbNLfIExTrFt88-xC69WE-fSbaMf9jucT4f5kdpfpRu0kM~am40etxPs8uXGF-L9IXCjgUkJHrWdPHeGhnx-ye2xvUTLO2jyga8iY89Ee3IpqivVUg-iAQJzX9NXC29sf0YzNj8d8mdWRNuzbLSx9CVJ3l1NPJr4k7hmCqf8lBGXNIFZQL4Wez1PPcM4gw0o73gqIxkxvVzVcpAAAA
+pastethis.i2p=qg6Y8Dj5LHAP3tOGmJXpmqe2ivpgVcs4UHJ0hv~VRGhNTh7awM3qPIhKNMhrq9G5ZgXWB3QlSmi-m2FQVndTNKegdfbdnFMNLOOwh2pm1akhvEp6MeKhv0KjJFKpNOb2ygHu2MXPXuDuh5odO1LRs3Pxr1PdjM~7L5NxRE-o-EuCKH5H1335BAfvY5k1SIU-t-YaIctMKGH88D9OjPEt7PlqXsdXUQnJFO6B4V3E1BdH33Zc6oVxaSSOLuLaSPjrczC4h79U9gJFmR4isWpHmynucEtJmEbJ4atcUe4~m2uYw8tWGGFoMvz9y3y6kRqb1alPpX9wPZb5OGjTJIQTmSGsag2-CJldnqa3mEDCWQ3gs6FLud-s1z~2J51BnFl~LpPPF6yT8879R5zOGAEwfIp4N8fJTbgPNxz4P4LRQLXHk0t1oYPEpwLneiLH-87zzM3IiTeeb3XCDyc2T7zzLGrktb2i6BlyEBJMXbsN2CiviKOHI7CEp~u8Lsp69FSeAAAA
+diftracker.i2p=n--XWjHjUPjnMNrSwXA2OYXpMIUL~u4FNXnrt2HtjK3y6j~4SOClyyeKzd0zRPlixxkCe2wfBIYye3bZsaqAD8bd0QMmowxbq91WpjsPfKMiphJbePKXtYAVARiy0cqyvh1d2LyDE-6wkvgaw45hknmS0U-Dg3YTJZbAQRU2SKXgIlAbWCv4R0kDFBLEVpReDiJef3rzAWHiW8yjmJuJilkYjMwlfRjw8xx1nl2s~yhlljk1pl13jGYb0nfawQnuOWeP-ASQWvAAyVgKvZRJE2O43S7iveu9piuv7plXWbt36ef7ndu2GNoNyPOBdpo9KUZ-NOXm4Kgh659YtEibL15dEPAOdxprY0sYUurVw8OIWqrpX7yn08nbi6qHVGqQwTpxH35vkL8qrCbm-ym7oQJQnNmSDrNTyWYRFSq5s5~7DAdFDzqRPW-pX~g0zEivWj5tzkhvG9rVFgFo0bpQX3X0PUAV9Xbyf8u~v8Zbr9K1pCPqBq9XEr4TqaLHw~bfAAAA
+update.killyourtv.i2p=s2bzxafMCmDEujaZF44c558MBqYKC95YvoTqNaqMVGIoV68BUlCQu4Z6pjmuxSptHWo38LPx55nEqLLaKFljX7yr30o-iRBwsIev5M1HeX62YVJYxTP5acUxTKaG15dLwKLXRsqeHES8g21vwbz9LsHYsDR9IOYaJFnsBIOfLK4H5GYgcdogazZcuSvVrvX7jdpleGI7g6I81vzuGD0X0NZ~tpj~gypQsomwIZUYknTiaZ37X9TV7DpRbeYkevX7qnSX3odnk007Lhgrt2vN07-DpUHQLmTgr-GbYUVT0Xq-PB5Q2Oi5Rfl1MKQGQ7WXQyVW7MwmQpwgFMMqzQM8SDHqpqrxpsv3VHZ~GIkcKU4rlPazOzxan6PLmvaPigtbKJ0MCHUwD~zHAU~26DuSkRLvquCtxKqfOWE5z8JyaN~zxHivj7X8J7YpibXJdD53RcQ7ozsz9bvOTi0kQItuLR9ROlrxEfReUmWr0VKaCgmV4OvLfyi8~034nj7NAdKeAAAA
+irc.echelon.i2p=ooAkOd014ooZXQ4rpvFsqAZ108YU9knllXDocY5fD84IrRVXDbRyUFtlboDmiKDPNRTY2JIXvb-l5FahAB9SUAZ8voAdH4ozHrigHVg6scVtwU7GCfjq5byuwnyemupgk6saBQKfuyc7k3bYl5Iro85Lnx6EnaYYbyWjMwoUWksI6o3Hp5bNyj2B5wHX7HLzeg1ByxQZ4Q8BZbALg8yIcvKn3rHN4tO9FhQ-e5u6hRxINbMtBL1Hasxl9I8XSI0yalKSsmpWDNxRcx-2VKlVh3MPK~9VZlBrQzXwObLmpTuTukeNt8nheFQ7mZVAHt~1gCs2TmjQPVm2g9BQ32zqCFDhePNfBcxcG-Xl56mE9n6kUvaJWsy5~VhiZZmCUGKWMx0uH7odSiC3ohNgv7dhDpANVA~gvt0IhhwlnifHBa~HHfjFQz75kl0nzv3htkcBfLt4M3AZ5bKLP8ymeGP5NYINf6uKNJA9XrSoBjmv0GqvBvDP0Zl5OO2tkIxOBEWfAAAA
+i2p-javadocs.i2p=pihB-m2To7PT-EOY1x-K5PFeV1j~KTz7inAbpm82bJpeb-wdLJ1AocMMQ6feN2l9xQYRZxAT1b5ko7op~R1E9lQDVVOQ3nkIPUo5jXAVuq1jq9HsB1kpKBXLekQAVWcT8JX4SYzACYVpb8nrgreEBEmq03l5Q~z6AgohsnKKOEAa3yCrPCfp1C4Swoo26uA9nqh1lPsgVqhr3q~nbU69NomJlCVeNA49RucRL99SSJhOPZXuthnII03wExcVhJXczsSAyjhQbt3hPtHcjaJhOJp5hvsCmFDkhQKfeewie3wluIucaOJgRm0-BB5IdpcyzUMp8raXK6gVG-4c7yEAGlfgJvt3evZtId~dfp79AwLRdBe6ePpIEBJJZ8peU6JOJ~K7E7vpImTqXcyTCoBKTk8z2iUFCdbncJkfzBS~~Gb-hx6NdW5h6hJbln75IeT1NlZ2Vtn04cjHjFnSPKnlc~FfUcxnrJdtqijJbxnTUJi5B~FFmWt6STIgR4cxbLdRAAAA
+plugins.i2p=4GdwNoyPq-tlATiocmygKgZv1gJ1Gr1XtZRQ1T-5RozH54aPDKuVp6E9eTdZm3PyJ~AVSo4aFViZSCoMwctE6v6Mg5iAxHysZqn1u3XsXjFg3FttFQOSxGjXkjQG98kA2K~yCrWbD-YAVANGrJsQ6VjXSWsKP95WIplSxcBA25vE~eLuFxvAgqLX0LWAvB~liSdI3QrDQ1YNhyaAn4sisLV9aViMncE90hjxBYR1llxsv5N4CKh9kPl3pNSfF0J9-kxGotqXGdVcXYjo18fpdEurGmghkz4JXgRMg7APcOy97XMjWNe~7Ct~Z17zxFzzQUYC4nSsDN0G2t~tp~VWzZtKDSDq1~B0~wfiN1srt2zBBDfcABWFw7SML4QfSiw6ipbXeJD8hWfVSS~oCMzf7zS4bPakieTigHsMjJ4OnLQtuatiXHgfY2hTuUbUvNhvzbKwQ2PPrOdbxFkzDoOazAsxTMFrDWKeZHYEAwSdWOIVJGxXmQe-r-BvYaMB00~5AAAA
+keys.i2p=Imqtlip0MVs9~UGTdl~FY1YV7QhpmzEM3xVjAnd5wxuKfq7xQN0RxfEadFzz2QkPW5QkFh2XyXRkkArZbgG1j0FudZYfmwfYcmxX-iDMsTFyh-J7AirXDmXLviZWOaUOU30NU1DcBUF-PrVc5rL2F1ML2KtqF2LeanRZHSjuIsZTzxMw5Nvb9nWIlFaBU8vwEdaH3zx3nRSujNki~v2DadexbpPQlwfHvVupwSOX6D79A63aO3mcuuJe756nu0kBaF~Bs4UZE1G2doZAUS6lFAJUTKjJDKsbz8RP76t6iL6IgqF8xD~Y-uP3yNazNaSTgWbEUSsoIe~oI-kGdoSFrGL0gGbBlyQRvXbz-lQPXqHjh5~RXeEgqkbSwjE0MF29U5S~1MmBaSJ1NmfMcAAkarAe44ub-LTAWkFvuA9mcjhDTpeFSRjxaKCmJZ-twbNrHqDY4EtVZvTWTpHYy3g4s2bR7OKFT26QdmLYfsa9fHGcy8TGDwAI9Pjov5bGa8LlAAAA
+killyourtv.i2p=qWUvUuLmH7MyjcxBcMbyD1c4aIypzlV79Jq5POkC12Yq5hLBs7pnHbJIYJm4BENze2COzuWPQSMXICV91Ig~Drpc5vYNiM~dsLKow7CoFJUcNnhHNBlC0C6Y2Un-ueF43rLp7kWUub3qflO93QoYOXiD~avWu1jiAmU1YsxVAeLwDDML9kQQ3uQtuXa2n0EqxHvfdRsFdD7k1WUg5Ocet64MMAehKTr4LalxymOfG7MlV-mbR7Czt~xumpuc95x~6M7470nq33FHrwcPGOvr-3cM1CBi7QpUeibYwODZSxtLVfUTjqB1TzrVKt2M-Wt9XyJa6c4wnpVoneD7sb2agnq0P-wiA3h-bpGLsx-SB4G82c6E8MUG6a~aLdsqMUdLSc7HMu5TQ55LXJKnJzrmWy~zaUKy28JhlXQgYG8NHriCwq1CstGEUCWIzQQYdvEY6PU8L5jCT5Zs1jklX~g6Sxrv-ooDeznJWraW4b-IsSGon0qObwyTvhavVqkwJ5jkAAAA
+colombo-bt.i2p=OlhoyOifYe50Fq3b3K3NU3vRvU9Qjzom9sqLuwQw4K3AgPHlpMuz7HuspDMnqvNoXqYs-eTNK83bNZ105eiG1y3p2SchC7Lf6WhEedBxllF0L1vWdmdbnb1COm6GoU~8xkOxHBjnJl302Z-YsfPtsQNs0SzWnbP03E0ZUYDX6lBwabgg2Jaygo2IyW9UcmP1GHoAcc4Vtj1LXsTV0IoeB2Zp1OOv9t~icuLVSm6Rpl-FAl7AN0PyzJDtNbSVcCb89AREO4V7uc22aDxofmvIGQDNtDqK5UxATT-TTlTvTPbsTV8w3qJLFXYHbjklbNiI8P3Z9e~RyVqiWgzRdCfii3pBQ2-akwV7zaXMdsUT9T5DRiOGxYmsXK0kgr84W4khnj7aDYOzZAlOsUw890hqY4vyaslMX-UpNry8KXyS-QK-323sPcGfGta5rKpxlCAlwQ8L4RnWggHVlKo-y5fLxSQsy~EBqZIOg-zgQiHUoCCUiYukL-2EOrWhmt8jRzsGAAAA
+id3nt.i2p=7FDMVz75npoY85K8dCWVLoq6-wSxxebexMGniwNcbzlqBArHd-nCiH5CWY4MhTvxddZ81nwo7nuhtticU1BAMUJlpy8YSchhGVXhZ2sMur~n4kha6F7EUrbatquRIjAE2iiKNxOirq2jYQsHSvkKSvMHaHKJYf1j7lRjoMhpid6SSRZa0IRxE04NfHQ7oThKUvYnhJm5n89I13BzjHL2ddLgiFofYwcYyUzR9FKcOD2NXblXzz7B1HVHTQpc6CyeAotuAoddN6Wkqc2sTx02D8Qa8y-kZuLnFkgD1kbSmdNo0vzxjPbHdsN4ho7wRCuvF6il~ScCiEGTBMTDvopbLjFQ9KGjm93jCXwyTNWfwxiF5GnzKjmjDRl29wj3ZcUpeiqmpHCioZb5MN1I01nElwwgo3c7yUF3uJgSIgAwE-ZXfvWamoKJHxHBk5oW7B2S9EoavcAUxx9PM72aFP9FqHK0XW5gnUofL~VqccE~hoCCQWaZP1fAiDIG9VdFCQIuAAAA
+git.repo.i2p=v-SEpHJSYmi~Jj7t6~GIsFztppakTNgD~k08iP1WhTY0c3XBvTvJIA6zoL5gn1HXi7lOY3g2Kn5OMmM3fdT2n4KcqIsMd~snrf09dliHWiI0mOldIhL5EO3wGUMucz9uvHSfhdyrYrXRQp0s5hT1u4m4HEdM1Mt1QgIUyh2KbZj4JLoRZFpPlWMsSoA2J5NBc8zLXUFNCUK1hE6xWEz2tGnO8rZz35LvNWmFn9cepGrDRc09dSG2HtqWfNsvqgDJW27x9wgyg50vY8Ilc7qD3YuMnwLBQMJSBhbpVBYfiBIqronAiWCvDqUOPI80FubNDt2KHyZVOwyELv-jl9hk1UHuLHqzchjU-ydqwjK8v140SFd7mHUKGEtqdBXg1k7zxmJraPKKB0JYd6IJaiXBjG9FDQsye6RYK5lH2p3B4O7r6uLRuiKR2WuY6K8Khf17yieqNlFO89FJrr-kDFmIBp8GgXTLEgHESsi9Gmt9SuODYJSA69~YLWbaJvZ6JJqzAAAA
+pull.git.repo.i2p=M-UMjXHcm6Wi48vESwcASuW5OEDtrVjb70gyWpXUkwO51r2Nu~ORTTbBg0fpq1kXT0RgNJnOcPe3Ea3v~DvysOx1BN9P5R9bIO-h~X2YV0euwtkfxs94w-AgViXFdVvtJEgZ7isX~IwYCVnod9wS-hO3NS6BkAhPLNKNDDwUeWHJNobf1Qv7EU9bIwAMPsSbUJsyk0SWhWSEM2SaspxbwzJY-1l593HEARSP3y4rkHfI7By82PZiZBLVUs3epkXPY1jAkq75prH6VBSyK2PICbhwrcFlSB3lYiZejTAGE94rrYNp-LPvjQe80KHEdA9MD~ecmCUy3z3OrUHigRkXlXco2XuJsjpzvkZTDt8EO2RkmAeHww5BNgZf23fcN42vVOPizl0crJifXy67VRSNwOEaEt0tklz9ckyTFrxxe0zVXZyalkk7GwLehLpbnnvtqw3KVIXh9hvKuwLypWIT-oWwSWBxDOqTou5RMzto-lYvPLdWArsx-KCAvJRUhgsAAAAA
+push.git.repo.i2p=Mau9Jcsspec4cbDlrkt5zdxN-kq9SG9GxtvOQ6wBhgJKxRyEvZG4oqGs5N6oO6tbhwWarYhT28ctVWCAfo9FhU6nsO085p6qQKwpccYQwo0a1~8iw1oBqiLXrobZk0~bnwQFMKCVWekyx8HTxz9KwQiMRPlDKcBmxQXQHr~IXdUfcXvCFheYToqkks6D-~6jygHMaa14tEJd6VewZFYseM-YIXMzKop4sYuh8belTL1BdIY2du57ANNhcalFEOsSso~ZVkxgdBKULuKQvDbHqbp7rRI5WRU2pqpcdbPKYV5WES7r-t16vdLNB-6kK3iUt2KtaU-lJg02x8LzvtUAL44hJQRGg5Z3JyWYdWVjL05gVraA7-69vGvad2~OcvlcAYwAsqioxjulSO3I4dw9oOtUf5DuMeXj7~x6l0sJF5YHjADJcmesr4NnZFXiY~WEX3zsVnVxtq4YgFsKMT2wpC2fP05TrT11vlvGVeUzJ3HKyQHLXGxN~fcZqJQmRmT2AAAA
+irc.killyourtv.i2p=CnG0yQheyd67rl1nHuYZp1sVZxzXHe05UPrmT0B3Vxtd51K-Cq5E6v5~UTrU5lqj56ggvnRl0I8jg1vPn0Q50IH6ght~4ThkKlwDwTOMHmROz3sR6WLCOvD4ZFMDBYjBsxjF3383YSIlYrh~laTXSzD~lPhHLGD1jFQksqea-87sM-yfRzCbA7UyaHtURJ7A3GOb8Bm8W25mPOHpM~xT0TONvbi45IVmAeWkuZ5IhBsrzhWvY1-Riy6IW6KSRoQIZtr5o23cVHkjUh8J-~SWZR5wIgECefrVVCt556qDn35I2829Jlk26-iI9glMrr7funaOtp1wnDvNPTijlxwkeAx9GKPCX48nCyxIUeSTwGv0grDPn43V94tV0LSq8mkXZ1akDJUNf33z2Uao-nCi-ufb0Mt0rzgdRVW1i79GQHk4XbApzjYUjyaSY4cuR0yBRFHrOcrFt~XJABpt9DYklu6y3n54uOLZeXGnE5nKCSHLqyS3dxPTObIQvhz~ZjHRAAAA
diff --git a/www.i2p2/pages/how.html b/www.i2p2/pages/how.html
index afde2b769160101b88bc42868e51b104d2ac755a..f91216355aead2ac88e04bd91d51f02097a411e5 100644
--- a/www.i2p2/pages/how.html
+++ b/www.i2p2/pages/how.html
@@ -1,21 +1,227 @@
{% extends "_layout.html" %}
-{% block title %}How Does It Work{% endblock %}
+{% block title %}Index to Technical Documentation{% endblock %}
{% block content %}
<h1>How does I2P work?</h1>
+
+<p>
+Following is an index to the technical documentation for I2P.
+This page was last updated in May 2012 and is accurate for router version 0.9.
+</p><p>
+This index is ordered from the highest to lowest layers.
+The higher layers are for "clients" or applications;
+the lower layers are inside the router itself.
+The interface between applications and the router is the I2CP (I2P Control Protocol) API.
+</p><p>
+The I2P Project is committed to maintaining accurate, current documentation.
+If you find any inaccuracies in the documents linked below, please
+<a href="http://trac.i2p2.de/report/1">enter a ticket identifying the problem</a>.
+</p>
+
+<h2>Index to Technical Documentation</h2>
+
+<h3>Overview</h3>
<ul class="helplist">
-<li><a href="how_intro">Intro</a></li>
-<li><a href="how_threatmodel">Threat model</a></li>
-<li><a href="how_tunnelrouting">Tunnel routing</a></li>
-<li><a href="how_garlicrouting">Garlic routing</a></li>
-<li><a href="how_networkdatabase">Network database</a></li>
-<li><a href="how_peerselection">Peer selection</a></li>
-<li>
-<a href="how_cryptography.html">Cryptography</a> » <a href="how_elgamalaes.html">ElGamal / AES+SessionTag</a>
-</li>
-<li><a href="how_networkcomparisons">Network comparisons</a></li>
+<li><a href="techintro.html">Technical Introduction</a></li>
+<li><a href="how_intro.html">A Less-Technical Introduction</a></li>
+<li><a href="how_threatmodel.html">Threat model and analysis</a></li>
+<li><a href="how_networkcomparisons.html">Comparisons to other anonymous networks</a></li>
+<li><a href="protocols.html">Protocol stack chart</a></li>
+<li><a href="papers.html">Papers and Presentations on I2P</a></li>
+<li><a href="/_static/pdf/i2p_philosophy.pdf">Invisible Internet Project (I2P) Project Overview</a> August 28, 2003 (pdf)</li>
</ul>
-<center><div class="underline"></div>
-<font color="#c00"><b>Warning!</b> Some of the documents linked here are out of date and
-need to be updated to correctly document the current network operation. If you'd like to help bring them up to date, please see the <a href="getinvolved.html">getting involved</a> page!</font>
-</center>
+
+<h3>Application-Layer Topics</h3>
+<ul>
+<li><a href="naming.html">Naming and Addressbook</a></li>
+<li><a href="plugins.html">Plugins Overview</a></li>
+<li><a href="plugin_spec.html">Plugin Specification</a></li>
+<li><a href="updates.html">Router software updates</a></li>
+<li><a href="bittorrent.html">Bittorrent over I2P</a></li>
+<li><a href="i2pcontrol.html">I2PControl Plugin API</a></li>
+<li><a href="blockfile.html">hostsdb.blockfile Format</a></li>
+</ul>
+
+<h3>Application Layer API and Protocols</h3>
+High-level, easy-to-use APIs for applications written in any language to send and receive data.
+<ul><li>
+<a href="applications.html">Application Development Overview and Guide</a>
+</li><li>
+<a href="i2ptunnel.html">I2PTunnel</a>
+</li><li>
+<a href="socks.html">SOCKS Proxy</a>
+</li><li>
+HTTP Proxy
+</li><li>
+CONNECT Proxy
+</li><li>
+IRC Proxy
+</li><li>
+SOCKS IRC Proxy
+</li><li>
+Streamr Proxy
+</li><li>
+HTTP Bidir Proxy
+</li><li>
+<a href="sam.html">SAM Protocol</a>
+</li><li>
+<a href="samv2.html">SAMv2 Protocol</a>
+</li><li>
+<a href="samv3.html">SAMv3 Protocol</a>
+</li><li>
+<a href="bob.html">BOB Protocol</a>
+</li></ul>
+
+<h3>End-to-End Transport API and Protocols</h3>
+The end-to-end protocols used by clients for reliable and unreliable communication.
+<ul><li>
+<a href="streaming.html">Streaming Library</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/streaming/package-summary.html">Streaming Javadoc</a>
+</li><li>
+<a href="datagrams.html">Datagrams</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/datagram/package-summary.html">Datagram Javadoc</a>
+</li></ul>
+
+<h3>Client-to-Router Interface API and Protocol</h3>
+The lowest-level API used for clients (applications) to send and receive traffic to a router.
+Traditionally used only by Java applications and higher-level APIs.
+<ul><li>
+<a href="i2cp.html">I2CP</a> I2P Control Protocol / API overview
+</li><li>
+<a href="i2cp_spec.html">I2CP Specification</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/package-summary.html">I2CP API Javadoc</a>
+</li><li>
+<a href="common_structures_spec.html">Common data structures specification</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/package-summary.html">Data Structures Javadoc</a>
+</li></ul>
+
+<h3>End-to-End Encryption</h3>
+How client messages are end-to-end encrypted by the router.
+<ul>
+<li><a href="how_elgamalaes">ElGamal/AES+SessionTag</a> encryption</li>
+<li><a href="how_cryptography.html">ElGamal and AES cryptography details</a></li>
+</ul>
+
+<h3>Network Database</h3>
+Distributed storage and retrieval of information about routers and clients.
+<ul>
+<li><a href="how_networkdatabase.html">Network database overview, details, and threat analysis</a></li>
+<li><a href="how_cryptography.html#SHA256">Cryptographic hashes</a></li>
+<li><a href="how_cryptography.html#DSA">Cryptographic signatures</a></li>
+</ul>
+
+<h3>Router Message Protocol</h3>
+I2P is a message-oriented router. The messages sent between routers are defined by the I2NP protocol.
+<ul><li>
+<a href="i2np.html">I2NP</a> I2P Network Protocol Overview
+</li><li>
+<a href="i2np_spec.html">I2NP Specification</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/i2np/package-summary.html">I2NP Javadoc</a>
+</li><li>
+<a href="common_structures_spec.html">Common data structures specification</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/package-summary.html">Data Structures Javadoc</a>
+</li></ul>
+
+<h3>Tunnels</h3>
+Selecting peers, requesting tunnels through those peers, and encrypting and routing messages through these tunnels.
+<ul>
+<li><a href="how_peerselection.html">Peer profiling and selection</a></li>
+<li><a href="how_tunnelrouting.html">Tunnel routing overview</a></li>
+<li><a href="how_garlicrouting.html">Garlic routing and "garlic" terminology</a></li>
+<li><a href="tunnel-alt.html">Tunnel building and encryption</a></li>
+<li><a href="how_elgamalaes.html">ElGamal/AES</a> for build request encryption</li>
+<li><a href="how_cryptography.html">ElGamal and AES cryptography details</a></li>
+<li><a href="tunnel-alt-creation.html">Tunnel building specification</a></li>
+<li><a href="tunnel_message_spec.html">Low-level tunnel message specification</a></li>
+<li><a href="unidirectional-tunnels.html">Unidirectional Tunnels</a></li>
+<li><a href="/_static/pdf/I2P-PET-CON-2009.1.pdf">Peer Profiling and Selection in the I2P Anonymous Network</a>
+2009 paper (pdf), not current but still generally accurate</li>
+</ul>
+
+<h3>Transport Layer</h3>
+The protocols for direct (point-to-point) router to router communication.
+<ul><li>
+<a href="transport.html">Transport layer overview</a>
+</li><li>
+<a href="ntcp.html">NTCP</a> TCP-based transport overview and specification
+</li><li>
+<a href="udp.html">SSU</a> UDP-based transport overview
+</li><li>
+<a href="udp_spec.html">SSU specification</a>
+</li><li>
+<a href="how_cryptography.html#tcp">NTCP transport encryption</a>
+</li><li>
+<a href="how_cryptography.html#udp">SSU transport encryption</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/transport/package-summary.html">Transport Javadoc</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/transport/ntcp/package-summary.html">NTCP Javadoc</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/transport/udp/package-summary.html">SSU Javadoc</a>
+</li></ul>
+
+<h3>Other Router Topics</h3>
+<ul><li>
+<a href="jbigi.html">Native BigInteger Library</a>
+</li><li>
+Time synchronization and NTP
+</li><li>
+<a href="performance.html">Performance</a> (not current)
+</li></ul>
+
+<h3>Developer's Guides and Resources</h3>
+<ul><li>
+<a href="newdevelopers.html">New Developer's Guide</a>
+</li><li>
+<a href="newtranslators.html">New Translator's Guide</a>
+</li><li>
+<a href="monotone.html">Monotone Guide</a>
+</li><li>
+<a href="dev-guidelines.html">Developer Guidelines</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/">Javadocs</a> (standard internet)
+Note: always verify that javadocs are current by checking the release number.
+</li><li>
+Javadocs inside I2P:
+<a href="http://i2p-javadocs.i2p">Server 1</a>
+<a href="http://i2pdocs.str4d.i2p/i2p.i2p/javadoc/">Server 2</a>
+<a href="http://echelon.i2p/javadoc/">Server 3</a>
+<!--
+ <a href="http://docs.i2p2.i2p/javadoc/">Server 4 - out of date, incomplete</a>
+-->
+Note: always verify that javadocs are current by checking the release number.
+</li><li>
+<a href="ports.html">Ports used by I2P</a>
+</li><li>
+<a href="http://update.killyourtv.i2p/mtn/">Automatic updates to development builds inside I2P</a>
+</li><li>
+<a href="manualwrapper.html">Updating the wrapper manually</a>
+</li><li>
+<a href="http://forum.i2p2.de/">User forum</a>
+</li><li>
+<a href="http://zzz.i2p/">Developer forum inside I2P</a>
+</li><li>
+<a href="http://trac.i2p2.de/report/1">Bug tracker</a>
+</li><li>
+<a href="http://stats.i2p/cgi-bin/viewmtn/">Viewmtn inside I2P</a>.
+</li><li>
+<a href="https://github.com/i2p/i2p.i2p">I2P Source exported to GitHub</a>
+</li><li>
+<a href="http://git.repo.i2p/w/i2p.i2p.git">I2P Source Git Repo inside I2P</a>
+</li><li>
+<a href="https://www.transifex.net/projects/p/I2P/">Source translation at Transifex</a>
+</li><li>
+<a href="http://trac.i2p2.de/09roadmap">0.9 roadmap wiki</a> (not current)
+</li><li>
+<a href="roadmap.html">Old roadmap</a> (not current)
+</li><li>
+<a href="todo.html">To Do List</a> (not current)
+</li></ul>
+
+
{% endblock %}
diff --git a/www.i2p2/pages/how_cryptography.html b/www.i2p2/pages/how_cryptography.html
index fa912fb1fce378dfcd36e49c1c43fd1a37714f44..08377b1f42cd6d22f728cccacc8ed66791cfe9b1 100644
--- a/www.i2p2/pages/how_cryptography.html
+++ b/www.i2p2/pages/how_cryptography.html
@@ -2,7 +2,7 @@
{% block title %}Low-level Cryptography Details{% endblock %}
{% block content %}
<p>
-Updated July 2010, current as of router version 0.8
+Updated March 2012, current as of router version 0.8.13
<p>
This page specifies the low-level details of the cryptography in I2P.
<p>
@@ -17,73 +17,237 @@ technique used in <a href="how_elgamalaes">ElGamal/AES+SessionTag</a> (but we're
<H2><a name="elgamal">ElGamal encryption</a></H2>
<p>
-We use common primes for 2048 ElGamal encryption and decryption, and we currently only
-use ElGamal to encrypt the IV and session key in a single block, followed by the
-AES encrypted payload using that key and IV. Specifically, the unencrypted ElGamal
-block is formatted (in network byte order):
+ElGamal is used for asymmetric encryption.
+ElGamal is used in several places in I2P:
+<ul><li>
+To encrypt router-to-router <a href="tunnel-alt-creation.html">Tunnel Build Messages</a>
+</li><li>
+For end-to-end (destination-to-destination) encryption as a part of <a href="how_elgamalaes">ElGamal/AES+SessionTag</a>
+using the encryption key in the <a href="common_structures_spec.html#struct_LeaseSet">LeaseSet</a>
+</li><li>
+For encryption of some <a href="how_networkdatabase.html#delivery">netDb stores and queries sent to floodfill routers</a>
+as a part of <a href="how_elgamalaes">ElGamal/AES+SessionTag</a>
+(destination-to-router or router-to-router).
+</li></ul>
+</p>
+
+<p>
+We use common primes for 2048 ElGamal encryption and decryption, as given by <a href="http://tools.ietf.org/html/rfc3526">IETF RFC-3526</a>.
+We currently only use ElGamal to encrypt the IV and session key in a single block, followed by the
+AES encrypted payload using that key and IV.
<p>
+The unencrypted ElGamal contains:
+</p>
<p>
<PRE>
- |_______1_______2_______3_______4_______5_______6_______7_______8
- |nonzero|H(data)
- |
- |
- |
- | | data ... |
+ +----+----+----+----+----+----+----+----+
+ |nonz| H(data) |
+ +----+ +
+ | |
+ + +
+ | |
+ + +
+ | |
+ + +----+----+----+----+----+----+----+
+ | | data...
+ +----+----+----+--//
</PRE>
<p>
The H(data) is the SHA256 of the data that is encrypted in the ElGamal block,
-and is preceded by a random nonzero byte. The data encrypted in the block
-can be up to 222 bytes long. Specifically, see
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/ElGamalEngine.html">[the code]</a>.
+and is preceded by a nonzero byte.
+This byte could be random, but as implemented it is always 0xFF.
+It could possibly be used for flags in the future.
+The data encrypted in the block may be up to 222 bytes long.
+As the encrypted data may contain a substantial number of zeros if the
+cleartext is smaller than 222 bytes, it is recommended that higher layers pad
+the cleartext to 222 bytes with random data.
+Total length: typically 255 bytes.
+</p><p>
+The encrypted ElGamal contains:
+</p>
<p>
-ElGamal is never used on its own in I2P, but instead always as part of
-<a href="how_elgamalaes">ElGamal/AES+SessionTag</a>.
+<PRE>
+ +----+----+----+----+----+----+----+----+
+ | zero padding... | |
+ +----+----+----+--// ----+ +
+ | |
+ + +
+ | ElG encrypted part 1 |
+ ~ ~
+ | |
+ + +----+----+----+----+----+----+----+
+ | | zero padding... | |
+ +----+----+----+----+--// ----+ +
+ | |
+ + +
+ | ElG encrypted part 2 |
+ ~ ~
+ | |
+ + +----+----+----+----+----+----+
+ | +
+ +----+----+
+
+</PRE>
+Each encrypted part is prepended with zeros to a size of exactly 257 bytes.
+Total length: 514 bytes.
+In typical usage, higher layers pad the cleartext data to 222 bytes,
+resulting in an unencrypted block of 255 bytes.
+This is encoded as two 256-byte encrypted parts,
+and there is a single byte of zero padding before each part at this layer.
+</p><p>
+See
+<a href="http://trac.i2p2.de/browser/core/java/src/net/i2p/crypto/ElGamalEngine.java?rev=85a542c53d910dffbf34cdcefb8a2faeee96adc4">the ElGamal code</a>.
<p>
The shared prime is the
-<a href="http://www.ietf.org/proceedings/03mar/I-D/draft-ietf-ipsec-ike-modp-groups-05.txt">[Oakley prime for 2048bit keys]</a>
+<a href="http://tools.ietf.org/html/rfc3526#section-3">[Oakley prime for 2048 bit keys]</a>
<PRE>
2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }
</PRE>
+or as a hexadecimal value:
+<PRE>
+ FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1
+ 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD
+ EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245
+ E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED
+ EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D
+ C2007CB8 A163BF05 98DA4836 1C55D39A 69163FA8 FD24CF5F
+ 83655D23 DCA3AD96 1C62F356 208552BB 9ED52907 7096966D
+ 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B
+ E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9
+ DE2BCBF6 95581718 3995497C EA956AE5 15D22618 98FA0510
+ 15728E5A 8AACAA68 FFFFFFFF FFFFFFFF
+</PRE>
<p>
Using 2 as the generator.
+<h3>Short Exponent</h3>
+While the standard exponent size is 2048 bits (256 bytes) and the I2P
+<a href="common_structures_spec.html#type_PrivateKey">PrivateKey</a>
+is a full 256 bytes,
+we use the short exponent size of 226 bits (28.25 bytes).
+This should be safe for use with the Oakley primes,
+per
+<a href="http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.14.5952&rep=rep1&type=pdf">
+On Diffie-Hellman Key Agreement with Short Exponents - van Oorschot, Weiner</a>
+at EuroCrypt 96, and
+<a href="benchmarks.html">crypto++'s benchmarks</a>.
+Benchmarks originally at <a rel="nofollow" href="http://www.eskimo.com/~weidai/benchmarks.html">this link, now dead</a>,
+rescued from <a href="http://www.archive.org/">the wayback machine</a>, dated Apr 23, 2008.
+<p>
+Also,
+<a href="http://www.springerlink.com/content/2jry7cftp5bpdghm/">
+Koshiba & Kurosawa: Short Exponent Diffie-Hellman Problems</a> (PKC 2004, LNCS 2947, pp. 173-186)
+<a href="http://books.google.com/books?id=cXyiNZ2_Pa0C&lpg=PA173&ots=PNIz3dWe4g&pg=PA173#v=onepage&q&f=false">
+(full text on google books)</a>
+apparently supports this, according to
+<a href="http://groups.google.com/group/sci.crypt/browse_thread/thread/1855a5efa7416677/339fa2f945cc9ba0#339fa2f945cc9ba0">this sci.crypt thread</a>.
+The remainder of the PrivateKey is padded with zeroes.
+
+<H4>Obsolescence</H4>
<p>
+The vulnerability of the network to an ElGamal attack and the impact of transitioning to a longer bit length is to be studied.
+It may be quite difficult to make any change backward-compatible.
+</p>
+
+
<H2><a name="AES">AES</a></H2>
<p>
-We use 256bit AES in CBC mode with PKCS#5 padding for 16 byte blocks (aka each block is end
-padded with the number of pad bytes). Specifically, see
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/CryptixAESEngine.html">[the CBC code]</a>
+AES is used for symmetric encryption, in several cases:
+<ul><li>
+For <a href="#transports">transport encryption</a> after DH key exchange
+</li><li>
+For end-to-end (destination-to-destination) encryption as a part of <a href="how_elgamalaes">ElGamal/AES+SessionTag</a>
+</li><li>
+For encryption of some <a href="how_networkdatabase.html#delivery">netDb stores and queries sent to floodfill routers</a>
+as a part of <a href="how_elgamalaes">ElGamal/AES+SessionTag</a>
+(destination-to-router or router-to-router).
+</li><li>
+For encryption of <a href="how_tunnelrouting.html#testing">periodic tunnel test messages</a> sent from the router to itself, through its own tunnels.
+</li></ul>
+</p><p>
+We use AES with 256 bit keys and 128 bit blocks in CBC mode.
+The padding used is specified in <a href="http://tools.ietf.org/html/rfc2313">IETF RFC-2313 (PKCS#5 1.5, section 8.1 (for block type 02))</a>.
+In this case, padding exists of pseudorandomly generated octets to match 16 byte blocks.
+Specifically, see
+<a href="http://trac.i2p2.de/browser/core/java/src/net/i2p/crypto/CryptixAESEngine.java?rev=85a542c53d910dffbf34cdcefb8a2faeee96adc4">[the CBC code]</a>
and the Cryptix AES
+<a href="http://trac.i2p2.de/browser/core/java/src/net/i2p/crypto/CryptixRijndael_Algorithm.java?rev=85a542c53d910dffbf34cdcefb8a2faeee96adc4">[implementation]</a>,
+as well as the padding, found in the
+<a href="http://trac.i2p2.de/browser/core/java/src/net/i2p/crypto/ElGamalAESEngine.java?rev=85a542c53d910dffbf34cdcefb8a2faeee96adc4">ElGamalAESEngine.getPadding</a> function.
+
+<!-- *********************************************************************************
+ Believe it or not, we don't do this any more. If we ever did. safeEncode() and safeDecode() are unused.
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/CryptixRijndael_Algorithm.html">[implementation]</a>
-<p>
-For situations where we stream AES data, we still use the same algorithm, as implemented in
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/AESOutputStream.html">[AESOutputStream]</a>
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/AESInputStream.html">[AESInputStream]</a>
<p>
-For situations where we know the size of the data to be sent, we AES encrypt the following:
+In all cases, we know the size of the data to be sent, and we AES encrypt the following:
<p>
<PRE>
- |_______1_______2_______3_______4_______5_______6_______7_______8
- |H(data)| size of data (in bytes) | data ... | rand |
+ +----+----+----+----+----+----+----+----+
+ | H(data) |
+ + +
+ | |
+ + +
+ | |
+ + +
+ | |
+ +----+----+----+----+----+----+----+----+
+ | size | data ... |
+ +----+----+----+----+ +
+ | |
+ ~ ~
+ | |
+ + +
+ | |
+ + +----//---+----+
+ | | |
+ +----+----+----//---+----+ +
+ | Padding to 16 bytes |
+ +----+----+----+----+----+----+----+----+
+
+H(data): 32-byte SHA-256 Hash of the data
+
+size: 4-byte Integer, number of data bytes to follow
+
+data: payload
+
+padding: random data, to a multiple of 16 bytes
+
</PRE>
<p>
-After the data comes an application specified number of randomly generated padding bytes, and
-this entire segment (from H(data) through the end of the random bytes) is AES encrypted
-(256bit CBC w/ PKCS#5).
+After the data comes an application-specified number of randomly generated padding bytes.
+This application-specified number is rounded up to a multiple of 16.
+The entire segment (from H(data) through the end of the random bytes) is AES encrypted
+(256 bit CBC w/ PKCS#5).
<p>
This code is implemented in the safeEncrypt and safeDecrypt methods of
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/AESEngine.html">[AESEngine]</a>
+AESEngine but it is unused.
+</p>
+
+*************************************************************** -->
+
+
+<H4>Obsolescence</H4>
<p>
+The vulnerability of the network to an AES attack and the impact of transitioning to a longer bit length is to be studied.
+It may be quite difficult to make any change backward-compatible.
+</p>
+
+<H4>References</H4>
+<ul>
+<li>
+<a href="status-2006-02-07.html">Feb. 7, 2006 Status Notes</a>
+</ul>
+
+
<H2><a name="DSA">DSA</a></H2>
<p>
-Signatures are generated and verified with 1024bit DSA, as implemented in
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/DSAEngine.html">[DSAEngine]</a>
+Signatures are generated and verified with 1024 bit DSA (L=1024, N=160), as implemented in
+<a href="http://trac.i2p2.de/browser/core/java/src/net/i2p/crypto/DSAEngine.java?rev=85a542c53d910dffbf34cdcefb8a2faeee96adc4">[DSAEngine]</a>.
+DSA was chosen because it is much faster for signatures than ElGamal.
<p>
<H3>The DSA constants</H3>
@@ -91,6 +255,8 @@ Signatures are generated and verified with 1024bit DSA, as implemented in
<H4>SEED</H4>
+<p>160 bit</p>
+
<PRE>
86108236b8526e296e923a4015b4282845b572cc
</PRE>
@@ -100,7 +266,9 @@ Signatures are generated and verified with 1024bit DSA, as implemented in
33
</PRE>
<p>
-<H4>DSA prime</H4>
+<H4>DSA prime (p)</H4>
+
+<p>1024 bit</p>
<p>
<PRE>
@@ -112,14 +280,16 @@ Signatures are generated and verified with 1024bit DSA, as implemented in
B6051F5B 22CC1C93
</PRE>
<p>
-<H4>DSA quotient</H4>
+<H4>DSA quotient (q)</H4>
<p>
<PRE>
A5DFC28F EF4CA1E2 86744CD8 EED9D29D 684046B7
</PRE>
<p>
-<H4>DSA generator</H4>
+<H4>DSA generator (g)</H4>
+
+<p>1024 bit</p>
<p>
<PRE>
@@ -130,27 +300,84 @@ Signatures are generated and verified with 1024bit DSA, as implemented in
5D0484B8 129FCF17 BCE4F7F3 3321C3CB 3DBB14A9 05E7B2B3
E93BE470 8CBCC82
</PRE>
+
<p>
+The <a href="common_structures_spec.html#type_SigningPublicKey">Signing Public Key</a> is 1024 bits.
+The <a href="common_structures_spec.html#type_SigningPrivateKey">Signing Private Key</a> is 160 bits.
+</p>
+
+
+<H4>Obsolescence</H4>
+<p>
+<a href="http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf">NIST 800-57</a>
+recommends a minimum of (L=2048, N=224) for usage beyond 2010.
+This may be mitigated somewhat by the "cryptoperiod", or lifespan of a given key.
+</p>
+<p>
+The prime number was chosen <a href="#choosing_constants">in 2003</a>,
+and the person that chose the number (TheCrypto) is currently no longer an I2P developer.
+As such, we do not know if the prime chosen is a 'strong prime'.
+If a larger prime is chosen for future purposes, this should be a strong prime, and we will document the construction process.
+</p>
+<p>
+The vulnerability of the network to a DSA attack and the impact of transitioning to longer keys is to be studied.
+It may be quite difficult to make any change backward-compatible.
+</p>
+
+<H4>References</H4>
+<ul>
+<li>
+<a href="meeting51.html">Meeting 51</a>
+<li>
+<a href="meeting52.html">Meeting 52</a>
+<li>
+<a name="choosing_constants" href="http://article.gmane.org/gmane.comp.security.invisiblenet.iip.devel/343">Choosing the constants</a>
+<li>
+<a href="http://en.wikipedia.org/wiki/Digital_Signature_Algorithm">DSA</a>
+</ul>
+
+
<H2><a name="SHA256">SHA256</a></H2>
<p>
Hashes within I2P are plain old SHA256, as implemented in
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/SHA256Generator.html">[SHA256Generator]</a>
+<a href="http://trac.i2p2.de/browser/core/java/src/net/i2p/crypto/SHA256Generator.java?rev=85a542c53d910dffbf34cdcefb8a2faeee96adc4">[SHA256Generator]</a>
+
+
+<H4>Obsolescence</H4>
+<p>
+The vulnerability of the network to a SHA-256 attack and the impact of transitioning to a longer hash is to be studied.
+It may be quite difficult to make any change backward-compatible.
+</p>
+<H4>References</H4>
+<ul>
+<li>
+<a href="http://en.wikipedia.org/wiki/SHA-2">SHA-2</a>
+</ul>
-<h2>Transports</h2>
-At the lowest
-level, inter-router communication is protected by the transport layer security.
+<h2 id="transports">Transports</h2>
+<p>
+At the lowest protocol layer,
+point-to-point inter-router communication is protected by the transport layer security.
+Both transports use 256 byte (2048 bit) Diffie-Hellman key exchange
+using
+<a href="#elgamal">the same shared prime and generator as specified above for ElGamal</a>,
+followed by symmetric AES encryption as described above.
+This provides
+<a href="http://en.wikipedia.org/wiki/Perfect_forward_secrecy">perfect forward secrecy</a>
+on the transport links.
+</p>
-<H3><a name="tcp">TCP connections</a></H3>
+<H3><a name="tcp">NTCP connections</a></H3>
<p>
-TCP connections are currently negotiated with a 2048 Diffie-Hellman implementation,
+NTCP connections are negotiated with a 2048 Diffie-Hellman implementation,
using the router's identity to proceed with a station to station agreement, followed by
some encrypted protocol specific fields, with all subsequent data encrypted with AES
(as above).
-A possible enhancement is to use session tags like we do with
-<a href="how_elgamalaes">ElGamalAES+SessionTag</a> to avoid the 2048bit DH negotiation.
+The primary reason to do the DH negotiation instead of using <a href="how_elgamalaes">ElGamalAES+SessionTag</a> is that it provides '<a href="http://en.wikipedia.org/wiki/Perfect_forward_secrecy">(perfect) forward secrecy</a>', while <a href="how_elgamalaes">ElGamalAES+SessionTag</a> does not.
+</p>
<p>
In order to migrate to a more standardized implementation (TLS/SSL or even SSH), the following issues must be addressed:
<p>
@@ -160,16 +387,32 @@ In order to migrate to a more standardized implementation (TLS/SSL or even SSH),
contains the ElGamal and DSA keys)?
</OL>
+<p>
+See <a href="ntcp.html">the NTCP specification</a> for details.
<H3><a name="udp">UDP connections</a></H3>
SSU (the UDP transport) encrypts each packet with AES256/CBC with both an explicit IV and MAC
-(HMAC-MD5-128) after agreeing upon an ephemeral session key through a 2048bit
+(HMAC-MD5-128) after agreeing upon an ephemeral session key through a 2048 bit
Diffie-Hellman exchange, station-to-station authentication with the other
router's DSA key, plus each network message has their own hash for local integrity
checking.
<p>
See <a href="udp.html#keys">the SSU specification</a> for details.
+<p>
+WARNING - I2P's HMAC-MD5-128 used in SSU is apparently non-standard.
+Apparently, an early version of SSU used HMAC-SHA256, and then it was switched
+to MD5-128 for performance reasons, but left the 32-byte buffer size intact.
+See HMACGenerator.java and
+<a href="status-2005-07-05.html">the 2005-07-05 status notes</a>
+for details.
+
+
+<H2>References</H2>
+<ul>
+<li>
+<a href="http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf">NIST 800-57</a>
+</ul>
{% endblock %}
diff --git a/www.i2p2/pages/how_cryptography_de.html b/www.i2p2/pages/how_cryptography_de.html
index 684f6257dd16dff7bfe232681009a1fa9b95c956..87644e79682626c6f8be1f58a4c2b134dcacd0f2 100644
--- a/www.i2p2/pages/how_cryptography_de.html
+++ b/www.i2p2/pages/how_cryptography_de.html
@@ -1,6 +1,8 @@
{% extends "_layout_de.html" %}
{% block title %}Wie die Kryptography in I2P funktioniert{% endblock %}
-{% block content %}<p>
+{% block content %}
+<p>Die Webseite wird gerade überholt und dieses Dokument kann alte Informationen enthalten</p>
+<p>
Es existieren einige kryptographische Algorythmen in I2P, wir haben diese aber
zu einem absolutem Minimum reduziert um unsere nötige Anforderungen zu
erfüllen - einen symmetrischen Algorhythmus, einen asymmetrischen, einen
@@ -38,7 +40,7 @@ Die H(Daten) ist der SHA256 Wert der Daten, die in dem ElGamal Block
verschlüsselt sind. Vor den H(Daten) steht ein zufälliges Byte, das
nicht Null ist. Die Daten im Block können bis zu 222 Bytes lang sein.
Die Spezifikation ist
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/ElGamalEngine.html">[im Quelltext]</a>.
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/crypto/ElGamalEngine.html">[im Quelltext]</a>.
<p>
ElGamal wird in I2P nie alleine genutzt, es ist immer ein Teil von
<a href="how_elgamalaes">ElGamal/AES+SessionTag</a>.
@@ -59,14 +61,14 @@ Wir benutzen 256bit AES im CBC Modus mit dem PKCS#5 Padding für 16 Byte Blo
(welches bedeuted, das jeder Block mit der Anzahl der aufgefüllten Bytes
als Daten aufgefüllt wird).
Zur Spezifikation schaue in den
- <a href="http://docs.i2p2.de/core/net/i2p/crypto/CryptixAESEngine.html">[CBC Quelltext]</a>
+ <a href="http://docs.i2p-projekt.de/javadoc/net/i2p/crypto/CryptixAESEngine.html">[CBC Quelltext]</a>
und für die Crytix AES
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/CryptixRijndael_Algorithm.html">[Implementation hier]</a>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/crypto/CryptixRijndael_Algorithm.html">[Implementation hier]</a>
<p>
In Situationen, in denen wir AES Daten streamen, nutzen wir die selben Algorhytmen, wie sie in
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/AESOutputStream.html">[AESOutputStream]</a> und
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/AESInputStream.html">[AESInputStream]</a>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/crypto/AESOutputStream.html">[AESOutputStream]</a> und
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/crypto/AESInputStream.html">[AESInputStream]</a>
implementiert sind.
<p>
Für Situationen, in denen die Gröse der zu sendenden Daten bekannt ist,
@@ -83,14 +85,14 @@ Ende der zufälligen Daten ist AES verschlüsselt (256bit CBC mit PKCS#5
<p>
Dieser Code ist in den safeEncrypt und safeDecrypt Methoden der
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/AESEngine.html">[AESEngine]</a>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/crypto/AESEngine.html">[AESEngine]</a>
implementiert.
<p>
<H2>DSA</H2>
<p>
Signaturen werden mit 1024bit DSA erzeugt und verifiziert, wie es in der
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/DSAEngine.html">[DSAEngine]</a>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/crypto/DSAEngine.html">[DSAEngine]</a>
implementiert ist.
<p>
<H3>Die DSA Konstanten</H3>
@@ -143,7 +145,7 @@ implementiert ist.
<p>
Hashes in I2P sind bekannte, alte SHA256 wie es im
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/SHA256Generator.html">[SHA256Generator]</a>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/crypto/SHA256Generator.html">[SHA256Generator]</a>
implementiert ist.
<p>
<H2>TCP Verbindungen</H2>
@@ -170,11 +172,11 @@ RouterInfo Struktur nutzen (die die ElGamal und DSA Schlüssel enthält)
<p>
Die grundlegenden TCP Verbindungsalgorhythmen sind in der establishConnection() Funktion
implementiert (die wiederrum exchangeKey() und identifyStationToStation()) in
-<a href="http://docs.i2p2.de/router/net/i2p/router/transport/tcp/TCPConnection.html">[TCPConnection]</a>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/transport/tcp/TCPConnection.html">[TCPConnection]</a>
aufruft).
<p>
Dieses wird erweitert durch die
-<a href="http://docs.i2p2.de/router/net/i2p/router/transport/tcp/RestrictiveTCPConnection.html">[RestrictiveTCPConnection]</a>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/transport/tcp/RestrictiveTCPConnection.html">[RestrictiveTCPConnection]</a>
Funktion, die die establishConnection() Methode aktualisiert um die
Protokoll Version, die Uhrzeit und die öffentlich erreichbare IP
Adresse des Knotens verifizieren zu können. (Da wir noch keine
diff --git a/www.i2p2/pages/how_de.html b/www.i2p2/pages/how_de.html
index 44b9b6b458cb29648cad2c8d1226e3c4e56b2e62..ad53535dfa235a8720784eaf3c094e0e33af4422 100644
--- a/www.i2p2/pages/how_de.html
+++ b/www.i2p2/pages/how_de.html
@@ -1,23 +1,159 @@
-{% extends "_layout_de.html" %}
-{% block title %}Wie Funktioniert es?{% endblock %}
+{% extends "_layout.html" %}
+{% block title %}Inhaltsverzeichnis der technischen Dokumentation{% endblock %}
{% block content %}
-<h1>Wie Funktioniert es?</h1>
+<p>Die Webseite wird gerade überholt und dieses Dokument kann alte Informationen enthalten</p>
+<h1>Wie funktioniert I2P?</h1>
+
+<p>
+Diese Seite bietet ein Inhaltsverzeichnis der technischen Dokumentation zu I2P.
+Sie ist auf dem Stand vom August 2010 und bezieht sich auf die Routerversion (I2P-Version) 0.8.
+</p><p>
+Das Inhaltsverzeichnis ist nach den Netzwerkschichten geordnet, beginnend mit der obersten Schicht.
+Die höheren Schichten sind für „Klienten“ oder I2P-Anwendungen,
+die niedrigeren Schichten befinden sich im I2P-Router selber.
+Die Schnittstelle zwischen Anwendungen und dem Router trägt den Namen I2CP (<i>I2P Control Protocol</i>).
+</p><p>
+Das I2P-Projekt ist um eine vollständige und aktuelle Dokumentation bemüht.
+Wer in einer der unten verlinkten Seiten Ungenauigkeiten oder Unstimmigkeiten findet,
+möge diese bitte <a href="http://trac.i2p2.de/report/1">hier melden</a>.</p>
+
+
+<h2>Inhaltsverzeichnis</h2>
+
+<h3>Überblick</h3>
<ul class="helplist">
-<li><a href="how_intro_de.html">Einleitung</a></li>
-<li><a href="how_threatmodel">Angriffsszenario</a></li>
-<li><a href="how_tunnelrouting">Tunnel Routing</a></li>
-<li><a href="how_garlicrouting_de.html">Garlic Routing</a></li>
-<li><a href="how_networkdatabase">Netzwerk Datenbank</a></li>
-<li><a href="how_peerselection">Knoten Auswahl</a></li>
-<li>
-<a href="how_cryptography">Kryptographie</a> » <a href="how_elgamalaes">ElGamal / AES+SessionTag</a>
-</li>
-<li><a href="how_networkcomparisons">Netzwerk Vergleiche</a></li>
+<li><a href="techintro.html">Technische Einführung</a> <i>(englisch)</i></li>
+<li><a href="how_intro_de.html">Eine weniger technische, leichter verständliche Einführung</a></li>
+<li><a href="how_threatmodel.html">Angriffsszenarien</a> <i>(englisch)</i></li>
+<li><a href="how_networkcomparisons.html">Vergleiche mit anderen anonymen Netzwerken</a> <i>(englisch)</i></li>
+</ul>
+
+<h3>Die Anwendungsschicht</h3>
+<ul>
+<li><a href="naming.html">Namensauflösung und Adressbuch</a> <i>(englisch)</i></li>
+<li><a href="plugins_de.html">Übersicht Zusatzprogramme</a></li>
+<li><a href="plugin_spec_de.html">Techn. Beschreibung Zusatzprogramme</a></li>
+<li><a href="updates_de.html">Aktualisierung auf neue Routerversionen</a></li>
+</ul>
+
+<h3>Anwendungsschnittstellen</h3>
+Einfach zu handhabende Schnittstellen, über die Anwendungen (programmiersprachenunabhängig) Daten senden und empfangen können.<br />
+<ul><li>
+<a href="applications.html">Entwicklung von I2P-Anwendungen: Überblick und Leitfaden</a> <i>(englisch)</i>
+</li><li>
+<a href="i2ptunnel.html">I2PTunnel</a> <i>(englisch)</i>
+</li><li>
+<a href="socks.html">SOCKS-Proxy</a> <i>(englisch)</i>
+</li><li>
+HTTP-Proxy
+</li><li>
+IRC-Proxy
+</li><li>
+Die Programmierschnittstelle <a href="sam.html">SAM</a> <i>(englisch)</i>
+</li><li>
+Die Programmierschnittstelle <a href="samv2.html">SAM, Version 2</a> <i>(SAMv2)</i> <i>(englisch)</i>
+</li><li>
+Die Programmierschnittstelle <a href="samv3.html">SAM, Version 3</a> <i>(SAMv3)</i> <i>(englisch)</i>
+</li><li>
+Java-Dokumentation zu SAM
+</li><li>
+<a href="bob.html">Die Programmierschnittstelle BOB</a> <i>(englisch)</i>
+</li><li>
+Java-Dokumentation zu BOB
+</li></ul>
+
+<h3>Java-Programmierschnittstelle und Protokolle</h3>
+Die Java-Schnittstelle und die Kommunikationsprotokolle zur zuverlässigen (<i>streaming</i>) und unzuverlässigen (<i>datagram</i>) Kommunikation.
+<ul><li>
+<a href="streaming.html">Datenströme</a> <i>(Streaming)</i> <i>(englisch)</i>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/streaming/package-summary.html">Java-Dokumentation zur Streaming-Bibliothek</a> <i>(englisch)</i>
+</li><li>
+<a href="datagrams_de.html">Datenpakete</a> <i>(Datagrams)</i> <i>(englisch)</i>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/datagram/package-summary.html">Java-Dokumentation zur Datagram-Bibliothek</a> <i>(englisch)</i>
+</li></ul>
+
+<h3>Routerschnittstelle und zugehöriges Protokoll</h3>
+Die unmittelbare Schnittstelle zum Router. Die Java-Programmierschnittstelle und die höheren Programmierschnittstellen bauen hierauf auf.
+<ul><li>
+<a href="i2cp.html">I2CP (<i>I2P Control Protocol</i>)</a> Beschreibung des Protokolls und der Schnittstelle <i>(englisch)</i>
+</li><li>
+<a href="i2cp_spec.html">Technische Beschreibung I2CP</a> <i>(englisch)</i>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/package-summary.html">Java-Dokumentation zu I2CP</a> <i>(englisch)</i>
+</li><li>
+<a href="common_structures_spec.html">Techn. Beschreibung Datenstrukturen</a> <i>(englisch)</i>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/package-summary.html">Java-Dokumentation zu den Datenstrukturen</a> <i>(englisch)</i>
+</li></ul>
+
+<h3>Durchgehende Verschlüsselung</h3>
+Verschlüsselter Versand von Nachrichten, so dass erst der Empfängerrouter, aber keiner der Zwischenrouter die Nachricht lesen kann.
+<ul>
+<li>Verschlüsselungsmethode <a href="how_elgamalaes_de.html">ElGamal/AES+SessionTag</a></li>
+<li>Details zur <a href="how_cryptography.html">ElGamal- und AES-Verschlüsselung</a> <i>(englisch)</i></li>
</ul>
-<div class="underline"></div><font color="#c00">
-<center>
-<b>Warnung!</b> Viele der folgenden Dokumente sind veraltet
-und müssen korrigiert werden um das aktuelle Netzwerk
-korrekt zu beschreiben.
-</center>
+
+<h3>Netzwerkdatenbank</h3>
+Verteilt gespeicherte Informationen über Router und Endpunkte.
+<ul>
+<li><a href="how_networkdatabase.html">Überblick über die Netzwerkdatenbank, Details und Angriffsszenarien</a> <i>(englisch)</i></li>
+<li><a href="how_cryptography.html#SHA256">Kryptographische Streuwerte (Hashwerte)</a> <i>(englisch)</i></li>
+<li><a href="how_cryptography.html#DSA">Kryptographische Signaturen</a> <i>(englisch)</i></li>
+</ul>
+
+<h3>Router-Nachrichtenprotokoll</h3>
+I2P-Router sind nachrichtenbasiert. Der Versand von Nachrichten zwischen Routern ist durch das I2NP-Protokoll festgelegt.
+<ul><li>
+<a href="i2np_de.html">I2NP (<i>I2P Network Protocol</i>)</a> Überblick über I2NP
+</li><li>
+<a href="i2np_spec.html">Technische Beschreibung I2NP</a> <i>(englisch)</i>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/i2np/package-summary.html">Java-Dokumentation zu I2NP</a> <i>(englisch)</i>
+</li><li>
+<a href="common_structures_spec.html">Techn. Beschreibung Datenstrukturen</a> <i>(englisch)</i>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/package-summary.html">Java-Dokumentation zu den Datenstrukturen</a> <i>(englisch)</i>
+</li></ul>
+
+<h3>Tunnel</h3>
+Auswahl von Knoten (Gegenstellen), Aufbauen von Tunneln durch die Knoten sowie die Verschlüsselung und Weiterleitung von Nachrichten durch die Tunnel.
+<ul>
+<li><a href="how_peerselection_de.html">Knotenprofile und -auswahl</a></li>
+<li><a href="how_tunnelrouting.html">Grundlegendes zu Tunneln</a> <i>(englisch)</i></li>
+<li><a href="how_garlicrouting_de.html">Garlic-Routing</a></li>
+<li><a href="tunnel-alt.html">Aufbau und Betrieb von Tunneln; Verschlüsselung in Tunneln</a> <i>(englisch)</i></li>
+<li><a href="how_elgamalaes.html">ElGamal/AES+SessionTag</a> Zur Verschlüsselung von Tunnelaufbau-Anfragen <i>(englisch)</i></li>
+<li><a href="how_cryptography.html">Details zur ElGamal- und AES-Verschlüsselung</a> <i>(englisch)</i></li>
+<li><a href="tunnel-alt-creation.html">Weitere technische Details zum Tunnelaufbauprozess</a> <i>(englisch)</i></li>
+<li><a href="tunnel_message_spec.html">Technische Beschreibung der Tunnelnachrichten</a> <i>(englisch)</i></li>
+</ul>
+
+<h3>Transportschicht</h3>
+Protokolle zur direkten Kommunikation zwischen zwei Routern.
+<ul><li>
+<a href="transport.html">Überblick über die Transportschicht</a> <i>(englisch)</i>
+</li><li>
+<a href="ntcp.html">NTCP</a> Überblick über den TCP-Transport <i>(englisch)</i>
+</li><li>
+<a href="udp.html">SSU</a> Überblick über den UDP-Transport <i>(englisch)</i>
+</li><li>
+<a href="udp_spec.html">Technische Beschreibung zu SSU</a> <i>(englisch)</i>
+</li><li>
+<a href="how_cryptography.html#tcp">Verschlüsselung des NTCP-Transports <i>(englisch)</i></a></li><li>
+<a href="how_cryptography.html#udp">Verschlüsselung des SSU-Transports <i>(englisch)</i></a></li>
+<li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/transport/package-summary.html">Java-Dokumentation zur Transportschicht</a> <i>(englisch)</i>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/transport/ntcp/package-summary.html">Java-Dokumentation zu NTCP</a> <i>(englisch)</i>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/transport/udp/package-summary.html">Java-Dokumentation zu SSU</a> <i>(englisch)</i>
+</li></ul>
+
+<h3>Sonstiges zum Thema Router</h3>
+<ul><li>
+Zeitabgleich und NTP
+</li></ul>
+
{% endblock %}
diff --git a/www.i2p2/pages/how_elgamalaes.html b/www.i2p2/pages/how_elgamalaes.html
index 1e68a98df0a7747523b44d3324361ea73730f21f..b2b501fdc4194c6d3102a19050b962a110c7afa1 100644
--- a/www.i2p2/pages/how_elgamalaes.html
+++ b/www.i2p2/pages/how_elgamalaes.html
@@ -1,80 +1,329 @@
{% extends "_layout.html" %}
-{% block title %}How ElGamal and AES Encryption Work{% endblock %}
-{% block content %}<p>
-Within I2P, various messages are encrypted, but we don't want anyone to know
-to whom or from whom it is bound, so we can't just toss a "to" or "from" address.
-In addition, messages are not delivered in order (or reliably), so we can't simply
-ElGamal encrypt the first message and AES the subsequent messages. The alternative
-of ElGamal encrypting each individual message is daunting in light of the message
-frequency desired. Instead, we take each message and evaluate whether it fits into
-the three possible conditions:</p>
+{% block title %}ElGamal/AES + SessionTag Encryption{% endblock %}
+{% block content %}
+Updated February 2011, current as of router version 0.8.3
+<h2>Overview</h2>
+<p>
+ElGamal/AES+SessionTags is used for end-to-end encryption.
+</p>
+ <p> As an unreliable, unordered, message based system, I2P uses a simple combination
+ of asymmetric and symmetric encryption algorithms to provide data confidentiality
+ and integrity to garlic messages. As a whole, the combination is referred
+ to as ElGamal/AES+SessionTags, but that is an excessively verbose way to describe
+ the use of 2048bit ElGamal, AES256, SHA256, and 32 byte nonces. </p>
+ <p> The first time a router wants to encrypt a garlic message to another router,
+ they encrypt the keying material for an AES256 session key with ElGamal and
+ append the AES256/CBC encrypted payload after that encrypted ElGamal block.
+ In addition to the encrypted payload, the AES encrypted section contains the
+ payload length, the SHA256 hash of the unencrypted payload, as well as a number
+ of "session tags" - random 32 byte nonces. The next time the sender wants
+ to encrypt a garlic message to another router, rather than ElGamal encrypt
+ a new session key they simply pick one of the previously delivered session
+ tags and AES encrypt the payload like before, using the session key used with
+ that session tag, prepended with the session tag itself. When a router receives
+ a garlic encrypted message, they check the first 32 bytes to see if it matches
+ an available session tag - if it does, they simply AES decrypt the message,
+ but if it does not, they ElGamal decrypt the first block. </p>
+ <p> Each session tag can be used only once so as to prevent internal adversaries
+ from unnecessarily correlating different messages as being between the same
+ routers. The sender of an ElGamal/AES+SessionTag encrypted message chooses
+ when and how many tags to deliver, prestocking the recipient with enough tags
+ to cover a volley of messages. Garlic messages may detect the successful tag
+ delivery by bundling a small additional message as a clove (a "delivery status
+ message") - when the garlic message arrives at the intended recipient and
+ is decrypted successfully, this small delivery status message is one of the
+ cloves exposed and has instructions for the recipient to send the clove back
+ to the original sender (through an inbound tunnel, of course). When the original
+ sender receives this delivery status message, they know that the session tags
+ bundled in the garlic message were successfully delivered. </p>
+ <p> Session tags themselves have a short lifetime, after which they are
+ discarded if not used. In addition, the quantity stored for each key is limited,
+ as are the number of keys themselves - if too many arrive, either new or old
+ messages may be dropped. The sender keeps track whether messages using session
+ tags are getting through, and if there isn't sufficient communication it may
+ drop the ones previously assumed to be properly delivered, reverting back
+ to the full expensive ElGamal encryption.
+ A session will continue to exist until all its tags are exhausted or expire.
+</p><p>
+Sessions are unidirectional. Tags are delivered from Alice to Bob,
+and Alice then uses the tags, one by one, in subsequent messages to Bob.
+</p><p>
+Sessions may be established between Destinations, between Routers, or
+between a Router and a Destination.
+Each Router and Destination maintains its own Session Key Manager to
+keep track of Session Keys and Session Tags.
+Separate Session Key Managers prevents correlation of multiple Destinations
+to each other or a Router by adversaries.
+</p>
-<OL>
-<li> its ElGamal encrypted to us</li>
-<li> its AES encrypted to us</li>
-<li> its not encrypted to us</li>
-</OL>
+
+<h2>Message Reception</h2>
<p>
-If its ElGamal encrypted to us, the message is considered a new session, and
-is encrypted per encryptNewSession(...) in
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/ElGamalAESEngine.html">[ElGamalAESEngine]</a>
-as follows -</p>
+Each message received has one of two
+the two possible conditions:</p>
+
+<OL>
+<li> It is part of an existing session and contains a Session Tag and an AES encrypted block</li>
+<li> It is for a new session and contains both ElGamal and AES encrypted blocks</li>
+</OL>
+When a router receives a message, it will first assume it is from
+an existing session and attempt to look up the Session Tag and decrypt the following data using AES.
+If that fails, it will assume it is for a new session and attempt to
+decrypt it using ElGamal.
+</p>
+
+
-<p>An initial ElGamal block, encrypted <a href="how_cryptography">as before</a>:</p>
+<h2 id="new">New Session Message Specification</h2>
+<p>
+A New Session ElGamal Message contains two parts, an encrypted ElGamal block
+and an encrypted AES block.
+</p><p>
+The encrypted message contains:
+<PRE>
+ +----+----+----+----+----+----+----+----+
+ | |
+ + +
+ | ElGamal Encrypted Block |
+ ~ ~
+ | |
+ + +----+----+----+----+----+----+
+ | | |
+ +----+----+ +
+ | |
+ + +
+ | AES Encrypted Block |
+ ~ ~
+ | |
+ + +----+----+----+----+----+----+
+ | +
+ +----+----+
+</PRE>
+</p>
+<h3>ElGamal Block</h3>
+<p>
+The encrypted ElGamal Block is always 514 bytes long.
+</p><p>
+The unencrypted ElGamal data is 222 bytes long, containing:
<PRE>
- |_______1_______2_______3_______4_______5_______6_______7_______8
- | 32 byte session key
- |
- |
- | |
- | 32 byte pre-IV (first 16 bytes of H(pre-IV) == IV)
- |
- |
- | |
- | (158 bytes of random data)
- | ...
- | |
+ +----+----+----+----+----+----+----+----+
+ | |
+ + +
+ | Session Key |
+ + +
+ | |
+ + +
+ | |
+ +----+----+----+----+----+----+----+----+
+ | |
+ + +
+ | Pre-IV |
+ + +
+ | |
+ + +
+ | |
+ +----+----+----+----+----+----+----+----+
+ + +
+ | |
+ + +
+ | 158 bytes random padding |
+ ~ ~
+ | |
+ + +----+----+
+ | |
+ +----+----+----+----+----+----+
</PRE>
+The 32-byte
+<a href="common_structures_spec#type_SessionKey">Session Key</a>
+is the identifier for the session.
+The 32-byte Pre-IV will be used to generate the IV for the AES block that follows;
+the IV is the first 16 bytes of the SHA-256 Hash of the Pre-IV.
+</p><p>
+The 222 byte payload is encrypted
+<a href="how_cryptography.html#elgamal">using ElGamal</a>
+and the encrypted block is 514 bytes long.
+</p>
-<p>Followed by the following, AES encrypted <a href="how_cryptography">as before</a>,
-using the session key and IV from the header:</p>
-
+<h3 id="aes">AES Block</h3>
+<p>The unencrypted data in the AES block contains the following:
<PRE>
- |_______1_______2_______3_______4_______5_______6_______7_______8
- | # session tags| that many sessionTags (32 byte random numbers)
- | ...
- | | size of the payload (bytes) | H(payload)
- |
- |
- |
- | | flag |payload
- | ...
- | |
- | random bytes leaving the total AES block (size % 16 == 0) |
+ +----+----+----+----+----+----+----+----+
+ |tag count| |
+ +----+----+ +
+ | |
+ + +
+ | Session Tags |
+ ~ ~
+ | |
+ + +
+ | |
+ + +----+----+----+----+----+----+
+ | | payload size | |
+ +----+----+----+----+----+----+ +
+ | |
+ + +
+ | Payload Hash |
+ + +
+ | |
+ + +----+----+
+ | |flag| |
+ +----+----+----+----+----+----+----+ +
+ | |
+ + +
+ | New Session Key (opt.) |
+ + +
+ | |
+ + +----+
+ | | |
+ +----+----+----+----+----+----+----+ +
+ | |
+ + +
+ | Payload |
+ ~ ~
+ | |
+ + +----//---+----+
+ | | |
+ +----+----+----//---+----+ +
+ | Padding to 16 bytes |
+ +----+----+----+----+----+----+----+----+
+
+tag count: 2-byte <a href="common_structures_spec#type_Integer">Integer</a>, 0-200
+
+Session Tags: That many 32-byte <a href="common_structures_spec#type_SessionTag">Session Tags</a>
+
+payload size: 4-byte <a href="common_structures_spec#type_Integer">Integer</a>
+
+Payload Hash: The 32-byte <a href="common_structures_spec#type_Hash">SHA256 Hash</a> of the payload
+
+flag: A one-byte value. Normally == 0. If == 0x01, a Session Key follows
+
+New Session Key: A 32-byte <a href="common_structures_spec#type_SessionKey">Session Key</a>,
+ to replace the old key, and is only present if preceding flag is 0x01
+
+Payload: the data
+
+Padding: Random data to a multiple of 16 bytes for the total length.
+ May contain more than the minimum required padding.
+
+Minimum length: 48 bytes
</PRE>
-<p>If the flag is 0x01, it is followed by a new session key, replacing
-the old one.</p>
+</p><p>
+The data is then <a href="how_cryptography">AES Encrypted</a>,
+using the session key and IV (calculated from the pre-IV) from the ElGamal section.
+The encrypted AES Block length is variable but is always a multiple of 16 bytes.
+</p>
+<h4>Notes</h4>
+<ul>
+<li>
+ Actual max payload length, and max block length, is less than 64 KB; see the <a href="i2np.html">I2NP Overview</a>.
+</li><li>
+New Session Key is currently unused and is never present.
+</li></ul>
+
+
+
+<h2 id="existing">Existing Session Message Specification</h2>
<p>The session tags delivered successfully are remembered for a
-brief period (30 minutes currently) until they are used (and discarded).
-They are used by packaging in a message that is not preceded by an
-ElGamal block. Instead, it is encrypted per encryptExistingSession(...) in
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/ElGamalAESEngine.html">[ElGamalAESEngine]</a>
-as follows -</p>
+brief period (15 minutes currently) until they are used or discarded.
+A tag is used by packaging one in an Existing Session Message that
+contains only an AES encrypted block, and
+ is not preceded by an
+ElGamal block.
+</p><p?>
+The existing session message is
+as follows:
<PRE>
- |_______1_______2_______3_______4_______5_______6_______7_______8
- | session tag (32 byte random number previously delivered and
- | not yet expired or used). the session tag also serves as
- | the pre-IV (the first 16 bytes of H(sessionTag) == IV)
- | |
+ +----+----+----+----+----+----+----+----+
+ | |
+ + +
+ | Session Tag |
+ + +
+ | |
+ + +
+ | |
+ +----+----+----+----+----+----+----+----+
+ | |
+ + +
+ | AES Encrypted Block |
+ ~ ~
+ | |
+ + +
+ | |
+ +----+----+----+----+----+----+----+----+
+
+Session Tag: A 32-byte <a href="common_structures_spec#type_SessionTag">Session Tag</a>
+ previously delivered in an AES block
+
+AES Encrypyted Block: As specified <a href="#aes">above</a>.
+
</PRE>
+The session tag also serves as
+the pre-IV. The IV is the first 16 bytes of the SHA-256 Hash of the sessionTag.
+</p><p>
+To decode a message from an existing session, a router looks up the Session Tag to find an
+associated Session Key. If the Session Tag is found, the AES block is decrypted using the associated Session Key.
+If the tag is not found, the message is assumed to be a <a href="#new">New Session Message</a>.
+</p>
+
+
+
+<h2 id="future">Future Work</h2>
+<p>
+There are many possible areas to tune the Session Key Manager's algorithms;
+some may interact with the streaming library behavior, or have significant
+impact on overall performance.
+<ul><li>
+Delivery of too many tags at one time may impose substantial overhead for brief streaming connections
+or datagrams, and increase the chance of message loss.
+We currently deliver 40 tags at a time (1280 bytes).
+32 (1024 bytes) may be better for tunnel fragmentation.
+</li><li>
+A few tags could be delivered in each of several messages, or lots of tags all at once.
+</li><li>
+It is also important to study and tune
+the low-tag thresholds at which more tags are sent.
+</li><li>
+The number of tags delivered could depend on message size, keeping in mind
+the eventual padding to 1KB at the tunnel message layer.
+</li><li>
+Clients could send an estimate of session lifetime to the router, as an advisory
+on the number of tags required.
+</li><li>
+Delivery of too few tags causes the router to fall back to an expensive ElGamal encryption.
+</li><li>
+The router may assume delivery of Session Tags, or await acknowledgement before using them;
+there are tradeoffs for each strategy.
+</li><li>
+For very brief messages, almost the full 222 bytes of the pre-IV and padding fields in the ElGamal block
+could be used for the entire message, instead of establishing a session.
+</li><li>
+Evaluate padding strategy; currently we pad to a minimum of 128 bytes.
+Would be better to add a few tags to small messages than pad.
+</li><li>
+Perhaps things could be more efficient if the Session Tag system was bidirectional,
+so tags delivered in the 'forward' path could be used in the 'reverse' path,
+thus avoiding ElGamal in the initial response.
+The router currently plays some tricks like this when sending
+tunnel test messages to itself.
+</li><li>
+Change from Session Tags to
+<a href="performance.html#prng">a synchronized PRNG</a>.
+</li><li>
+Several of these ideas may require a new I2NP message type, or
+set a flag in the
+<a href="tunnel_message_spec.html#delivery">Delivery Instructions</a>,
+or set a magic number in the first few bytes of the Session Key field
+and accept a small risk of the random Session Key matching the magic number.
+</li></ul>
+
+</p>
+
+
-<p>Followed by the AES encrypted block above (2 byte # session tags,
-that many session tags, sizeof(payload), H(payload), flag, payload,
-random padding).</p>
{% endblock %}
diff --git a/www.i2p2/pages/how_elgamalaes_de.html b/www.i2p2/pages/how_elgamalaes_de.html
index 40d4262960d61896fee829178c2391b472509448..99d4402cd768ba98ae5238affb1f7273632bbc64 100644
--- a/www.i2p2/pages/how_elgamalaes_de.html
+++ b/www.i2p2/pages/how_elgamalaes_de.html
@@ -1,6 +1,8 @@
{% extends "_layout_de.html" %}
{% block title %}Wie elGgamal und AES Encrypting funktionieren{% endblock %}
-{% block content %}<p>
+{% block content %}
+<p>Die Webseite wird gerade überholt und dieses Dokument kann alte Informationen enthalten</p>
+<p>
In I2P sind verschiedene Nachrichten verschlüsselt, aber wir möchten
niemanden wissen lassen, von wem oder an wen diese gebunden ist, somit k&oouml;nnen
wir nicht einfach eine "an" oder "von" Adresse anhängen.
@@ -22,7 +24,7 @@ testen, ob diese in eine der drei Möglichkeiten passt:
Falls es für uns ElGamal verschlüsselt ist, wird die Nachricht als
neue Session behandelt und wird verschlüsselt mittels encryptNewSession(....)
in der
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/ElGamalAESEngine.html">[ElGamalAESEngine]</a>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/crypto/ElGamalAESEngine.html">[ElGamalAESEngine]</a>
wie folgend -</p>
<p>Ein initialer ElGamal Block, verschlüsselt <a href="how_cryptography">wie zuvor</a>:</p>
@@ -67,7 +69,7 @@ ersetzt.</p>
Zeit (zur Zeit 30 Minuten) gespeichert bis sie gebraucht (und weggeworfen) werden.
Sie werden für das Einpacken einer Nachricht ohne vorhergehnden ElGamal Block
genutzt. Dabei wird es mit encryptExistingSession(...) in der
-<a href="http://docs.i2p2.de/core/net/i2p/crypto/ElGamalAESEngine.html">[ElGamalAESEngine]</a>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/crypto/ElGamalAESEngine.html">[ElGamalAESEngine]</a>
wie folgend verschlüsselt -</p>
<PRE>
diff --git a/www.i2p2/pages/how_fr.html b/www.i2p2/pages/how_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..44c7562bab87daff4743550df242b764dbd50b36
--- /dev/null
+++ b/www.i2p2/pages/how_fr.html
@@ -0,0 +1,185 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Sommaire de la doc. technique{% endblock %}
+{% block content %}
+Traduction de juillet 2011. <a href="how.html">Version anglaise actuelle</a>
+<h1>Comment I2P fonctionne-t-il?</h1>
+<p>
+Table des matières de la documentation technique.
+Cette information a été actualisée en juin 2011 pour la version 0.8.6.
+</p><p>
+Cette table est organisée selon le niveau des couches réseau, de la plus haute à la plus basse.
+Les plus hautes couches sont celles des "clients" ou "applications";
+les plus basses sont dans le routeur lu-même.
+L'interface entre les applications et le routeur est l'API I2CP (I2P Control Protocol).
+</p><p>
+Le projet I2P s'engage à maintenir exacte la documentation actuelle.
+Si vous trouvez des erreur dans les documents liés ci-dessous, merci d'en faire part via un
+<a href="http://trac.i2p2.de/report/1">ticket</a> Trac.</p>
+
+
+<h2>Table</h2>
+
+<h3>Aperçu</h3>
+<ul class="helplist">
+<li><a href="techintro_fr.html">Présentation technique</a></li>
+<li><a href="how_intro_fr.html">Une présentation moins technique</a></li>
+<li><a href="how_threatmodel_fr.html">État des lieux et modélisation des menaces</a></li>
+<li><a href="how_networkcomparisons_fr.html">Comparaison à d'autres réseaux anonymes</a></li>
+<li><a href="protocols_fr.html">Diagramme de la pile du protocole</a></li>
+<li><a href="papers_fr.html">Publications et présentations sur I2P</a></li>
+</ul>
+
+<h3>Couche applicative</h3>
+<ul>
+<li><a href="naming_fr.html">Nommage et carnet d'adresses</a></li>
+<li><a href="plugins_fr.html">Aperçu des greffons</a></li>
+<li><a href="plugin_spec_fr.html">Spécification des greffons</a></li>
+<li><a href="updates.html">Mises à jour du logiciel routeur</a></li>
+<li><a href="bittorrent_fr.html">Bittorrent sur I2P</a></li>
+</ul>
+
+<h3>API de la couche applicative et protocoles</h3>
+APIs de haut niveau faciles à utiliser, pour applications dans tous langages, destinées à échanger des données.
+<ul><li>
+<a href="applications.html">Aperçu et guide de développement d'applications</a>
+</li><li>
+<a href="i2ptunnel.html">I2PTunnel</a>
+</li><li>
+<a href="socks.html">Proxy SOCKS</a>
+</li><li>
+Proxy HTTP
+</li><li>
+Proxy CONNECT
+</li><li>
+Proxy IRC
+</li><li>
+Proxy IRC SOCKS
+</li><li>
+Proxy Streamr
+</li><li>
+Proxy HTTP Bidir
+</li><li>
+<a href="sam.html">Protocole SAM</a>
+</li><li>
+<a href="samv2.html">Protocole SAMv2</a>
+</li><li>
+<a href="samv3.html">Protocole SAMv3</a>
+</li><li>
+<a href="bob.html">Protocole BOB</a>
+</li></ul>
+
+<h3>Protocoles et APIs de transport point à point</h3>
+Les protocoles point à point utilisés par les clients pour des communications fiables et non fiables.
+<ul><li>
+<a href="streaming.html">Bibliothèque de diffusion streaming</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/streaming/package-summary.html">Streaming Javadoc</a>
+</li><li>
+<a href="datagrams.html">Datagrammes</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/datagram/package-summary.html">Datagrammes Javadoc</a>
+</li></ul>
+
+<h3>API et protocole de l'interface client-Routeur</h3>
+L'API de plus bas niveau utilisée par les applications clientes pour échanger du trafic avec un routeur.
+Utilisée traditionnellement seulement par les applications Java et les APIs de niveau supérieur..
+<ul><li>
+Protocole de contrôle <a href="i2cp.html">I2CP</a> / aperçu de l'API
+</li><li>
+<a href="i2cp_spec.html">Spécification</a> d'I2CP
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/package-summary.html">I2CP API Javadoc</a>
+</li><li>
+<a href="common_structures_spec.html">Spécification des structures de données communes</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/package-summary.html">Structures de données Javadoc</a>
+</li></ul>
+
+<h3>Chiffrement point à point</h3>
+Comment les messages des clients sont chiffrés en point à point par le routeur.
+<ul>
+<li>Chiffrement <a href="how_elgamalaes">ElGamal/AES+SessionTag</a></li>
+<li><a href="how_cryptography.html">Détails</a> sur les cryptographies ElGamal et AES</li>
+</ul>
+
+<h3>Base de donnée du réseau</h3>
+Stockage distribué et obtension d'informations sur les routeurs et les clients.
+<ul>
+<li><a href="how_networkdatabase.html">Aperçu de la base de donnée du réseau, détails, et analyse des faiblesses</a></li>
+<li><a href="how_cryptography.html#SHA256">Hachage cryptographique</a></li>
+<li><a href="how_cryptography.html#DSA">Signatures cryptographiques</a></li>
+</ul>
+
+<h3>Protocole de messages du routeur</h3>
+I2P est un routeur orienté messages. Les messages envoyés entre routeurs sont définis par le protocole I2NP.
+<ul><li>
+Aperçu du protocole I2P <a href="i2np.html">I2NP</a>
+</li><li>
+Spécification d'<a href="i2np_spec.html">I2NP</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/i2np/package-summary.html">Javadoc</a> I2NP
+</li><li>
+<a href="common_structures_spec.html">Spécification des structures de données communes</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/package-summary.html">Structures de données</a> Javadoc
+</li></ul>
+
+<h3>Tunnels</h3>
+Sélection des pairs, demande de tunnels à travers ces pairs, et chiffrement/routage des messages par ces tunnels.
+<ul>
+<li><a href="how_peerselection.html">Classification et sélection des pairs</a></li>
+<li><a href="how_tunnelrouting.html">Aperçu du routage en tunnel</a></li>
+<li><a href="how_garlicrouting.html">Routage en têtes d'ail (Garlic) et terminologie associée</a></li>
+<li><a href="tunnel-alt.html">Création et chiffrement de tunnels</a></li>
+<li><a href="how_elgamalaes.html">ElGamal/AES</a> pour le chiffrement des requêtes de création</li>
+<li><a href="how_cryptography.html">Détails de la cryptographie ElGamal et AES</a></li>
+<li><a href="tunnel-alt-creation.html">Spécification de création de tunnel building s</a></li>
+<li><a href="tunnel_message_spec.html">Spécification des messages de bas niveau des tunnels</a></li>
+</ul>
+
+<h3>Couche transport</h3>
+Protocoles pour les échanges direct (point à point) de routeur à routeur.
+<ul><li>
+Aperçu de la <a href="transport.html">couche transport</a>
+</li><li>
+Aperçu du transport TCP <a href="ntcp.html">NTCP</a>
+</li><li>
+Aperçu du transport UDP <a href="udp.html">SSU</a>
+</li><li>
+<a href="udp_spec.html">Spécification de SSU</a>
+</li><li>
+<a href="how_cryptography.html#tcp">Chiffrement du transport NTCP</a>
+</li><li>
+<a href="how_cryptography.html#udp">Chiffrement du transport SSU</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/transport/package-summary.html">Transport Javadoc</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/transport/ntcp/package-summary.html">NTCP Javadoc</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/transport/udp/package-summary.html">SSU Javadoc</a>
+</li></ul>
+
+<h3>Autres sujets sur le routeur</h3>
+<ul><li>
+Bibliothèque native <a href="jbigi.html">BigInteger</a>
+</li><li>
+Synchronisation horaire et NTP
+</li><li>
+<a href="performance.html">Performances</a>
+</li></ul>
+
+<h3>Guides pour développeurs</h3>
+<ul><li>
+<a href="newdevelopers.html">Guide de démarrage du développeur</a>
+</li><li>
+<a href="newtranslators_fr.html">Guide de démarrage du traducteur</a>
+</li><li>
+<a href="monotone.html">guide de Monotone</a>
+</li><li>
+<a href="http://docs.i2p-projekt.de/javadoc/">Javadocs</a>
+</li><li>
+<a href="todo_fr.html">À faire</a>
+</li></ul>
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/how_garlicrouting.html b/www.i2p2/pages/how_garlicrouting.html
index b15ea6ef24bff8e04691723732b4452ef15f2260..718414924694a3f215874775ab1412e1562ea571 100644
--- a/www.i2p2/pages/how_garlicrouting.html
+++ b/www.i2p2/pages/how_garlicrouting.html
@@ -1,54 +1,259 @@
{% extends "_layout.html" %}
-{% block title %}How Garlic Routing Works{% endblock %}
+{% block title %}Garlic Routing{% endblock %}
{% block content %}<p>
-As briefly explained on the <a href="how_intro">intro</a>, in addition to sending
-messages through tunnels (via <a href="how_tunnelrouting">tunnels</a>), I2P uses a technique called
-"garlic routing" - layered encryption of messages, passing through routers
-selected by the original sender. This is similar to the way Mixmaster
+Updated August 2010 for release 0.8
+</p>
+
+<h2>Garlic Routing and "Garlic" Terminology</h2>
+<p>
+The terms "garlic routing" and "garlic encryption" are often used rather loosely when referring to I2P's technology.
+Here, we explain the history of the terms, the various meanings, and
+the usage of "garlic" methods in I2P.
+</p><p>
+"Garlic routing" was first coined by
+<a href="http://www.cs.princeton.edu/~mfreed/">Michael J. Freedman</a>
+in Roger Dingledine's Free Haven
+<a href="http://www.freehaven.net/papers.html">Master's thesis</a> Section 8.1.1 (June 2000), as derived from
+<a href="http://onion-router.net/">Onion Routing</a>.
+</p><p>
+"Garlic" may have been used originally by I2P developers because I2P implements a form of
+bundling as Freedman describes, or simply to emphasize general differences from Tor.
+The specific reasoning may be lost to history.
+Generally, when referring to I2P, the term "garlic" may mean one of three things:
+<ol><li>
+Layered Encryption
+</li><li>
+Bundling multiple messages together
+</li><li>
+ElGamal/AES Encryption
+</li></ol>
+Unfortunately, I2P's usage of "garlic" terminology over the past seven years has not always been precise; therefore the reader is
+cautioned when encountering the term.
+Hopefully, the explanation below will make things clear.
+</p>
+
+<h3>Layered Encryption</h3>
+<p>
+Onion routing is a technique for building paths, or tunnels, through a series of peers,
+and then using that tunnel.
+Messages are repeatedly encrypted by the originator, and then decrypted by each hop.
+During the building phase, only the routing instructions for the next hop are exposed to each peer.
+During the operating phase, messages are passed through the tunnel, and the
+message and its routing instructions are only exposed to the endpoint of the tunnel.
+</p><p>
+This is similar to the way Mixmaster
(see <a href="how_networkcomparisons">network comparisons</a>) sends messages - taking a message, encrypting it
to the recipient's public key, taking that encrypted message and encrypting
it (along with instructions specifying the next hop), and then taking that
resulting encrypted message and so on, until it has one layer of encryption
-per hop along the path. The only significant difference between that technique
-and I2P's garlic routing is that at each layer, any number of messages can be
-contained, instead of just a single message.
+per hop along the path.
+</p><p>
+In this sense, "garlic routing" as a general concept is identical to "onion routing".
+As implemented in I2P, of course, there are several differences from the implementation in Tor; see below.
+Even so, there are substantial similarities such that I2P benefits from a
+<a href="http://www.onion-router.net/Publications.html">large amount of academic research on onion routing</a>,
+<a href="http://freehaven.net/anonbib/topic.html">Tor, and similar mixnets</a>.
+</p>
-<p>
-<img src="http://dev.i2p.net/~jrandom/wiki/garlic.png">
-<p>
-In addition to the cloves, each unwrapped garlic message contains a sender
-specified amount of padding data, allowing the sender to take active countermeasures
-against traffic analysis.
-<p>
-<H2>Uses within I2P</H2>
+<h3>Bundling Multiple Messages</h3>
<p>
-I2P uses garlic routing in three places:
-<UL>
-<li> For building tunnels
-<li> For determining the success or failure of end to end message delivery (by wrapping an additional
- DeliveryStatusMessage in with the payload, where the clove containing the DeliveryStatusMessage
- has instructions forwarding it back through other routers and tunnels to the original sender)
+Michael Freedman defined "garlic routing" as an extension to onion routing,
+in which multiple messages are bundled together.
+He called each message a "bulb".
+All the messages, each with its own delivery instructions, are exposed at the
+endpoint.
+This allows the efficient bundling of an onion routing "reply block" with the original message.
+</p><p>
+This concept is implemented in I2P, as described below.
+Our term for garlic "bulbs" is "cloves".
+Any number of messages can be
+contained, instead of just a single message.
+This is a significant distinction from the onion routing implemented in Tor.
+However, it is only one of many major architectural differences between I2P and Tor;
+perhaps it is not, by itself, enough to justify a change in terminology.
+
+</p><p>
+Another difference
+from the method described by Freedman
+is that the path is unidirectional - there is no "turning point" as seen in onion routing
+or mixmaster reply blocks, which greatly simplifies the algorithm and allows for more flexible
+and reliable delivery.
+</p>
+
+<h3>ElGamal/AES Encryption</h3>
+In some cases, "garlic encryption" may simply mean
+<a href="how_elgamalaes">ElGamal/AES+SessionTag</a> encryption
+(without multiple layers).
+
+
+
+<H2>"Garlic" Methods in I2P</H2>
+
+<p>
+Now that we've defined various "garlic" terms, we can say that
+I2P uses garlic routing, bundling and encryption in three places:
+<ol>
+<li> For building and routing through tunnels (layered encryption)
+<li> For determining the success or failure of end to end message delivery (bundling)
<li> For publishing some network database entries (dampening the probability of a successful traffic analysis attack)
-</UL>
+ (ElGamal/AES)
+</ol>
<p>
There are also significant ways that this technique can be used to improve the performance of the network,
exploiting transport latency/throughput tradeoffs, and branching data through redundant paths to increase reliability.
+
+
+<h3>Tunnel Building and Routing</h3>
<p>
-<H2>Encryption</H2>
+In I2P, tunnels are unidirectional. Each party builds two tunnels,
+one for outbound and one for inbound traffic.
+Therefore, four tunnels are required for a single round-trip message and reply.
+</p><p>
+Tunnels are built, and then used, with layered encryption.
+This is described on the
+<a href="tunnel-alt.html">tunnel implementation page</a>.
+Tunnel building details are defined on
+<a href="tunnel-alt-creation.html">this page</a>.
+We use
+<a href="how_elgamalaes">ElGamal/AES+SessionTag</a> for the encryption.
+</p><p>
+Tunnels are a general-purpose mechanism to transport all
+<a href="i2np.html">I2NP messages</a>, and
+<a href="i2np_spec.html#msg_Garlic">Garlic Messages</a> are not used to build tunnels.
+We do not bundle multiple
+<a href="i2np.html">I2NP messages</a> into a single
+<a href="i2np_spec.html#msg_Garlic">Garlic Message</a> for unwrapping at the outbound tunnel endpoint;
+the tunnel encryption is sufficient.
+</p>
+
+<h3>End-to-End Message Bundling</h3>
<p>
-The encryption of each layer in the garlic message uses the <a href="how_elgamalaes">ElGamal/AES+SessionTag</a> algorithm,
-which avoids the cost of a full 2048bit ElGamal encryption for subsequent messages (using instead a random previously
-specified SessionTag plus 256bit AES encryption).
+At the layer above tunnels, I2P delivers end-to-end messages between
+<a href="common_structures_spec#struct_Destination">Destinations</a>.
+Just as within a single tunnel, we use
+<a href="how_elgamalaes">ElGamal/AES+SessionTag</a> for the encryption.
+Each client message as delivered to the router through the
+<a href="i2cp.html">I2CP interface</a> becomes a single
+<a href="i2np.html#struct_GarlicClove">Garlic Clove</a>
+with its own
+<a href="tunnel_message_spec.html#delivery">Delivery Instructions</a>,
+inside a
+<a href="i2np.html#msg_Garlic">Garlic Message</a>.
+Delivery Instructions may specify a Destination, Router, or Tunnel.
+</p><p>
+Generally, a Garlic Message will contain only one clove.
+However, the router will periodically bundle two additional
+cloves in the Garlic Message:
+<img src="/_static/images/garliccloves.png" alt="Garlic Message Cloves" style="text-align:center;"/>
+
+<ol><li>
+A
+<a href="i2np.html#msg_DeliveryStatus">Delivery Status Message</a>,
+with
+<a href="tunnel_message_spec.html#delivery">Delivery Instructions</a>
+specifying that it be sent back to the originating router as an acknowledgment.
+This is similar to the "reply block" or "reply onion"
+described in the references.
+It is used for determining the success or failure of end to end message delivery.
+The originating router may, upon failure to receive the Delivery Status Message
+within the expected time period, modify the routing to the far-end Destination,
+or take other actions.
+
+</li><li>
+A
+<a href="i2np.html#msg_DatabaseStore">Database Store Message</a>,
+containing a
+<a href="common_structures_spec#struct_LeaseSet">LeaseSet</a>
+for the originating Destination, with
+<a href="tunnel_message_spec.html#delivery">Delivery Instructions</a>
+specifying the far-end destination's router.
+By periodically bundling a LeaseSet, the router ensures that the far-end will be able
+to maintain communications.
+Otherwise the far-end would have to query a floodfill router for the network database entry,
+and all LeaseSets would have to be published to the network database, as explained on the
+<a href="how_networkdatabase.html">network database page</a>.
+</li></ol>
+
+</p><p>
+In the current implementation, the Delivery Status and Database Store Messages
+are bundled when the local LeaseSet changes, when additional
+<a href="common_structures_spec#type_SessionTag">Session Tags</a>
+are delivered, or if the messages have not been bundled in the previous minute.
+
+</p><p>
+Obviously, the additional messages are currently bundled for specific purposes,
+and not part of a general-purpose routing scheme.
+</p>
+
+<h3> Storage to the Floodfill Network Database</h3>
+</p>
+As explained on the
+<a href="how_networkdatabase.html#delivery">network database page</a>,
+local
+<a href="common_structures_spec#struct_LeaseSet">LeaseSets</a>
+are sent to floodfill routers in a
+<a href="i2np.html#msg_DatabaseStore">Database Store Message</a>
+wrapped in a
+<a href="i2np.html#msg_Garlic">Garlic Message</a>
+so it is not visible to the tunnel's outbound gateway.
+</p>
+
+
+<H2>Future Work</H2>
<p>
+The Garlic Message mechanism is very flexible and provides a structure for
+implementing many types of mixnet delivery methods.
+Together with the unused delay option in the
+<a href="tunnel_message_spec.html#delivery">tunnel message Delivery Instructions</a>,
+a wide spectrum of batching, delay, mixing, and routing strategies are possible.
+</p><p>
+In particular, there is potential for much more flexibility at the outbound tunnel endpoint.
+Messages could possibly be routed from there to one of several tunnels
+(thus minimizing point-to-point connections), or multicast to several tunnels
+for redundancy, or streaming audio and video.
+</p><p>
+Such experiments may conflict with the need to ensure security and anonymity, such
+as limiting certain routing paths, restricting the types of I2NP messages that may
+be forwarded along various paths, and enforcing certain message expiration times.
+</p><p>
+As a part of
+<a href="how_elgamalaes">ElGamal/AES encryption</a>,
+a garlic message contains a sender
+specified amount of padding data, allowing the sender to take active countermeasures
+against traffic analysis.
+This is not currently used, beyond the requirement to pad to a multiple of 16 bytes.
+</p><p>
+Encryption of additional messages to and from the
+<a href="how_networkdatabase.html#delivery">floodfill routers</a>.
+</p>
+
+
+
+
<H2>References</H2>
+<ul><li>
+The term garlic routing was first coined in Roger Dingledine's Free Haven
+<a href="http://www.freehaven.net/papers.html">Master's thesis</a> (June 2000),
+see Section 8.1.1 authored by
+<a href="http://www.cs.princeton.edu/~mfreed/">Michael J. Freedman</a>.
+</li><li>
+<a href="http://www.onion-router.net/Publications.html">Onion router publications</a>
+</li><li>
+<a href="http://en.wikipedia.org/wiki/Onion_routing">Onion Routing on Wikipedia</a>
+</li><li>
+<a href="http://en.wikipedia.org/wiki/Garlic_routing">Garlic Routing on Wikipedia</a>
+</li><li>
+<a href="meeting58.html">I2P Meeting 58</a> (2003) discussing the implementation of garlic routing
+</li><li>
+<a href="https://www.torproject.org/">Tor</a>
+</li><li>
+<a href="http://freehaven.net/anonbib/topic.html">Free Haven publications</a>
+</li><li>
+Onion routing was first described in <a href="http://www.onion-router.net/Publications/IH-1996.pdf">Hiding Routing Information</a>
+by David M. Goldschlag, Michael G. Reed, and Paul F. Syverson in 1996.
+</li></ul>
-<p>
-The term garlic routing was first coined by Michael Freedman in Roger Dingledine's freehaven
-<a href="http://www.freehaven.net/doc/freehaven10.ps">[masters thesis]</a>, which was derived from
-<a href="http://onion-router.net/">[Onion Routing]</a>. The main difference with I2P's garlic routing
-is that the path is unidirectional - there is no "turning point" as seen in onion routing
-or mixmaster reply blocks, which greatly simplifies the algorithm and allows for more flexible
-and reliable delivery.{% endblock %}
+{% endblock %}
diff --git a/www.i2p2/pages/how_garlicrouting_de.html b/www.i2p2/pages/how_garlicrouting_de.html
index 7ef5b927dd901a6614e816dd3f0b9e2c5ad20c19..bb4e6089f0bf4fb27702a8bd777a845fbeb0d772 100644
--- a/www.i2p2/pages/how_garlicrouting_de.html
+++ b/www.i2p2/pages/how_garlicrouting_de.html
@@ -1,6 +1,8 @@
{% extends "_layout_de.html" %}
{% block title %}Wie Garlic Routen funktioniert{% endblock %}
-{% block content %}<p>
+{% block content %}
+<p>Die Webseite wird gerade überholt und dieses Dokument kann alte Informationen enthalten</p>
+<p>
wie kurz in der <a href="how_intro_de">Einleitung</a> erklärt, benutzt I2P
in Erweiterung zum Senden von Nachrichten über Tunnel (via
<a href="how_tunnelrouting_de">Tunnels</a>) eine Technik, die sich "Garlic
diff --git a/www.i2p2/pages/how_intro.html b/www.i2p2/pages/how_intro.html
index bb822e7074b43dbc0d92909af6533e71b67bb113..d56bf2cadc931b960e7aebd3b2574024c7d29ddd 100644
--- a/www.i2p2/pages/how_intro.html
+++ b/www.i2p2/pages/how_intro.html
@@ -1,13 +1,10 @@
{% extends "_layout.html" %}
-{% block title %}Introduction to How I2P Works{% endblock %}
-{% block content %}<i>Note: the "how" documents have not been fully updated to include several changes
-including the new
-<a href="tunnel-alt.html">tunnel
-routing and encryption</a> algorithms, addressing <a href="todo#tunnelId">several</a>
-<a href="todo#tunnelLength">issues</a> (with the groundwork for addressing
-<a href="todo#ordering">others</a>), and other changes.</i>
-
-<p>I2P is an effort to build, deploy, and maintain a network to support secure and anonymous
+{% block title %}A Gentle Introduction{% endblock %}
+{% block content %}
+
+<h2>A Gentle Introduction to How I2P Works</h2>
+
+<p>I2P is a project to build, deploy, and maintain a network supporting secure and anonymous
communication. People using I2P are in control of the tradeoffs between anonymity, reliability,
bandwidth usage, and latency. There is no central point in the network on which pressure can be
exerted to compromise the integrity, security, or anonymity of the system. The network supports
@@ -27,8 +24,8 @@ or even taken over to attempt more malicious attacks.</p>
<p>The network itself is message oriented - it is essentially a secure and anonymous IP layer,
where messages are addressed to cryptographic keys (Destinations) and can be significantly larger
than IP packets. Some example uses of the network include "eepsites" (webservers hosting normal web
-applications within I2P), a <a href="http://bitconjurer.org/BitTorrent/">BitTorrent</a> port ("I2PSnark"),
-or a distributed data store. With the help of mihi's <a href="i2ptunnel">I2PTunnel</a> application,
+applications within I2P), a BitTorrent client ("I2PSnark"),
+or a distributed data store. With the help of the <a href="i2ptunnel">I2PTunnel</a> application,
we are able to stream traditional TCP/IP applications over I2P, such as SSH, IRC, a squid proxy, and
even streaming audio. Most people will not use I2P directly, or even need to know they're using it.
Instead their view will be of one of the I2P enabled applications, or perhaps as a little controller
@@ -37,15 +34,14 @@ app to turn on and off various proxies to enable the anonymizing functionality.<
<p>An essential part of designing, developing, and testing an anonymizing network is to define the
<a href="how_threatmodel">threat model</a>, since there is no such thing as "true" anonymity, just
increasingly expensive costs to identify someone. Briefly, I2P's intent is to allow people to communicate
-in arbitrarily hostile environments by providing militant grade anonymity, mixed in with sufficient cover
-traffic provided by the activity of people who require less anonymity. This includes letting Joe Sixpack
-chat with his buddies without anyone listening in, Jane Filetrader to share files knowing that large
-corporations cannot identify her, as well as Will Whistleblower to publish sensitive documents -
+in arbitrarily hostile environments by providing good anonymity, mixed in with sufficient cover
+traffic provided by the activity of people who require less anonymity. This way, some users can avoid
+detection by a very powerful adversary, while others will try to evade a weaker entity,
<i>all on the same network</i>, where each one's messages are essentially indistinguishable from the
others.</p>
<h2>Why?</h2>
-<p>There are a multitude of fantastic reasons why we need a system to support
+<p>There are a multitude of reasons why we need a system to support
anonymous communication, and everyone has their own personal rationale. There are many
<a href="how_networkcomparisons">other efforts</a> working on finding ways to provide varying degrees of
anonymity to people through the Internet, but we could not find any that met our needs or threat
@@ -61,16 +57,16 @@ messages. Client applications have their own cryptographic identifier ("Destina
to send and receive messages. These clients can connect to any router and authorize the temporary
allocation ("lease") of some tunnels that will be used for sending and receiving messages through the
network. I2P has its own internal <a href="how_networkdatabase">network database</a> (using a modification of
-the Kademlia algorithm) for scalable distributing routing and contact information securely.</p>
+the Kademlia algorithm) for distributing routing and contact information securely.</p>
-<p><center><div class="box"><img src="_static/images/net.png" alt="Network topology example" title="Network topology example" /></div></center></p><br>
+<div class="box" style="text-align:center;"><img src="_static/images/net.png" alt="Network topology example" title="Network topology example" /></div>
<p>In the above, Alice, Bob, Charlie, and Dave are all running routers with a single Destination on their
local router. They each have a pair of 2-hop inbound tunnels per destination (labeled 1,2,3,4,5 and 6),
and a small subset of each of those router's outbound tunnel pool is shown with 2-hop outbound tunnels.
For simplicity, Charlie's inbound tunnels and Dave's outbound tunnels are not shown, nor are the rest of
-each router's outbound tunnel pool (typically stocked with 5-10 tunnels at a time). When Alice and Bob
+each router's outbound tunnel pool (typically stocked with a few tunnels at a time). When Alice and Bob
talk to each other, Alice sends a message out one of her (pink) outbound tunnels targeting one of Bob's
(green) inbound tunnels (tunnel 3 or 4). She knows to send to those tunnels on the correct router by querying the
network database, which is constantly updated as new leases are authorized and old ones expire.</p>
@@ -87,13 +83,12 @@ routers within the network. As such, each router must keep and maintain profiles
and is responsible for selecting appropriate peers to meet the anonymity, performance, and reliability
needs of the users, as described in the <a href="how_peerselection">peer selection</a> page.</p>
-<p>The network itself makes use of a significant number of cryptographic techniques and algorithms -
+<p>The network itself makes use of a significant number of <a href="how_cryptography">cryptographic techniques and algorithms</a> -
a full laundry list includes 2048bit ElGamal encryption, 256bit AES in CBC mode with PKCS#5 padding,
1024bit DSA signatures, SHA256 hashes, 2048bit Diffie-Hellman negotiated connections with station to
station authentication, and <a href="how_elgamalaes">ElGamal / AES+SessionTag</a>.</p>
-<p>Content sent over I2P is encrypted through three <strike>or four</strike> layers - <strike>end to end encryption (absolutely
-no routers get the plaintext, ever),</strike> garlic encryption (used to verify the delivery of the message to
+<p>Content sent over I2P is encrypted through three layers garlic encryption (used to verify the delivery of the message to
the recipient), tunnel encryption (all messages passing through a tunnel is encrypted by the tunnel
gateway to the tunnel endpoint), and inter router transport layer encryption (e.g. the TCP transport
uses AES256 with ephemeral keys):</p>
@@ -103,11 +98,11 @@ Notice the different use of terms! All data from a to h is end-to-end encrypted,
between the I2P router and the applications is not end-to-end encrypted!
A and h are the routers of Alice and Bob, while Alice and Bob in following chart are the applications running atop of I2P.</p>
-<center><div class="box"><img src="_static/images/endToEndEncryption.png" alt="End to end layered encryption" title="End to end layered encryption." /></div></center><br>
+<div class="box" style="text-align:center;"><img src="_static/images/endToEndEncryption.png" alt="End to end layered encryption" title="End to end layered encryption." /></div>
<p>The specific use of these algorithms are outlined <a href="how_cryptography">elsewhere</a>.</p>
-<p>The two main mechanisms for allowing people who need militant grade anonymity use the network are
+<p>The two main mechanisms for allowing people who need strong anonymity to use the network are
explicitly delayed garlic routed messages and more comprehensive tunnels to include support for pooling
and mixing messages. These are currently planned for release 3.0, but garlic routed messages with no
delays and FIFO tunnels are currently in place. Additionally, the 2.0 release will allow people to set
@@ -118,36 +113,38 @@ flexible and anonymous transports.</p>
will certainly be more analysis over time, but peer lookup and integration should be bounded by
<code>O(log(N))</code> due to the <a href="how_networkdatabase">network database</a>'s algorithm, while end to end
messages should be <code>O(1)</code> (scale free), since messages go out K hops through the outbound
-tunnel and another K hops through the inbound tunnel - the size of the network (N) bears no impact.</p>
+tunnel and another K hops through the inbound tunnel, with K no longer than 3.
+The size of the network (N) bears no impact.</p>
<h2>When?</h2>
<p>I2P initially began in Feb 2003 as a proposed modification to
<a href="http://freenetproject.org">Freenet</a> to allow it to use alternate transports, such as
<a href="http://java.sun.com/products/jms/index.jsp">JMS</a>, then grew into its own as an
-'anonCommFramework' in April 2003, turning into I2P in July, with code being cut in earnest in August '03,
-reaching the 0.2 release in September, 0.3 in March '04, and 0.4 in September '04.
-Release 0.5 followed in early '05 and 0.6 in mid-'05.
-I2P is currently moving forward according to
+'anonCommFramework' in April 2003, turning into I2P in July, with code being written in earnest starting in August '03.
+I2P is currently under development, following
the <a href="roadmap">roadmap</a>.</p>
-<p>The network itself is not ready for general use, and should not be used by those who need anonymity
-until it has been met with sufficient peer review.</p>
-
<h2>Who?</h2>
<p>We have a small <a href="team">team</a> spread around several continents, working to advance different
aspects of the project. We are very open to other developers who want to get involved and anyone else
who would like to contribute in other ways, such as critiques, peer review, testing, writing I2P enabled
applications, or documentation. The entire system is open source - the router and most of the SDK are
outright public domain with some BSD and Cryptix licensed code, while some applications like I2PTunnel
-and I2PSnark are GPL. Almost everything is written in Java (1.3+), though some third party applications
-are being written in Python. The code works on the current <a href="http://www.kaffe.org/">Kaffe</a>, and
-we are hoping to get it working on <a href="http://gcc.gnu.org/java/">GCJ</a> sooner rather than later.</p>
+and I2PSnark are GPL. Almost everything is written in Java (1.5+), though some third party applications
+are being written in Python and other languages. The code works on <a href="http://java.com/en/">Sun Java SE</a> and other Java Virtual Machines.
+</p>
<h2>Where?</h2>
<p>Anyone interested should
-join us on the IRC channel #i2p (hosted concurrently on irc.freenode.net, irc.postman.i2p, and irc.freshcoffee.i2p).
+join us on the IRC channel #i2p (hosted concurrently on irc.freenode.net, irc.postman.i2p, irc.freshcoffee.i2p, irc.welterde.i2p and irc.einirc.de).
There are currently no scheduled development meetings, however
<a href="meetings">archives are available</a>.</p>
<p>The current source is available in <a href="monotone.html">monotone</a>.</p>
+
+<h2>Additional Information</h2>
+<p>
+See <a href="how.html">the Index to Technical Documentation</a>
+</p>
+
{% endblock %}
diff --git a/www.i2p2/pages/how_intro_de.html b/www.i2p2/pages/how_intro_de.html
index 814583d0d43bb2679899b76a3fedc5db587852a2..333fd9c9acb9890f3bafec986738e8d737e7a3a1 100644
--- a/www.i2p2/pages/how_intro_de.html
+++ b/www.i2p2/pages/how_intro_de.html
@@ -1,11 +1,7 @@
{% extends "_layout_de.html" %}
{% block title %}Einführung in die Arbeitsweise von I2P{% endblock %}
-{% block content %}<i>Hinweis: Dieses "How" Dokument ist noch nicht vollständig aktualisiert
-und enthält noch nicht die diversen Änderungen wie di neuen <a href="tunnel-alt.html">Tunnel
-Routing und Verschlüsselungs </a>Algorhytmen, die <a href="todo#tunnelId">verschiedene</a>
-<a href="todo#tunnelLength">Probleme</a> (inclusive benötigten Grundlagen, die
-<a href="todo#ordering">andere</a>Probleme behoben) behoben haben,
-und weitere Änderungen.</i>
+{% block content %}
+<p>Die Webseite wird gerade überholt und dieses Dokument kann alte Informationen enthalten</p>
<p>I2P ist ein Projekt, welches ein Netzwerk zum sicheren und anonymen Kommunizieren planen, aufbauen
und betreuen wird. Nutzer von I2P haben die Kontrolle über die Verteilung zwischen Anonymität,
@@ -70,7 +66,7 @@ Tunneln, die zum Senden und Empfangen von Nachrichten durch das Netzwerk benutzt
hat eine eigene <a href="how_networkdatabase">Netzwerk Datenbank</a> ("Floodfill") zum skalierbaren sicherem Verteilen von Routing
und Kontaktinformationen.</p>
-<p><center><div class="box"><img src="_static/images/net.png" alt="Network topology example" title="Network topology example" /></div></center></p><br>
+<div class="box" style="text-align:center;"><img src="_static/images/net.png" alt="Network topology example" title="Network topology example" /></div>
<p>Im oberen Bild betreiben Alice, Bob, Charlie und Dave je einen Router mit einer einzigen
Destination auf ihren lokalen Router. Sie haben alle ein paar 2-Hop Eingangstunnel je
@@ -114,7 +110,7 @@ der Ende-zu-Ende Verschlüsselung von Router zu Router, Alice und Bob hingeg
die mittels(unverschlüsseltem) I2CP mit den I2P Routern kommunizieren! Sprich: bis zum I2P Router
sind die Daten unverschlüsselt, ab dem I2P Router ist alles Ende-zu-Ende verschlüsselt.</p>
-<center><div class="box"><img src="_static/images/endToEndEncryption.png" alt="End to end layered encryption" title="End to end layered encryption." /></div></center><br>
+<div class="box" style="text-align:center;"><img src="_static/images/endToEndEncryption.png" alt="End to end layered encryption" title="End to end layered encryption." /></div>
<p>Die genaue Anwendung dieser Algorhytmen sind <a href="how_cryptography">woanders</a> beschrieben.</p>
diff --git a/www.i2p2/pages/how_intro_es.html b/www.i2p2/pages/how_intro_es.html
new file mode 100644
index 0000000000000000000000000000000000000000..7ad82c643b0e1cea35da6a4252b2fe3a8bd72b57
--- /dev/null
+++ b/www.i2p2/pages/how_intro_es.html
@@ -0,0 +1,177 @@
+{% extends "_layout_es.html" %}
+{% block title %}Una Introducción sencilla{% endblock %}
+{% block content %}
+
+<h2>Una breve presentación de cómo funciona I2P</h2>
+
+<p>I2P es un proyecto para construir, desplegar y mantener una red que soporte
+comunicación segura y anónima. Los usuarios de I2P pueden administrar
+el balance entre el anonimato, fiabilidad, uso de ancho de banda y latencia.
+No hay un punto central en la red sobre el cual se pueda ejercer presión para
+comprometer la integridad, seguridad y anonimato del sistema. La red soporta
+reconfiguración dinámica en respuesta a diversos ataques, y ha sido diseñada
+para hacer uso de recursos adicionales según vayan estando disponibles. Por
+supuesto, todos los aspectos de la red son abiertos y están a libre disposición.
+</p>
+
+<p>A diferencia de la mayorÃa de las redes anónimas, I2P no intenta suministrar
+anonimato ocultándole sà al origen de una comunicación y no al destinatario,
+o vÃceversa. De lo contrario: I2P está diseñada para permitir a los pares comunicarse
+unos con otros anónimamente - ambos, quien envÃa y el que recibe, no son
+identificables entre ellos y tampoco por terceras partes. Por ejemplo,
+actualmente hay sitios web I2P internos (permitiendo publicación y hospedaje
+anónimo) además de proxies HTTP hacia la web normal (permitiendo
+navegación anónima). Disponer de la posibilidad de correr servidores
+internamente en I2p es esencial, ya que es bastante probable que cualquier
+proxy de salida hacia la Internet normal pudiera ser monitorizado, desactivado
+o comprometido con el intento de ataques más maliciosos.</p>
+
+<p>La red es en sà misma orientada a mensajes - es en esencia una capa IP segura
+y anónima donde los mensajes son direccionados hacia claves criptográficas
+(Destinos) y pueden ser considerablemente más largos que los paquetes IP.
+Algunos ejemplos del uso de la red incluyen "eepsites" (servidores web
+hospedando aplicaciones web normales dentro de I2P), un cliente BitTorrent
+("I2PSnark"), o un sistema de almacenaje de datos distribuido. Con la ayuda
+de la aplicación <a href="i2ptunnel">I2PTunnel</a>,somos capaces de correr aplicaciones TCP/IP tradicionales sobre I2P, como SSH, IRC, un proxy Squid, e igualmente streaming de audio. Mucha gente no usará I2P directamente, o mismamente no necesitarán saber que lo están usando. En vez de eso, su percepción será la de una de las aplicaciones I2P habilitadas, o quizá la de una pequeña aplicación de control para activar y desactivar varios proxies que permitan funcionalidades de anonimato.</p>
+
+<p>Una parte esencial de diseñar, desarrollar y probar una red anónima es definir el
+<a href="how_threatmodel">modelo de amenaza</a>, si partimos de que no existe lo que podrÃa ser
+considerado anonimato auténtico, solamente se puede hacer más costoso el
+identificar a alguien. Brevemente, el propósito de I2P es permitir comunicarse
+a la gente en ambientes arbitrariamente hostiles suministrando buen anonimato,
+mezclado con suficiente tráfico de cobertura proporcionado por la actividad
+de gente que requiere menos anonimato. De esta forma algunos usuarios pueden
+evitar ser detectados por poderosos adversarios, mientras otros intentarán
+ocultar su identidad de forma más débil,
+<i>todo en la misma red</i>, donde los
+mensajes de cada uno son ensencialmente indistinguibles de los del resto.</p>
+
+<h2>¿Por qué?</h2>
+<p> Puede haber multitud de razones por las que necesitemos un sistema que soporte
+comunicación anónima, y cada cual tendrá su razonamiento personal. Hay muchos
+<a href="how_networkcomparisons">otros proyectos</a> trabajando en encontrar formas de suministrar
+a la gente diferentes grados de anonimato a través de Internet, pero no
+podrÃamos encontrar ninguno que se ajuste a nuestras necesidades o al
+modelo de amenaza.</p>
+
+<h2>¿Cómo?</h2>
+
+<p>Un vistazo a la red muestra que se compone de una instalación de nodos
+("routers") con un número de rutas virtuales unidireccionales entrantes y salientes (Tunnels, como se describen en la página <a href="how_tunnelrouting">tunnel routing</a>).
+Cada router está identificado por una RouterIdentity cifrada que es
+permanente normalmente. Estos routers se comunican entre ellos a través
+de mecanismo de transporte existentes (TCP, UDP, etc) enviandose
+distintos mensajes. Las aplicaciones clientes tienen su propio identificador
+criptográfico ("Destino") que las habilita para enviar y recibir mensajes.
+Estos clientes pueden conectarse a cualquier router y autorizar la asignación
+temporal ("arrendamiento") de varios tuneles que serán usados para enviar y recibir mensaje a través de la red. I2P tiene su propia <a href="how_networkdatabase">base de datos de red</a> (utilizando una modificación del algoritmo Kademlia) para distribuir
+información de rutas y contactos de forma segura.</p>
+
+<div class="box" style="text-align:center;"><img src="_static/images/net.png" alt="Network topology example" title="Network topology example" /></div>
+
+
+<p>En la imagen, Alice, Bob, Charlie and Dave están corriendo routers con un
+simple Destino en su router local. Cada uno de ellos tiene un par de túneles
+de dos saltos entrantes por destino (etiquetados como 1, 2, 3, 4, 5 y 6), y una
+pequeña parte del grupo de los túneles de salida de esos routers se representa
+con tuneles de salida de dos saltos. Para simplificar, los túneles entrantes de
+Charlie y los de salida de Dave no se muestran, tampoco está el resto del grupo
+de túneles de salida de cada router (tÃpicamente compuesto por varios túneles
+a la vez). Cuando Alice y Bob se comunican entre ellos, Alice envÃa un mensaje
+por uno de sus túneles de salida (rosa) en dirección a uno de los túneles
+entrantes (verde) de Bob (túnel 3 o 4). Ella conoce cómo enviar a los túneles
+del router correcto mediante consultas a la base de datos de red, que está
+constantemente actualizándose tan pronto cómo son autorizados nuevos
+arrendamientos y expiran los viejos.</p>
+
+<p>Si Bob quiere contestar a Alice, simplemente utilizará el mismo proceso
+- envÃa un mensaje por uno de sus túneles de salida en dirección hacia
+uno de los túneles de entrada de Alice (túnel 1 o 2). Para hacer las cosas
+más sencillas, la mayor parte de los mensajes enviados entre Alice y Bob
+usan el envoltorio <a href="how_garlicrouting">garlic</a>, incluyendo la información de arrendamiento propia
+del remitente en el paquete, de esta forma el destinatario puede contestar inmediatamente sin necesidad de buscar el dato en su base de datos de red.</p>
+
+<p>Para tratar con un ámplio rango de ataques, I2P es completamente distribuida
+sin recursos centralizados - no hay servidores de directorio manteniendo
+estadÃsticas sobre el rendimiento y fiabilidad de los routers dentro de la red.
+De esta forma cada router debe guardar y mantener los perfiles de varios routers
+y es responsable de seleccionar los pares apropiados para satisfacer el anonimato, rendimiento y fiabilidad requeridos por los usuarios tal y como
+se describe en la página <a href="how_peerselection">selección de pares</a></p>
+
+<p>La red hace uso de un significante número de <a href="how_cryptography">técnicas criptográficas y algoritmos</a> -
+una lista completa incluye cifrado El Gamal de 2048 bits,
+AES de 256 bits en modo CBC con relleno PKCS#5, firmas DSA de
+1024 bits, hashes SHA256, negociación de conexiones Diffie-Hellman de
+2048 bits con autenticación estación a estación y <a href="how_elgamalaes">ElGamal / AES+SessionTag</a>.</p>
+
+<p>El contenido enviado sobre I2P está cifrado a través del cifrado garlic de tres
+capas (usado para verificar la entrega del mensaje a destinatario), cifrado
+de túnel (todos los mensajes cruzando a través de un túnel están cifrados desde
+el túnel gateway hasta el túnel destino final) y cifrado de la capa de transporte
+inter-router (e. g. el transporte TCP usa AES256 con claves efÃmeras).</p>
+
+<p>El cifrado (I2CP) punto a punto (aplicación cliente hacia aplicación servidor)
+fué deshabilitado en la versión 0.6 de I2P; el cifrado (garlic) punto a punto
+(router cliente I2P hacia router servidor I2P) desde el router de Alice "a"
+hasta el router de Bob "h" permanece. ¡Observa el diferente uso de términos!
+Todos los datos desde "a" hasta "h" están cifrados punto a punto, pero las
+conexiones I2CP entre el router I2P y las aplicaciones no son cifradas punto
+a punto. "A" y "h" son los routers de Alice y Bob, mientras que, y siguiendo
+el diagrama, Alice y Bob son las aplicaciones corriendo encima de I2P.</p>
+
+<div class="box" style="text-align:center;"><img src="_static/images/endToEndEncryption.png" alt="End to end layered encryption" title="End to end layered encryption." /></div>
+
+<p>El uso especÃfico de estos algoritmos está descrito en <a href="how_cryptography">otra parte</a>.</p>
+
+<p>Los dos mecanismos principales que permiten usar la red a gente que
+necesita fuerte anonimato son explicitamente mensajes enrutados garlic
+con retardo y túneles más completos que incluyan agrupamiento y mezcla
+de mensajes. Éstos están actualmente planeados para la release 3.0, pero
+los mensajes enrutados garlic sin retardo y túneles FIFO están ya
+implementados. Adicionalmente la release 2.0 permitirá a los usuarios
+establecerse y operar detrás de routers restrictivos (puede que con pares
+de confianza), asà como el despliegue de transportes más flexibles y
+anónimos.</p>
+
+<p>Han surgido algunas preguntas referentes a la escalabilidad de I2P.
+Habrá ciertamente más análisis con el tiempo, pero la búsqueda e integración
+de pares deberÃa ser limitado por
+<code>O(log(N))</code> debido al algoritmo de <a href="how_networkdatabase">base de datos de red</a>, mientras que los mensajes punto a punto serÃan <code>O(1)</code> (escala libre), puesto que los mensajes pasan por K saltos a través del túnel de salida y otros
+K saltos por el túnel de entrada, donde K no es mayor de 3. El tamaño de la
+red (N) no acarrea impacto.</p>
+
+<h2>¿Cuándo?</h2>
+<p>I2P comenzó inicialmente en 2003 como una propuesta de modificar
+<a href="http://freenetproject.org">Freenet</a> para permitir el uso de transportes alternativos, como puede ser
+<a href="http://java.sun.com/products/jms/index.jsp">JMS</a>, después
+se desarrolló con identidad propia como una “anonCommFramework†en
+Abril de 2003, convirtiendose en I2P en Julio y comenzando a escribir código
+seriamente en Agosto de 2003. I2P está actualmente bajo desarrollo siguendo la <a href="roadmap">hoja de ruta</a>.</p>
+
+<h2>¿Quiénes?</h2>
+<p>Tenemos un pequeño <a href="team">equipo</a> desperdigado por varios continentes y trabajando
+en el avance de diferentes aspectos del proyecto. Estamos abiertos a otros
+desarrolladores que deseen involucrarse en el proyecto, y a cualquier otra
+persona que quiera contribuir de cualquier forma, como crÃticas, revisión de
+pares, pruebas, programación de aplicaciones compatibles I2P, o documentación. El sistema completo es código abierto - el router y la
+mayor parte del SDK tienen licencia de dominio público con algo de
+código licenciado con BSD y Cryptix, mientras que aplicaciones como
+I2PTunnel e I2PSnark son GPL. Casi todo está escrito en Java (1.5+),
+aunque algunas aplicaciones de terceros están siendo escritas en Python
+u otros lenguajes. El código funciona en <a href="http://java.com/en/">Sun Java SE</a> y otras máquinas virtuales Java.
+</p>
+
+<h2>¿Dónde?</h2>
+<p>Cualquiera interesado puede unirse a nosotros en el canal IRC #i2p
+(hospedado concurrentemente en irc.freenode.net, irc.postman.i2p, irc.freshcoffee.i2p, irc.welterde.i2p e irc.einirc.de). Actualmente no
+hay agenda de encuentros de desarrollo, no obstante hay
+<a href="meetings">archivos disponibles</a>.</p>
+
+<p>El código actual está disponible en <a href="monotone.html">monotone</a>.</p>
+
+<h2>Información adicional</h2>
+<p>
+Ver <a href="how.html">el Ãndice de la Documentación Técnica</a>
+</p>
+
+{% endblock %}
diff --git a/www.i2p2/pages/how_intro_fr.html b/www.i2p2/pages/how_intro_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..fa682b28b7cd38e2538ee0d3f81998b767bec446
--- /dev/null
+++ b/www.i2p2/pages/how_intro_fr.html
@@ -0,0 +1,160 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Introduction en douceur{% endblock %}
+{% block content %}
+Traduction de mars 2011. <a href="how_intro.html">Version anglaise actuelle</a>
+<h2>Une présentation allégée du fonctionnement d'I2P</h2>
+<p>I2P est un projet dont le but est de construire, déployer, et maintenir un réseau fournissant
+des communications sécurisées et anonymes.
+Les gens utilisant I2P ont le contrôle de l'arbitrage entre l'anonymat, la fiabilité,
+l'utilisation de la bande passante, et la latence. Il n'y a dans ce réseau, pas de centre sur lequel pourrait
+être exercée une pression en vue de compromettre l'intégrité, la sécurité, ou l'anonymat du système.
+Le réseau intègre sa propre reconfiguration dynamique en réponse aux diverses attaques,
+et a été conçu pour utiliser de nouvelles ressources au fur et à mesure de leur disponibilité.
+Bien entendu, tous les aspects du réseau sont publics et disponibles gratuitement.</p>
+
+<p>Contrairement à de nombreux autres réseaux anonymisants, I2P ne tente pas de procurer l'anonymat en masquant
+l'initiateur et pas le destinataire, ou le contraire. I2P est conçu pour permettre
+aux pairs l'utilisant de communiquer anonymement — l'émetteur et le récepteur sont non-identifiables
+l'un par l'autre comme par un tiers. Par exemple, il y a aujourd'hui des sites web intra-I2P
+(permettant la publication/hébergement anonymes) tout comme des serveurs mandataires HTTP vers le web normal
+(permettant la navigation anonyme). La possibilité d'avoir des serveurs dans I2P est essentielle,
+car il est plus que certain que n'importe quel proxy sortant vers l'Internet sera surveillé, désactivé,
+ou même piraté pour tenter des attaques encore plus pernicieuses.</p>
+
+<p>Le réseau lui-même est "orienté messages": il est principalement constitué d'une couche IP sécurisée et anonyme,
+dans laquelle les messages sont adressés à des clés cryptographiques (Destinations) et peuvent être sensiblement
+plus gros que des paquets IP. À titre d'exemples d'utilisation du réseau citons les "eepsites" (serveurs web hébergeant
+des applications Internet normales au sein d'I2P), un client BitTorrent ("I2PSnark"),
+ou un système de stckage distribué. Grâce à l'application <a href="i2ptunnel">I2PTunnel</a>,
+nous pouvons utiliser des applications TCP/IP traditionnelles sur I2P, telles que SSH, IRC, un proxy squid, et même
+du flux audio. La plupart des gens n'utilisent pas I2P directement, ou ne ressentent même pas le besoin de savoir
+qu'ils l'utilisent.
+Au lieu de ça ils verront une des application compatibles avec I2P, ou peut-être une petite application
+de contrôle qui va activer ou désactiver divers proxies pour piloter la fonctionnalité d'anonymisation.</p>
+
+<p>Un des points clés de la conception, dus développement, et du test d'un réseau anonyme est la définition de son
+<a href="how_threatmodel">modèle de sécurité</a>, car il n'existe nulle part un "vrai" anonymat, mais uniquement
+des moyens d'augmenter les coûts d'identification de quelqu'un. Succinctement, le but d'I2P est de permettre de
+communiquer dans des environnements hostiles en procurant un bon anonymat, mélangé à un trafic de camouflage
+suffisant fourni par l'activité de ceux qui ont besoin de moins d'anonymat, de sorte que certains utilisateurs puissent
+se soustraire à la détection par un adversaire très puissant, quand d'autres pourront esquiver une entité plus faible,
+<i>tout ceci sur le même réseau</i> dans lequel les messages des uns sont fondamentalement indistinguables de ceux des
+autres.</p>
+
+<h2>Pourquoi?</h2>
+<p>Il y a une multitude de raisons qui justifient que nous ayons besoin d'un système de communication anonyme,
+et chacun a les siennes propres. Il y a de nombreux
+<a href="how_networkcomparisons">autres efforts</a> pour trouver les moyens de fournir divers niveaux
+d'anonymat sur Internet, mais nous n'en avons trouvé aucun qui réponde à nos besoins ou à notre modèle de sécurité.</p>
+
+<h2>Comment?</h2>
+
+<p>Au premier coup d'œil le réseau est constitué d'un tas de nœuds ("routeurs") dotés d'un certain nombre
+de chemins virtuels entrants et sortants unidirectionnels
+(appelés "tunnels", expliqués sur la page <a href="how_tunnelrouting">routage en tunnel</a>).
+Chaque routeur est identifié par l'identifiant cryptographique "RouterIdentity",
+typiquement de longue durée de vie. Ces routeurs communiquent par des mécanismes existants
+(TCP, UDP, etc). Les applications clientes ont leur propre identifiant cryptographique ("Destination") qui leur
+permet d'envoyer et de recevoir des messages. Ces clients peuvent se connecter à n'importe quel routeur et
+autoriser l'allocation temporaire ("lease") de quelques tunnels qui seront utilisés pour l'envoi et la réception
+à travers le réseau. I2P dispose de sa propre <a href="how_networkdatabase">base de donnée réseau</a> interne
+(avec une modification de l'algorithme Kademlia) pour une distribution sécurisée
+des informations de routage et de contacts.</p>
+
+<div class="box" style="text-align:center;">
+<img src="_static/images/net_fr.png" alt="Exemple de topologie du réseau"
+title="Exemple de topologie du réseau"/></div>
+
+
+<p>Ci-dessus, Alice, Bob, Charlie, et Dave ont tous leur routeur, avec une seule Destination locale.
+Ils ont chacun une paire de tunnels entrants à deux sauts par destination (repérés 1,2,3,4,5 et 6),
+et une petite partie des tunnels sortants de chacun de ces routeurs est montré avec des tunnels sortants à deux sauts.
+Pour simplifier, ne sont représentés ni les tunnels entrants de Charlie et les tunnels sortants de Dave,
+ni le reste du groupe de tunnels sortants de chaque routeur (fourni par défaut avec quelques tunnels).
+Quand Alice et Bob discutent ensemble, Alice envoie un message vers un de ses tunnels sortants (en rose)
+avec pour cible un des tunnels entrants de Bob (3 ou 4, en vert). Elle sait qu'elle doit envoyer vers ces tunnels
+sur le bon routeur en interrogeant la base de donnée du réseau qui est actualisée en permanence
+au fur et à mesure que les nouveaux baux sont autorisés et que les anciens expirent.</p>
+
+<p>Si Bob veut répondre à Alice, il utilise simplement la même procédure: envoyer un message via un de ses
+tunnels sortants en ciblant un des tunnels entrants d'Alice (tunnel 1 ou 2). Pour rendre les choses plus faciles,
+la plupart des messages circulant entre Alice et Bob sont empaquetés "à la <a href="how_garlicrouting">garlic"</a>,
+embarquant les informations sur le bail actuel de l'expéditeur, de sorte que le destinataire puisse répondre
+immédiatement sans avoir à interroger la base de donnée.</p>
+
+<p>Pour gérer une grande gamme d'attaques, I2P est entièrement <b>décentralisé</b> et en conséquence
+il n'y a pas de serveur d'annuaire conservant des statistiques de performances et de fiabilité des routeurs
+du réseau. Donc chaque routeur doit garder et entretenir les profils de divers routeurs
+et est responsable de la sélection de pairs appropriés aux besoins d'anonymat, de performance et de fiabilité
+des utilisateurs, comme expliqué sur la page <a href="how_peerselection">sélection de pairs</a>.</p>
+
+<p>Le réseau fait usage d'un nombre significatif de
+<a href="how_cryptography">techniques et algorithmes cryptographiques</a>: la liste complète est constituée des
+cryptages ElGamal à 2048bits, AES 256bits en mode CBC avec bourrage PKCS#5,
+des signatures DSA à 1024bits, des hachages SHA256, de l'authentification de connexions station à station négociée en
+Diffie-Hellman 2048bit, et <a href="how_elgamalaes">ElGamal / AES+SessionTag</a>.</p>
+
+<p>Les contenus envoyés sur I2P sont cryptés à travers un cryptage en têtes d'ail ("garlic") à trois niveaux
+(utilisé pour vérifier la réception du message par le destinataire), par le cryptage de tunnel (tous les messages
+traversant un tunnel sont cryptés par la passerelle du tunnel à l'intention du point de sortie du tunnel),
+et par un cryptage de la couche transport inter routeurs (p.e. le transport TCP utilise des clés AES256 éphémères):</p>
+<p>Le cryptage de bout en bout (I2CP) (application cliente à application serveur) a été désactivée dans la version 0.6;
+Le cryptage (garlic) de bout en bout (routeur I2P client à routeur I2P serveur) depuis le routeur "a" d'Alice
+vers le "h" de Bob est restée.
+Remarquez l'utilisation différente des termes! Toutes les données transitant de "a" à "h" sont cryptées de bout en
+bout, mais la connexion I2CP entre le routeur et les applications ne l'est pas!
+"a" et "h" sont les routeurs d'Alice et Bob, alors qu'Alice et Bob dans le schéma suivant <b>sont</b> les applications
+qui tournent sur I2P.</p>
+
+<div class="box" style="text-align:center;"><img src="_static/images/endToEndEncryption_fr.png"
+alt="Cryptage en couches de bout en bout" title="Cryptage en couches de bout en bout" /></div>
+
+<p>Les utilisations spécifiques de ces algorithmes sont précisées <a href="how_cryptography">ailleurs</a>.</p>
+
+<p>Les deux mécanismes principaux permettant l'usage du réseau à ceux qui ont besoin d'un anonymat fort
+sont très explicitement le routage "garlic" retardé et des tunnels plus évolués incluant la possibilité d'appeler et
+de croiser les messages. Ils sont actuellement planifiés pour la version 3.0, mais le routage "garlic" instantané et
+les tunnels FIFO sont d'ores et déjà opérationnels. La version 2.0 permettra de mettre en place des routes réservées
+(peut-être avec des pairs de confiance), ainsi que des transports plus souples et plus anonymes.</p>
+
+<p>Des questions on surgit à juste titre sur l'évolutivité d'I2P en terme d'échelle. Il y aura certainement plus
+d'analyse avec le temps, mais l'intégration et la recherche des pairs devraient répondre à <b><code>O(log(N))</code></b>
+grâce à l'algorithme de la <a href="how_networkdatabase">base de données</a>, alors que les messages seraient plutôt
+liés à <b><code>O(1)</code></b> (non dépendance à l'échelle), car les messages passent par K sauts du tunnel sortant
+puis encore K sauts via le tunnel entrant, avec K inférieur ou égal à 3.
+La taille du réseau (N) n'a aucun impact.</p>
+
+<h2>Quand?</h2>
+<p>I2P a commencé en février 2003 en tant que proposition de modification de
+<a href="http://freenetproject.org">Freenet</a> pour lui permettre d'utiliser d'autres modes de transferts, comme
+<a href="http://java.sun.com/products/jms/index.jsp">JMS</a>, puis a évolué de son côté en
+'anonCommFramework' en avril 2003, pour devenir I2P en juillet, l'écriture du code ayant sérieusement commencé
+en août 2003.
+I2P est actuellement en phase de développement et suit sa <a href="roadmap_fr">feuille de route</a>.</p>
+
+<h2>Qui?</h2>
+<p>Nous sommes une petite <a href="team_fr">équipe</a> répartie sur plusieurs continents, qui travaille Ã
+l'avancement de différents aspects du projet. Nous sommes complètement ouverts à l'arrivée d'autre développeurs
+qui voudraient s'impliquer et à celle de quiconque préfèrerait participer d'autres façons, telles que la critique,
+l'analyse de pair, le test, l'écriture d'applications compatibles, ou de documentation. Le système est totalement
+"open source": le routeur et presque tout l'outil de développement sont de plein droit dans le domaine public avec
+quelques lignes de code sous licence BSD et Cryptix, et quelques applications comme I2PTunnel
+et I2PSnark sous GPL. Presque tout est écrit en Java (1.5+), bien que quelques applications tierce partie soient
+écrites en Python et autres langages. Le code fonctionne sur <a href="http://java.com/en/">Oracle/Sun Java SE</a> et
+d'autres Machines Virtuelles Java.
+</p>
+
+<h2>Où?</h2>
+<p>Toute personne intéressée peut nous joindre sur le canal IRC #i2p actuellement hébergé
+sur les serveurs irc.freenode.net, irc.postman.i2p, irc.freshcoffee.i2p, irc.welterde.i2p et irc.einirc.de.
+Il n'y a pas de rencontre de développement planifiée actuellement, mais
+<a href="meetings_fr">les archives sont disponibles</a>.</p>
+
+<p>Le code source est disponible dans <a href="monotone.html">monotone</a>.</p>
+
+<h2>Plus d'infos</h2>
+<p>
+Voir la <a href="how_fr.html">table des matières de la documentation technique</a>.
+</p>
+
+{% endblock %}
diff --git a/www.i2p2/pages/how_networkcomparisons.html b/www.i2p2/pages/how_networkcomparisons.html
index 8f81cda737d31bea0200823d0414e6ad0fa52a52..f3733e99006e951f0dbba0802a650dd754088946 100644
--- a/www.i2p2/pages/how_networkcomparisons.html
+++ b/www.i2p2/pages/how_networkcomparisons.html
@@ -1,22 +1,29 @@
{% extends "_layout.html" %}
-{% block title %}I2P Compared to Other Anonymous Networks{% endblock %}
+{% block title %}I2P Compared to Tor and Freenet{% endblock %}
{% block content %}<p>There are a great many other applications and projects working on anonymous
communication and I2P has been inspired by much of their efforts. This is not
a comprehensive list of anonymity resources - both freehaven's
<a href="http://freehaven.net/anonbib/topic.html">Anonymity Bibliography</a>
-and GNUnet's <a href="http://www.ovmj.org/GNUnet/links.php3">related projects</a>
+and GNUnet's <a href="https://www.gnunet.org/links/">related projects</a>
serve that purpose well. That said, a few systems stand out for further
-comparison:</p>
+comparison. The following are discussed on this page:</p>
<ul>
<li>Tor / Onion Routing</li>
+<li>Freenet</li>
+</ul>
+<p>The following are discussed on the <a href="othernetworks.html">other networks page:</a></p>
+<ul>
<li>Morphmix and Tarzan</li>
<li>Mixminion / Mixmaster</li>
-<li>Freenet</li>
<li>JAP</li>
<li>MUTE / AntsP2P</li>
+<li>Haystack</li>
</ul>
-<p>The content of this page is subject to update, discussion and dispute, and we welcome comments and additions.</p>
+<p>The content of this page is subject to update, discussion and dispute, and we welcome comments and additions.
+You may contribute an analysis by entering a
+<a href="http://trac.i2p2.de/report/1">new ticket on trac.i2p2.de</a>.
+</p>
<h2>Tor / Onion Routing</h2>
<i><a href="http://www.torproject.org/">[Tor]</a>
@@ -49,10 +56,11 @@ is, also, outside I2P's (formal) functional scope (if people want
to build outproxy functionality on top of an anonymous
communication layer, they can). In fact, some I2P users
currently take advantage of Tor to outproxy.</p>
-
+<!--
<p>See also the
<a href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ComparisonI2P">the Tor FAQ</a>
for a Tor/I2P comparison from the Tor perspective.</p>
+-->
<h3>Comparison of Tor and I2P Terminology</h3>
While Tor and I2P are similar in many ways, much of the terminology is different.
@@ -87,7 +95,7 @@ While Tor and I2P are similar in many ways, much of the terminology is different
<li>Has more developers, including several that are funded</li>
<li>More resistant to state-level blocking due to TLS transport layer and bridges
(I2P has proposals for "full restricted routes" but these are not yet implemented)</li>
- <li>Big enough that it has had to adapt to blocking and DOS attempts<li>
+ <li>Big enough that it has had to adapt to blocking and DOS attempts</li>
<li>Designed and optimized for exit traffic, with a large number of exit nodes</li>
<li>Better documentation, has formal papers and specifications, better website, many more translations</li>
<li>More efficient with memory usage</li>
@@ -107,8 +115,8 @@ While Tor and I2P are similar in many ways, much of the terminology is different
rather than trusting claimed capacity</li>
<li>Floodfill peers ("directory servers") are varying and untrusted,
rather than hardcoded</li>
- <li>Small enough that it hasn't been blocked or DOSed much, or at all<li>
- <li>Peer-to-peer friendly<li>
+ <li>Small enough that it hasn't been blocked or DOSed much, or at all</li>
+ <li>Peer-to-peer friendly</li>
<li>Packet switched instead of circuit switched
<ul>
<li>implicit transparent load balancing of messages
@@ -144,6 +152,7 @@ While Tor and I2P are similar in many ways, much of the terminology is different
</ul>
<h3>Other potential benefits of I2P but not yet implemented</h3>
+<p>...and may never be implemented, so don't count on them!</p>
<ul>
<li>Defense vs. message count analysis by garlic wrapping
multiple messages</li>
@@ -156,127 +165,6 @@ While Tor and I2P are similar in many ways, much of the terminology is different
are insufficient messages, etc)</li>
</ul>
-<h2>Morphmix and Tarzan</h2>
-<i><a href="http://www.tik.ee.ethz.ch/~morphmix/">[Morphmix]</a>
- <a href="http://www.pdos.lcs.mit.edu/tarzan/">[Tarzan]</a></i>
-
-<p>Morphmix and Tarzan are both fully distributed, peer to peer networks of
-anonymizing proxies, allowing people to tunnel out through the low latency
-mix network. Morphmix includes some very interesting collusion detection
-algorithms and Sybil defenses, while Tarzan makes use of the scarcity of IP
-addresses to accomplish the same. The two primary differences between
-these systems and I2P are related to I2P's <a href="how_threatmodel">threat model</a>
-and their out-proxy design (as opposed to providing both sender and receiver
-anonymity). There is source code available to both systems, but we are not aware
-of their use outside of academic environments.</p>
-<p>Stealing quite directly from the Tarzan paper, the following includes a quick
-comparison of Tarzan, Crowds, Onion Routing (OR), and I2P:</p>
-
-<table>
- <tr>
- <td style="width: 19%;"></td>
- <td style="width: 27%;" colspan="4">Bad first relay/router</td>
- <td style="width: 27%;" colspan="4">Bad intermediate relay/router</td>
- <td style="width: 27%;" colspan="4">Bad last relay/router</td>
- </tr>
- <tr>
- <td>Information exposed</td>
- <td><b>OR</b></td>
- <td><b>Crowds</b></td>
- <td><b>Tarzan</b></td>
- <td><b>I2P</b></td>
-
- <td><b>OR</b></td>
- <td><b>Crowds</b></td>
- <td><b>Tarzan</b></td>
- <td><b>I2P</b></td>
-
- <td><b>OR</b></td>
- <td><b>Crowds</b></td>
- <td><b>Tarzan</b></td>
- <td><b>I2P</b></td>
- </tr>
- <tr>
- <td>Sender activity</td>
- <td>Yes</td>
- <td>Maybe</td>
- <td>Maybe</td>
- <td><b>No</b></td>
-
- <td>No</td>
- <td>No</td>
- <td>Maybe</td>
- <td><b>No</b></td>
-
- <td>No</td>
- <td>No</td>
- <td>No</td>
- <td><b>No</b></td>
- </tr>
- <tr>
- <td>Recipient activity</td>
- <td>No</td>
- <td>Yes</td>
- <td>No</td>
- <td><b>No</b></td>
-
- <td>No</td>
- <td>Yes</td>
- <td>No</td>
- <td><b>No</b></td>
-
- <td>Yes</td>
- <td>Yes</td>
- <td>Yes</td>
- <td><b>No</b></td>
- </tr>
- <tr>
- <td>Sender content</td>
- <td>No</td>
- <td>Maybe</td>
- <td>No</td>
- <td><b>No</b></td>
-
- <td>No</td>
- <td>No</td>
- <td>No</td>
- <td><b>No</b></td>
-
- <td>No</td>
- <td>No</td>
- <td>No</td>
- <td><b>No</b></td>
- </tr>
- <tr>
- <td>Recipient content</td>
- <td>No</td>
- <td>Yes</td>
- <td>No</td>
- <td><b>No</b></td>
-
- <td>No</td>
- <td>Yes</td>
- <td>No</td>
- <td><b>No</b></td>
-
- <td>Yes</td>
- <td>Yes</td>
- <td>Yes</td>
- <td><b>No</b></td>
- </tr>
-</table>
-<p>(Original image at <a href="http://dev.i2p.net/~jrandom/wiki/comparison.png">
-http://dev.i2p.net/~jrandom/wiki/comparison.png</a>)</p>
-
-<h2>Mixminion / Mixmaster</h2>
-<i><a href="http://mixminion.net/">[Mixminion]</a>
- <a href="http://mixmaster.sourceforge.net/">[Mixmaster]</a></i>
-
-<p>Mixminion and Mixmaster are networks to support anonymous email against a very
-powerful adversary. I2P aims to provide an adequate means to meet their threat
-model as we reach I2P 3.0 along side the needs of low latency users, providing
-a significantly larger anonymity set. As with Tor and Onion Routing above,
-both Mixminion and Mixmaster take the directory based approach as well.</p>
<h2>Freenet</h2>
<i><a href="http://freenetproject.org/">[Freenet]</a></i>
@@ -293,10 +181,12 @@ even when the publisher is no longer online. In addition, it should be able to
distribute popular data fairly efficiently. I2P itself does not and will not provide
this functionality. On the other hand, there is overlap for users who simply want to
communicate with each other anonymously through websites, message boards, file sharing
-programs, etc. There have also been some developers working on a distributed data
-store to run on top of I2P, but those are not ready for general use yet.</p>
+programs, etc. There have also been some attempts to develop a distributed data
+store to run on top of I2P,
+(most recently a port of <a href="http://tahoe-lafs.org/trac/tahoe-lafs">Tahoe-LAFS</a>)
+but nothing is yet ready for general use.</p>
-<p>However, even ignoring any implementations issues, there are some serious concerns
+<p>However, even ignoring any implementations issues, there are some concerns
about Freenet's algorithms from both a scalability and anonymity perspective, owing
largely to Freenet's heuristic driven routing. The interactions of various techniques
certainly may successfully deter various attacks, and perhaps some aspects of the
@@ -305,44 +195,4 @@ analysis of the algorithms involved has resulted in positive results, but there
hope. At the very least, Freenet does provide substantial anonymity against an attacker
who does not have the resources necessary to analyze it further.</p>
-<h2>JAP</h2>
-<i><a href="http://anon.inf.tu-dresden.de/index_en.html">[JAP]</a></i>
-
-<p>JAP (Java Anonymous Proxy) is a network of mix cascades for anonymizing web requests,
-and as such it has a few centralized nodes (participants in the cascade) that blend
-and mix requests from clients through the sequence of nodes (the cascade) before
-proxying out onto the web. The scope, threat model, and security is substantially
-different from I2P, but for those who don't require significant anonymity but still
-are not satisfied with an Anonymizer-like service, JAP is worth reviewing. One
-caution to note is that anyone under the jurisdiction of the German courts may want
-to take care, as the German Federal Bureau of Criminal Investigation (FBCI) has has
-successfully mounted an
-<a href="http://www.datenschutzzentrum.de/material/themen/presse/anonip3_e.htm">attack</a>
-on the network. Even though the method of this attack was later found to be illegal
-in the German courts, the fact that the data was successfully collected is the
-concern. Courts change their minds based upon circumstance, and this is evidence that
-if a government body or intelligence agency wanted to, they could gather the data, even
-if it may be found inadmissible in some courts later)</p>
-
-<h2>MUTE / AntsP2P</h2>
-<i><a href="http://mute-net.sourceforge.net/">[MUTE]</a>
- <a href="http://www.myjavaserver.com/~gwren/home.jsp?page=custom&xmlName=ants">[AntsP2P]</a></i>
-
-<p>Both of these systems work through the same basic
-<a href="http://citeseer.ist.psu.edu/57701.html">antnet</a> routing, providing some degree of
-anonymity based on the threat model of providing plausible deniability against a simple
-non-colluding adversary. With the antnet routing, they first either do a random walk or a
-broadcast search to find some peer with the data or identity desired, and then use a feedback
-algorithm to optimize that found path. This works well for applications that merely want to know
-what other people around them have to offer - "How are y'all doing" vs. "Hey Alice, how are you" -
-you basically get a local cluster of nodes that can share files with and maintain some degree of
-anonymity (though you don't have much control over who is in that group of peers).</p>
-
-<p>However, the algorithm does not scale well at all - if the application wants to speak with a
-particular peer it ends up doing a broadcast search or random walk (though if they are lucky enough
-for that to succeed, the antnet routing should optimize that found connection). This means that
-while these networks can work great at small scales, they are not suitable for large networks where
-someone wants to get in touch with another specific peer. That does not mean that there is no
-value in these systems, just that their applicability is limited to situations where their
-particular issues can be addressed.</p>
{% endblock %}
diff --git a/www.i2p2/pages/how_networkcomparisons_fr.html b/www.i2p2/pages/how_networkcomparisons_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..69d52fc097f34a8f7fd200d3745577a6a15fe591
--- /dev/null
+++ b/www.i2p2/pages/how_networkcomparisons_fr.html
@@ -0,0 +1,167 @@
+{% extends "_layout_fr.html" %}
+{% block title %}I2P Comparé à Tor et à Freenet{% endblock %}
+{% block content %}
+Traduction d'avril 2011. <a href="how_networkcomparisons.html">Version anglaise actuelle</a>
+<p>Il existe un grand nombre d'autres applications et projets centrés sur la communication anonyme
+et I2P s'est inspiré de beaucoup de leurs efforts. Ceci n'est pas une liste exhaustive de références à l'anonymat :
+tant la <a href="http://freehaven.net/anonbib/topic.html">Anonymity Bibliography</a> de freehaven que les
+<a href="https://www.gnunet.org/links/">projets relatifs</a> de GNUnet s'en acquittent très bien. Ceci dit,
+très peu de systèmes supportent longtemps la comparaison. Ils sont exposés ici :</p>
+<ul>
+<li>Tor / Onion Routing</li>
+<li>Freenet</li>
+</ul>
+<p>Les suivants sont présentés sur la page <a href="othernetworks.html">autres réseaux</a></p> :
+<ul>
+<li>Morphmix et Tarzan</li>
+<li>Mixminion / Mixmaster</li>
+<li>JAP</li>
+<li>MUTE / AntsP2P</li>
+<li>Haystack</li>
+</ul>
+
+<p>Le contenu de cette page est susceptible de mises à jour, de discutions et de débats, et nous accueillons les
+commentaires et les compléments. Vous pouvez contribuer à l'analyse en soumettant un ticket sur
+<a href="http://trac.i2p2.de/report/1">trac.i2p2.de</a>.
+</p>
+
+<h2>Tor / Onion Routing</h2>
+<i><a href="http://www.torproject.org/">[Tor]</a>
+ <a href="http://www.onion-router.net">[Onion Routing]</a></i>
+<p>Tor et Onion Routing sont tous deux des réseaux de mandataires anonymisants, permettant à leurs utilisateurs des
+sorties de tunnels à travers leur réseau croisé à basse latence. Les deux principales différences entre Tor /
+Onion-Routing et I2P résident dans leur modèle de prise en compte des menaces et la conception des mandataires sortants
+(bien que Tor supporte aussi les services cachés). De plus, Tor adopte l'approche basée sur un annuaire - en
+fournissant un point central de gestion de la "vue" globale du réseau et de collecte/rapports de statistiques, à la
+différence de la <a href="how_networkdatabase">base de données</a> et de la <a href="how_peerselection">sélection
+des pairs</a>, décentralisées dans I2P.</p>
+
+<p>La fonctionnalité de mandataire sortant I2P/Tor soufrent de quelques faiblesses non négligeables envers certains
+attaquants - une fois que la communication quitte le réseau croisé, des adversaires globaux passifs peuvent facilement
+monter des analyses de trafic. De plus, les mandataires sortant ont l'accès au texte en clair des données transférées
+dans les deux sens, et ils sont prédisposés à abuser de cette possibilité, à côté de tous les autres problèmes de
+sécurité que nous avons appris à connaître et à aimer sur l'Internet normal.</p>
+
+<p>Cependant, de nombreuses personnes n'ont pas besoin de se soucier de ces situations, car elles sont en dehors de
+leurs référentiels de menaces. Mais c'est, il faut le noter, en dehors de l'étendue (formelle) fonctionnelle d'I2P (si
+des utilisateurs veulent ajouter une fonctionnalité de mandataire sortant au dessus de la couche de communication
+anonyme, ils peuvent). En fait, certains utilisateurs d'I2P bénéficient actuellement de Tor pour sortir du réseau par
+un mandataire.</p>
+<!--
+<p>Pour avoir une comparaison Tor/I2P du point de vue de Tor, consultez
+la <a href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ComparisonI2P">FAQ de Tor</a>.</p>
+-->
+
+<h3>Comparaison des terminologies de Tor et d'I2P</h3>
+Bien que Tor et I2P aient de nombreuses similarités, une grande part de leur terminologies respectives est différente.
+<table>
+<tr><th align="left">Tor<th align="left">I2P
+<tr><td>Cellule<td>Message
+<tr><td>Client<td>Router ou Client
+<tr><td>Circuit<td>Tunnel
+<tr><td>Directory<td>NetDb
+<tr><td>Directory Server<td>Floodfill Router (diffuseurs)
+<tr><td>Entry Guards<td>Pairs rapides
+<tr><td>Entry Node<td>Mandataire entrant
+<tr><td>Exit Node<td>Mandataire sortant
+<tr><td>Hidden Service<td>Eepsite ou Destination
+<tr><td>Hidden Service Descriptor<td>Jeux de baux
+<tr><td>Introduction point<td>Passerelle entrante
+<tr><td>Node<td>Router
+<tr><td>Onion Proxy<td>Client I2PTunnel (grosso modo)
+<tr><td>Relay<td>Router
+<tr><td>Rendezvous Point<td>quelque chose comme la paire Passerelle entrante + Point terminal sortant
+<tr><td>Router Descriptor<td>RouterInfo
+<tr><td>Server<td>Router
+</table>
+
+<h3>Avantages de Tor sur I2P</h3>
+<ul>
+ <li>Base d'utilisateurs bien plus grosse; plus grande visibilité dans les communautés universitaires et de hackers ;
+bénéficie des études formelles sur l'anonymat, la résistance et les performances ; dispose d'un leader appuyé par
+l'université, non anonyme et visible</li>
+ <li>A déjà résolu des problèmes d'échelle qu'I2P n'a pas encore à résoudre</li>
+ <li>Dispose d'un financement significatif</li>
+ <li>A plus de développeurs, dont plusieurs sont rémunérés</li>
+ <li>Plus résistant aux blocages d'état (state-level) grâce à la couche transport TLS et aux ponts (I2P a des projets
+de routes réservés mais elles ne sont pas encore implémentées)</li>
+ <li>Assez gros pour avoir déjà eu a s'adapter aux tentatives de blocage et de déni de service</li>
+ <li>Conçu et optimisé pour le trafic sortant, avec un grand nombre de nœuds de sortie</li>
+ <li>Meilleure documentation, avec ses articles formels et ses spécifications, meilleur site web, bien plus de
+traductions</li>
+ <li>Plus efficace en utilisation mémoire</li>
+ <li>Les nœuds clients Tor subissent une très légère surcharge de bande passante</li>
+ <li>Le contrôle centralisé réduit la complexité de chaque nœud et résout efficacement les attaques de Sibylle</li>
+ <li>Un noyau de nœuds à hautes capacités fournit un débit supérieur et une latence plus faible</li>
+ <li>C, pas Java (beurk!)</li>
+</ul>
+
+<h3>Avantages d'I2P sur Tor</h3>
+<ul>
+ <li>Conçu et optimisé pour les services cachés, qui sont plus rapides que dans Tor</li>
+ <li>Entièrement décentralisé et auto organisant</li>
+ <li>Pairs sélectionnés par profilage continu et mesure des performances, plutôt que sur la foi des capacités annoncées
+ </li>
+ <li>Diffuseurs ("directory servers") changeants et sans relation de confiance, plutôt que codés en dur</li>
+ <li>Assez petit pour n'avoir jamais été bloqué ni soumis à des DdS</li>
+ <li>Gentiment <s>Pomme-Ã -Pomme</s>…<s>Poire-Ã -Poire</s>… bon, Peer-to-peer</li>
+ <li>Un traducteur pour le français qui se la pète pas</li>
+ <li>Commutation de paquets plutôt que commutation de circuits
+ <ul>
+ <li>Équilibrage de charge implicite transparent des messages à travers de multiples pairs, plutôt chemin unique </li>
+ <li>Tolérance de pannes par parallélisme multi-tunnels et rotation des tunnels plutôt que pannes</li>
+ <li>Dimensionne chaque connexion client à O(1) plutôt qu'à O(N) (Alice a p.ex 2 tunnels entrants qui sont utilisés
+par tous les pairs avec lesquels elle communique, plutôt qu'un circuit pour chacun)</li>
+ </ul></li>
+ <li>Tunnels Unidirectionnels plutôt que circuits bidirectionnels, doublant ainsi le nombre de nœuds à compromettre
+pour obtenir la même information</li>
+ <li>Protection contre la détection de l'activité du client, même quand l'attaquant fait partie du tunnel car celui-ci
+fait plus que simplement passer les messages de bout en bout (netDB, gestion et test des tunnels)</li>
+ <li>Tunnels à courte durée de vie, diminuant le nombre d'échantillons qu'un attaquant peut utiliser pour une attaque
+active, plutôt que des circuits à vie typiquement longue</li>
+ <li>APIs I2P spécialement conçues pour l'anonymat et la sécurité, plutôt que SOCKS conçu pour les fonctionnalités</li>
+ <li>Essentiellement tous les pairs participent au routage pour les autres</li>
+ <li>Faible surcharge de bande passante d'un pair à part entière, plutôt que minime dans Tor où les nœuds ne
+participent pas pleinement au réseau croisé.</li>
+ <li>Mécanisme intégré de mise à jour automatique</li>
+ <li>Transports TCP et UDP</li>
+ <li>Java, not C (beark!)</li>
+</ul>
+
+<h3>Autres bénéfices potentiels d'I2P, mais pas encore implémentés</h3>
+<p>...et peut-être jamais implémentés, alors ne comptez pas dessus!</p>
+<ul>
+ <li>Protection contre les analyses de dénombrement de messages, grâce au regroupement de gousses de messages multiples
+</li>
+ <li>Protection contre les attaques d'intersection à long terme, par l'ajout de retards au niveau de divers sauts (où
+les retards sont indiscernables par les autres sauts)</li>
+ <li>Diverses stratégies de mélange au niveau tunnel (p.e. créer un tunnel qui gèrera 500 messages/mn, dans lequel le
+point terminal injectera des messages bidons s'il n'y en a pas assez ,etc…)</li>
+</ul>
+
+
+<h2>Freenet</h2>
+<i><a href="http://freenetproject.org/">[Freenet]</a></i>
+
+<p>Freenet est un réseau de publication P2P anonyme et complètement décentralisé, offrant des moyens de stockage
+sécurisés, ainsi que quelques approches pour résoudre les surcharges d'inondation ponctuelles. Si Freenet est conçu en
+tant que système de stockage décentralisé, des utilisateurs ont développé des applications compatibles pour faire de la
+communication anonyme plus générique, comme des sites web statiques et des panneaux à messages.</p>
+
+<p>Comparé à I2P, Freenet offre des avantages substantiels - il fait du stockage décentralisé quand I2P ne le fait pas,
+permettant aux utilisateurs de retrouver le contenu déposé par d'autres qui ne sont plus forcément en ligne. De plus,
+il devrait pouvoir distribuer des données populaires de façon plutôt efficaces. I2P lui-même ne fournit (et ne
+fournira) pas cette fonctionnalité. D'un autre côté, il y a un recouvrement pour les utilisateurs qui veulent
+simplement communiquer anonymement via des sites web, des tableaux de messages, du partage de fichiers etc… Il y
+aussi eu quelques tentatives de développement de stockage décentralisé pour I2P (plus récemment, un portage de
+<a href="http://tahoe-lafs.org/trac/tahoe-lafs">Tahoe-LAFS</a>) mais rien n'est prêt pour un usage général.</p>
+
+<p>Cependant, même en faisant abstraction des problèmes de mise en œuvre, il reste quelques inquiétudes au sujet des
+algorithmes de Freenet d'un point de vue anonymat et adaptabilité au facteur d'échelle, comptant beaucoup sur le
+routage heuristique de Freenet. Les interactions des diverses techniques pourraient certainement vouer à l'échec
+certaines attaques, et peut-être que certains aspects des algorithmes de routages pourraient résoudre les espoirs
+d'adaptabilité d'échelle. Malheureusement, trop peu d'analyses des algorithmes concernés ont donné des résultats
+probants bien qu'il reste de l'espoir. Et pour finir, Freenet apporte un réel anonymat contre un attaquant ne
+possédant pas les ressources nécessaires pour l'analyser plus avant.</p>
+
+{% endblock %}
diff --git a/www.i2p2/pages/how_networkdatabase.html b/www.i2p2/pages/how_networkdatabase.html
index a5876ee81ebedc58d9b127a4146768ebfe01e77a..3f44ccbad33d1dbd9b89a2862880c3b5009bc171 100644
--- a/www.i2p2/pages/how_networkdatabase.html
+++ b/www.i2p2/pages/how_networkdatabase.html
@@ -1,9 +1,9 @@
{% extends "_layout.html" %}
-{% block title %}How the Network Database (netDb) Works{% endblock %}
+{% block title %}The Network Database{% endblock %}
{% block content %}
<p>
- Updated July 2010, current as of router version 0.8
+ Updated June 2012, current as of router version 0.9
</p>
<h2>Overview</h2>
@@ -28,8 +28,8 @@
<p>
When an I2P router wants to contact another router, they need to know some
key pieces of data - all of which are bundled up and signed by the router into
- a structure called the "RouterInfo", which is distributed under the key derived
- from the SHA256 of the router's identity. The structure itself contains:
+ a structure called the "RouterInfo", which is distributed with the SHA256 of the router's identity
+ as the key. The structure itself contains:
</p>
<ul>
<li>The router's identity (a 2048bit ElGamal encryption key, a 1024bit DSA signing key, and a certificate)</li>
@@ -78,7 +78,6 @@
Current statistics are limited to:
</p>
<ul>
- <li>1 hour average bandwidth (average of outbound and inbound bandwidth)
<li>Client and exploratory tunnel build success, reject, and timeout rates
<li>1 hour average number of participating tunnels
</ul>
@@ -95,7 +94,7 @@
<a href="common_structures_spec.html#struct_RouterInfo">RouterInfo specification</a>
</p>
<p>
- <a href="http://docs.i2p2.de/core/net/i2p/data/RouterInfo.html">RouterInfo Javadoc</a>
+ <a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/RouterInfo.html">RouterInfo Javadoc</a>
</p>
<h3>RouterInfo Expiration</h3>
@@ -106,13 +105,15 @@
In the current implementation, there are the following general policies:
</p>
<ul>
- <li>There is no expiration during the first hour of uptime, as the persistent stored data may be old.
+ <li>There is no expiration during the first hour of uptime, as the persistent stored data may be old.</li>
+ <li>There is no expiration if there are 25 or less RouterInfos.</li>
<li>As the number of local RouterInfos grows, the expiration time shrinks, in an attempt to maintain
- a reasonable number RouterInfos.
+ a reasonable number RouterInfos. The expiration time with less than 120 routers is 72 hours,
+ while expiration time with 300 routers is around 30 hours.</li>
<li>RouterInfos containing <a href="udp.html">SSU</a> introducers expire in about an hour, as
- the introducer list expires in about that time
- <li>Floodfills use a short expiration time for all local RouterInfos, as valid RouterInfos will
- be frequently republished to them
+ the introducer list expires in about that time.</li>
+ <li>Floodfills use a short expiration time (1 hour) for all local RouterInfos, as valid RouterInfos will
+ be frequently republished to them.</li>
</ul>
<h3>RouterInfo Persistent Storage</h3>
@@ -122,24 +123,29 @@
</p>
-<h2 id="leaseSet"LeaseSet</h2>
+<h2 id="leaseSet">LeaseSet</h2>
<p>
The second piece of data distributed in the netDb is a "LeaseSet" - documenting
- a group of tunnel entry points (leases) for a particular client destination.
- Each of these leases specify the tunnel's gateway router (with the hash of its
- identity), the tunnel ID on that router to send messages (a 4 byte number), and
- when that tunnel will expire. The LeaseSet itself is stored in the netDb under
+ a group of <b>tunnel entry points (leases)</b> for a particular client destination.
+ Each of these leases specify the following information:
+ <ul>
+ <li>The tunnel gateway router (by specifying its identity)</li>
+ <li>The tunnel ID on that router to send messages with (a 4 byte number)</li>
+ <li>When that tunnel will expire.</li>
+ </ul>
+ The LeaseSet itself is stored in the netDb under
the key derived from the SHA256 of the destination.
</p>
<p>
- In addition to these leases, the LeaseSet includes the destination
- itself (namely, the destination's 2048bit ElGamal encryption key, 1024bit DSA
- signing key, and certificate) and an additional signing and
- encryption public keys. The additional encryption public key is used for end-to-end encryption of
- garlic messages.
- The additional signing public key was intended for LeaseSet revocation but is currently unused.
+ In addition to these leases, the LeaseSet includes:
+ <ul>
+ <li>The destination itself (a 2048bit ElGamal encryption key, 1024bit DSA signing key and a certificate)</li>
+ <li>Additional encryption public key: used for end-to-end encryption of garlic messages</li>
+ <li>Additional signing public key: intended for LeaseSet revocation, but is currently unused.</li>
+ <li>Signature of all the LeaseSet data, to make sure the Destination published the LeaseSet.</li>
+ </ul>
</p>
<p>
@@ -148,9 +154,9 @@
<a href="common_structures_spec.html#struct_LeaseSet">LeaseSet specification</a>
</p>
<p>
- <a href="http://docs.i2p2.de/core/net/i2p/data/Lease.html">Lease Javadoc</a>
+ <a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/Lease.html">Lease Javadoc</a>
<br />
- <a href="http://docs.i2p2.de/core/net/i2p/data/LeaseSet.html">LeaseSet Javadoc</a>
+ <a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/LeaseSet.html">LeaseSet Javadoc</a>
</p>
@@ -159,6 +165,8 @@
A LeaseSet for a destination used only for outgoing connections is <i>unpublished</i>.
It is never sent for publication to a floodfill router.
"Client" tunnels, such as those for web browsing and IRC clients, are unpublished.
+ Servers will still be able to send messages back to those unpublished destinations,
+ because of <a href="#leaseset_storage_peers">I2NP storage messages</a>.
</p>
@@ -168,7 +176,7 @@
A LeaseSet may be <i>revoked</i> by publishing a new LeaseSet with zero leases.
Revocations must be signed by the additional signing key in the LeaseSet.
Revocations are not fully implemented, and it is unclear if they have any practical use.
- This is the only planned use for the that signing key, so it is currently unused.
+ This is the only planned use for that signing key, so it is currently unused.
</p>
<h3 id="encrypted">Encrypted LeaseSets</h3>
@@ -210,14 +218,14 @@
<h2 id="floodfill">Floodfill</h2>
<p>
- The floodfill netDb is simple distributed storage mechanism.
- The storage algorithm is simple- send the data to the closest peer that has advertised itself
+ The floodfill netDb is a simple distributed storage mechanism.
+ The storage algorithm is simple: send the data to the closest peer that has advertised itself
as a floodfill router. Then wait 10 seconds, pick another floodfill router and ask them
for the entry to be sent, verifying its proper insertion / distribution. If the
verification peer doesn't reply, or they don't have the entry, the sender
repeats the process. When the peer in the floodfill netDb receives a netDb
- store from a peer not in the floodfill netDb, they send it to all of the peers
- in the floodfill netDb.
+ store from a peer not in the floodfill netDb, they send it to a subset of the floodfill netDb-peers.
+ The peers selected are the ones closest (according to the <a href="#kademlia_closeness">XOR-metric</a>) to a specific key.
</p>
<p>
Determining who is part of the floodfill netDb is trivial - it is exposed in each
@@ -272,17 +280,18 @@
A floodfill router's only services that are in addition to those of non-floodfill routers
are in accepting netDb stores and responding to netDb queries.
Since they are generally high-bandwidth, they are more likely to participate in a high number of tunnels
- (i.e. be a "relay" for others), but this not directly related to their distributed database services.
+ (i.e. be a "relay" for others), but this is not directly related to their distributed database services.
</p>
-<h2 id="kad">Kademlia Closeness Metric</h2>
+<a name="kademlia_closeness"><h2 id="kad">Kademlia Closeness Metric</h2></a>
<p>
The netDb uses a simple Kademlia-style XOR metric to determine closeness.
- The SHA256 Hash of the key being looked up or stored is XOR-ed with
- the hash of the router in question to determine closeness
- (there is an additional daily keyspace rotation to increase the costs of Sybil attacks,
- as <a href="#sybil-partial">explained below).
+ The SHA256 hash of the key being looked up or stored is XOR-ed with
+ the hash of the router in question to determine closeness.
+ A modification to this algorithm is done to increase the costs of <a href="#sybil-partial">Sybil attacks</a>.
+ Instead of the SHA256 hash of the key being looked up of stored, the SHA256 hash is taken
+ of the key appended with the date: yyyyMMdd (SHA256(key + yyyyMMdd).
</p>
@@ -300,7 +309,7 @@
</p>
-<h3>LeaseSet Storage to Peers</h3>
+<a name="leaseset_storage_peers"><h3>LeaseSet Storage to Peers</h3></a>
<p>
<a href="i2np.html">I2NP</a> DatabaseStoreMessages containing the local LeaseSet are periodically exchanged with peers
by bundling them in a garlic message along with normal traffic from the related Destination.
@@ -354,7 +363,7 @@
valid RouterInfo or LeaseSet which is newer than that previously stored in its
local NetDb, it "floods" it.
To flood a NetDb entry, it looks up the 7 floodfill routers closest to the key
- of the NetDb entry. (The key is the SHA256 Hash of the RouterIdentity or Destination)
+ of the NetDb entry. (The key is the SHA256 Hash of the RouterIdentity or Destination with the date (yyyyMMdd) appended.)
</p>
<p>
It then directly connects to each of the 7 peers
@@ -373,7 +382,7 @@
The replies are specified to return via one of the router's inbound exploratory tunnels.
</p>
<p>
- Lookups are generally sent to the two "good" floodfill routers closest to the requested key, in parallel.
+ Lookups are generally sent to the two "good" (the connection doesn't fail) floodfill routers closest to the requested key, in parallel.
</p>
<p>
If the key is found locally by the floodfill router, it responds with a
@@ -396,29 +405,34 @@
<p>
(Reference:
- <a href="http://www-users.cs.umn.edu/~hopper/hashing_it_out.pdf">Hashing it out in Public</a> Section 2.3 for terms below in italics)
+ <a href="http://www-users.cs.umn.edu/~hopper/hashing_it_out.pdf">Hashing it out in Public</a> Sections 2.2-2.3 for terms below in italics)
</p>
<p>
- Due to the relatively small size of the network, the flooding redundancy of 8x, and a lookup redundancy of 2x,
- lookups are currently O(1) rather than O(log n) --
+ Due to the relatively small size of the network and the flooding redundancy of 8x,
+ lookups are usually O(1) rather than O(log n) --
a router is highly likely to know a floodfill router close enough to the key to get the answer on the first try.
- Neither <i>recursive</i> nor <i>iterative</i> routing for lookups is implemented.
+ In releases prior to 0.8.9, routers used a lookup redundancy of two
+ (that is, two lookups were performed in parallel to different peers), and
+ neither <i>recursive</i> nor <i>iterative</i> routing for lookups was implemented.
+ Queries were sent through <i>multiple routes simultaneously</i>
+ to <i>reduce the chance of query failure</i>.
</p>
<p>
- <i>Node IDs</i> are <i>verifiable</i> in that we use the router hash directly as both the node ID and the Kademlia key.
- Given the current size of the network, a router has
- <i>detailed knowledge of the neighborhood of the destination ID space</i>.
+ As of release 0.8.9, <i>iterative lookups</i> are implemented with no lookup redundancy.
+ This is a more efficient and reliable lookup that will work much better
+ when not all floodfill peers are known, and it removes a serious
+ limitation to network growth. As the network grows and each router knows only a small
+ subset of the floodfill peers, lookups will become O(log n).
+ Even if the peer does not return references closer to the key, the lookup continues with
+ the next-closest peer, for added robustness, and to prevent a malicious floodfill from
+ black-holing a part of the key space. Lookups continue until a total lookup timeout is reached,
+ or the maximum number of peers is queried.
</p>
-
<p>
- Queries are sent through<i>multiple routes simultaneously</i>
- to <i>reduce the chance of query failure</i>.
-</p>
-
-<p>
- After network growth of 5x - 10x, there will be a significant chance of lookup failure due
- to the O(1) lookup strategy, and implementation of an <i>iterative</i> lookup strategy will be required.
- See <a href="#future">below</a> for more information.
+ <i>Node IDs</i> are <i>verifiable</i> in that we use the router hash directly as both the node ID and the Kademlia key.
+ Incorrect responses that are not closer to the search key are generally ignored.
+ Given the current size of the network, a router has
+ <i>detailed knowledge of the neighborhood of the destination ID space</i>.
</p>
@@ -429,7 +443,7 @@
then sends a lookup to another floodfill router close to the key
(but not the one the store was sent to).
Lookups sent out one of the router's outbound exploratory tunnels.
- Lookups are end-to-end garlic encrypted and to prevent snooping by the O tunnels.
+ Lookups are end-to-end garlic encrypted to prevent snooping by the outbound endpoint(OBEP).
</p>
<h3>LeaseSet Storage Verification</h3>
@@ -467,11 +481,22 @@
</p>
+<h3>Notes on Lookup Responses</h3>
+<p>
+ The response to a lookup request is either a Database Store Message (on success) or a
+ Database Search Reply Message (on failure). The DSRM contains a 'from' router hash field
+ to indicate the source of the reply; the DSM does not.
+ The DSRM 'from' field is unauthenticated and may be spoofed or invalid.
+ There are no other response tags. Therefore, when making multiple requests in parallel, it is
+ difficult to monitor the performance of the various floodfill routers.
+</p>
+
+
<h2 id="multihome">MultiHoming</h2>
<p>
Destinations may be hosted on multiple routers simultaneously, by using the same
- private and public keys (traditionally named eepPriv.dat files).
+ private and public keys (traditionally stored in eepPriv.dat files).
As both instances will periodically publish their signed LeaseSets to the floodfill peers,
the most recently published LeaseSet will be returned to a peer requesting a database lookup.
As LeaseSets have (at most) a 10 minute lifetime, should a particular instance go down,
@@ -536,7 +561,7 @@
</p>
-<h3>Sybil Attack (Full Keyspace)</h3>
+<h3 id="sybil">Sybil Attack (Full Keyspace)</h3>
<p>
An attacker may mount a
<a href="http://citeseer.ist.psu.edu/douceur02sybil.html">Sybil attack</a>
@@ -555,7 +580,7 @@
metrics described above, this is a difficult scenario to handle.
Tor's response can be much more nimble in the relay case, as the suspicious relays
can be manually removed from the consensus.
- Some possible responses in the I2P case, none of them satisfactory:
+ Some possible responses for the I2P network are listed below, however none of them is completely satisfactory:
</p>
<ul>
<li>Compile a list of bad router hashes or IPs, and announce the list through various means
@@ -600,11 +625,11 @@ This attack becomes more difficult as the network size grows.
<p>
As a partial defense against this attack,
the algorithm used to determine Kademlia "closeness" varies over time.
- Rather than using the Hash of the key (i.e. H(k))to determine closeness,
+ Rather than using the Hash of the key (i.e. H(k)) to determine closeness,
we use the Hash of the key appended with the current date string, i.e. H(k + YYYYMMDD).
A function called the "routing key generator" does this, which transforms the original key into a "routing key".
In other words, the entire netdb keyspace "rotates" every day at UTC midnight.
- Any partial-keyspace attack would have to be regenerated every day, as
+ Any partial-keyspace attack would have to be regenerated every day, for
after the rotation, the attacking routers would no longer be close
to the target key, or to each other.
</p>
@@ -633,7 +658,8 @@ This attack becomes more difficult as the network size grows.
Several defenses are possible, and most of these are planned:
</p>
<ul>
- <li>Switching from HTTP to HTTPS for reseeding, with SSL certificate verification
+ <li>Disallow fallback from HTTPS to HTTP for reseeding.
+ A MITM attacker could simply block HTTPS, then respond to the HTTP.
<li>Changing the reseed task to fetch a subset of RouterInfos from
each of several reseed sites rather than using only a single site
<li>Creating an out-of-network reseed monitoring service that
@@ -646,7 +672,7 @@ This attack becomes more difficult as the network size grows.
<p>
See also <a href="#lookup">lookup</a>
(Reference:
- <a href="http://www-users.cs.umn.edu/~hopper/hashing_it_out.pdf">Hashing it out in Public</a> Section 2.3 for terms below in italics)
+ <a href="http://www-users.cs.umn.edu/~hopper/hashing_it_out.pdf">Hashing it out in Public</a> Sections 2.2-2.3 for terms below in italics)
</p>
<p>
Similar to a bootstrap attack, an attacker using a floodfill router could attempt to "steer"
@@ -659,16 +685,21 @@ This attack becomes more difficult as the network size grows.
and each exploration query is directed to a random floodfill router.
</p>
<p>
+ As of release 0.8.9, <i>iterative lookups</i> are implemented.
For floodfill router references returned in a
<a href="i2np.html">I2NP</a> DatabaseSearchReplyMessage
response to a lookup,
- these references are not immediately followed.
+ these references are followed if they are closer (or the next closest) to the lookup key.
The requesting router does not trust that the references are
- closer to the key (i.e. they are <i>verifiable correct</i>, and the references are not immediately queried.
- In other words, the Kademlia lookup is not iterative.
- This means the query capture attack described in
+ closer to the key (i.e. they are <i>verifiably correct</i>.
+ The lookup also does not stop when no closer key is found, but continues by querying the
+ next-closet node, until the timeout or maximum number of queries is reached.
+ This prevents a malicious floodfill from black-holing a part of the key space.
+ Also, the daily keyspace rotation requires an attacker to regenerate a router info
+ within the desired key space region.
+ This design ensures that the query capture attack described in
<a href="http://www-users.cs.umn.edu/~hopper/hashing_it_out.pdf">Hashing it out in Public</a>
- much less likely, until <a href="future">iterative lookups are implemented</a>.
+ is much more difficult.
</p>
<h3>DHT-Based Relay Selection</h3>
@@ -682,6 +713,38 @@ This attack becomes more difficult as the network size grows.
for a discussion of the vulnerabilities of peer selection for tunnels.
</p>
+<h3>Information Leaks</h3>
+<p>
+ (Reference:
+ <a href="https://netfiles.uiuc.edu/mittal2/www/nisan-torsk-ccs10.pdf">In Search of an Anonymous and Secure Lookup</a> Section 3)
+</p>
+<p>
+ This paper addresses weaknesses in the "Finger Table" DHT lookups used by Torsk and NISAN.
+ At first glance, these do not appear to apply to I2P. First, the use of DHT by Torsk and NISAN
+ is significantly different from that in I2P. Second, I2P's network database lookups are only
+ loosely correlated to the <a href="how_peerselection">peer selection</a> and
+ <a href="how_tunnelrouting">tunnel building</a> processes; only previously-known peers
+ are used for tunnels.
+ Also, peer selection is unrelated to any notion of DHT key-closeness.
+</p>
+<p>
+ Some of this may actually be more interesting when the I2P network gets much larger.
+ Right now, each router knows a large proportion of the network, so looking up a particular
+ Router Info in the network database is not strongly indicative of a future intent to use
+ that router in a tunnel. Perhaps when the network is 100 times larger, the lookup may be
+ more correlative. Of course, a larger network makes a Sybil attack that much harder.
+</p>
+<p>
+ However, the general issue of DHT information leakage in I2P needs further investigation.
+ The floodfill routers are in a position to observe queries and gather information.
+ Certainly, at a level of <i>f</i> = 0.2 (20% malicious nodes, as specifed in the paper)
+ we expect that many of the Sybil threats we describe
+ (<a href="how_threatmodel.html#sybil">here</a>,
+ <a href="#sybil">here</a> and
+ <a href="#sybil-partial">here</a>)
+ become problematic for several reasons.
+</p>
+
<h2 id="history">History</h2>
<p>
@@ -690,11 +753,10 @@ This attack becomes more difficult as the network size grows.
<h2 id="future">Future Work</h2>
<p>
- After network growth of 5x - 10x, there will be a significant chance of lookup failure due
- to the O(1) lookup strategy, and implementation of an <i>iterative</i> lookup strategy will be required.
+ End-to-end encryption of additional netDb lookups and responses.
</p>
<p>
- End-to-end encryption of additional netDb lookups and responses.
+ Better methods for tracking lookup responses.
</p>
diff --git a/www.i2p2/pages/how_peerselection.html b/www.i2p2/pages/how_peerselection.html
index 0a5870cec97f68348306eca4ec06fa8a88d7c023..429a028d96e25dc46ba00e0db115a669062c1ef2 100644
--- a/www.i2p2/pages/how_peerselection.html
+++ b/www.i2p2/pages/how_peerselection.html
@@ -62,7 +62,7 @@ about how long it takes for them to reply to a network database query, how
often their tunnels fail, and how many new peers they are able to introduce
us to, as well as simple data points such as when we last heard from them or
when the last communication error occurred. The specific data points gathered
-can be found in the <a href="http://docs.i2p2.de/router/net/i2p/router/peermanager/PeerProfile.html">code</a>
+can be found in the <a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/peermanager/PeerProfile.html">code</a>
</p>
<p>
@@ -90,7 +90,7 @@ send or receive on a single tunnel through the peer in a minute. For this estim
performance in the previous minute.
</p>
-<h3>Capacity</h3>
+<h3 id="capacity">Capacity</h3>
<p>The capacity calculation
simply goes through the profile and estimates how many tunnels the peer
@@ -125,7 +125,7 @@ groups - fast, high capacity, and standard.
</ul>
These groupings are implemented in the router's <a
-href="http://docs.i2p2.de/router/net/i2p/router/peermanager/ProfileOrganizer.html">ProfileOrganizer</a>.
+href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/peermanager/ProfileOrganizer.html">ProfileOrganizer</a>.
<h3>Group size limits</h3>
diff --git a/www.i2p2/pages/how_peerselection_de.html b/www.i2p2/pages/how_peerselection_de.html
index d4955b9a07019f2dbf951aab14a282b4d1f2a900..cd2eb9c935c388f994cebbf61fc3b5458242fe61 100644
--- a/www.i2p2/pages/how_peerselection_de.html
+++ b/www.i2p2/pages/how_peerselection_de.html
@@ -1,6 +1,8 @@
{% extends "_layout_de.html" %}
{% block title %}Wie die Auswahl der Knoten und Profiling funktionieren{% endblock %}
-{% block content %}<p>die Auswahl der Knoten in I2P ist einfach der Prozess in dem
+{% block content %}
+<p>Die Webseite wird gerade überholt und dieses Dokument kann alte Informationen enthalten</p>
+<p>die Auswahl der Knoten in I2P ist einfach der Prozess in dem
der Router aussucht, über welche Knoten des Netzwerkes er unsere Nachrichten
sendet (welche Knoten um Teilnahme im Tunnel gefragt werden). Um dieses zu schaffen
beobachten wir, wie performant andere Knoten sind (die Knoten "Profile") und
@@ -23,7 +25,7 @@ mitteilen können. Auch einfachere Daten sind enthalten, wie etwa der
Zeitpunkt des letzten Kontaktes oder wann der letzte Fehler in der
Kommunikation war. Die einzelnen gesammelten Datenpunkte können
im Monotone abgelesen werden (Link folgt).</p>
-<!-- <a href="http://docs.i2p2.de/router/net/i2p/router/peermanager/PeerProfile.html">code</a>
+<!-- <a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/peermanager/PeerProfile.html">code</a>
</p> --!>
<p>Momentan gibt es keine "Löschstrategie, um sich der Profile der Knoten
@@ -55,7 +57,7 @@ Netzwerk integriert ist und ob er nicht funktioniert.</p>
<p>Die Berechnung der Geschwindigkeit (wie im Quellkode implementiert)
<!--
-<a href="http://docs.i2p2.de/router/net/i2p/router/peermanager/SpeedCalculator.html">here</a>) --!>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/peermanager/SpeedCalculator.html">here</a>) --!>
wird einfach mit den Profilen durchgeführt und schätzt, wie viele
Daten wir durch einen einzigen Tunnel durch diesen Knoten in einer Minute
senden oder empfangen können. Dafür werden einfach die Werte der
@@ -77,7 +79,7 @@ dem derzeitigem Netzwerk zu bestätigen.
<h3>Kapazität/h3>
<p>die Berechnung der Kapazität <!--(as implemented
-<a href="http://docs.i2p2.de/router/net/i2p/router/peermanager/CapacityCalculator.html">here</a>) --!>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/peermanager/CapacityCalculator.html">here</a>) --!>
bearbeitet die Profile und schätzt wie viele von uns angefragte Tunnel
der Knoten in der nächsten Stunde akzeptiert. Dafür betrachtet
die Methode, wieviele Tunnel der Knoten in letzter Zeit akzeptiert hat, wie
@@ -104,7 +106,7 @@ zur Effektivität im aktuellem Netzwerk.
<p>Die Berechnung der Integration
<!-- (as implemented
-<a href="http://docs.i2p2.de/router/net/i2p/router/peermanager/IntegrationCalculator.html">here</a>) --!>
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/peermanager/IntegrationCalculator.html">here</a>) --!>
ist nur für die Netzwerkdatenbank notwendig (und, falls eingebaut, zum
Erkennen und reparieren von Netzwerk`splits`). Zur Zeit wird es für nichts
benutzt, da der Kode zum Erkennen der Splits in gut verbundenen Netzwerken
@@ -131,7 +133,7 @@ Schwachstelle im derzeitigem Floodfillsystem behoben.
<p>Die Berechung zum Versagen
<!-- (as implemented
-<a href="http://docs.i2p2.de/router/net/i2p/router/peermanager/IsFailingCalculator.html">here</a>) --!)
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/peermanager/IsFailingCalculator.html">here</a>) --!)
eines Knoten kontrolliert ein paar Daten aus den Profilen und erkennt, ob
der Knoten überladen ist oder nicht seine Versprechen zum Tunnelaufbau
einhalten kann. Sobald ein Knoten als "Versager" gekennzeichnet ist, wird
@@ -165,7 +167,7 @@ Beziehungen zueinander: <ul>
<!--
These groupings are implemented in the <a
-href="http://docs.i2p2.de/router/net/i2p/router/peermanager/ProfileOrganizer.html">ProfileOrganizer</a>'s
+href="http://docs.i2p-projekt.de/javadoc/net/i2p/router/peermanager/ProfileOrganizer.html">ProfileOrganizer</a>'s
reorganize() method (using the calculateThresholds() and locked_placeProfile() methods in turn).</p>
--!>
diff --git a/www.i2p2/pages/how_threatmodel.html b/www.i2p2/pages/how_threatmodel.html
index 5acdc071aed42be5634753e65078cf54bce2502d..604cd01cf49833088dbb07802131204758074455 100644
--- a/www.i2p2/pages/how_threatmodel.html
+++ b/www.i2p2/pages/how_threatmodel.html
@@ -1,15 +1,18 @@
{% extends "_layout.html" %}
{% block title %}I2P's Threat Model{% endblock %}
-{% block content %}<h1>What do we mean by "anonymous"?</h1>
+{% block content %}
-<p>Your level of anonymity can be described as how hard it is for someone
-to find out information you don't want them to know - who you are, where
+Updated November 2010, current as of router version 0.8.1
+<h2>What do we mean by "anonymous"?</h2>
+
+<p>Your level of anonymity can be described as "how hard it is for someone
+to find out information you don't want them to know?" - who you are, where
you are located, who you communicate with, or even when you communicate.
"Perfect" anonymity is not a useful concept here - software will not make
you indistinguishable from people that don't use computers or who are not on
-the Internet. Instead, I2P is working to provide sufficient anonymity to meet the
-real needs of whomever we can - from Joe Sixpack browsing porn to Tommy Trader
-sharing files to Irene Insurgent organizing an upcoming action.</p>
+the Internet. Instead, we are working to provide sufficient anonymity to meet the
+real needs of whomever we can - from those simply browsing websites, to those exchanging
+data, to those fearful of discovery by powerful organizations or states.</p>
<p>The question of whether I2P provides sufficient anonymity for your
particular needs is a hard one, but this page will hopefully assist in
@@ -17,47 +20,80 @@ answering that question by exploring how I2P operates under various attacks
so that you may decide whether it meets your needs.</p>
<p>We welcome further research and analysis on I2P's resistance to the threats described below.
-Both review of existing literature (much of it focused on Tor) and original
+More review of existing literature (much of it focused on Tor) and original
work focused on I2P is needed.</p>
-<h2>Mix summary</h2>
+<h2>Network Topology Summary</h2>
<p>I2P builds off the ideas of many <a href="how_networkcomparisons">other</a>
<a href="links">systems</a>, but a few key points should be kept in mind when
reviewing related literature:</p><ul>
<li><b>I2P is a free route mixnet</b> - the message creator explicitly defines the
path that messages will be sent out (the outbound tunnel), and the message
recipient explicitly defines the path that messages will be received on (the
- inbound tunnel). However, any of these hops along the path may inject an
- arbitrary number of hops before forwarding the message to the next peer (though
- the current implementation does not).</li>
-<li><b>I2P is variable latency</b> - each application (destination) determines its
- own tradeoff of latency, throughput, bandwidth, and anonymity by configuring
- the number of hops in their tunnels, the number of tunnels to keep in parallel,
- and how frequently to rotate tunnels. In addition, there are plans to implement
- <a href="todo#stop">nontrivial delays</a> and <a href="todo#batching">batching strategies</a>
- whose existence is only known to the particular hop or tunnel gateway that
- receives the message, allowing a mostly low latency mixnet to provide cover
- traffic for higher latency communication (e.g. email).</li>
-<li><b>I2P has no entry and exit points</b> - all peers fully participate in the
+ inbound tunnel).
+</li>
+<li><b>I2P has no official entry and exit points</b> - all peers fully participate in the
mix, and there are no network layer in- or out-proxies (however, at the
- application layer, a few outbound HTTP proxies exist at the moment)</li>
-<li><b>I2P is fully distributed</b> - there are no central controls or peers who
- take on uneven responsibilities (beyond load balancing due to resource constraints).
+ application layer, a few proxies do exist)</li>
+<li><b>I2P is fully distributed</b> - there are no central controls or authorities.
One could modify some routers to operate mix cascades (building tunnels and giving
out the keys necessary to control the forwarding at the tunnel endpoint) or directory
based profiling and selection, all without breaking compatibility with the rest of
the network, but doing so is of course not necessary (and may even harm one's
anonymity).</li>
</ul>
+<p>
+ We have documented plans to implement
+ <a href="todo#stop">nontrivial delays</a> and <a href="todo#batching">batching strategies</a>
+ whose existence is only known to the particular hop or tunnel gateway that
+ receives the message, allowing a mostly low latency mixnet to provide cover
+ traffic for higher latency communication (e.g. email).
+ However we are aware that significant delays are required to provide meaningful
+ protection, and that implementation of such delays will be a significant challenge.
+ It is not clear at this time whether we will actually implement these delay features.
+</p><p>
+ In theory, routers along the message path may inject an
+ arbitrary number of hops before forwarding the message to the next peer, though
+ the current implementation does not.
+</p>
-<h2>Attacks</h2>
-<p>Taking from the attacks and analyzes put forth in the
+
+<h2>The Threat Model (Attacks)</h2>
+<p>
+I2P design started in 2003, not long after the advent of
+<a href="http://www.onion-router.net">[Onion Routing]</a>,
+<a href="http://freenetproject.org/">[Freenet]</a>, and
+<a href="http://www.torproject.org/">[Tor]</a>.
+Our design benefits substantially from the research published around that time.
+I2P uses several onion routing techniques, so we continue to benefit
+from the significant academic interest in Tor.
+</p><p>
+Taking from the attacks and analysis put forth in the
<a href="http://freehaven.net/anonbib/topic.html">anonymity literature</a> (largely
<a href="http://citeseer.ist.psu.edu/454354.html">Traffic Analysis: Protocols, Attacks, Design
Issues and Open Problems</a>), the following briefly describes a wide variety
-of attacks as well as many of I2Ps defenses. We will update
-this list to include new attacks as they are identified.</p>
+of attacks as well as many of I2Ps defenses. We update
+this list to include new attacks as they are identified.
+</p><p>
+Included are some attacks that may be unique to I2P.
+We do not have good answers for all these attacks, however
+we continue to do research and improve our defenses.
+</p><p>
+In addition, many of these attacks are significantly easier than
+they should be, due to the modest size of the current network.
+While we are aware of some limitations that need to be addressed,
+I2P is designed to support hundreds of thousands, or millions, of
+participants.
+As we continue to spread the word and grow the network,
+these attacks will become much harder.
+</p><p>
+The
+<a href="how_networkcomparisons.html">network comparisons</a> and
+<a href="how_garlicrouting.html">"garlic" terminology</a> pages may also be helpful
+to review.
+</p>
+<h3 id="index">Index</h3>
<ul>
<li><a href="#bruteforce">Brute force attacks</a></li>
<li><a href="#timing">Timing attacks</a></li>
@@ -67,12 +103,16 @@ this list to include new attacks as they are identified.</p>
<li><a href="#partitioning">Partitioning attacks</a></li>
<li><a href="#predecessor">Predecessor attacks</a></li>
<li><a href="#harvesting">Harvesting attacks</a></li>
+<li><a href="#traffic">Identification Through Traffic Analysis</a></li>
<li><a href="#sybil">Sybil attacks</a></li>
+<li><a href="#buddy">Buddy Exhaustion attacks</a></li>
<li><a href="#crypto">Cryptographic attacks</a></li>
<li><a href="#floodfill">Floodfill attacks</a></li>
+<li><a href="#netdb">Other Network Database attacks</a></li>
<li><a href="#central">Attacks on centralized resources</a></li>
<li><a href="#dev">Development attacks</a></li>
<li><a href="#impl">Implementation attacks</a></li>
+<li><a href="#blocklist">Other Defenses</a></li>
</ul>
<h3 id="bruteforce">Brute force attacks</h3>
@@ -94,12 +134,23 @@ defeat this attack exist, but may be prohibitively expensive (see:
<a href="http://citeseer.ist.psu.edu/freedman02tarzan.html">Tarzan</a>'s mimics
or constant rate traffic). Most users are not concerned with this attack, as
the cost of mounting it are extreme (and often require illegal activity).
-However, the attack is still possible, and those who want to defend against it
-would want to make appropriate countermeasures, such as not communicating with
-unknown destinations, not publishing one's current leaseSet in the network
-database, actively rerouting the associated tunnels 'mid stream', throttling the
-inbound tunnels themselves, and/or using restricted routes with trusted links
-to secure the local connection.</p>
+However, the attack is still possible, for example by an observer at
+a large ISP or an Internet exchange point.
+Those who want to defend against it
+would want to take appropriate countermeasures, such as
+setting low bandwidth limits, and using unpublished or encrypted leasesets for eepsites.
+Other countermeasures, such as nontrivial delays and restricted routes, are
+not currently implemented.
+</p><p>
+As a partial defense against a single router or group of routers trying to route all the network's traffic,
+routers contain limits as to how many tunnels can be routed through a single peer.
+As the network grows, these limits are subject to further adjustment.
+Other mechanisms for peer rating, selection and avoidance
+are discussed on the
+<a href="how_peerselection.html">peer selection page</a>.
+</p>
+
+
<h3 id="timing">Timing attacks</h3>
@@ -120,10 +171,12 @@ automatic replies though - the streaming library does (with the SYN+ACK) as does
message mode of guaranteed delivery (with the DataMessage+DeliveryStatusMessage).</p>
<p>Without protocol scrubbing or higher latency, global active adversaries can
-gain substantial information. As such, people concerned with these attacks should
-increase the latency (per <a href="todo#stop">nontrivial delays</a> or
+gain substantial information. As such, people concerned with these attacks could
+increase the latency (using <a href="todo#stop">nontrivial delays</a> or
<a href="todo#batching">batching strategies</a>), include protocol scrubbing, or
-other advanced tunnel routing <a href="todo#batching">techniques</a>.</p>
+other advanced tunnel routing <a href="todo#batching">techniques</a>,
+but these are unimplemented in I2P.
+</p>
<p>References:
<a href="http://www.cs.colorado.edu/department/publications/reports/docs/CU-CS-1025-07.pdf">Low-Resource Routing Attacks Against Anonymous Systems</a>
@@ -139,31 +192,75 @@ peers that are online when a message successfully goes through. The cost of
this attack is significant as the network grows, but may be feasible in some
scenarios.</p>
-<p>I2P does not attempt to address this for low latency communication,
-but does for peers who can afford delays (per <a href="todo#stop">nontrivial
+<p>
+In summary, if an attacker is at both ends of your tunnel at the same time,
+he may be successful.
+I2P does not have a full defense to this for low latency communication.
+This is an inherent weakness of low-latency onion routing.
+Tor provides a <a href="https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#Whatattacksremainagainstonionrouting">similar disclaimer</a>.
+</p><p>
+Partial defenses implemented in I2P:
+<ul><li>
+<a href="tunnel-alt.html#ordering">strict ordering</a> of peers
+</li><li>
+<a href="how_peerselection.html">peer profiling and selection</a> from a small group that changes slowly
+</li><li>
+Limits on the number of tunnels routed through a single peer
+</li><li>
+Prevention of peers from the same /16 IP range from being members of a single tunnel
+</li><li>
+For eepsites or other hosted services, we support
+simultaneous hosting on multiple routers, or
+<a href="http://www.i2p2.i2p/how_threatmodel#intersection">multihoming</a>
+</li></ul>
+
+Even in total, these defenses are not a complete solution.
+Also, we have made some design choices that may significantly increase our vulnerability:
+<ul><li>
+We do not use low-bandwidth "guard nodes"
+</li><li>
+We use tunnel pools comprised of several tunnels, and traffic can shift from tunnel to tunnel.
+</li><li>
+Tunnels are not long-lived; new tunnels are built every 10 minutes.
+</li><li>
+Tunnel lengths are configurable.
+While 3-hop tunnels are recommended for full protection, several applications and
+services use 2-hop tunnels by default.
+</li></ul>
+
+
+</p><p>
+In the future, it could
+for peers who can afford significant delays (per <a href="todo#stop">nontrivial
delays</a> and <a href="todo#batching">batching strategies</a>). In addition,
this is only relevant for destinations that other people know about - a private
group whose destination is only known to trusted peers does not have to worry,
as an adversary can't "ping" them to mount the attack.</p>
+<p>Reference:
+<a href="http://blog.torproject.org/blog/one-cell-enough">One Cell Enough</a>
+</p>
+
+
+
<h3 id="dos">Denial of service attacks</h3>
<p>There are a whole slew of denial of service attacks available against I2P,
each with different costs and consequences:</p><ul>
-<li><b>Greedy user attack:</b> The most plausible attack against I2P will simply
- be people trying to consume significantly more resources than they are
- willing to contribute. The defense against this is twofold:<ul>
- <li>First, for people who do not need very strong anonymity, simply set the tunnel length
- to 0 hops (1 hop until <a href="todo#ordering">strict ordering</a> and
- <a href="todo#tunnelLength">permuted lengths</a> is implemented). This will
- provide optimal throughput while still providing a degree of anonymity via
- plausible deniability. In addition, it will not consume significant network
- resources.</li>
- <li>Second, for people who do need stronger anonymity, educate them so they
- understand that without routing other people's traffic, their own anonymity
- is weakened, so that if they want to consume significant network resources
- while still being anonymous, they need to provide significant network
- resources.</li></ul>
+<li><b>Greedy user attack:</b> This is simply
+ people trying to consume significantly more resources than they are
+ willing to contribute. The defense against this is:<ul>
+ <li>Set defaults so that most users provide resources to the network.
+ In I2P, users route traffic by default. In sharp distinction to
+ <a href="https://torproject.org/">other networks</a>,
+ over 95% of I2P users relay traffic for others.
+ </li>
+ <li>Provide easy configuration options so that users may increase their
+ contribution (share percentage) to the network. Display easy-to-understand
+ metrics such as "share ratio" so that users may see what they are contributing.
+ </li><lil>
+ Maintain a strong community with blogs, forums, IRC, and other means of communication.
+ </li></ul>
<li><b>Starvation attack:</b> A hostile user may attempt to harm the network by
creating a significant number of peers in the network who are not identified as
being under control of the same entity (as with Sybil). These nodes then
@@ -176,10 +273,9 @@ each with different costs and consequences:</p><ul>
I2P addresses these issues by maintaining <a href="how_peerselection.html">profiles</a> on the
peers, attempting to identify underperforming ones and simply ignoring
them, or using them rarely.
- In the process of fixing several problems and bugs with peer reachability
- in the 0.6.1.32 and 0.6.1.33 releases, we have significantly enhanced the
- ability to recognize and avoid troublesome peers. These efforts will
- continue in the 0.6.2.x release cycle.
+ We have significantly enhanced the
+ ability to recognize and avoid troublesome peers; however there are still
+ significant efforts required in this area.
</li>
<li><b>Flooding attack:</b> A hostile user may attempt to flood the network,
a peer, a destination, or a tunnel. Network and peer flooding is possible,
@@ -202,20 +298,17 @@ each with different costs and consequences:</p><ul>
engineering practices and potentially requiring nontrivial certificates
(e.g. HashCash) to be attached to these expensive requests should mitigate
the issue, though there may be room for an attacker to exploit various
- bugs in the implementation.</p>
+ bugs in the implementation.</li>
<li id="ffdos"><b>Floodfill DOS attack:</b> A hostile user may attempt to harm the network by
becoming a floodfill router. The current defenses against unreliable,
intermittent, or malicious floodfill routers are poor.
- To fix problems with floodfill peer selection
- in the 0.6.1.32 and earlier releases, significantly enhancements in the
- ability to recognize and avoid troublesome floodfill peers
- were included in release 0.6.1.33.
- However, there is much more to do.
A floodfill router may provide bad or no response to lookups, and
it may also interfere with inter-floodfill communication.
- A brief summary of the issues is
- listed on <a href="http://zzz.i2p/#floodfill">zzz.i2p</a>.
- These efforts will continue in the 0.6.2.x release cycle.
+ Some defenses and
+ <a href="how_peerselection">peer profiling</a> are implemented,
+ however there is much more to do.
+ For more information see the
+ <a href="how_networkdatabase.html#threat">network database page</a>.
</li>
</ul>
@@ -260,7 +353,11 @@ particular hops with non-zero delays will likely stand out. However, this data
is only exposed to those specific hops, so to partition effectively on that
matter, the attacker would need to control a significant portion of the network
(and still that would only be a probabilistic partition, as they wouldn't know
-which other tunnels or messages have those delays).</p>
+which other tunnels or messages have those delays).
+</p><p>
+Also discussed on the
+ <a href="how_networkdatabase.html#threat">network database page</a> (bootstrap attack).
+</p>
<h3 id="predecessor">Predecessor attacks</h3>
@@ -275,14 +372,21 @@ target is located. </p>
<p>I2P avoids this in four ways: first, the peers selected to participate in
tunnels are not randomly sampled throughout the network - they are derived from
the <a href="how_peerselection">peer selection</a> algorithm which breaks them
-into tiers. Second, with <a href="todo#ordering">strict ordering</a> of peers
+into tiers. Second, with <a href="tunnel-alt.html#ordering">strict ordering</a> of peers
in a tunnel, the fact that a peer shows up more frequently does not mean they're
-the source. Third, with <a href="todo#tunnelLength">permuted tunnel length</a>
+the source. Third, with <a href="tunnel-alt.html#length">permuted tunnel length</a>
+(not enabled by default)
even 0 hop tunnels can provide plausible deniability as the occasional
variation of the gateway will look like normal tunnels. Fourth, with
-<a href="todo#fullRestrictedRoutes">restricted routes</a>, only the peer with
+<a href="todo#fullRestrictedRoutes">restricted routes</a> (unimplemented), only the peer with
a restricted connection to the target will ever contact the target, while
-attackers will merely run into that gateway.</p>
+attackers will merely run into that gateway.
+</p><p>
+The current
+<a href="tunnel-alt-creation.html">tunnel build method</a>
+was specifically designed to combat the predecessor attack.
+See also <a href="#intersection">the intersection attack</a>.
+</p>
<p>References:
<a href="http://prisms.cs.umass.edu/brian/pubs/wright.tissec.2008.pdf">http://prisms.cs.umass.edu/brian/pubs/wright.tissec.2008.pdf</a>
@@ -290,21 +394,83 @@ which is an update to the 2004 predecessor attack paper
<a href="http://prisms.cs.umass.edu/brian/pubs/wright-tissec.pdf">http://prisms.cs.umass.edu/brian/pubs/wright-tissec.pdf</a>.
</p>
-<h3 id="harvesting">Harvesting attacks</h3>
-<p>The harvesting attack can be used for legal attacks and to help mounting
+<h3 id="harvesting">Harvesting attacks</h3>
+<p>
+"Harvesting" means compiling a list of users running I2P.
+It can be used for legal attacks and to help
other attacks by simply running a peer, seeing who it connects to, and
-harvesting whatever references to other peers it can find. I2P itself is
-built to optimize this attack, since there is the distributed network database
-containing just this information. However, this by itself isn't a problem,
-since there are ways to track down who is participating in the network with
-essentially all public systems - I2P just makes it easier to do (and, in
-turn, gains the ability to combat partitioning and provide well bounded
-discovery time). With <a href="todo#nat">basic</a> and
-<a href="todo#fullRestrictedRoutes">comprehensive</a> restricted routes,
+harvesting whatever references to other peers it can find.
+</p><p>
+I2P itself is not designed with effective defenses against
+this attack, since there is the distributed network database
+containing just this information.
+The following factors make the attack somewhat harder in practice:
+<ul><li>
+Network growth will make it more difficult to obtain a given proportion of the network
+</li><li>
+Floodfill routers implement query limits as DOS protection
+</li><li>
+"Hidden mode", which prevents a router from publishing its information to the netDb,
+(but also prevents it from relaying data) is not widely used now but could be.
+</li></ul>
+In future implementations,
+<a href="todo#nat">basic</a> and
+<a href="todo#fullRestrictedRoutes">comprehensive</a> restricted routes,
this attack loses much of its power, as the "hidden" peers do not publish their
contact addresses in the network database - only the tunnels through which
-they can be reached (as well as their public keys, etc).</p>
+they can be reached (as well as their public keys, etc).
+</p><p>
+In the future, routers could use GeoIP to identify if they are in a particular
+country where identification as an I2P node would be risky.
+In that case, the router could automatically enable hidden mode, or
+enact other restricted route methods.
+</p>
+
+
+
+<h3 id="traffic">Identification Through Traffic Analysis</h3>
+<p>
+By inspecting the traffic into and out of a router, a malicious ISP
+or state-level firewall could identify that a computer is running I2P.
+As discussed <a href="#harvesting">above</a>, I2P is not specifically designed
+to hide that a computer is running I2P. However, several design decisions made
+in the design of the
+<a href="transport.html">transport layer and protocols</a>
+make it somewhat difficult to identify I2P traffic:
+<ul><li>
+Random port selection
+</li><li>
+Point-to-Point Encryption of all traffic
+</li><li>
+DH key exchange with no protocol bytes or other unencrypted constant fields
+</li><li>
+Simultaneous use of both
+<a href="ntcp.html">TCP</a> and
+<a href="udp.html">UDP</a> transports.
+UDP may be much harder for some Deep Packet Inspection (DPI) equipment to track.
+</li></ul>
+
+In the near future, we plan to directly address traffic analysis issues by further obfuscation of I2P transport protocols, possibly including:
+<ul><li>
+Padding at the transport layer to random lengths, especially during the connection handshake
+</li><li>
+Study of packet size distribution signatures, and additional padding as necessary
+</li><li>
+Development of additional transport methods that mimic SSL or other common protocols
+</li><li>
+Review of padding strategies at higher layers to see how they affect packet sizes at the transport layer
+</li><li>
+Review of methods implemented by various state-level firewalls to block Tor
+</li><li>
+Working directly with DPI and obfuscation experts
+</li></ul>
+</p><p>
+Reference:
+<a href="http://www.cse.chalmers.se/%7Ejohnwolf/publications/hjelmvik_breaking.pdf">Breaking and Improving Protocol Obfuscation</a>
+</p>
+
+
<h3 id="sybil">Sybil attacks</h3>
@@ -322,28 +488,114 @@ IIP used
identity. We currently have not implemented any particular technique to address
Sybil, but do include placeholder certificates in the router's and
destination's data structures which can contain a HashCash certificate of
-appropriate value when necessary (or some other certificate proving scarcity).</p>
+appropriate value when necessary (or some other certificate proving scarcity).
+</p><p>
+Requiring HashCash Certificates in various places has two major problems:
+<ul><li>
+Maintaining backward compatibility
+</li><li>
+The classic HashCash problem -
+selecting HashCash values that are meaningful proofs of work on high-end machines,
+while still being feasible on low-end machines such as mobile devices.
+</li></ul>
+</p><p>
+Various limitations on the number of routers in a given IP range restrict
+the vulnerability to attackers that don't have the ability to put machines
+in several IP blocks.
+However, this is not a meaningful defense against a powerful adversary.
+</p><p>
+See the
+ <a href="how_networkdatabase.html#threat">network database page</a>
+for more Sybil discussion.
+</p>
+
+
+<h3 id="buddy">Buddy Exhaustion attacks</h3>
+<p>
+ (Reference:
+ <a href="https://netfiles.uiuc.edu/mittal2/www/nisan-torsk-ccs10.pdf">In Search of an Anonymouns and Secure Lookup</a> Section 5.2)
+</p>
+<p>
+By refusing to accept or forward tunnel build requests, except to a colluding peer, a router could ensure
+that a tunnel is formed wholly from its set of colluding routers.
+The chances of success are enhanced if there is a large number of colluding routers,
+i.e. a <a href="#sybil">Sybil attack</a>.
+This is somewhat mitigated by our
+<a href="how_peerselection">peer profiling</a> methods used to monitor the performance
+of peers.
+However, this is a powerful attack as the number of routers approaches
+<i>f</i> = 0.2, or 20% malicious nodes, as specifed in the paper.
+The malicous routers could also maintain connections to the target router and provide
+excellent forwarding bandwidth for traffic over those connections, in an attempt
+to manipulate the profiles managed by the target and appear attractive.
+Further research and defenses may be necessary.
+</p>
+
<h3 id="crypto">Cryptographic attacks</h3>
<p>
-We are still assuming the security of the cryptographic primitives explained
-<a href="how_cryptography">elsewhere</a>. That includes the immediate detection of
+We use strong cryptography with long keys, and
+we assume the security of the industry-standard cryptographic primitives used in I2P, as documented
+<a href="how_cryptography">on the low-level cryptography page</a>.
+Security features
+include the immediate detection of
altered messages along the path, the inability to decrypt messages not addressed to you,
-and defense against man-in-the-middle attacks. The network protocol and data structures
+and defense against man-in-the-middle attacks.
+The key sizes chosen in 2003 were quite conservative at the time, and are still longer than
+those used in <a href="https://torproject.org/">other anonymity networks</a>.
+We don't think the current key lengths are our biggest weakness,
+especially for traditional, non-state-level adversaries;
+bugs and the small size of the network are much more worrisome.
+Of course, all cryptographic algorithms eventually become obsolete due to
+the advent of faster processors, cryptographic research, and advancements in
+methods such as rainbow tables, clusters of video game hardware, etc.
+Unfortunately, I2P was not designed with easy mechanisms to lengthen keys or change
+shared secret values while maintaining backward compatibility.
+</p><p>
+Upgrading the various data structures and protocols to support longer keys
+will have to be tackled eventually, and this will be a
+<a href="how_cryptography">major undertaking</a>, just as it will be for
+<a href="https://torproject.org/">others</a>.
+Hopefully, through careful planning, we can minimize the disruption, and
+implement mechanisms to make it easier for future transitions.
+</p><p>
+In the future,
+several I2P protocols and data structures
support securely padding messages to arbitrary sizes, so messages could be made constant
size or garlic messages could be modified randomly so that some cloves appear to contain
more subcloves than they actually do. At the moment, however, garlic, tunnel, and
end to end messages include simple random padding.</p>
+
+
<h3 id="floodfill">Floodfill Anonymity attacks</h3>
<p>
In addition to the floodfill DOS attacks described
<a href="#ffdos">above</a>, floodfill routers are uniquely positioned
-to learn about network participants, due to their centralized role
+to learn about network participants, due to their role
in the netDb, and the high frequency of communication with those participants.
-The specific potential threats and corresponding defenses are a topic for further research.
-</li>
+This is somewhat mitigated because floodfill routers only manage a portion
+of the total keyspace, and the keyspace rotates daily, as explained
+on the
+ <a href="how_networkdatabase.html#threat">network database page</a>.
+The specific mechanisms by which routers communicate with floodfills have been
+ <a href="how_networkdatabase.html#delivery">carefully designed</a>.
+However, these threats should be studied further.
+The specific potential threats and corresponding defenses are a topic for future research.
+</p>
+
+
+<h3 id="netdb">Other Network Database attacks</h3>
+<p>
+ A hostile user may attempt to harm the network by
+ creating one or more floodfill routers and crafting them to offer
+ bad, slow, or no responses.
+ Several scenarios are discussed on the
+ <a href="how_networkdatabase.html#threat">network database page</a>.
+</p>
+
+
<h3 id="central">Central Resource Attacks</h3>
<p>
@@ -355,7 +607,7 @@ most of which are now distributed.
Attacks on externally-reachable resources mainly affect the ability of new users to find us,
not the operation of the network itself.
<ul>
-<li>The <a href="/">new website</a> is mirrored and uses DNS round-robin for external public access.
+<li>The <a href="/">website</a> is mirrored and uses DNS round-robin for external public access.
<li>Routers now support <a href="faq.html#reseed">multiple external reseed locations</a>,
however more reseed hosts may be needed, and the handling of unreliable or malicious
reseed hosts may need improvement.
@@ -365,7 +617,7 @@ not the operation of the network itself.
<li>Routers now better handle <a href="#ffdos">multiple unreliable floodfill peers</a>.
Malicious floodfills <a href="#ffdos">needs</a> <a href="#floodfill">more</a> study.
<li>The code is now stored in a <a href="monotone.html">distributed source control system</a>.
-<li>Routers still rely on a single news host, update for this is TBD.
+<li>Routers rely on a single news host, but there is a hardcoded backup URL pointing to a different host.
A malicious news host could feed a huge file, need to limit the size.
<li><a href="naming.html">Naming system services</a>, including addressbook subscription providers, add-host services,
and jump services, could be malicious. Substantial protections for subscriptions were implemented
@@ -385,9 +637,9 @@ These attacks aren't directly on the network, but instead go after its developme
by either introducing legal hurdles on anyone contributing to the development
of the software, or by using whatever means are available to get the developers to
subvert the software. Traditional technical measures cannot defeat these attacks, and
-if someone threatened the lives of a developer's loved ones (or even just issuing a
-court order along with a gag order, under threat of prison), everyone should expect that
-the code would be modified. </p>
+if someone threatened the life or livelihood of a developer (or even just issuing a
+court order along with a gag order, under threat of prison), we would have a big problem.
+</p>
<p>
However, two techniques help defend against these attacks:
@@ -407,22 +659,42 @@ However, two techniques help defend against these attacks:
discussion forums (forum.i2p), and the software distribution sites,
all available within I2P.</li>
</ul>
+We also maintain relationships with various organizations that offer legal advice,
+should any defense be necessary.
</p>
-<h3 id="impl">Implementation attacks</h3>
+<h3 id="impl">Implementation attacks (bugs)</h3>
<p>
Try as we might, most nontrivial applications include errors in the design or
implementation, and I2P is no exception. There may be bugs that could be exploited to
attack the anonymity or security of the communication running over I2P in unexpected
ways. To help withstand attacks against the design or protocols in use, we publish
-all designs and documentation in the open and asking for any and all criticism with
-the hope that many eyes will improve the system. In addition, the code is being
+all designs and documentation and solicit review and criticism with
+the hope that many eyes will improve the system.
+We do not believe in
+<a href="http://www.haystacknetwork.com/">security through obscurity</a>.
+</p><p>
+In addition, the code is being
treated the same way, with little aversion towards reworking or throwing out
something that isn't meeting the needs of the software system (including ease of
modification). Documentation for the design and implementation of the network and
the software components are an essential part of security, as without them it is
unlikely that developers would be willing to spend the time to learn the software
-enough to identify shortcomings and bugs.</p>
+enough to identify shortcomings and bugs.
+</p><p>
+Our software is likely, in particular, to contain bugs related to denial of service
+through out-of-memory errors (OOMs), cross-site-scripting (XSS) issues in the router console,
+and other vulnerabilities to non-standard inputs via the various protocols.
+</p><p>
+I2P is still a small network with a small development community and almost no
+interest from academic or research groups.
+Therefore we lack the analysis that
+<a href="https://torproject.org/">other anonymity networks</a>
+may have received. We continue to recruit people to
+<a href="getinvolved.html">get involved</a> and help.
+</p>
+
+
<h2>Other Defenses</h2>
@@ -437,23 +709,6 @@ blocking by only a subset of peers would tend to segment the network,
exacerbate reachability problems, and decrease overall reliability.
Therefore we would want to agree on a particular blocklist and
enable it by default.
-<p>
-Any blocking within i2p would have to be implemented at the following
-places in the code to be fully effective.
-Different places address the various possible malicious behaviors.
-<ol>
-<li>Outbound connections (bids)
-<li>Inbound NTCP
-<li>Inbound SSU
-<li>Peer selection for inbound and outbound tunnels
-<li>Other-end inbound gateway
-<li>Netdb stores / shitlisting
-<li>Floodfill stores
-<li>Floodfill queries
-<li>Inter-floodfill flooding
-<li>SSU peer tests
-<li>SSU address determination
-</ol>
<p>
Blocklists are only a part (perhaps a small part) of an array of defenses
@@ -467,15 +722,16 @@ If a blocklist is hosted at a central location with automatic updates
the network is vulnerable to a
<a href="#central">central resource attack</a>.
Automatic subscription to a list gives the list provider the power to shut
-the i2p network down. Completely. So we probably won't be doing that.
-Inclusion in i2pupdate files perhaps? Signed or unsigned?
-In-I2P subscription?
+the i2p network down. Completely.
<p>
-Initial test results
-show that the common splist.txt blocklist is overly broad for our use - at the least
-we don't want to block Tor users that are in splist.
-Level1 + bogon + (maybe) level2 is more reasonable?
-But we don't want to block potential anonymity researchers at .edu locations.
+Currently, a default blocklist is distributed with our software,
+listing only the IPs of past DOS sources.
+There
+is no automatic update mechanism.
+Should a particular IP range implement serious attacks on the I2P network,
+we would have to ask people to update their blocklist manually through
+out-of-band mechanisms such as forums, blogs, etc.
+</p>
{% endblock %}
diff --git a/www.i2p2/pages/how_threatmodel_fr.html b/www.i2p2/pages/how_threatmodel_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..e73a2bf58a792bc91bc0f3b1c65fa60c666643c8
--- /dev/null
+++ b/www.i2p2/pages/how_threatmodel_fr.html
@@ -0,0 +1,617 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Modèle des menaces pour I2P{% endblock %}
+{% block content %}
+Traduction d'avril 2011. <a href="how_threatmodel.html">Version anglaise actuelle</a><br /><br />
+Mise à jour de novembre 2010, valide pour la version 0.8.1 du routeur
+<h2>Ce que nous entendons par "anonyme"</h2>
+
+<p>Votre niveau d'anonymat peut se définir par "la difficulté que quelqu'un rencontrera pour trouver des informations
+vous concernant que vous ne voulez pas qu'il connaisse" - qui vous êtes, où vous vous trouvez, avec qui vous
+communiquez, ou même quand. L'anonymat "parfait" n'est ici un concept ni pertinent ni utile : un logiciel ne vous
+rendra pas indiscernable par des gens qui n'utilisent ni ordinateur ni Internet. Nous travaillons plutôt à produire
+l'anonymat suffisant aux besoins réels, dans la mesure du possible, de qui que ce soit - de ceux qui se promènent
+simplement sur Internet, à ceux qui échangent des données, jusqu'à ceux inquiets de l'intrusion des organisations et
+des états.</p>
+
+<p>La réponse à la question de savoir si I2P apportera un anonymat suffisant à vos besoins particuliers est difficile,
+mais nous espérons que cette page vous éclairera en passant en revue les diverses menaces.</p>
+
+<p>Nous accueillons avec bienveillance toutes recherches et analyses supplémentaires sur la résistance d'I2P aux
+menaces décrites ci-dessous. Nous avons besoin de plus de recherche sur la littérature existante (dont la plus grande
+partie est focalisée sur Tor), ainsi que de travaux originaux.</p>
+
+<h2>Résumé de la topologie du réseau</h2>
+<p>I2P germe des idées de nombreux <a href="how_networkcomparisons">autres</a> <a href="links_fr">systèmes</a>, mais
+il faut garder à l'esprit un petit nombre de points essentiels quand on examine la littérature concernée :</p><ul>
+<li><b>I2P est un réseau croisé sur routes libres</b> - le créateur du message définit explicitement le chemin par
+lequel celui-ci sera envoyé (le tunnel sortant), et le destinataire du message définit explicitement le chemin par
+lequel le message sera reçu (le tunnel entrant).
+</li>
+<li><b>I2P n'a aucuns points d'entrée ou de sortie officiels</b> - tous les pairs participent intégralement au
+maillage, et il n'y a pas de mandataires entrants ou sortants au niveau de la couche réseau (il en existe cependant
+quelques-uns au niveau de la couche application)</li>
+<li><b>I2P est entièrement décentralisé</b> - il n'y a pas de contrôles ou d'autorités centrales : quelqu'un pourrait,
+sans briser la compatibilité avec le reste du réseau, modifier quelques routeurs en vue de contrôler une partie de la
+chaîne de maillage (en construisant les tunnels et en maîtrisant les clés nécessaires au pilotage du transfert au
+niveau du point terminal du tunnel) ou élaborer une sélection basée sur un profilage des informations d'annuaire, mais
+ceci n'est bien sûr pas nécessaire (et pourrait même réduire son anonymat à néant).</li>
+</ul>
+<p>
+ Nous avons des plans documentés de mise en œuvre de <a href="todo_fr#stop">retards conséquents</a> et
+de <a href="todo_fr#batching">stratégies traitements par lots</a> dont l'existence et le détail des modalités ne sont
+connus que par le saut ou la passerelle de tunnel particuliers qui reçoivent le message, pour permettre au réseau
+(croisé à basse latence dans sa caractéristique principale) de fournir un trafic de camouflage aux communications de
+latence plus élevée (p.ex. les e-mails). Nous savons que l'introduction de retards élevés est requise pour assurer une
+protection significative, et que son implémentation sera une épreuve sérieuse. Il n'est cependant pas actuellement
+certain que nous solliciterons ces méthodes de retardement.</p>
+<p>
+ En théorie, des routeurs situés sur le chemin du message pourraient injecter un nombre arbitraire de sauts
+supplémentaires avant de transférer le message au pairs suivant. L'implémentation actuelle ne le fait pas.
+</p>
+
+
+<h2>Le modèle de menaces (Attaques)</h2>
+<p>
+La conception d'I2P a commencé en 2003, juste après l'apparition de l'
+<a href="http://www.onion-router.net">[Onion Routing]</a>, de <a href="http://freenetproject.org/">[Freenet]</a>, et de
+<a href="http://www.torproject.org/">[Tor]</a>. Notre conception tire de substantiels bénéfices des recherches publiées
+à cette époque. I2P utilise plusieurs des techniques du routage en oignon, et continue de bénéficier de l'intérêt que
+Tor suscite dans la recherche théorique.</p>
+<p>
+Inspirée des attaques et analyses mises en avant dans <a href="http://freehaven.net/anonbib/topic.html">littérature</a>
+(particulièrement <a href="http://citeseer.ist.psu.edu/454354.html">Traffic Analysis: Protocols, Attacks, Design Issues
+and Open Problems</a>), la suite décrit brièvement un large éventail d'attaques et plusieurs des contre-mesures prises
+par I2P. Nous tenons à jour cette liste pour y ajouter les nouvelles attaques au fur et à mesure de leurs découvertes.
+</p><p>
+Nous y adjoignons quelques attaques spécifiques à I2P. Nous n'avons pas de réponse adaptée à chacune d'elles, mais nous
+poursuivons nos recherches et fourbissons nos défenses.</p>
+<p>
+De plus, plusieurs de ces attaques sont d'autant plus potentiellement réalisables que la taille du réseau est
+actuellement modeste. Bien que nous soyons au courant de quelques limitations qui restent à résoudre, I2P est conçu
+pour accueillir des centaines de millier et même des millions de participants. Au fur et à mesure de la croissance du
+réseau, ces attaques deviendront de plus en plus difficiles à monter.</p>
+<p>
+Les pages sur la <a href="how_networkcomparisons.html">comparaison des réseaux</a> et la
+<a href="how_garlicrouting.html">terminologie des "gousses d'ail"</a> apportent aussi un éclairage complémentaire.
+</p>
+
+<h3 id="index">Index</h3>
+<ul>
+<li><a href="#bruteforce">Force brute</a></li>
+<li><a href="#timing">Attaques de timing</a></li>
+<li><a href="#intersection">Attaques d'intersection</a></li>
+<li><a href="#dos">Deni de service</a></li>
+<li><a href="#tagging">Attaques par marquage</a></li>
+<li><a href="#partitioning">Attaques par cloisonnement</a></li>
+<li><a href="#predecessor">Attaques de prédécesseur</a></li>
+<li><a href="#harvesting">Attaques de collecte</a></li>
+<li><a href="#traffic">Identification via l'analyse du trafic</a></li>
+<li><a href="#sybil">Attaques de Sibylle</a></li>
+<li><a href="#buddy">Attaques de listage de complices</a></li>
+<li><a href="#crypto">Attaques cryptographiques</a></li>
+<li><a href="#floodfill">Attaques de la part des diffuseurs</a></li>
+<li><a href="#netdb">Autres attaques de base de données</a></li>
+<li><a href="#central">Attaques des ressources centralisées</a></li>
+<li><a href="#dev">Attaques au niveau du développement</a></li>
+<li><a href="#impl">Attaques d'implémentation</a></li>
+<li><a href="#blocklist">Autres défenses et protections</a></li>
+</ul>
+
+<h3 id="bruteforce">Force brute</h3>
+
+<p>Une attaque en force brute peut être montée par un adversaire global passif ou actif qui surveillerait tous les
+transferts de messages entre tous le nœuds et tenterait d'établir une corrélation entre les messages et les chemins
+qu'ils empruntent. Le montage d'une attaque de ce type contre I2P ne serait pas une mince affaire car tous les pairs du
+réseau envoient souvent des messages (tant de bout en bout que d'entretien du réseau), sans compter les changements de
+taille et de données des messages tout au long de leur transit d'un bout à l'autre. de plus, l'attaquant externe n'a
+pas accès au messages, car la communication inter-router est à la fois cryptée et envoyée comme un flux (ce qui rend
+deux messages de 1024 bits indiscernables d'un message de 2048 bits).</p>
+
+<p>Cependant, un attaquant puissant peut utiliser la force brute pour détecter des tendances - s'il peut envoyer 5 Go Ã
+une destination I2P et surveiller toutes les connexions du réseau, il peut éliminer les pairs qui n'ont pas reçu 5 Go.
+Il existe des techniques pour déjouer cette attaque, mais elle serait prohibitive (voir :
+<a href="http://citeseer.ist.psu.edu/freedman02tarzan.html">Tarzan</a> et sa simulation de trafic à taux constant). La
+plupart des utilisateurs ne craignent pas cette attaque à cause de son extrême coût de montage (et du fait qu'elle
+nécessiterait à coup sûr un comportement légalement répréhensible). Elle est malgré tout envisageable au niveau d'un
+gros FAI ou d'un point d'échange Internet. Ceux qui veulent y parer devraient prendre des mesure conservatoires, telles
+que régler de faibles limites de bande passante et l'utilisation de jeux de baux cryptés ou non publiés pour les sites
+eep. D'autre contre-mesures comme les retards volontaires et les routes privées ne sont pas implémentées actuellement.
+</p><p>
+En tant que protection partielle envers un seul routeur ou un groupe de routeurs qui tenteraient de router tout le
+trafic du réseau, le routeur contient des limites quand au nombre de tunnels pouvant être routés par un seul pair.
+À mesure de la croissance du réseau, ces limites sont sujettes à ajustements ultérieurs.
+D'autres mécanismes d'évaluation, de sélection et d'évitement des pairs sont approfondis la page
+<a href="how_peerselection.html">sélection des pairs</a>.
+</p>
+
+
+
+<h3 id="timing">Attaques de timing</h3>
+
+<p>Les messages I2P sont unidirectionnels et n'induisent pas nécessairement de réponse. Cependant, les applications
+tournant sur I2P ont certainement des motifs reconnaissables dans la fréquence de leurs messages - par exemple
+une requête HTTP est un court message suivi d'une longue séquence de messages constituant la réponse. Connaissant ça,
+un attaquant doté d'une large vue sur la topologie du réseau serait en mesure d'écarter les liens trop lents pour avoir
+pu transférer les réponses dans le temps observé.</p>
+
+<p>Ce genre d'attaque est efficace, mais sa faisabilité n'est pas évidente car les retards variables sur les transferts
+de messages dus à mise en file d'attente, au traitement et au bridage dépassent souvent le temps nécessaire au passage
+à travers un seul lien - même si l'attaquant sait qu'une réponse repartira dès le message reçu. Il y a quelques
+scenarii qui exposent cependant des réponses automatiques rapides - c'est le cas dans l'utilisation de la
+bibliothèque de flux (avec le SYN+ACK), et le mode transmission garantie (avec la paire
+DataMessage+DeliveryStatusMessage).</p>
+
+<p>Sans camouflage du protocole ou latences plus élevées, des adversaires globaux actifs peuvent obtenir des
+informations significatives. Les gens soucieux de ces attaques pourraient augmenter la latence (en utilisant des
+<a href="todo_fr#stop">retards non négligeables</a> ou les
+<a href="todo_fr#batching">stratégies de traitement par lots</a>), le camouflage de protocole, ou d'autres
+<a href="todo_fr#batching">techniques</a> de routage en tunnel avancées, mais celles-ci ne sont pas implémentées dans
+I2P.
+</p>
+
+<p>Références:
+<a href="http://www.cs.colorado.edu/department/publications/reports/docs/CU-CS-1025-07.pdf">Low-Resource Routing
+Attacks Against Anonymous Systems</a>
+</p>
+
+<h3 id="intersection">Attaques d'intersection</h3>
+
+<p>Les attaques d'intersection contre les systèmes à basse latence sont très efficaces - il s'agit de contacter
+périodiquement la cible et de conserver la trace des pairs présents sur le réseau. Au fil du temps, quand la présence
+des nœuds est bien homogénéisée, l'attaquant obtient des informations en croisant simplement les jeux de pairs en ligne
+quand un message les traverse avec succès. Le coût de cette attaque croît avec la taille du réseau, mais pourrait être
+faisable dans certaines circonstances.</p>
+
+<p>
+En résumé, si un attaquant se trouve à chaque extrémité de votre tunnel au même moment, il pourrait y parvenir. I2P ne
+dispose pas de parade ultime contre ça pour les communications à basse latence. Il s'agit d'une faiblesse inhérente au
+routage en oignon à basse latence. Tor fait clairement état de la
+<a href="https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#Whatattacksremainagainstonionrouting">
+même mise en garde</a>.
+</p><p>
+Défenses partielles implémentées dans I2P :
+<ul><li>
+<a href="tunnel-alt.html#ordering">Tri strict</a> des pairs
+</li><li>
+<a href="how_peerselection.html">Profilage et sélection des pairs</a> à partir d'un petit groupe qui change peu souvent
+</li><li>
+Limitation du nombre de tunnels routés par un seul pair
+</li><li>
+Empêchement des pairs d'une même plage d'adresses IP /16 d'être membres d'un même tunnel
+</li><li>
+Pour les eepsites et autres services hébergés, nous fournissons la possibilité d'hébergement simultané sur de multiples
+routeurs ou <a href="#intersection">multi-résidence</a>
+</li></ul>
+
+Même prises ensemble, ces protections ne constituent pas une réponse complète. Aussi avons-nous pris quelques décisions
+de conception qui peuvent sensiblement augmenter notre vulnérabilité:
+<ul><li>
+Nous n'utilisons pas de nœuds flics à faible bande passante.
+</li><li>
+Nous utilisons des groupes de tunnels constitués de plusieurs tunnels, et le trafic peut basculer d'un tunnel à l'autre.
+</li><li>
+Les tunnels ont une durée de vie courte ; de nouveaux tunnels sont construits toutes les 10 minutes.
+</li><li>
+Les longueurs des tunnels sont configurables. Les tunnels à 3 sauts sont recommandés pour une protection complète,
+mais plusieurs applications et services utilisent par défaut des tunnels à 2 sauts.
+</li></ul>
+
+
+</p><p>
+Dans le futur, on peut envisager d'utiliser pour les pairs qui peuvent se le permettre, utiliser des délais importants
+(via les <a href="todo_fr#stop">retards volontaires</a> et les <a href="todo_fr#batching">stratégies de traitement par
+lots</a>). De plus, ceci ne vaut que pour les destinations que d'autres gens connaissent - un groupe privé dont la
+destination n'est connue que par des pairs de confiance n'a pas à s'inquiéter, car un adversaire ne peut pas les
+"pinguer" pour monter une attaque.</p>
+
+<p>Référence:
+<a href="http://blog.torproject.org/blog/one-cell-enough">One Cell Enough</a>
+</p>
+
+
+
+<h3 id="dos">Déni de service</h3>
+
+<p>Il y a tout un groupe d'attaques de déni de service disponibles contre I2P, chacune ayant ses propres coûts et
+conséquences :</p><ul>
+<li><b>L'attaque du goinfre :</b> c'est simplement celui qui essaye de consommer beaucoup plus de ressources qu'il n'en
+fournit. Les parades : <ul>
+ <li>Définir les réglages par défaut de telle sorte que les utilisateurs fournissent des ressources au réseau. Dans
+I2P, les utilisateurs font par défaut du routage de trafic. À la différence radicale avec
+d'<a href="https://torproject.org/">autres réseaux</a>, jusqu'à 95% des utilisateurs d'I2P relaient du trafic pour les
+autres.
+ </li>
+ <li>Fournir des options de configuration simples à utiliser pour que les utilisateurs puissent augmenter leur
+contribution au réseau (pourcentage de partage). Afficher des mesures simples à comprendre comme le ratio de partage
+pour permettre aux utilisateur de voir en quoi ils contribuent.
+ </li><lil>
+ Maintenir une forte communauté grâce à des blogs, des forums, l'IRC, et autres moyens de communication.
+ </li></ul>
+<li><b>L'attaque de la famine :</b> l'utilisateur hostile peut tenter de vicier le réseau en créant un grand nombre de
+pairs n'étant bien sûr pas identifiés comme contrôlés par la même entité (comme avec l'attaque de Sibylle). Ces nœuds
+décident alors comme un seul homme de ne fournir aucunes ressources au réseau, conduisant alors les autres pairs Ã
+faire leurs recherches dans une base de données plus grande ou demander plus de tunnels qu'il ne serait nécessaire.
+L'apprenti nazillon pourrait aussi fournir un service erratique en abandonnant régulièrement une sélection de trafic ou
+en refusant les connexions à certains pairs. Ce comportement peut être indiscernable de celui d'un nœud surchargé ou
+défaillant. I2P gère ces problèmes en maintenant des <a href="how_peerselection.html">profils</a> sur les pairs, en
+tentant d'identifier les nœuds anémiés pour les ignorer purement et simplement, ou les utiliser rarement. Nous avons
+sensiblement amélioré la capacité à reconnaître et éviter les pairs à performances réduites, mais il reste pas mal
+d'efforts à fournir de ce côté là .
+</li>
+<li><b>Attaque par inondation :</b> l'utilisateur hostile peut tenter de noyer le réseau, un pair, une destination ou
+un tunnel. l'inondation d'un pair ou du réseau est possible, et I2P ne fait rien pour empêcher le bombardement de la
+couche IP. La tentative de faire boire un bouillon de messages à une destination par plusieurs de ses passerelles de
+tunnels entrants est également possible, mais elle en sera avertie aussi bien par le contenu des messages que par
+l'échec des tests de tunnels. La même analyse concerne aussi les tentatives d'engorgement d'un tunnel donné. I2P n'a
+pas de défense contre les attaques par inondation. Quand la cible est une destination ou un tunnel, elle identifie le
+tunnel constipé et en crée d'autres. Du nouveau code pourrait permettre d'ajouter encore plus de tunnels si le client
+souhaite gérer la charge plus forte. D'un autre côté, si la charge est supérieure à ce que le client peut gérer, il
+pourrait indiquer aux tunnels de brider le nombre de messages ou d'octets qu'ils devraient passer (une fois les
+<a href="todo_fr#batching">fonctions de tunnels avancées</a> implémentées).</li>
+<li><b>Attaques de charge CPU :</b> il existe actuellement quelques méthodes pour demander à un pair distant
+d'exécuter de coûteux calculs cryptographiques, et un attaquant pourrait essayer d'en surcharger un pair pour mettre
+son UC à genoux. L'utilisation de bonnes pratiques d'ingénierie, éventuellement conjointes à des certificats peu
+courants (p.e. les pénalités HashCash) rattachées à ces requêtes de travaux coûteux, devraient limiter le problème,
+bien qu'il puisse rester des possibilités pour un attaquant d'exploiter divers bogues dans l'implémentation.</li>
+<li id="ffdos"><b>Attaque DOS par des diffuseurs :</b> un autre attaquant (ou le même, décidément sa mère a confondu la
+salle d'accouchement et les chiottes) pourrait essayer de perturber le réseau en devenant un routeur diffuseur. Les
+protections actuelles contre les diffuseurs non fiables, intermittents ou pervers sont faibles. Un diffuseur peut
+fournir de mauvaises réponses aux requêtes ou pas de réponse du tout, et il peut aussi interférer avec la communication
+inter-diffuseurs. Quelques défenses et le <a href="how_peerselection">profilage de pairs</a> sont implémentés, mais il
+ne reste pas grand chose à faire. Pour plus d'informations, voir la page
+<a href="how_networkdatabase.html#threat">base de données du réseau</a>.
+</li>
+</ul>
+
+<h3 id="tagging">Attaques par marquage</h3>
+<p>Les attaques par marquage - modifier un message pour pouvoir l'identifier plus loin sur son chemin - sont par
+elles-mêmes impossibles dans I2P, car les messages passant par les tunnels sont signés. Cependant, si l'attaquant est
+la passerelle de tunnel entrant et par collusion en même temps un participant au même tunnel, il peut identifier le
+fait qu'ils sont dans le même tunnel (avant l'implémentation des <a href="todo_fr#tunnelId">identifiants uniques de
+tunnels</a> et autres mises à jour, des pairs complices dans un même tunnel pouvaient détecter cette circonstance sans
+aucun effort). Un attaquant dans un tunnel sortant et une partie quelconque d'un tunnel entrant ne peuvent cependant
+pas coopérer car le cryptage de tunnels remplit les paquets et modifie les données séparément pour les tunnels entrants
+et sortants. Les attaquants externes ne peuvent rien manigancer, car les liens sont cryptés et les messages signés.</p>
+
+<h3 id="partitioning">Attaques par cloisonnement</h3>
+
+<p>Les attaques par cloisonnement - trouver des moyens de différentier (techniquement ou analytiquement) les pairs d'un
+réseau - sont importantes à ne pas perdre de vue quand il s'agit de considérer leur utilisation par un adversaire
+doté de gros moyens, car la taille du réseau joue un rôle prépondérant dans la détermination de votre anonymat.
+Le cloisonnement technique réalisé en coupant des liens entre pairs pour des réseaux fragmentés est pris en compte par
+la base de données intégrée d'I2P, qui entretient des statistiques sur les divers pairs tant pour permettre
+l'exploitation de connexions existantes vers des zones isolées que pour cicatriser le réseau. De toute façon, si
+l'attaquant déconnecte tous les liens vers des pairs non contrôlés, isolant ainsi la cible, la base de donnée ne lui
+sera d'aucun secours. À ce moment, la seule chose que le client puisse espérer c'est que le routeur cible détecte qu'un
+nombre important de pairs précédemment fiables sont devenus inaccessibles et qu'il le prévienne qu'il est
+temporairement déconnecté (ce code de détection n'est pas implémenté à ce jour).</p>
+
+<p>Le cloisonnement du réseau par l'analyse des différences dans la façon dont routeurs et destinations se comportent
+et les regrouper en conséquence est un autre méthode d'attaque très fructueuse. Par exemple, l'attaquant qui
+<a href="#harvesting">collecte</a> la base de données du réseau saura quand une destination donnée aura 5 tunnels
+entrants dans ses jeux de baux, quand les autres n'en ont que 2 ou 3, ce qui permettrait à l'attaquant d'isoler la
+cible par le nombre de tunnels sélectionnés. Une autre partition est possible par le moyen des
+<a href="todo_fr#stop">retards non négligeables</a> et des <a href="todo_fr#batching">stratégies de traitement par
+lots</a>, car les passerelles de tunnel et les sauts particuliers à retards non-nuls seront probablement mis en avant.
+Quoi qu'il en soit, cette donnée n'est exposée qu'à ces sauts particuliers, et donc, pour cloisonner effectivement sur
+ce critère, l'attaquant devrait contrôler une partie importante du réseau (et ça ne serait encore qu'une partition
+probabiliste, car il ne saurait pas quels tunnels ou quels messages sont affublés de cet attribut de retard).
+</p><p>
+Également discuté sur la page <a href="how_networkdatabase.html#threat">base de données du réseau</a>
+(attaque d'amorçage).
+</p>
+
+<h3 id="predecessor">Attaques de prédécesseur</h3>
+
+<p>L'attaque de prédécesseur collecte passivement des données statistiques pour trouver quels pairs sont "proches" de
+la destination en participant à leurs tunnels et en gardant la trace des sauts précédents et suivants (respectivement
+pour les tunnels sortants et entrants). Sur la durée, en utilisant un échantillon parfaitement aléatoire de pairs et un
+tri aléatoire, l'attaquant pourrait parvenir à voir quel pair se montre statistiquement plus "proche" que les autres,
+et donc ainsi révéler où est la cible.</p>
+
+<p>I2P empêche ceci par quatre moyens : d'abord, les pairs retenus pour participer aux tunnels ne sont pas choisis
+aléatoirement dans le réseau - ils sont déduits de l'algorithme de <a href="how_peerselection">sélection des pairs</a>
+qui les répartit en groupes. Puis avec le <a href="tunnel-alt.html#ordering">tri strict</a> des pairs d'un tunnel, le
+fait qu'un pair apparaît plus souvent ne signifie pas qu'il est la source. Ensuite, grâce à la
+<a href="tunnel-alt.html#length">longueur de tunnel permutée</a> (non activée par défaut), même des tunnels à 0 saut
+peuvent fournir un alibi recevable car les changements occasionnels de la passerelle les font apparaitre comme des
+tunnels normaux. Et pour finir, avec les <a href="todo_fr#fullRestrictedRoutes">routes réservées</a> (pas encore
+implémentées), seul le pair en connexion réservée à la cible pourra la contacter, et l'attaquant se heurtera alors Ã
+la passerelle.</p>
+<p>
+La <a href="tunnel-alt-creation.html">méthode de construction des tunnels</a> actuelle a été spécifiquement conçue pour
+parer aux attaques de prédécesseur. Voir aussi l'<a href="#intersection">attaque d'intersection</a>.
+</p>
+
+<p>Références:
+<a href="http://prisms.cs.umass.edu/brian/pubs/wright.tissec.2008.pdf">
+http://prisms.cs.umass.edu/brian/pubs/wright.tissec.2008.pdf</a> qui est une mise à jour de 2008 de la publication sur
+l'attaque de prédécesseur
+<a href="http://prisms.cs.umass.edu/brian/pubs/wright-tissec.pdf">
+http://prisms.cs.umass.edu/brian/pubs/wright-tissec.pdf</a>.
+</p>
+
+
+<h3 id="harvesting">Attaques de collectes</h3>
+<p>
+"Collecter" signifie dresser une liste d'utilisateurs d'I2P. Elle peut servir à des "attaques" légitime et pour aider Ã
+réaliser d'autres attaques par la simple exécution d'un pair, pour savoir à qui il se connecte et recueillir toutes
+les références aux autres pairs qu'il peut trouver.</p>
+<p>
+I2P n'est pas en lui-même conçu avec des protections effectives contre cette attaque, puisque l'existence même de la
+base de données du réseau pourrait relever de cette définition. Les détails suivants rendent cette attaque plutôt
+difficile dans la pratique :
+<ul><li>
+La croissance du réseau rend encore plus difficile l'obtention d'une portion donnée du réseau.
+</li><li>
+Les routeurs diffuseurs ont des limites pour les requêtes comme protection contre les attaques de déni de service.
+</li><li>
+Le "mode caché", qui empêche un routeur de se publier dans la base de données (mais l'empêche aussi de relayer), n'est
+pas actuellement très utilisé, mais il pourrait l'être.
+</li></ul>
+Dans de futures implémentations, grâce aux routes réservées <a href="todo_fr#nat">basiques</a> et
+<a href="todo_fr#fullRestrictedRoutes">complètes</a>, ce type d'attaques perdra beaucoup de son efficacité, car les
+pairs "cachés" ne publient pas leurs adresses de contact dans la base de données - mais uniquement les tunnels par
+lesquels on peut les atteindre, leurs clés publiques, etc…)</p>
+<p>
+Plus tard les routeurs pourront utiliser GeoIP pour savoir s'ils sont dans un pays où l'identification en tant
+qu'utilisateur d'I2P pourrait être dangereuse. Dans ce cas, le routeur pourrait automatiquement activer le mode caché
+ou mettre en œuvre les autres méthodes de routes réservées.</p>
+
+
+
+<h3 id="traffic">Identification par analyse de trafic</h3>
+<p>
+En surveillant le trafic d'un routeur, un FAI sans scrupule ou un pare-feu
+<a href="http://fr.wikipedia.org/wiki/Pare-feu_%28informatique%29#Pare-feu_.C3.A0_.C3.A9tats_.28
+stateful_firewall.29">à état</a> pourrait déterminer qu'un ordinateur utilise I2P. Comme expliqué ci-dessus
+<a href="#harvesting">(collecte)</a>, I2P n'est pas conçu pour se cacher lui-même. Cependant, certaines décisions de
+conception du transport <a href="transport.html">(couche et protocole)</a> rendent l'identification du trafic I2P
+difficile :<ul><li>
+Sélection de port aléatoire.
+</li><li>
+Cryptage de bout en bout de tout le trafic.
+</li><li>
+Échange de clé Diffie-Hellman sans octets de protocole ou autres champs de constantes non cryptés.
+</li><li>
+Utilisation simultanée des transports <a href="ntcp.html">TCP</a> et <a href="udp.html">UDP</a>. UDP est plus difficile
+à suivre pour les équipements d'analyse détaillée de paquets (DPI).
+</li></ul>
+
+Nous prévoyons dans un avenir proche de régler le problème d'analyse du trafic par d'autres moyens de brouillage des
+protocoles de transport I2P, éventuellement :
+<ul><li>
+Bourrage/remplissage au niveau de la couche transport à des longueurs aléatoires, particulièrement pendant les poignées
+de main (handshake).
+</li><li>
+Étude de la signature de distribution des tailles de paquets, et bourrage supplémentaire si nécessaire.
+</li><li>
+Développement de méthodes de transport supplémentaires qui miment SSL ou d'autre protocoles communs.
+</li><li>
+Examen des stratégies de bourrage aux niveaux supérieurs pour voir si elles impactent la taille des paquets au niveau
+de la couche transport.
+</li><li>
+Examen des méthodes implémentées par les pare-feux à état pour bloquer Tor.
+</li><li>
+Collaboration directe avec les experts de l'analyse approfondie des paquets et du brouillage.
+</li></ul>
+</p><p>
+Références:
+<a href="http://www.cse.chalmers.se/%7Ejohnwolf/publications/hjelmvik_breaking.pdf">Breaking and Improving Protocol
+Obfuscation</a>
+</p>
+
+
+
+<h3 id="sybil">Attaques de Sibylle</h3>
+
+<p>On range sous cette appellation les attaques mettant en œuvre la création d'un grand nombre arbitraire de nœuds
+coalisés et de leur utilisation pour aider à monter d'autres types d'attaques. Par exemple, si un attaquant se trouve
+sur un réseau dans lequel les pairs sont sélectionnés aléatoirement et qu'il désire avoir 80% de chances d'être un de
+ceux là , il n'a qu'à créer cinq fois plus de nœuds qu'il n'y en a déjà dans le réseau, et lancer les dés. Quand
+l'identité est libre, la méthode Sibylle peut être très productive pour un attaquant aux moyens importants. La
+principale technique d'empêcher ça est de rendre l'identité non libre - parmi d'autres,
+<a href="http://www.pdos.lcs.mit.edu/tarzan/">Tarzan</a> se sert de la limite des adresses IP, alors qu'IIP utilisait
+les pénalités <a href="http://www.hashcash.org/">HashCash</a> comme ticket d'entrée à la création d'une nouvelle
+identité. Nous n'avons ce jour implémenté aucune technique particulière pour répondre à ces attaques, mais nous avons
+des champs réservés de certificats dans les structures de données des routeurs et des destinations qui peuvent contenir
+un certificat de HashCash de valeur appropriée si nécessaire (ou autre certificat d'épreuve de rareté).
+</p><p>
+La nécessité de certificats pénalisants à divers endroits a deux défauts majeurs :
+<ul><li>
+L'incompatibilité ascendante.
+</li><li>
+Le défaut principal des systèmes de pénalités - le choix de valeurs significatives pour les machine de dernier cri,
+tout en restant à la portée des machines d'entrée de gamme comme les appareils portables.
+</li></ul>
+</p><p>
+Diverses limitations du nombre de routeurs dans un intervalle IP réduisent la vulnérabilité à l'attaquant qui n'a pas
+la possibilité de placer ses machines dans plusieurs blocs d'IP. Cependant, ça n'est pas suffisant contre un adversaire
+Ã gros moyens.
+</p><p>
+Voir la page sur la <a href="how_networkdatabase.html#threat">base de données du réseau</a> sur le sujet des attaques
+de type Sibylle.
+</p>
+
+
+<h3 id="buddy">Attaques par listage de complices</h3>
+<p>
+ (Référence:
+ <a href="https://netfiles.uiuc.edu/mittal2/www/nisan-torsk-ccs10.pdf">In Search of an Anonymouns
+and Secure Lookup</a> Section 5.2)
+</p>
+<p>
+En refusant d'accepter les requêtes de création ou de transfert de tunnels, à part pour les pairs complices, un routeur
+peut d'assurer qu'un tunnel n'est composé que de complices. Les chances de succès sont accrues par un grand nombre de
+complices, par exemple grâce à l'aide d'une attaque par la <a href="#sybil">méthode Sibylle</a>. Ceci est diminué par
+nos méthodes de <a href="how_peerselection">profilage des pairs</a> utilisées pour surveiller leurs performances. Mais
+ça reste une attaque efficace quand le nombre de routeurs approche de <i>f</i> = 0.2, ou 20% de nœuds toxiques, comme
+c'est indiqué dans cet article. Les routeurs attaquants peuvent aussi maintenir des connexions à la cible et lui
+fournir une excellente bande passante de transfert pour influencer le profilage effectué par la cible en apparaissant
+attractifs. D'autres recherches et protections sont nécessaires.
+</p>
+
+
+<h3 id="crypto">Attaques cryptographiques</h3>
+
+<p>
+Nous utilisons la cryptographie forte à clés longues, et nous adoptons la sécurité des fonctions primitives des
+standards industriels pour I2P, comme détaillé sur la page concernant la
+<a href="how_cryptography">cryptographie sous-jacente</a>. Les fonctionnalités de sécurité incluent la détection
+immédiate de messages altérés, l'impossibilité de déchiffrer les messages qui ne vous sont pas destinés et la
+protection contre les attaques de type "usurpation d'identité" (man-in-the-middle). Les tailles de clés choisie en 2003
+sont encore assez raisonnables aujourd'hui, et sont même plus longues que celles utilisées dans
+d'<a href="https://torproject.org/">autres systèmes anonymes</a>. Nous pensons que la longueur des clés n'est pas notre
+plus grosse faiblesse particulièrement pour les adversaires traditionnels ; les bogues et la petite taille du réseau
+sont plus inquiétants. Bien sûr, tous les algorithmes cryptographiques sont sujets à obsolescence à cause de
+l'apparition de processeurs plus rapides, de la recherche en cryptographie, et de méthodes comme celles des
+<a href="http://fr.wikipedia.org/wiki/Table_arc-en-ciel">tables arc-en-ciel</a> et des grappes de consoles de jeux
+vidéo, etc… Malheureusement, I2P n'a pas été conçu avec des mécanismes simples d'allongement des clés ou de
+changements de valeur de secrets partagés tout en conservant la compatibilité ascendante.
+</p><p>
+La mise à jour de diverses structures de données et protocoles en vue de supporter des clés plus longues devra sûrement
+être prise à bras le corps, et ce sera une <a href="how_cryptography">entreprise majeure</a>, tout comme ça le sera
+pour les autres systèmes. Heureusement, avec un planning soigneux, nous pouvons minimiser les interruptions de
+fonctionnement et implémenter des mécanismes de transition en douceur.
+</p><p>
+Prochainement, plusieurs protocoles et structures de données supporteront le bourrage sécurisé des messages à une
+taille arbitraire, en sorte que les messages aient une taille constante ou que les messages en tête d'ail puissent être
+modifiés aléatoirement pour que quelques gousses semblent contenir plus de sous-gousses qu'elles n'en contiennent
+réellement. Pour l'instant cependant, les têtes d'ail, les tunnels et les messages de bout en bout utilisent un simple
+bourrage aléatoire.</p>
+
+<h3 id="floodfill">Attaques de l'anonymat de la part des diffuseurs</h3>
+<p>
+En plus des attaques de DdS par les diffuseurs décrites <a href="#ffdos">plus haut</a>, les routeurs diffuseurs,
+sont dans une position privilégiée pour avoir connaissance des participants au réseau (du fait de leur rôle dans la
+base de données et du niveau élevé de communication qu'ils entretiennent avec les participants). Ceci est quand même
+pondéré à la baisse car les diffuseurs ne gèrent qu'une partie réduite de l'espace de clés total, et que celui-ci
+change tous les jours comme expliqué sur la page de la
+<a href="how_networkdatabase.html#threat">base de données du réseau</a>. Les mécanismes particuliers par lesquels les
+routeurs communiquent avec les diffuseurs ont été <a href="how_networkdatabase.html#delivery">soigneusement conçus</a>.
+Ces menaces devraient cependant faire l'objet d'examens plus poussés. Des menaces potentielles spécifiques et les
+protections correspondantes sont un sujet de futures recherches.
+</p>
+
+
+<h3 id="netdb">Autres attaques de la base de données</h3>
+<p>
+Un utilisateur hostile pourrait tenter de perturber le réseau en créant un ou plusieurs diffuseurs trafiqués pour
+fournir de mauvaises réponses, voire des réponses lentes ou même aucune. Plusieurs scenarii sont examinés
+en <a href="how_networkdatabase.html#threat">détail</a>sur sur la page de la base de données du réseau.
+</p>
+
+
+
+<h3 id="central">Attaques de ressources centrales</h3>
+<p>
+Il y a peu de ressources centrales susceptibles d'attaques ou d'y contribuer en tant que vectrices. L'absence de
+jrandom depuis novembre 2007, suivie de la perte du service d'hébergement de i2p.net en janvier 2008 ont mis en lumière
+les nombreuses ressources centralisées utilisées dans le développement et le fonctionnement d'I2P. La plupart d'entre
+elles sont maintenant décentralisées. Des attaques contre des ressources accessibles de l'extérieur affecteraient la
+facilité avec laquelle les nouveaux utilisateurs peuvent nous rejoindre, mais pas le fonctionnement du réseau lui-même.
+<ul>
+<li>Le <a href="/">site web</a> dispose de miroirs et utilise le round-robin DNS pour l'accès public externe.
+<li>Les routeurs supportent maintenant des <a href="faq_fr.html#reseed">sources de réamorçage multiples</a>, mais plus
+d'hôtes de réamorçage pourraient devenir nécessaires, et la gestion de ceux d'entre eux qui seraient peu fiables ou
+carrément vénéneux devrait faire l'objet d'améliorations.
+<li>Les routeurs supportent aussi plusieurs lieux de mise à jour. Un hôte de mise à jour vérolé pourrait délivrer un
+fichier énorme, il nous faut limiter la taille.
+<li>Les routeurs supportent maintenant par défaut de multiples signataires de mise à jour.
+<li>Ils ont aussi une meilleure gestion des <a href="#ffdos">multiples pairs diffuseurs non fiables</a>. Le problème
+des diffuseurs hostiles doit faire l'<a href="#ffdos">objet</a> d'une étude <a href="#floodfill">supplémentaire</a>.
+<li>Le code est maintenant stocké dans un <a href="monotone.html">système de contrôle de versions décentralisé</a>.
+<li>Les routeurs se reposent sur un seul hôte pour les news, mais il y a une URL de secours codée en dur qui pointe sur
+autre hôte. Un hôte corrompu pourrait fourguer un fichier monstrueux, il nous faut verrouiller ça.
+<li>Les <a href="naming_fr.html">services systèmes de nommage</a>, dont les fournisseurs d'abonnements du carnet
+d'adresses, les services d'ajout d'hôtes et les services de saut pourraient être corrompus. Des protections
+conséquentes pour les abonnements on été mises en place dans la version 0.6.1.31, avec d'autres améliorations dans les
+versions suivantes. Cependant, tous les services de nommage ont besoin de quelque mesure de confiance. Voir les détails
+dans la page sur le <a href="naming_fr.html">nommage</a>.
+<li>Nous restons dépendants de DNS pour le domaine i2p2.de, et sa défaillance pourrait causer une perte substantielle Ã
+notre capacité d'attirer de nouveaux utilisateurs, et pourrait restreindre le réseau à court et moyen terme comme le
+fit la perte d'i2p.net.</ul>
+
+
+<h3 id="dev">Attaques au niveau du développement</h3>
+
+<p>
+Ces attaques n'ont pas directement lieu sur le réseau, mais concernent plutôt son équipe de développement, soit par
+l'introduction d'obstacles juridiques destinés à entraver quiconque participerait au développement du logiciel, soit
+par tout moyen disponible pour amener les développeurs à corrompre le logiciel. Les mesures techniques traditionnelles
+ne peuvent pas déjouer ces attaques et si quelqu'un menaçait la vie ou les moyens d'existence d'un développeur (ou même
+une injonction légale de cessation d'activité sous peine de prison), ça représenterait un très sérieux problème.</p>
+<p>
+Nous avons deux moyens pour nous prémunir de ces attaques :
+<ul>
+<li> Tous les éléments du réseau doivent être open-source pour permettre leur inspection, vérification, modification,
+et amélioration. Si un développeur est compromis, la communauté, une fois avertie, devrait demander des explications et
+refuser d'accepter ses contributions. Toutes les adjonctions à notre <a href="monotone.html">SCV</a> sont numériquement
+signées, et les publieurs de nouvelles version utilisent un système de liste de confiance pour restreindre les
+possibilités de modifications à ceux précédemment approuvés.</li>
+<li>Le développement se fait sur le réseau lui-même, ce qui permet aux développeurs de rester anonymes mais renforce
+encore la sécurité du processus de développement. Tout le développement d'I2P peut se faire via I2P - par l'utilisation
+du <a href="monotone.html">SCV</a> que nous avons choisi, l'IRC, des serveurs web publics, des forums de discussion
+(forum.i2p), et les sites de distribution du logiciel, tous disponibles dans I2P.</li>
+</ul>
+Nous entretenons des relations avec diverses organisations qui offrent du conseil juridique, s'il advenait jamais
+qu'une protection devienne nécessaire.</p>
+
+<h3 id="impl">Attaques sur l'implémentation (bogues)</h3>
+<p>
+Malgré tous les efforts, la plupart des applications évoluées comportent des erreurs de conception ou de mise en œuvre,
+et I2P n'y fait pas exception. Il pourrait y avoir des bogues qui pourraient être exploités pour attaquer l'anonymat ou
+la sécurité des communications passant par I2P de façons inattendues. Pour aider à la résistance contre les conceptions
+et protocoles en usage, nous publions toutes les conceptions et la documentation, et nous sollicitons la critique et
+l'examen dans l'espoir que de nombreux avis amélioreront le système. Nous n'adhérons pas à l'idée de
+<a href="http://www.haystacknetwork.com/">sécurité par l'obscurité</a>.</p>
+<p>
+De plus, le code est traité de la même façon, avec une légère aversion pour la révision ou l'expulsion pure et simple
+de quoi que ce soit qui ne concerne pas les besoins du système logiciel (y compris les facilités de modifications).
+La documentation de conception et d'implémentation du réseau et des composants logiciels est une partie essentielle de
+la sécurité, car sans elle il est peu probable que des développeurs aient envie d'investir beaucoup de temps pour
+assimiler suffisamment les arcanes du logiciel pour pouvoir y détecter des défauts et des bogues.</p>
+<p>
+Notre logiciel est potentiellement porteur, en particulier, de bogues relatifs au déni de service jusqu'au dépassement
+de capacité mémoire (OoMs), aux problèmes de scripts inter-sites (XSS) dans la console et autre vulnérabilités aux
+entrées non standard via les divers protocoles.</p>
+<p>
+I2P est encore un petit réseau avec une petite communauté de développement et ne bénéficiant de presque aucun intérêt
+de la part des recherches universitaires ou des groupes de chercheurs. En conséquence, nous manquons cruellement des
+mêmes travaux d'analyse dont ont bénéficié d'<a href="https://torproject.org/">autres systèmes d'anonymat</a>. Nous
+continuons à faire appel aux gens pour <a href="getinvolved_fr.html">s'impliquer</a> et nous aider.
+</p>
+
+
+
+
+<h2>Autres protections</h2>
+<h3 id="blocklist">Listes de blocage</h3>
+<p>
+Dans une certaine mesure, I2P pourrait être amélioré pour écarter les pairs opérant depuis des adresses IP recensées
+dans des listes de blocage. Plusieurs d'entre elles, aisément disponibles dans différent formats, listent les entités
+anti-P2P, les entités potentiellement pressenties pour pouvoir être des adversaires "state-level", et d'autres.
+<p>
+Dans la mesure où des pairs actifs apparaissent réellement dans les listes de blocage actuelles, leur blocage par une
+fraction seule des pairs conduirait à une segmentation du réseau, augmenterait les problèmes de joignabilité, et
+diminuerait la fiabilité globale. Nous devrions en conséquence nous accorder sur une liste particulière et l'activer
+par défaut.
+<p>
+Les listes de blocage ne sont qu'une partie (et même une petite partie) d'un arsenal de défenses contre la malignité.
+Le système de profilage, par son travail d'évaluation du comportement des routeurs, en prend une grosse partie à sa
+charge, de sorte que nous n'ayons pas besoin d'établir des relations de confiance particulières avec tel ou tel élément
+de la base de données. Cependant, on peut en faire plus : pour chacun des points listés ci-dessus, il y des
+améliorations à apporter pour en détecter la nocivité.
+<p>
+Si une liste de blocage est hébergée de façon centralisée, avec des mises à jour automatisées des routeurs, le réseau
+devient plus vulnérable aux <a href="#central">attaques de ressources centrales</a>.
+Des abonnements à une liste donne au fournisseur de la liste le pouvoir d'éteindre le réseau I2P. Complètement.
+<p>
+Actuellement, une liste de blocage par défaut est distribuée avec le logiciel, ne listant que les IP d'origine
+d'attaques de déni de service passées. Il n'y a pas de mécanisme de mise à jour automatique. Si une plage IP lançait
+une attaque sérieuse sur le réseau I2P, il nous faudrait, via des moyens extérieurs au champ de bataille (forums,
+blogs, etc…), demander aux utilisateurs de mettre à jour manuellement leur liste de blocage.
+</p>
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/how_tunnelrouting.html b/www.i2p2/pages/how_tunnelrouting.html
index f30185d45b3e09589b4c63680a722db87b704a9f..cc9849de804938bcc9ab59581c440b40bbf69542 100644
--- a/www.i2p2/pages/how_tunnelrouting.html
+++ b/www.i2p2/pages/how_tunnelrouting.html
@@ -1,22 +1,35 @@
{% extends "_layout.html" %}
-{% block title %}How Tunnel Routing Works{% endblock %}
-{% block content %}<i>Note: these documents have not yet been updated to include the changes made
-in I2P 0.5 - the new
-<a href="tunnel-alt.html">tunnel
-routing and encryption</a> algorithms, addressing <a href="todo#tunnelId">several</a>
-<a href="todo#tunnelLength">issues</a> (with the groundwork for addressing
-<a href="todo#ordering">others</a>).</i>
-
-<p>As briefly explained in the <a href="how_intro">intro</a>, I2P builds virtual "tunnels" -
+{% block title %}Tunnel Overview{% endblock %}
+{% block content %}
+<p>
+Updated July 2011 for release 0.8.7
+</p>
+
+<h2>Tunnel Overview</h2>
+<p>
+This page contains an overview of I2P tunnel terminology and operation, with
+links to more technical pages, details, and specifications.
+</p>
+<p>As briefly explained in the <a href="how_intro">introduction</a>, I2P builds virtual "tunnels" -
temporary and unidirectional paths through a sequence of routers. These
-tunnels can be categorized as either inbound tunnels (where everything
-given to it goes towards the creator of the tunnel) and outbound tunnels
+tunnels are classified as either inbound tunnels (where everything
+given to it goes towards the creator of the tunnel) or outbound tunnels
(where the tunnel creator shoves messages away from them). When Alice
wants to send a message to Bob, she will (typically) send it out one of
her existing outbound tunnels with instructions for that tunnel's endpoint
to forward it to the gateway router for one of Bob's current inbound
tunnels, which in turn passes it to Bob.</p>
+<p style="text-align:center;">
<img src="/_static/images/tunnelSending.png" alt="Tunnel" />
+<pre>
+A: Outbound Gateway (Alice)
+B: Outbound Participant
+C: Outbound Endpoint
+D: Inbound Gateway
+E: Inbound Participant
+F: Inbound Endpoint (Bob)
+</pre>
+</p>
<h2>Tunnel vocabulary</h2>
<ul>
@@ -32,77 +45,105 @@ tunnels, which in turn passes it to Bob.</p>
<li><b>0-hop tunnel</b> - a tunnel where the gateway is also the endpoint</li>
<li><b>1-hop tunnel</b> - a tunnel where the gateway talks directly to the
endpoint</li>
- <li><b>2-(or more)-hop tunnel</b> - a tunnel where there is at least one
+ <li><b>2-(or more)-hop tunnel</b> - a tunnel where there is at least one intermediate
tunnel participant. (the above diagram includes two 2-hop tunnels - one
outbound from Alice, one inbound to Bob)</li>
</ul>
</li>
- <li class="gap"><b>Tunnel lifetime</b> - how long a particular tunnel is
- supposed to be in operation for (each client specifies this when contacting
- their router, and the router makes sure sufficient tunnels meeting that
- criteria are built)</li>
+ <li class="gap"><b>Tunnel ID</b> - A <a href="common_structures_spec.html#type_TunnelId">4 byte integer</a>
+ different for each hop in a tunnel, and unique among all tunnels on a router.
+ Chosen randomly by the tunnel creator.</li>
</ul>
-<h2>Tunnel information</h2>
-<p>Routers performing the three roles (gateway, endpoint, participant) are given
-different pieces of data to accomplish their tasks:</p>
+<h2>Tunnel Build Information</h2>
+<p>Routers performing the three roles (gateway, participant, endpoint) are given
+different pieces of data in the initial
+<a href="tunnel-alt-creation.html">Tunnel Build Message</a>
+to accomplish their tasks:</p>
<ul>
<li class="gap"><b>The tunnel gateway gets:</b>
<ul>
- <li><b>tunnel signing key</b> - a DSA private key for authenticating
- messages sent down the tunnel</li>
- <li><b>tunnel encryption key</b> - an AES private key for encrypting
- messages and instructions to the endpoint</li>
- <li><b>tunnel id</b> - 4 byte integer (each router can obviously only have
- one tunnel with each tunnel id at any time)</li>
- <li><b>next hop [optional]</b> - what router is the next one in the path</li>
- <li><b>configuration key</b> - an AES private key used by the tunnel's
- creator for updating the tunnel later on (if necessary)</li>
+ <li><b>tunnel encryption key</b> - an <a href="common_structures_spec.html#type_SessionKey">AES private key</a> for encrypting
+ messages and instructions to the next hop</li>
+ <li><b>tunnel IV key</b> - an <a href="common_structures_spec.html#type_SessionKey">AES private key</a> for double-encrypting
+ the IV to the next hop</li>
+ <li><b>reply key</b> - an <a href="common_structures_spec.html#type_SessionKey">AES public key</a> for encrypting
+ the reply to the tunnel build request</li>
+ <li><b>reply IV</b> - the IV for encrypting
+ the reply to the tunnel build request</li>
+ <li><b>tunnel id</b> - 4 byte integer (inbound gateways only)
+ </li>
+ <li><b>next hop</b> - what router is the next one in the path (unless this is a 0-hop tunnel, and the gateway is also the endpoint)</li>
+ <li><b>next tunnel id</b> - The tunnel ID on the next hop</li>
</ul>
</li>
- <li class="gap"> <b>The tunnel endpoint gets:</b>
+ <li class="gap"><b>All intermediate tunnel participants get:</b>
<ul>
- <li><b>tunnel verification key</b> - a DSA public key for authenticating
- messages sent down the tunnel</li>
- <li><b>tunnel encryption key</b> - an AES private key for decrypting
- messages and instructions sent by the gateway</li>
- <li><b>tunnel id</b> - 4 byte integer (each router can obviously only have
- one tunnel with each tunnel id at any time)</li>
- <li><b>configuration key</b> - an AES private key used by the tunnel's
- creator for updating the tunnel later on (if necessary)</li>
+ <li><b>tunnel encryption key</b> - an <a href="common_structures_spec.html#type_SessionKey">AES private key</a> for encrypting
+ messages and instructions to the next hop</li>
+ <li><b>tunnel IV key</b> - an <a href="common_structures_spec.html#type_SessionKey">AES private key</a> for double-encrypting
+ the IV to the next hop</li>
+ <li><b>reply key</b> - an <a href="common_structures_spec.html#type_SessionKey">AES public key</a> for encrypting
+ the reply to the tunnel build request</li>
+ <li><b>reply IV</b> - the IV for encrypting
+ the reply to the tunnel build request</li>
+ <li><b>tunnel id</b> - 4 byte integer
+ </li>
+ <li><b>next hop</b> - what router is the next one in the path</li>
+ <li><b>next tunnel id</b> - The tunnel ID on the next hop</li>
</ul>
</li>
- <li class="gap"><b>All tunnel participants get:</b>
+ <li class="gap"> <b>The tunnel endpoint gets:</b>
<ul>
- <li><b>tunnel verification key</b> - a DSA public key for authenticating
- messages sent down the tunnel</li>
- <li><b>tunnel id</b> - 4 byte integer (each router can obviously only have
- one tunnel with each tunnel id at any time)</li>
- <li><b>next hop [optional]</b> - what router is the next one in the path</li>
- <li><b>configuration key</b> - an AES private key used by the tunnel's
- creator for updating the tunnel later on (if necessary)</li>
+ <li><b>tunnel encryption key</b> - an <a href="common_structures_spec.html#type_SessionKey">AES private key</a> for encrypting
+ messages and instructions to the the endpoint (itself)</li>
+ <li><b>tunnel IV key</b> - an <a href="common_structures_spec.html#type_SessionKey">AES private key</a> for double-encrypting
+ the IV to the endpoint (itself)</li>
+ <li><b>reply key</b> - an <a href="common_structures_spec.html#type_SessionKey">AES public key</a> for encrypting
+ the reply to the tunnel build request (outbound endpoints only)</li>
+ <li><b>reply IV</b> - the IV for encrypting
+ the reply to the tunnel build request (outbound endpoints only)</li>
+ <li><b>tunnel id</b> - 4 byte integer (outbound endpoints only)
+ </li>
+ <li><b>reply router</b> - the inbound gateway of the tunnel to send the reply through (outbound endpoints only)</li>
+ <li><b>reply tunnel id</b> - The tunnel ID of the reply router (outbound endpoints only)</li>
</ul>
</li>
</ul>
-<p>In addition, there are a series of options that the creator of a tunnel sends
-when requesting a router to join a tunnel, such as the expiration date. In I2P
-3.0, options specifying the pooling, mixing, and chaff generation settings will
-be honored, and limits on the quantity and size of messages allowed during the
-tunnel's lifetime will be implemented earlier (e.g. no more than 300 messages or
-1MB per minute).</p>
+<p>
+Details are in the
+<a href="tunnel-alt-creation.html">tunnel creation specification</a>.
+</p>
-<h2>Tunnel length</h2>
+<h2>Tunnel pooling</h2>
+<p>
+Several tunnels for a particular purpose may be grouped into a "tunnel pool",
+as described in the
+<a href="tunnel-alt.html#tunnel.pooling">tunnel specification</a>.
+This provides redundancy and additional bandwidth.
+The pools used by the router itself are called "exploratory tunnels".
+The pools used by applications are called "client tunnels".
+</p>
+
+
+
+<h2 id="length">Tunnel length</h2>
<p>As mentioned above, each client requests that their router provide tunnels to
-include at least a certain number of hops (plus other criteria that aren't
-honored yet, such as bandwidth limits, etc). The decision as to how many routers
+include at least a certain number of hops.
+The decision as to how many routers
to have in one's outbound and inbound tunnels has an important effect upon the
latency, throughput, reliability, and anonymity provided by I2P - the more peers
that messages have to go through, the longer it takes to get there and the more
likely that one of those routers will fail prematurely. The less routers in a
tunnel, the easier it is for an adversary to mount traffic analysis attacks and
-pierce someone's anonymity.</p>
+pierce someone's anonymity.
+Tunnel lengths are specified by clients via
+<a href="i2cp.html#options">I2CP options</a>.
+The maximum number of hops in a tunnel is 7.
+</p>
+
<h3>0-hop tunnels</h3>
<p>With no remote routers in a tunnel, the user has very basic plausible
@@ -121,54 +162,94 @@ if the adversary ran a sufficient number of routers such that the single remote
router in the tunnel is often one of those compromised ones, they would be able
to mount the above statistical traffic analysis attack.</p>
-<h3>2-hop (or more) tunnels</h3>
+<h3>2-hop tunnels</h3>
<p>With two or more remote routers in a tunnel, the costs of mounting the traffic
-analysis attack increases, since all remote routers would have to be compromised
+analysis attack increases, since many remote routers would have to be compromised
to mount it.</p>
-<p>The router will by default use <b>2-hop tunnels</b>, at least in the main
-distribution. Prior to the 0.2.5 release, all tunnels were 1-hop by default.</p>
+<h3>3-hop (or more) tunnels</h3>
+To reduce the susceptibility to <a href="http://blog.torproject.org/blog/one-cell-enough">some attacks</a>,
+3 or more hops are recommended for the highest level of protection.
+<a href="http://blog.torproject.org/blog/one-cell-enough">recent studies</a>
+also conclude that more than 3 hops does not provide additional protection.
-<h2>Tunnel pooling</h2>
-<p>[explain tunnel pools, how we keep a free inbound pool, an outbound pool, and
-a client inbound pool, and how the pools are refreshed every minute or so, using
-the router's default settings]</p>
-<h2>Tunnel testing</h2>
+<h3>Tunnel default lengths</h3>
+<p>The router uses 2-hop tunnels by default for its exploratory tunnels.
+Client tunnel defaults are set by the application, using
+<a href="i2cp.html#options">I2CP options</a>.
+Most applications use 2 or 3 hops as their default.
+</p>
+
+
+
+<h2 id="testing">Tunnel testing</h2>
<p>All tunnels are periodically tested by their creator by sending a
-DeliveryStatusMessage out the tunnel and bound for another inbound tunnel
-(testing both tunnels at once). If either fails, both are marked as no longer
-functional, and if they were used for a client's inbound tunnel, a new leaseSet
-is created. Other techniques can be used to test tunnels later on, such as
-garlic wrapping a number of tests into cloves, testing individual tunnel
-participants separately (and using the tunnel configuration key to update the
-next hop to work around failures), etc, but that is not implemented at the
-moment.
+DeliveryStatusMessage out an outbound tunnel and bound for another inbound tunnel
+(testing both tunnels at once). If either fails a number of consecutive tests, it is marked as no longer
+functional. If it was used for a client's inbound tunnel, a new leaseSet
+is created.
+Tunnel test failures are also reflected in the
+<a href="how_peerselection.html#capacity">capacity rating in the peer profile</a>.
</p>
+
<h2>Tunnel creation</h2>
<p>Tunnel creation is handled by <a href="how_garlicrouting">garlic routing</a>
-a TunnelCreateMessage to a router, requesting that they participate in the
+a Tunnel Build Message to a router, requesting that they participate in the
tunnel (providing them with all of the appropriate information, as above, along
with a certificate, which right now is a 'null' cert, but will support hashcash
-or other non-free certificates when necessary). The message also includes a
-SourceRouteReplyBlock, which allows the router to encrypt their
-TunnelCreateStatusMessage into a SourceRouteReplyMessage, which is sent to
-another router (specified in the SourceRouteReplyBlock), who then decrypts the
-rest of the SourceRouteReplyBlock, reads out the delivery instructions contained
-therein, and forwards the TunnelCreateStatusMessage accordingly. (the delivery
-instructions can specify delivery to a specific router or can point at a tunnel)
+or other non-free certificates when necessary).
+That router forwards the message to the next hop in the tunnel.
+Details are in the
+<a href="tunnel-alt-creation.html">tunnel creation specification</a>.
+</p>
+
+
+<h2>Tunnel encryption</h2>
+<p>Multi-layer encryption is handled by <a href="how_garlicrouting">garlic encryption</a>
+of tunnel messages.
+Details are in the
+<a href="tunnel-alt.html">tunnel specification</a>.
+The IV of each hop is encrypted with a separate key as explained there.
</p>
-<h2>Issues/TODO</h2>
+
+<h2>Future Work</h2>
+<ul><li>
+Other tunnel test techniques could be used, such as
+garlic wrapping a number of tests into cloves, testing individual tunnel
+participants separately,
+etc.
+</li><li>
+Move to 3-hop exploratory tunnels defaults.
+</li><li>
+In a distant future release,
+options specifying the pooling, mixing, and chaff generation settings may be implemented.
+</li><li>
+In a distant future release,
+limits on the quantity and size of messages allowed during the
+tunnel's lifetime may be implemented (e.g. no more than 300 messages or
+1MB per minute).
+</li></ul>
+
+
+<h2>See Also</h2>
<ul>
- <li>We will assign unique tunnel IDs for each router in the tunnel, rather
- than having a single ID across the whole tunnel. this would make traffic
- analysis even harder</li>
- <li>Get rid of the sourceRouteBlock stuff</li>
- <li>Should inbound tunnels that will be used by clients ever be used for
- general messages (network database, etc), rather than being free for use until
- its allocated?</li>
- <li>I2P 3.0 tunnel mixing / pooling details</li>
- <li>Tunnel throttling details</li>
-</ul>{% endblock %}
+<li>
+<a href="tunnel-alt.html">tunnel specification</a>
+</li><li>
+<a href="tunnel-alt-creation.html">tunnel creation specification</a>
+</li><li>
+<a href="unidirectional-tunnels.html">Unidirectional Tunnels</a>
+</li><li>
+<a href="tunnel_message_spec.html">tunnel message specification</a>
+</li><li>
+<a href="how_garlicrouting.html">garlic routing</a>
+</li><li>
+<a href="how_elgamalaes.html">ElGamal/AES+SessionTag</a>
+</li><li>
+<a href="i2cp.html#options">I2CP options</a>
+</li>
+</ul>
+{% endblock %}
diff --git a/www.i2p2/pages/howto.html b/www.i2p2/pages/howto.html
deleted file mode 100644
index 71a51bb2430482013cd040fed5fcdf82a290e966..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/howto.html
+++ /dev/null
@@ -1,8 +0,0 @@
-{% extends "_layout.html" %}
-{% block title %}Howto{% endblock %}
-{% block content %}
-<h1>I2P Howto Documents</h1>
-<ul class="helplist">
-<li><a href="howto_blojsom">Installing blojsom for an eepsite</a></li>
-<li><a href="http://forum.i2p2.de/viewtopic.php?t=194#578">Run eepsite(s) with Apache</a></li>
-</ul>{% endblock %}
diff --git a/www.i2p2/pages/howto_blojsom.html b/www.i2p2/pages/howto_blojsom.html
deleted file mode 100644
index f8c6657699b44896cb9e74070c1ae7a60fb057d0..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/howto_blojsom.html
+++ /dev/null
@@ -1,46 +0,0 @@
-{% extends "_layout.html" %}
-{% block title %}Howto Blojsom{% endblock %}
-{% block content %}<p>Instructions for installing
-<a href="http://wiki.blojsom.com/wiki/display/blojsom/About+blojsom">blojsom</a>
-in the default eepsite container:</p>
-
-<ol>
-<li>download <a href="http://prdownloads.sourceforge.net/blojsom/blojsom.war?download">blojsom.war</a>
-and save to eepsite/webapps/</li>
-<li>extract the war:<ul>
- <li>cd eepsite/webapps</li>
- <li>mkdir blojsom</li>
- <li>mv blojsom.war blojsom</li>
- <li>cd blojsom</li>
- <li>jar xvf blojsom.war<br />
- <i>(if this gives you a "Command not found", try running
- "C:\j2sdk1.4.2\bin\jar xvf blojsom.war", or whatever the path to your JDK install is)</i></li>
- </ul></li>
-<li>edit the base config: WEB-INF/default/blog.properties<br />
- <code>blog-base-url=/blojsom/</code><br />
- <code>blog-url=/blojsom/blog/default/</code></li>
-<li>password protect the admin page: edit WEB-INF/default/authorization.properties<br /><code>
- jrandom=someSecretValue</code></li>
-<li>edit WEB-INF/classes/log4j.properties<br />
- replace <code>log4j.rootLogger=DEBUG, stdout</code>
- with <code>log4j.rootLogger=ERROR, stdout</code></li>
-<li>restart the router</li>
-<li>go to <a href="http://localhost:7658/blojsom/blog/?flavor=admin">http://localhost:7658/blojsom/blog/?flavor=admin</a> (use the username and password specified before)</li>
-<li>click on "Weblog settings" and update accordingly. be sure to set trackbacks enabled? = false</li>
-<li>click on "Entries" and make a post</li>
-<li>open up a new window pointing to
- <a href="http://localhost:7658/blojsom/blog/">http://localhost:7658/blojsom/blog/</a>
- and see your blog entry</li>
-<li>set your browser to use the eepproxy</li>
-<li>go to <a href="http://localhost:7657/i2ptunnel/">http://localhost:7657/i2ptunnel/</a> and click
- on the "view" link for your eepsite (it loads the html from
- <code>./eepsite/docroot/index.html</code>)</li>
-<li>edit the URL to point at /blojsom/blog/ and you'll see your blog. (perhaps update that
- eepsite/docroot/index.html to redirect to your blog?)</li>
-</ol>
-
-<h3>Notes: </h3><ul>
-<li> blog entries will be stored under ~/blojsom-blogs/default/</li>
-<li> like all eepsites, comments are dangerous, as they may include raw html. </li>
-</ul>
-{% endblock %}
\ No newline at end of file
diff --git a/www.i2p2/pages/howto_blojsom_de.html b/www.i2p2/pages/howto_blojsom_de.html
deleted file mode 100644
index 91618dedabbeb2c012d9ca7afcab111b0ef1709d..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/howto_blojsom_de.html
+++ /dev/null
@@ -1,46 +0,0 @@
-{% extends "_layout_de.html" %}
-{% block title %}Howto Blojsom{% endblock %}
-{% block content %}<p>Hinweise zum Installieren von
-<a href="http://wiki.blojsom.com/wiki/display/blojsom/About+blojsom">blojsom</a>
-in die Standard Eepsite Webseite:</p>
-
-<ol>
-<li>Downloade <a href="http://prdownloads.sourceforge.net/blojsom/blojsom.war?download">blojsom.war</a>
-und speichere es im eepsite/webapps/ Verzeichnis</li>
-<li>extrahiere das war:<ul>
- <li>cd eepsite/webapps</li>
- <li>mkdir blojsom</li>
- <li>mv blojsom.war blojsom</li>
- <li>cd blojsom</li>
- <li>jar xvf blojsom.war<br />
- <i>(Falls dieses ein "Command not found" ausgibt, versuche
- "C:\j2sdk1.4.2\bin\jar xvf blojsom.war", oder in welchem Pfad deine JDK Installation liegt)</i></li>
- </ul></li>
-<li>editiere die standard Konfiguration: WEB-INF/default/blog.properties<br />
- <code>blog-base-url=/blojsom/</code><br />
- <code>blog-url=/blojsom/blog/default/</code></li>
-<li>Sichere die Admin Seite mit einem Passwort: edit WEB-INF/default/authorization.properties<br /><code>
- jrandom=someSecretValue</code></li>
-<li>edit WEB-INF/classes/log4j.properties<br />
- ersetze <code>log4j.rootLogger=DEBUG, stdout</code>
- mit <code>log4j.rootLogger=ERROR, stdout</code></li>
-<li>stoppe und starte den Router neu</li>
-<li>Gehe zu <a href="http://localhost:7658/blojsom/blog/?flavor=admin">http://localhost:7658/blojsom/blog/?flavor=admin</a> (benutze den eben angegebenen Nutzer und Passwort)</li>
-<li>klicke auf "Weblog settings" und aktualisiere danach. Versichere dich, trackbacks enabled? = false zu setzen</li>
-<li>klicke auf "Entries" und mache eine Eintragung</li>
-<li>Öffne ein neues Fenster mit der Adresse
- <a href="http://localhost:7658/blojsom/blog/">http://localhost:7658/blojsom/blog/</a>
- and sehe deinen Blogeintrag</li>
-<li>setze in deinem Browser den Eepproxy als Proxy</li>
-<li>gehe zu <a href="http://localhost:7657/i2ptunnel/">http://localhost:7657/i2ptunnel/</a> und klicke
- auf den "view" Verweis zu deiner Eepsite (es lädt den html Quelltext von dem Ort
- <code>./eepsite/docroot/index.html</code>)</li>
-<li>ändere die URL um auf /blojsom/blog/ zu weisen und du siehst deinen blog. (Vielleicht äderst
- du die eepsite/docroot/index.html Datei um direkt auf deinen Blog zu verlinken?)</li>
-</ol>
-
-<h3>Hinweise: </h3><ul>
-<li> Blogeinträge werden unter ~/blojsom-blogs/default/ gespeichert</li>
-<li> wie in allen Eepsites, sind Kommentare gefährlich, da sie html Quelltext enthalten können. </li>
-</ul>
-{% endblock %}
\ No newline at end of file
diff --git a/www.i2p2/pages/howto_de.html b/www.i2p2/pages/howto_de.html
deleted file mode 100644
index ba70054b7b5bab973e243d5687baba2228069697..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/howto_de.html
+++ /dev/null
@@ -1,8 +0,0 @@
-{% extends "_layout_de.html" %}
-{% block title %}Howto{% endblock %}
-{% block content %}
-<h1>I2P Howto Documents</h1>
-<ul class="helplist">
-<li><a href="howto_blojsom">Installieren von blojsom für eine eepsite</a></li>
-<li><a href="http://forum.i2p2.de/viewtopic.php?t=194#578">Betrieb von eepsite(s) mit dem Apache</a></li>
-</ul>{% endblock %}
diff --git a/www.i2p2/pages/htproxyports.html b/www.i2p2/pages/htproxyports.html
new file mode 100644
index 0000000000000000000000000000000000000000..790b951223a2306b0bebf4ca046a2d0eb05f479c
--- /dev/null
+++ b/www.i2p2/pages/htproxyports.html
@@ -0,0 +1,93 @@
+{% extends "_layout.html" %}
+{% block title %}Web Browser Configuration{% endblock %}
+{% block content %}
+
+<p>Your web browser will need to be configured in order to browse eepsites and to
+utilize the outproxies available within I2P. Below are walkthroughs for some of
+the most popular browsers.
+</p>
+
+<h2>How to configure your browser</h2>
+
+<ul>
+ <li><a href="#firefox">Firefox</a></li>
+ <li><a href="#konqueror">Konqueror</a></li>
+ <li><a href="#ie8">Internet Explorer 8</a></li>
+ <li><a href="#TOS">Outproxy Terms Of Service</a></li>
+</ul>
+
+
+<a name="firefox"></a>
+<h3>Firefox</h3>
+<p>
+From the Tools menu, select Options to bring up the Firefox settings panel.
+Click the icon labelled <em>Advanced</em>, then click on the <em>Network</em>
+tab. In the <em>Connections</em> section, click on the Settings button. You'll
+see a Window like the following:</p>
+<img src="_static/images/firefox.options.jpg" alt="" title="FFOptions">
+<p>
+In the <em>Connection Settings</em> window, click the circle next to <em>Manual
+ proxy configuration</em>, then enter 127.0.0.1, port 4444 in the HTTP Proxy
+field. Enter 127.0.0.1, port 4445 in the SSL Proxy field.
+Be sure to enter localhost and 127.0.0.1 into the "No Proxy for" box.</p>
+<img src="_static/images/firefox.proxyports.jpg" alt="" title="FFPPorts">
+<br>
+
+<a name="konqueror"></a>
+<h3>Konqueror</h3>
+<p>
+From the <em>Settings</em> menu, select <em>Configure Konqueror</em>. In the
+Web Browsing group on the left side, select Proxy Services.
+In this new window, select the option "Manually specify the proxy settings" and
+click the <em>Setup</em> box.</p>
+<img src="_static/images/konqueror.options.jpg" alt="" title="KOptions">
+<p>
+Enter 127.0.0.1 and port 4444 into the HTTP box. Enter 127.0.0.1 and port 4445 into
+HTTPS box. Click the <em>New</em> button in the Exceptions section. Enter
+localhost and click OK. Click the <em>New</em> button once more and enter
+127.0.0.1 and OK. Hit OK once more to close the configuration window.</p>
+<img src="_static/images/konqueror.proxyports.jpg" alt="" title="KPPorts">
+<br>
+
+<a name="ie8"></a>
+<h3>Internet Explorer 8</h3>
+<p>
+In the tools menu select the "Internet Options" line to open the settings. In the
+settings window choose the connections tab and click on LAN settings for the
+proxy port configuration.</p>
+<img src="_static/images/ie.options.jpg" alt="IEOptions" title="IEOptions">
+<p>
+Now set the checkmark at "use a proxy server for your LAN" and at the "Bypass
+proxy server for local addresses". With a click on Advanced-button you open the
+window to open the ports. Enter the values like on the picture, IP 127.0.0.1
+and port 4444 for HTTP, port 4445 for HTTPS. With clicks on OK you save the
+settings and your browser is set to use the I2P proxy.</p>
+<img src="_static/images/ie.proxyports.jpg" alt="IEPPorts" title="PPorts">
+
+<a name="TOS"></a>
+<h3>Outproxy Terms Of Service</h3>
+<p>
+Remember: I2P was not designed for creating proxies to the outer Internet.
+Instead, it is meant to be used as an internal network.
+</p>
+<p>
+<b>The I2P project itself does not run any proxies to the Internet. Any such proxy
+ services are run by by private volunteers and could be shut down or
+ unreachable at anytime.</b></p>
+<p>
+By default, I2P comes with two outproxies configured: <code>false.i2p</code>
+(an HTTP-only proxy) and <code>outproxyng.h2ik.i2p</code> (an HTTPS proxy
+routed through Tor.</p>
+<p>Both of these outproxies are configured with connection limits. This means
+that only set amount of accesses are allowed per client. Once the limit is
+reached, the client is blocked out for a timeframe of 1min/1h/1 day. Be
+respectful and do not overload these services with too many requests!</p>
+<p>Filtering is active on these outproxies (for example, mibbit and torrent
+tracker access is blocked). Note that even though the pirate bay is blocked
+they host an official eepsite at <a href="http://tbp.i2p">tpb.i2p</a>. Eepsites
+that are accessible via .i2p addresses are also not allowed via the outproxies.
+As a convenience, <code>False.i2p</code> blocks ad servers.</p>
+<p><a href="https://www.torproject.org">Tor</a> is good application to use as an
+outproxy to the Internet.</p>
+<!-- vim: set noai ff=unix nosi ft=html tw=79 et sw=4 ts=4 spell spelllang=en: -->
+{% endblock %}
diff --git a/www.i2p2/pages/htproxyports_fr.html b/www.i2p2/pages/htproxyports_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..d31a7f16d0f84ec8afd7e5ab119934710224f6d5
--- /dev/null
+++ b/www.i2p2/pages/htproxyports_fr.html
@@ -0,0 +1,73 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Comment mandater les ports{% endblock %}
+{% block content %}
+
+<h2>Comment configurer votre navigateur</h2>
+<p>Pour visiter les sites eep (<i>URL en <u>http://[serveur.][sous.]domaine<b>.i2p/</b>[chemin]/[page]</u></i>)
+ et utiliser le serveur mandataire sortant, il vous faut configurer votre navigateur pour qu'il passe par le
+proxy I2P. Voici comment faire ce réglage pour différents navigateurs.</p>
+Les illustrations ci-dessous supposent que le routeur I2P est installé sur le PC pour lequel vous effectuez ces réglages
+de mandataire pour le navigateur. Dans une installation domestique (LAN), il ne devrait y avoir qu'un seul routeur actif
+en même temps. Si vous avez un PC auquel vous voulez confier cette tâche de façon régulière (p.e. un PC de bureau), les
+réglages ci-dessous valent donc pour lui.<br />
+Dans les autre PC de la maison (LAN) qui doivent accéder au réseau I2P via la machine routeur I2P, il faudra remplacer
+l'adresse <i>127.0.0.1</i> des champs HTTP et HTTPS des illustrations par l'adresse IP LAN de la machine routeur I2P
+(arrangez-vous pour que celle-ci ait une IP stable, soit statique soit par une réservation DHCP... et qu'elle soit
+allumée avec le routeur lancé quand vous en aurez besoin). Pour les ports, vous pouvez créer dans la console I2P deux
+nouveaux <a href="http://127.0.0.1:7657/i2ptunnel/">tunnels clients</a>, par exemple sur les port <i>4446</i> et
+<i>4447</i> (pour HTTP et HTTPS) en recopiant les paramètres des deux tunnels "I2P HTTP Proxy"(type HTTP) et "I2P HTTPS
+Proxy" (type CONNECT/[SSL/HTTPS]), accessibles("Reachable by(R):") sur l'IP LAN et "Autostart", et indiquer ces nouveaux
+ports en lieu et place des <i>4444</i>/<i>4445</i> des illustrations dans les PC "clients".<br />
+Toujours dans les autres PC, il faudra ajouter l'IP du routeur I2P dans la liste de adresses dispensées de proxy (en
+plus des <i>localhost</i> et <i>127.0.0.1</i> locales déjà illustrées) si vous voulez accéder à la console ou à d'autres
+services HTTP[S] sur la machine routeur I2P "distante".<br />
+Si le routeur I2P est protégé par un pare-feu logiciel même pour les accès LAN, il faudra faire les réglages nécessaires.
+
+<h3>Firefox</h2>
+<p>
+Via le menu [Alt]<u>O</u>utils/<u>O</u>ptions(Windows) ou Éditio<u>n</u>/Pré<u>f</u>érences(Linux), affichez la boîte
+de dialogue des options de Firefox. Cliquez sur l'icône "Avancé", sur l'onglet "Réseau" puis sur le bouton
+"<u>P</u>aramètres..." du cadre "Connexion".</p>
+<img src="_static/images/firefox.options_fr.png" alt="OptionsFF" title="OptionsFF">
+<p>
+Pour un réglage correct, choisissez le bouton radio "Configuration <u>m</u>anuelle du proxy:"<br />
+Dans le champ "Proxy <u>H</u>TTP:" saisissez <i>127.0.0.1</i> puis <i>4444</i> dans le champ "<u>P</u>ort:" de droite.
+<br />
+Dans le champ "Proxy <u>S</u>SL:" saisissez <i>127.0.0.1</i> puis <i>4445</i> dans le champ "P<u>o</u>rt:" de droite.
+<br />
+Comme les autres protocoles ne sont pas pris en charge par I2P, laissez vides les champs correspondants.<br />
+Saisissez <i>localhost, 127.0.0.1</i> dans le champ "Pas de pro<u>x</u>y pour:".<br />
+Validez par OK/OK (Windows), ou OK/Fermer(Linux). C'est fini.
+</p>
+<img src="_static/images/firefox.proxyports_fr.png" alt="PPortsFF" title="PPortsFF">
+<br />
+
+<h3>Konqueror</h3>
+<p>
+Ouvrez les réglages et options de Konqueror depuis le menu. Choisissez "Navigation" (ou "Avancé" suivant votre version)
+puis "Proxy".<br />
+Choisissez le bouton "Sélection manuelle" puis cliquez sur "Paramètres".</p>
+<img src="_static/images/konqueror.options_fr.jpg" alt="OptionsK" title="OptionsK">
+<p>
+Saisissez <i>127.0.0.1</i> dans le champ "H<u>T</u>TP" et <i>4444</i> pour le port, <br />
+Saisissez <i>127.0.0.1</i> dans le champ "HTTP<u>S</u>" et <i>4445</i> pour le port.<br />
+Laissez le champ <u>FTP</u> (non supporté dans I2P). Dans le cadre "E<u>x</u>ceptions" ajoutez
+<i>127.0.0.1</i> et <i>localhost</i>.
+Validez sur "OK" et c'est prêt.</p>
+<img src="_static/images/konqueror.proxyports_fr.jpg" alt="PPortsK" title="PPortsK">
+<br>
+
+<h3>IE8</h3>
+<p>
+Par le menu [Alt]"<u>O</u>utils"/"Options <u>I</u>nternet", accédez à l'onglet "Connexions".</p>
+<img src="_static/images/ie.options_fr.png" alt="OptionsIE" title="OptionsIE">
+<p>
+Cliquez sur le bouton "Paramè<u>t</u>res réseau". Dans la boîte de dialogue "Paramètres du réseau local", cochez les
+cases "Utiliser un serveur prox<u>y</u> pour..." et "Ne pas utiliser de serveur proxy pour les adresses <u>l</u>ocales",
+puis cliquez sur le bouton "Ava<u>n</u>cé". Dans la boîte de dialogue "Paramètres du proxy", saisissez
+<i>127.0.0.1</i> dans les champs "<u>H</u>TTP:" et "<u>S</u>écurisé:", puis <i>4444</i> et <i>4445</i> respectivement
+dans les champs "Port" correspondants. Laissez "<u>F</u>TP:" et "So<u>c</u>ks:" vides (non supportés par I2P). Validez
+avec OK/OK/OK. </p>
+<img src="_static/images/ie.proxyports_fr.png" alt="PPortsIE" title="PPortsIE">
+
+{% endblock %}
diff --git a/www.i2p2/pages/i2cp.html b/www.i2p2/pages/i2cp.html
index cec2622d6f2be43ec57558ed0c3cb192094c4b59..f3881309d1451a9f854df0ad9a0cb62731329009 100644
--- a/www.i2p2/pages/i2cp.html
+++ b/www.i2p2/pages/i2cp.html
@@ -1,6 +1,8 @@
{% extends "_layout.html" %}
{% block title %}I2CP{% endblock %}
{% block content %}
+Updated September 2012, current as of router version 0.9.2
+
<p>The I2P Client Protocol (I2CP) exposes a strong separation of concerns between
the router and any client that wishes to communicate over the network. It enables
secure and asynchronous messaging by sending and receiving messages over a
@@ -8,24 +10,29 @@ single TCP socket, yet never exposing any private keys and authenticating itself
to the router only through signatures. With I2CP, a client application tells the
router who they are (their "destination"), what anonymity, reliability, and
latency tradeoffs to make, and where to send messages. In turn the router uses
-I2CP to tell the client when any messages have arrived, to request authorization
-for some tunnels to be used, and, if necessary, to notify the client that the
-router is under attack and unable to operate safely.</p>
-
-<p>As the I2CP requires all client libraries to provide an implementation of the
-end to end encryption (including <a href="how_elgamalaes">ElGamal/AES+SessionTag</a>),
-the protocol itself isn't likely to be adopted for normal client applications
-(except for those implemented in Java that can use the existing I2P
-<a href="package-client.html">Client SDK</a>).
+I2CP to tell the client when any messages have arrived, and to request authorization
+for some tunnels to be used.
+</p>
+
+<p>
+The protocol itself has only been implemented in Java, to provide the
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/package-summary.html">Client SDK</a>.
This SDK is exposed in the i2p.jar package, which implements the client-side of I2CP.
Clients should never need to access the router.jar package, which contains the
router itself and the router-side of I2CP.
</p>
+<p>
+While implementing the client side of I2CP in a non-Java language is certainly feasible,
+a non-Java client would also have to implement the
+<a href="streaming.html">streaming library</a> for TCP-style connections.
+Together, implementing I2CP and the streaming library would be a sizable task.
+</p>
+
<p>
Applications can take advantage of the base I2CP plus the
<a href="ministreaming">streaming</a> and <a href="datagrams">datagram</a> libraries
-by using the <a href="sam">Simple Anonymous Messaging</a> or BOB protocols,
+by using the <a href="sam">Simple Anonymous Messaging</a> or <a href="bob.html">BOB</a> protocols,
which do not require clients to deal with any sort of cryptography.
Also, clients may access the network by one of several proxies -
HTTP, CONNECT, and SOCKS 4/4a/5.
@@ -33,140 +40,50 @@ Alternatively, Java clients may access those libraries in ministreaming.jar and
So there are several options for both Java and non-Java applications.
</p>
-<p>I2CP end-to-end encryption was disabled in I2P release 0.6,
-leaving in place the end-to-end garlic encryption.
-However, client libraries must still implement public/private key signing
-for leasesets, and key management.
+<p>Client-side end-to-end encryption (encrypting the data over the I2CP connection)
+was disabled in I2P release 0.6,
+leaving in place the <a href="how_elgamalaes.html">ElGamal/AES end-to-end encryption</a>
+which is implemented in the router.
+The only cryptography that client libraries must still implement is
+<a href="how_cryptography.html#DSA">DSA public/private key signing</a>
+for <a href="i2cp_spec.html#msg_CreateLeaseSet">LeaseSets</a> and <a href="i2cp_spec.html#type_SessionConfig">Session Configurations</a>, and management of those keys.
</p>
-<p>While the I2CP has been quite stable since its inception in
-August of 2003, there have been several messages added.
-Here is the
-<a href="/_static/pdf/I2CP_spec.pdf">I2CP Protocol Specification Version 0.9</a>
-(PDF) dated August 28, 2003.
-That document also references the
-<a href="/_static/pdf/datastructures.pdf">Common Data Structures Specification Version 0.9</a>.
-There have been several changes to the protocol since that time,
-and many of the messages in those documents were never implemented.
-</p>
-
-<p>In a standard I2P installation, port 7654 is used by java clients to communicate
+<p>In a standard I2P installation, port 7654 is used by external java clients to communicate
with the local router via I2CP.
By default, the router binds to address 127.0.0.1. To bind to 0.0.0.0, set the
router advanced configuration option <tt>i2cp.tcp.bindAllInterfaces=true</tt> and restart.
+Clients in the same JVM as the router pass messages directly to the router
+through an internal JVM interface.
</p>
-<h2>I2CP Definition</h2>
-<p>
-<i>Note</i> - The following information is extracted from the current code base,
-however it may be incomplete and/or inaccurate. Check the code to be sure.
-Rather than completely document the messages here, we refer you to the
-old protocol and data specifications linked above, together with the actual code.
-<p>
-R->C is Router to Client;
-C->R is Client to Router
+<h2>I2CP Protocol Specification</h2>
<p>
-<table border=1>
-<tr><th>Message<th>Direction<th>Type
-<tr><td>
-BandwidthLimitsMessage <i>(new in release 0.7.2)</i>
-<td align="center">R->C
-<td align=right>23
-<tr><td>
-CreateLeaseSetMessage
-<td align="center">C->R
-<td align=right>4
-<tr><td>
-CreateSessionMessage
-<td align="center">C->R
-<td align=right>1
-<tr><td>
-DestLookupMessage <i>(new in release 0.7)</i>
-<td align="center">C->R
-<td align=right>34
-<tr><td>
-DestReplyMessage <i>(new in release 0.7)</i>
-<td align="center">R->C
-<td align=right>35
-<tr><td>
-DestroySessionMessage
-<td align="center">C->R
-<td align=right>3
-<tr><td>
-DisconnectMessage
-<td align="center">R->C
-<td align=right>30
-<tr><td>
-GetBandwidthLimitsMessage <i>(new in release 0.7.2)</i>
-<td align="center">C->R
-<td align=right>8
-<tr><td>
-GetDateMessage
-<td align="center">C->R
-<td align=right>32
-<tr><td>
-MessagePayloadMessage
-<td align="center">R->C
-<td align=right>31
-<tr><td>
-MessageStatusMessage
-<td align="center">R->C
-<td align=right>22
-<tr><td>
-ReceiveMessageBeginMessage
-<td align="center">R->C
-<td align=right>6
-<tr><td>
-ReceiveMessageEndMessage
-<td align="center">C->R
-<td align=right>7
-<tr><td>
-ReconfigureSessionMessage <i>(new in release 0.7.1)</i>
-<td align="center">C->R
-<td align=right>2
-<tr><td>
-ReportAbuseMessage
-<td align="center">R->C
-<td align=right>29
-<tr><td>
-RequestLeaseSetMessage
-<td align="center">R->C
-<td align=right>21
-<tr><td>
-SendMessageExpiresMessage <i>(new in release 0.7.1)</i>
-<td align="center">C->R
-<td align=right>36
-<tr><td>
-SendMessageMessage
-<td align="center">C->R
-<td align=right>5
-<tr><td>
-SessionStatusMessage
-<td align="center">R->C
-<td align=right>20
-<tr><td>
-SetDateMessage
-<td align="center">R->C
-<td align=right>33
-</table>
+Now on the
+<a href="i2cp_spec.html">I2CP Specification page</a>.
+</p>
+
<h2>I2CP Initialization</h2>
<p>
When a client connects to the router, it first sends a single protocol version byte (0x2A).
-Then it sends a GetDateMessage and waits for the SetDateMessage response.
-Next, it sends a CreateSessionMessage containing the session configuration.
-It next awaits a RequestLeaseSetMessage from the router, indicating that inbound tunnels
+Then it sends a <a href="i2cp_spec.html#msg_GetDate">GetDate Message</a> and waits for the <a href="i2cp_spec.html#msg_GetDate">SetDate Message</a> response.
+Next, it sends a <a href="i2cp_spec.html#msg_GetDate">CreateSession Message</a> containing the session configuration.
+It next awaits a <a href="i2cp_spec.html#msg_GetDate">RequestLeaseSet Message</a> from the router, indicating that inbound tunnels
have been built, and responds with a CreateLeaseSetMessage containing the signed LeaseSet.
The client may now initiate or receive connections from other I2P destinations.
-<h2>I2CP Options</h2>
+<h2 id="options">I2CP Options</h2>
<p>
The following options are traditionally passed to the router via
-a SessionConfig contained in a CreateSessionMessage or a ReconfigureSessionMessage.
+a <a href="i2cp_spec.html#type_SessionConfig">SessionConfig</a> contained in a <a href="i2cp_spec.html#msg_CreateSession">CreateSession Message</a> or a <a href="i2cp_spec.html#msg_ReconfigureSession">ReconfigureSession Message</a>.
<p>
<table border=1>
+<tr><th colspan="5">Router-side Options</th></tr>
<tr><th>Option <th>Recommended Arguments <th>Allowable Range<th>Default<th>Description
-<tr><td>inbound.quantity <td>number from 1 to 3 <td>1 to 6<td>2<td>Number of tunnels in
+<tr><td>inbound.quantity <td>number from 1 to 3 <td>1 to 16<td>2<td>Number of tunnels in.
+ Limit was increased from 6 to 16 in release 0.9; however, numbers higher than 6 are not
+ currently recommended, as this is untested and is incompatible with older releases.
<tr><td>outbound.quantity <td>number from 1 to 3 <td>No limit<td>2<td>Number of tunnels out
<tr><td>inbound.length <td>number from 0 to 3 <td>0 to 7<td>2<td>Length of tunnels in
<tr><td>outbound.length <td>number from 0 to 3 <td>0 to 7<td>2<td>Length of tunnels out
@@ -193,7 +110,43 @@ a SessionConfig contained in a CreateSessionMessage or a ReconfigureSessionMessa
two routers should not be in the same tunnel. 0 to disable.
<tr><td>i2cp.dontPublishLeaseSet <td>true, false<td> <td>false<td>Should generally be set to true for clients
and false for servers
-<tr><td>i2cp.messageReliability <td> <td>BestEffort, Guaranteed<td>BestEffort<td>Guaranteed is disabled
+<tr><td>i2cp.messageReliability <td> <td>BestEffort, Guaranteed, None<td>BestEffort<td>Guaranteed is disabled;
+ None implemented in 0.8.1; the streaming lib default is None as of 0.8.1
+<tr><td>explicitPeers<td> <td> <td>null<td>Comma-separated list of Base 64 Hashes of peers to build tunnels through; for debugging only
+<tr><td>i2cp.username<td>string<td> <td> <td>For authorization, if required by the router (since 0.8.2).
+ If the client is running in the same JVM as a router, this option is not required.
+<tr><td>i2cp.password<td>string<td> <td> <td>For authorization, if required by the router (since 0.8.2).
+ If the client is running in the same JVM as a router, this option is not required.
+<tr><td>crypto.tagsToSend<td> <td>1-128<td>40<td>Number of ElGamal/AES Session Tags to send at a time (since 0.9.2).
+ For clients with relatively low bandwidth per-client-pair (IRC, some UDP apps), this may be set lower.
+<tr><td>crypto.lowTagThreshold<td> <td>1-128<td>30<td>Minimum number of ElGamal/AES Session Tags before we send more (since 0.9.2).
+ Recommended: approximately tagsToSend * 2/3
+<tr><td>shouldBundleReplyInfo<td>true, false<td> <td>true<td>Set to false to disable ever bundling a reply LeaseSet (since 0.9.2).
+ For clients that do not publish their LeaseSet, this option must be true
+ for any reply to be possible. "true" is also recommended for multihomed servers
+ with long connection times.
+
+ <p> Setting to "false" may save significant outbound bandwidth, especially if
+ the client is configured with a large number of inbound tunnels (Leases).
+ If replies are still required, this may shift the bandwidth burden to
+ the far-end client and the floodfill.
+ There are several cases where "false" may be appropriate:
+ <ul><li>
+ Unidirectional communication, no reply required
+ <li>
+ LeaseSet is published and higher reply latency is acceptable
+ <li>
+ LeaseSet is published, client is a "server", all connections are inbound
+ so the connecting far-end destination obviously has the leaseset already.
+ Connections are either short, or it is acceptable for latency on a long-lived
+ connection to temporarily increase while the other end re-fetches the LeaseSet
+ after expiration.
+ HTTP servers may fit these requirements.
+ </li></ul>
+<tr><td>inbound.*<td> <td> <td> <td>Any other options prefixed with "inbound." are stored
+ in the "unknown options" properties of the inbound tunnel pool's settings.
+<tr><td>outbound.*<td> <td> <td> <td>Any other options prefixed with "outbound." are stored
+ in the "unknown options" properties of the outbound tunnel pool's settings.
</table>
<p>
Note: Large quantity, length, or variance settings may cause significant performance or reliability problems.
@@ -208,9 +161,14 @@ and will be interpreted if passed to the I2PSession via the I2PClient.createSess
The streaming lib should also pass these options through to I2CP.
<p>
<table border=1>
+<tr><th colspan="6">Client-side Options</th></tr>
<tr><th>Option <th>As Of Release<th>Recommended Arguments <th>Allowable Range<th>Default<th>Description
-<tr><td>i2cp.tcp.host <td> <td> <td> <td>localhost<td>Router hostname
-<tr><td>i2cp.tcp.port <td> <td> <td>1-65535<td>7654<td>Router I2CP port
+<tr><td>i2cp.tcp.host <td> <td> <td> <td>127.0.0.1<td>Router hostname.
+ If the client is running in the same JVM as a router, this option is ignored, and the client connects to that router internally.
+<tr><td>i2cp.tcp.port <td> <td> <td>1-65535<td>7654<td>Router I2CP port.
+ If the client is running in the same JVM as a router, this option is ignored, and the client connects to that router internally.
+<tr><td>i2cp.SSL<td>0.8.3<td>true, false<td> <td>false<td>Connect to the router using SSL.
+ If the client is running in the same JVM as a router, this option is ignored, and the client connects to that router internally.
<tr><td>i2cp.gzip<td>0.6.5<td>true, false <td> <td>true<td>Gzip outbound data
<tr><td>i2cp.reduceOnIdle<td>0.7.1<td>true, false <td> <td>false<td>Reduce tunnel quantity when idle
<tr><td>i2cp.closeOnIdle<td>0.7.1<td>true, false <td> <td>false<td>Close I2P session when idle
@@ -225,10 +183,13 @@ Note: All arguments, including numbers, are strings. True/false values are case-
Anything other than case-insensitive "true" is interpreted as false.
All option names are case-sensitive.
-<h2>I2CP Data Format and Multiplexing</h2>
+<h2 id="format">I2CP Payload Data Format and Multiplexing</h2>
<p>
-The end-to-end messages handled by I2CP (i.e. the data sent by the client in a SendMessageMessage and
-received by the client in a MessagePayloadMessage) is gzipped with a standard 10-byte gzip
+The end-to-end messages handled by I2CP (i.e. the data sent by the client in a
+<a href="i2cp_spec.html#msg_SendMessage">SendMessageMessage</a>
+and received by the client in a
+<a href="i2cp_spec.html#msg_MessagePayload">MessagePayloadMessage</a>)
+are gzipped with a standard 10-byte gzip
header beginning with 0x1F 0x8B 0x08 as
specified by <a href="http://www.ietf.org/rfc/rfc1952.txt">RFC 1952</a>.
As of release 0.7.1, I2P uses ignored portions of the gzip header to include
@@ -246,8 +207,34 @@ turns the gzip effort setting to 0, which may save a little CPU.
<tr><td>4-5<td>I2P Source port (Gzip mtime)
<tr><td>6-7<td>I2P Destination port (Gzip mtime)
<tr><td>8<td>Gzip xflags
-<tr><td>9<td>I2P Protocol (6 = Streaming, 17 = Datagram) (Gzip OS)
+<tr><td>9<td>I2P Protocol (6 = Streaming, 17 = Datagram, 18 = Raw Datagrams) (Gzip OS)
</table>
+<p>
+Data integrity is verified with the standard gzip CRC-32 as
+specified by <a href="http://www.ietf.org/rfc/rfc1952.txt">RFC 1952</a>.
+</p>
+
+
+<h2 id="future">Future Work</h2>
+<ul><li>
+Implement I2CP and the streaming library in another programming language.
+</li><li>
+Is the initial Get Date / Set Date handshake required?
+</li><li>
+The current authorization mechanism could be modified to use hashed passwords.
+</li><li>
+Private Keys are included in the Create Lease Set message,
+are they really required? Revocation is unimplemented.
+</li><li>
+Some improvements may be able to use messages previously defined but not implemented.
+For reference, here is the
+<a href="/_static/pdf/I2CP_spec.pdf">I2CP Protocol Specification Version 0.9</a>
+(PDF) dated August 28, 2003.
+That document also references the
+<a href="/_static/pdf/datastructures.pdf">Common Data Structures Specification Version 0.9</a>.
+</li></ul>
+
+
{% endblock %}
diff --git a/www.i2p2/pages/i2cp_spec.html b/www.i2p2/pages/i2cp_spec.html
new file mode 100644
index 0000000000000000000000000000000000000000..312bafd7ca3cde180c996037b91fbf730ae4376a
--- /dev/null
+++ b/www.i2p2/pages/i2cp_spec.html
@@ -0,0 +1,968 @@
+{% extends "_layout.html" %}
+{% block title %}I2CP Specification{% endblock %}
+{% block content %}
+Updated September 2012, current as of router version 0.9.2
+<h1>I2P Control Protocol (I2CP) Specification</h1>
+<h2>Overview</h2>
+<p>
+This page specified the I2P Control Protocol (I2CP),
+which is the interface between clients and the router.
+Java clients will use the I2CP client API, which implements this protocol.
+Non-Java clients will most likely use a higher-layer protocol
+such as SAM or BOB.
+</p><p>
+The protocol is only serialized if the client and router are not in the same JVM;
+otherwise, I2CP message objects are passed via an internal JVM interface.
+</p><p>
+More information is on the <a href="i2cp.html">I2CP Overview page</a>.
+</p>
+
+
+
+<h2>Sessions</h2>
+<p>
+The protocol was designed to handle multiple "sessions", each with a 2-byte session ID,
+over a single TCP connection.
+This does not appear to be fully implemented.
+Do not attempt to use multiple sessions on a single I2CP connection.
+</p>
+
+<p>
+It also appears that there are some provisions for a single client to talk to multiple
+routers over separate connections. This is also untested,
+and probably not useful.
+</p>
+
+<p>
+It does not appear that there is currently a way for a session to be
+maintained after a disconnect, or to be
+recovered on a different
+I2CP connection.
+</p>
+
+
+
+
+<h2>Example Message Sequences</h2>
+<h3>Standard Session Establish</h3>
+<pre>
+{% filter escape %}
+ Client Router
+
+ ---------------------> Protocol Byte (0x2a)
+ ---------------------> Get Date Message
+ Set Date Message <---------------------
+ ---------------------> Create Session Message
+ Session Status Message <---------------------
+Request LeaseSet Message <---------------------
+ ---------------------> Create LeaseSet Message
+{% endfilter %}
+</pre>
+
+
+<h3>Get Bandwidth Limits (Simple Session)</h3>
+<pre>
+{% filter escape %}
+ Client Router
+
+ ---------------------> Protocol Byte (0x2a)
+ ---------------------> Get Bandwidth Limits Message
+Bandwidth Limits Message <---------------------
+{% endfilter %}
+</pre>
+
+
+
+<h3>Destination Lookup (Simple Session)</h3>
+<pre>
+{% filter escape %}
+ Client Router
+
+ ---------------------> Protocol Byte (0x2a)
+ ---------------------> Dest Lookup Message
+ Dest Reply Message <---------------------
+{% endfilter %}
+</pre>
+
+
+
+<h3>Outgoing Message</h3>
+<p>(existing session)</p>
+<pre>
+{% filter escape %}
+ Client Router
+
+ ---------------------> Send Message Message
+ Message Status Message <---------------------
+ (accepted)
+ Message Status Message <---------------------
+ (succeeded)
+{% endfilter %}
+</pre>
+<p>
+Note: As of release 0.8.1, the router does not send either Message Status Message if
+i2cp.messageReliability=none.
+</p>
+
+
+
+<h3>Incoming Message</h3>
+<p>(existing session)</p>
+<pre>
+{% filter escape %}
+ Client Router
+
+ Message Status Message <---------------------
+ (available)
+ ---------------------> Receive Message Begin Message
+ Message Payload Message <---------------------
+ ---------------------> Receive Message End Message
+{% endfilter %}
+</pre>
+
+
+<h2 id="notes">Version Notes</h2>
+<p>
+The initial protocol version byte (0x2a) sent by the client is not expected to change.
+Prior to release 0.8.7, the router's version information was not available to the client,
+thus preventing new clients from working with old routers.
+As of release 0.8.7, the two parties' protocol version strings are exchanged in the Get/Set Date Messages.
+Going forward, clients may use this information to communicate correctly with old routers.
+Clients and routers should not send messages that are unsupported by the other side,
+as they generally disconnect the session upon reception of an unsupported message.
+</p>
+
+
+<h2 id="structures">Common structures</h2>
+
+
+
+<h3 id="struct_header">I2CP message header</h3>
+<h4>Description</h4>
+<p>
+ Common header to all I2CP messages, containing the message length and message type.
+</p>
+<h4>Contents</h4>
+<ol><li>
+ 4 byte <a href="common_structures_spec#type_Integer">Integer</a> specifying the length of the message body
+</li><li>
+ 1 byte <a href="common_structures_spec#type_Integer">Integer</a> specifying the message type.
+</li><li>
+ The I2CP message body, 0 or more bytes
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+Actual message length limit is about 64 KB.
+</p>
+
+
+
+
+<h3 id="struct_MessageId">Message ID</h3>
+<h4>Description</h4>
+<p>
+Uniquely identifies a message waiting on a particular router at a
+point in time.
+</p>
+<h4>Contents</h4>
+<ol><li>
+4 byte <a href="common_structures_spec#type_Integer">Integer</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+Message IDs are unique within a session only; they are not globally unique.
+</p>
+
+
+
+
+<h3 id="struct_Payload">Payload</h3>
+<h4>Description</h4>
+<p>
+This structure is the content of a message being delivered from one
+Destination to another.
+</p>
+<h4>Contents</h4>
+<ol><li>
+4 byte <a href="common_structures_spec#type_Integer">Integer</a> length
+</li><li>
+That many bytes
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+The payload is in a gzip format as specified on the
+<a href="i2cp.html#format">I2CP Overview page</a>.
+</p>
+
+
+
+
+<h3 id="struct_SessionConfig">Session Config</h3>
+<h4>Description</h4>
+<p>
+Defines the configuration options for a particular client session.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="common_structures_spec#struct_Destination">Destination</a>
+</li><li>
+<a href="common_structures_spec#type_Mapping">Mapping</a> of options
+</li><li>
+Creation <a href="common_structures_spec#type_Date">Date</a>
+</li><li>
+DSA <a href="common_structures_spec#type_Signature">Signature</a> of the previous 3 fields, signed by the
+<a href="common_structures_spec#type_SigningPrivateKey">Signing Private Key</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+The options are specified on the
+<a href="i2cp.html#options">I2CP Overview page</a>.
+</p>
+
+
+
+
+
+<h3 id="struct_SessionId">Session ID</h3>
+<h4>Description</h4>
+<p>
+Uniquely identifies a session on a particular router at a point in
+time.
+</p>
+<h4>Contents</h4>
+<ol><li>
+2 byte <a href="common_structures_spec#type_Integer">Integer</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+</p>
+
+
+
+
+<h2 id="messages">Messages</h2>
+<h3 id="types">Message Types</h3>
+<table border=1>
+<tr><th>Message<th>Direction<th>Type
+<tr><td>
+<a href="#msg_BandwidthLimits">
+BandwidthLimitsMessage
+</a>
+</a>
+<td align="center">R->C
+<td align=right>23
+<tr><td>
+<a href="#msg_CreateLeaseSet">
+CreateLeaseSetMessage
+</a>
+<td align="center">C->R
+<td align=right>4
+<tr><td>
+<a href="#msg_CreateSession">
+CreateSessionMessage
+</a>
+<td align="center">C->R
+<td align=right>1
+<tr><td>
+<a href="#msg_DestLookup">
+DestLookupMessage
+</a>
+<td align="center">C->R
+<td align=right>34
+<tr><td>
+<a href="#msg_DestReply">
+DestReplyMessage
+</a>
+<td align="center">R->C
+<td align=right>35
+<tr><td>
+<a href="#msg_DestroySession">
+DestroySessionMessage
+</a>
+<td align="center">C->R
+<td align=right>3
+<tr><td>
+<a href="#msg_Disconnect">
+DisconnectMessage
+</a>
+<td align="center">bidir.
+<td align=right>30
+<tr><td>
+<a href="#msg_GetBandwidthLimits">
+GetBandwidthLimitsMessage
+</a>
+<td align="center">C->R
+<td align=right>8
+<tr><td>
+<a href="#msg_GetDate">
+GetDateMessage
+</a>
+<td align="center">C->R
+<td align=right>32
+<tr><td>
+<a href="#msg_MessagePayload">
+MessagePayloadMessage
+</a>
+<td align="center">R->C
+<td align=right>31
+<tr><td>
+<a href="#msg_MessageStatus">
+MessageStatusMessage
+</a>
+<td align="center">R->C
+<td align=right>22
+<tr><td>
+<a href="#msg_ReceiveMessageBegin">
+ReceiveMessageBeginMessage
+</a>
+<td align="center">C->R
+<td align=right>6
+<tr><td>
+<a href="#msg_ReceiveMessageEnd">
+ReceiveMessageEndMessage
+</a>
+<td align="center">C->R
+<td align=right>7
+<tr><td>
+<a href="#msg_ReconfigureSession">
+ReconfigureSessionMessage
+</a>
+<td align="center">C->R
+<td align=right>2
+<tr><td>
+<a href="#msg_ReportAbuse">
+ReportAbuseMessage
+</a>
+<td align="center">bidir.
+<td align=right>29
+<tr><td>
+<a href="#msg_RequestLeaseSet">
+RequestLeaseSetMessage
+</a>
+<td align="center">R->C
+<td align=right>21
+<tr><td>
+<a href="#msg_SendMessage">
+SendMessageMessage
+</a>
+<td align="center">C->R
+<td align=right>5
+<tr><td>
+<a href="#msg_SendMessageExpires">
+SendMessageExpiresMessage
+</a>
+<td align="center">C->R
+<td align=right>36
+<tr><td>
+<a href="#msg_SessionStatus">
+SessionStatusMessage
+</a>
+<td align="center">R->C
+<td align=right>20
+<tr><td>
+<a href="#msg_SetDate">
+SetDateMessage
+</a>
+<td align="center">R->C
+<td align=right>33
+</table>
+
+
+
+<h3 id="msg_BandwidthLimits">Bandwidth Limits</h3>
+<h4>Description</h4>
+<p>
+Tell the client what the bandwidth limits are.
+Sent from Router to Client in response to a Get Bandwidth Limits Message.
+</p>
+<h4>Contents</h4>
+<ol><li>
+4 byte <a href="common_structures_spec#type_Integer">Integer</a>
+Client inbound limit (KBps)
+</li><li>
+4 byte <a href="common_structures_spec#type_Integer">Integer</a>
+Client outbound limit (KBps)
+</li><li>
+4 byte <a href="common_structures_spec#type_Integer">Integer</a>
+Router inbound limit (KBps)
+</li><li>
+4 byte <a href="common_structures_spec#type_Integer">Integer</a>
+Router inbound burst limit (KBps)
+</li><li>
+4 byte <a href="common_structures_spec#type_Integer">Integer</a>
+Router outbound limit (KBps)
+</li><li>
+4 byte <a href="common_structures_spec#type_Integer">Integer</a>
+Router outbound burst limit (KBps)
+</li><li>
+4 byte <a href="common_structures_spec#type_Integer">Integer</a>
+Router burst time (seconds)
+</li><li>
+Nine 4-byte <a href="common_structures_spec#type_Integer">Integers</a>
+undefined
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+Currently, the client limits are the only values set,
+and are actually the router limits. All the values labeled as router limits are always 0.
+As of release 0.7.2.
+</p>
+
+
+
+<h3 id="msg_CreateLeaseSet">Create Lease Set</h3>
+<h4>Description</h4>
+<p>
+This message is sent in response to a RequestLeaseSetMessage and contains all
+of the Lease structures that should be published to the I2NP Network Database.
+Sent from Client to Router.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="#struct_SessionId">Session ID</a>
+</li><li>
+<a href="common_structures_spec#type_SigningPrivateKey">Signing Private Key</a>
+</li><li>
+<a href="common_structures_spec#type_PrivateKey">Private Key</a>
+</li><li>
+<a href="common_structures_spec#struct_LeaseSet">LeaseSet</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+The SigningPrivateKey matches the SigningPublicKey from within the
+LeaseSet, as does the PrivateKey with the PublicKey. The Signing keys are
+necessary to allow the router to revoke the LeaseSet if the client goes offline,
+and the normal keys are necessary for decrypting garlic routed messages. The
+LeaseSet granted may include Lease structures for tunnels pointing at another
+router if the client is actively connected to multiple routers with Leases granted
+to each.
+Really?
+Revocation is unimplemented.
+Connection to multiple routers is untested.
+</p>
+
+
+
+<h3 id="msg_CreateSession">Create Session</h3>
+<h4>Description</h4>
+<p>
+This message is sent from a client to initiate a session, where a session is defined
+as a single Destination's connection to the network, to which all messages for
+that Destination will be delivered and from which all messages that
+Destination sends to any other Destination will be sent through.
+Sent from Client to Router.
+The router responds with a <a href="#msg_SessionStatus">Session Status Message</a>.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="#struct_SessionConfig">Session Config</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+The second message sent by the client after sending the Get Date Message and receiving the Set Date Message response.
+If the Date in the Session Config is too far from the router's current time, the session will be rejected.
+If there is already a session on the router for this Destination, the session will be rejected.
+</p>
+
+
+
+<h3 id="msg_DestLookup">Dest Lookup</h3>
+<h4>Description</h4>
+<p>
+
+Sent from Client to Router.
+The router responds with a <a href="#msg_DestReply">Dest Reply Message</a>.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="common_structures_spec#struct_Hash">SHA-256 Hash</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+As of release 0.7.
+As of release 0.8.3, multiple outstanding lookups are supported,
+and lookups are supported in both I2PSimpleSession and in standard sessions.
+</p>
+
+
+
+<h3 id="msg_DestReply">Dest Reply</h3>
+<h4>Description</h4>
+<p>
+Sent from Router to Client in response to a Dest Lookup Message.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="common_structures_spec#struct_Destination">Destination</a>
+on success, or
+<a href="common_structures_spec#struct_Hash">Hash</a>
+on failure
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+As of release 0.7.
+As of release 0.8.3,
+the requested Hash is returned if the lookup failed,
+so that the client may have multiple lookups outstanding and correlate the replies to the lookups.
+Prior to release 0.8.3, the response was empty on failure.
+</p>
+
+
+
+<h3 id="msg_Destroy Session">Destroy Session</h3>
+<h4>Description</h4>
+<p>
+This message is sent from a client to destroy a session.
+Sent from Client to Router.
+The router responds with a <a href="#msg_SessionStatus">Session Status Message</a>.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="#struct_SessionId">Session ID</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+The router at this point should release all resources related to the session.
+</p>
+
+
+
+<h3 id="msg_Disconnect">Disconnect</h3>
+<h4>Description</h4>
+<p>
+Tell the other party that there are problems and the current connection is about to
+be destroyed. This does not necessarily end a session.
+Sent either from router to client or from client to router.
+</p>
+<h4>Contents</h4>
+<ol><li>
+Reason <a href="common_structures_spec#struct_String">String</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+Only implemented in the router-to-client direction.
+Disconnecting probably does end a session, in practice.
+</p>
+
+
+
+<h3 id="msg_GetBandwidthLimits">Get Bandwidth Limits</h3>
+<h4>Description</h4>
+<p>
+Request that the router state what its current bandwidth limits are.
+Sent from Client to Router.
+The router responds with a <a href="#msg_BandwidthLimits">Bandwidth Limits Message</a>.
+</p>
+<h4>Contents</h4>
+<i>None</i>
+
+<h4>Notes</h4>
+<p>
+As of release 0.7.2.
+As of release 0.8.3,
+supported in both I2PSimpleSession and in standard sessions.
+</p>
+
+
+
+<h3 id="msg_GetDate">Get Date</h3>
+<h4>Description</h4>
+<p>
+Sent from Client to Router.
+The router responds with a <a href="#msg_SetDate">Set Date Message</a>.
+</p>
+<h4>Contents</h4>
+<ol><li>
+I2CP Version <a href="common_structures_spec#struct_String">String</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+Generally the first message sent by the client after sending the protocol version byte.
+The version string is included as of release 0.8.7.
+This is only useful if the client and router are not in the same JVM.
+If it is not present, the client is version 0.8.6 or earlier.
+</p>
+
+
+
+<h3 id="msg_MessagePayload">Message Payload</h3>
+<h4>Description</h4>
+<p>
+Deliver the payload of a message to the client.
+Sent from Router to Client.
+The client responds with a <a href="#msg_ReceiveMessageEnd">Receive Message End Message</a>.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="#struct_SessionId">Session ID</a>
+</li><li>
+<a href="#struct_MessageId">Message ID</a>
+</li><li>
+<a href="#struct_Payload">Payload</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+</p>
+
+
+
+<h3 id="msg_MessageStatus">Message Status</h3>
+<h4>Description</h4>
+<p>
+Notify the client of the delivery status of an incoming or outgoing message.
+Sent from Router to Client.
+If this message indicates that an incoming message is available,
+the client responds with a <a href="#msg_ReceiveMessageBegin">Receive Message Begin Message</a>.
+For an outgoing message, this is a response to a
+<a href="#msg_SendMessage">Send Message Message</a> or
+<a href="#msg_SendMessageExpires">Send Message Expires Message</a>.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="#struct_SessionId">Session ID</a>
+</li><li>
+<a href="#struct_MessageId">Message ID</a>
+</li><li>
+1 byte <a href="common_structures_spec#type_Integer">Integer</a> status
+</li><li>
+4 byte <a href="common_structures_spec#type_Integer">Integer</a> size
+</li><li>
+4 byte <a href="common_structures_spec#type_Integer">Integer</a> nonce
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+The known status values are 0 for message is available, 1 for accepted, 2 for best
+effort succeeded, 3 for best effort failed, 4 for guaranteed succeeded, 5 for
+guaranteed failed. The size Integer specifies the size of the available
+message and is only relevant for status = 0.
+Even though guaranteed is unimplemented, (best effort is the only service), the current
+router implementation uses the guaranteed status codes, not the best effort codes.
+</p>
+<p>
+When status = 1 (accepted), the nonce matches the nonce in the
+Send Message Message, and the included Message ID
+will be used for subsequent success or failure notification.
+Otherwise, the nonce may be ignored.
+</p>
+
+
+
+<h3 id="msg_ReceiveMessageBegin">Receive Message Begin</h3>
+<h4>Description</h4>
+<p>
+Request the router to deliver a message that it was previously notified of.
+Sent from Client to Router.
+The router responds with a <a href="#msg_MessagePayload">Message Payload Message</a>.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="#struct_SessionId">Session ID</a>
+</li><li>
+<a href="#struct_MessageId">Message ID</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+The ReceiveMessageBeginMessage is sent as a response to a
+MessageStatusMessage stating that a new message is available for pickup. If the
+message id specified in the ReceiveMessageBeginMessage is invalid or
+incorrect, the router may simply not reply, or it may send back a
+DisconnectMessage.
+</p>
+
+
+
+
+<h3 id="msg_ReceiveMessageEnd">Receive Message End</h3>
+<h4>Description</h4>
+<p>
+Tell the router that delivery of a message was completed successfully and that
+the router can discard the message.
+Sent from Client to Router.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="#struct_SessionId">Session ID</a>
+</li><li>
+<a href="#struct_MessageId">Message ID</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+The ReceiveMessageBeginMessage is sent after a MessagePayloadMessage fully
+delivers a message's payload.
+</p>
+
+
+
+
+<h3 id="msg_RecconfigureSession">Reconfigure Session</h3>
+<h4>Description</h4>
+<p>
+
+Sent from Client to Router to update the session configuration.
+The router responds with a <a href="#msg_SessionStatus">Session Status Message</a>.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="#struct_SessionId">Session ID</a>
+</li><li>
+<a href="#struct_SessionConfig">Session Config</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+As of release 0.7.1.
+</p>
+
+
+
+
+<h3 id="msg_ReportAbuse">Report Abuse</h3>
+<h4>Description</h4>
+<p>
+Tell the other party (client or router) that they are under attack, potentially with reference to a
+particular messageId. If the router is under attack, the client may decide to
+migrate to another router, and if a client is under attack, the router may rebuild
+its routers or shitlist some of the peers that sent it messages delivering the attack.
+Sent either from router to client or from client to router.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="#struct_SessionId">Session ID</a>
+</li><li>
+1 byte <a href="common_structures_spec#type_Integer">Integer</a> abuse severity
+(0 is minimally abusive, 255 being extremely abusive)
+</li><li>
+Reason <a href="common_structures_spec#struct_String">String</a>
+</li><li>
+<a href="#struct_MessageId">Message ID</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+Unused.
+Not fully implemented. Both router and client can generate Report Abuse Messages,
+but neither has a handler for the message when received.
+</p>
+
+
+
+
+<h3 id="msg_RequestLeaseSet">Request LeaseSet</h3>
+<h4>Description</h4>
+<p>
+Request that a client authorize the inclusion of a particular set of inbound tunnels.
+Sent from Router to Client.
+The client responds with a <a href="#msg_SessionStatus">Create LeaseSet Message</a>.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="#struct_SessionId">Session ID</a>
+</li><li>
+1 byte <a href="common_structures_spec#type_Integer">Integer</a> number of tunnels
+</li><li>
+ That many pairs of:
+ <ol><li>
+ <a href="common_structures_spec#struct_RouterIdentity">Router Identity</a>
+ </li><li>
+ <a href="common_structures_spec#type_TunnelId">Tunnel ID</a>
+ </li></ol>
+</li><li>
+End <a href="common_structures_spec#type_Date">Date</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+</p>
+
+
+
+
+
+<h3 id="msg_SendMessage">Send Message</h3>
+<h4>Description</h4>
+<p>
+This is how a client sends a message (the payload) to the Destination.
+The router will use a default expiration.
+Sent from Client to Router.
+The router responds with a <a href="#msg_MessageStatus">Message Status Message</a>.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="#struct_SessionId">Session ID</a>
+</li><li>
+<a href="common_structures_spec#struct_Destination">Destination</a>
+</li><li>
+<a href="#struct_Payload">Payload</a>
+</li><li>
+4 byte <a href="common_structures_spec#type_Integer">Integer</a> nonce
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+As soon as the SendMessageMessage arrives fully intact, the router should return
+a MessageStatusMessage stating that it has been accepted for delivery.
+That message will contain the same nonce sent here.
+Later on,
+based on the delivery guarantees of the session configuration, the router may
+additionally send back another MessageStatusMessage updating the status.
+Note: As of release 0.8.1, the router does not send either Message Status Message if
+i2cp.messageReliability=none.
+</p>
+
+
+
+
+<h3 id="msg_SendMessageExpires">Send Message Expires</h3>
+<h4>Description</h4>
+<p>
+Sent from Client to Router. Same as Send Message Message, except includes an expiration.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="#struct_SessionId">Session ID</a>
+</li><li>
+<a href="common_structures_spec#struct_Destination">Destination</a>
+</li><li>
+<a href="#struct_Payload">Payload</a>
+</li><li>
+4 byte <a href="common_structures_spec#type_Integer">Integer</a> nonce
+</li><li>
+2 bytes of flags (options)
+</li><li>
+Expiration <a href="common_structures_spec#type_Date">Date</a>
+truncated from 8 bytes to 6 bytes
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+As of release 0.7.1.
+</p><p>
+As of release 0.8.4, the upper two bytes of the Date are redefined to contain
+flags. The flags must default to all zeros for backward compatibility.
+The Date will not encroach on the flags field until the year 10889.
+The flags may be used by the application to provide hints to the router
+as to whether a LeaseSet and/or ElGamal/AES Session Tags should be delivered
+with the message. The settings will significantly affect the amount of
+protocol overhead and the reliability of message delivery.
+The individual flag bits are defined as follows, as of release 0.9.2.
+Definitions are subject to change. Use the SendMessageOptions class to construct the flags.
+</p><p>
+Bit order: 15...0
+</p><p>
+Bits 15-9: Unused, must be zero
+</p><p>
+Bit 8: If 1, don't send lease set
+</p><p>
+Bits 7-4: Low tag threshold. If there are less than this many tags available, send more.
+<table border=1>
+<tr><th>Field value<th>Tag threshold
+<tr><td align="center">0000<td align="center">Use session key manager settings
+<tr><td align="center">0001<td align="center">2
+<tr><td align="center">0010<td align="center">3
+<tr><td align="center">0011<td align="center">6
+<tr><td align="center">0100<td align="center">9
+<tr><td align="center">0101<td align="center">14
+<tr><td align="center">0110<td align="center">20
+<tr><td align="center">0111<td align="center">27
+<tr><td align="center">1000<td align="center">35
+<tr><td align="center">1001<td align="center">45
+<tr><td align="center">1010<td align="center">57
+<tr><td align="center">1011<td align="center">72
+<tr><td align="center">1100<td align="center">92
+<tr><td align="center">1101<td align="center">117
+<tr><td align="center">1110<td align="center">147
+<tr><td align="center">1111<td align="center">192
+</table>
+</p><p>
+Bits 3-0: Number of tags to send if required.
+<table border=1>
+<tr><th>Field value<th>Tags to send
+<tr><td align="center">0000<td align="center">Use session key manager settings
+<tr><td align="center">0001<td align="center">2
+<tr><td align="center">0010<td align="center">4
+<tr><td align="center">0011<td align="center">6
+<tr><td align="center">0100<td align="center">8
+<tr><td align="center">0101<td align="center">12
+<tr><td align="center">0110<td align="center">16
+<tr><td align="center">0111<td align="center">24
+<tr><td align="center">1000<td align="center">32
+<tr><td align="center">1001<td align="center">40
+<tr><td align="center">1010<td align="center">51
+<tr><td align="center">1011<td align="center">64
+<tr><td align="center">1100<td align="center">80
+<tr><td align="center">1101<td align="center">100
+<tr><td align="center">1110<td align="center">125
+<tr><td align="center">1111<td align="center">160
+</table>
+</p>
+
+
+
+
+<h3 id="msg_SessionStatus">Session Status</h3>
+<h4>Description</h4>
+<p>
+Instruct the client as to the status of its session.
+Sent from Router to Client.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="#struct_SessionId">Session ID</a>
+</li><li>
+1 byte <a href="common_structures_spec#type_Integer">Integer</a> status
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+Status values include 0 for destroyed, 1 for created, 2 for updated, and
+3 for invalid session.
+If created, the Session ID is the identifier to be used for the rest of the session.
+</p>
+
+
+
+<h3 id="msg_SetDate">Set Date</h3>
+<h4>Description</h4>
+<p>
+The current date and time.
+Sent from Router to Client as a part of the initial handshake.
+</p>
+<h4>Contents</h4>
+<ol><li>
+<a href="common_structures_spec#type_Date">Date</a>
+</li><li>
+I2CP Version <a href="common_structures_spec#struct_String">String</a>
+</li></ol>
+
+<h4>Notes</h4>
+<p>
+This is generally the first message sent by the router.
+The version string is included as of release 0.8.7.
+This is only useful if the client and router are not in the same JVM.
+If it is not present, the router is version 0.8.6 or earlier.
+</p>
+
+
+
+
+
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/i2np.html b/www.i2p2/pages/i2np.html
index e8d21e7fae09410ff484396d9724c335e3bbf261..480e4b83b99e1bc6d55bd717d27d1ad09e87752d 100644
--- a/www.i2p2/pages/i2np.html
+++ b/www.i2p2/pages/i2np.html
@@ -1,6 +1,7 @@
{% extends "_layout.html" %}
{% block title %}I2NP{% endblock %}
{% block content %}
+Updated August 2010, current as of router version 0.8
<h2>I2P Network Protocol (I2NP)</h2>
<p>
The I2P Network Protocol (I2NP),
@@ -10,23 +11,8 @@ transports to use when communicating with a peer for which there are multiple
common transports supported.
</p>
-<p>While I2NP has been quite stable since its inception in
-August of 2003, there have been minor modifications on occasion.
-Here is the
-<a href="/_static/pdf/I2NP_spec.pdf">I2NP Protocol Specification Version 0.9</a>
-(PDF) dated August 28, 2003.
-That document also references the
-<a href="/_static/pdf/datastructures.pdf">Common Data Structures Specification Version 0.9</a>.
-Beware -
-based on a quick comparison with the code, there are substantial differences
-between the implementation and the 2003 specifications.
-</p>
-
<h3>I2NP Definition</h3>
<p>
-<i>Note</i> - The following information is extracted from the current code base,
-however it may be incomplete and/or inaccurate. Check the code to be sure.
-<p>
I2NP (I2P Network Protocol) messages can be used for one-hop, router-to-router, point-to-point messages.
By encrypting and wrapping messages in other messages, they can be sent in a secure way
through multiple hops to the ultimate destination.
@@ -41,22 +27,17 @@ These are global queues for all peers.
NTCP has a trivial linear search for the highest priority within
each buffer for a particular peer.
This is much less effective.
-<p>
-It isn't clear whether the current priority scheme is generally effective,
-and whether the priorities for various messages should be adjusted further.
-This is a topic for further research, analysis and testing.
-
<h3>Message Format</h3>
<p>
<table border=1>
-<tr><td>Field<td>Bytes
+<tr><th>Field<th>Bytes
<tr><td>Unique ID<td>4
<tr><td>Expiration<td>8
<tr><td>Payload Length<td>2
<tr><td>Checksum<td>1
-<tr><td>Payload<td>0 - 60.6KB
+<tr><td>Payload<td>0 - 61.2KB
</table>
<p>
@@ -64,12 +45,16 @@ While the maximum payload size is nominally 64KB, the size is further constraine
method of fragmenting I2NP messages into multiple 1KB tunnel messages as described in
<a href="tunnel-alt.html">tunnel-alt.html</a>.
The maximum number of fragments is 64, and the message may not be perfectly aligned,
-so the message must nominally fit in 63 fragments, and be padded to a 16 byte boundary.
-Therefore the maximum size is 960 + (62 * 986) - 12 = 62080 bytes, or approximately 60.6KB.
+So the message must nominally fit in 63 fragments.
+<p>
+The maximum size of an initial fragment is 956 bytes (assuming TUNNEL delivery mode);
+the maximum size of a follow-on fragment is 996 bytes.
+Therefore the maximum size is approximately 956 + (62 * 996) = 62708 bytes, or 61.2 KB.
+</p>
<p>
In addition, the transports may have additional restrictions.
NTCP currently limits to 16KB - 6 = 16378 bytes but this will be increased in a future release.
-The SSU limit is 32KB?
+The SSU limit is approximately 32 KB.
<p>
Note that these are not the limits for datagrams that the client sees, as the
router may bundle a reply leaseset and/or session tags together with the client message
@@ -78,8 +63,6 @@ Therefore the current datagram limit is about 10KB. This limit will be
increased in a future release.
<h3>Message Types</h3>
-The following is taken from the code, however not all these
-messages may be used.
Higher-numbered priority is higher priority.
The majority of traffic is TunnelDataMessages (priority 400),
so anything above 400 is essentially high priority, and
@@ -97,7 +80,7 @@ which is wrapped in a DataMessage.
<table border=1>
-<tr><td>Message<td>Type<td>Payload Length<td>Priority<td>Comments
+<tr><th>Message<th>Type<th>Payload Length<th>Priority<th>Comments
<tr><td>
DatabaseLookupMessage
<td align=right>2
@@ -127,6 +110,7 @@ DataMessage
<td align=right>20
<td align=right>4 - 62080
<td align=right>400
+<td>
<tr><td>
DeliveryStatusMessage
<td align=right>10
@@ -151,6 +135,7 @@ but when unwrapped, given a priority of 100 by the forwarding router
<td align=right>22
<td align=right>4224
<td align=right>300
+<td>
<tr><td>
TunnelDataMessage
<td align=right>18
@@ -164,6 +149,7 @@ TunnelGatewayMessage
<td align=right>19
<td>
<td align=right>300/400
+<td>
<tr><td>
VariableTunnelBuildMessage
<td align=right>23
@@ -185,4 +171,15 @@ Others listed in
<td>Obsolete, Unused
</table>
+<h3>Full Protocol Specification</h3>
+<a href="i2np_spec.html">On the I2NP Specification page</a>.
+See also the
+<a href="common_structures_spec.html">Common Data Structure Specification page</a>.
+
+<h3>Future Work</h3>
+<p>
+It isn't clear whether the current priority scheme is generally effective,
+and whether the priorities for various messages should be adjusted further.
+This is a topic for further research, analysis and testing.
+
{% endblock %}
diff --git a/www.i2p2/pages/i2np_de.html b/www.i2p2/pages/i2np_de.html
index c82958a99ce40890b4ab963610fbf538f3f51f0c..8f44530eeeeef492cb837c9e33bb2b9132bb3436 100644
--- a/www.i2p2/pages/i2np_de.html
+++ b/www.i2p2/pages/i2np_de.html
@@ -1,6 +1,7 @@
{% extends "_layout_de.html" %}
{% block title %}I2NP{% endblock %}
{% block content %}
+<p>Die Webseite wird gerade überholt und dieses Dokument kann alte Informationen enthalten</p>
<h2>I2P Netzwerk Protokoll (I2NP)</h2>
<p>
Das I2P Netzwerk Protokoll (I2NP),
diff --git a/www.i2p2/pages/i2np_spec.html b/www.i2p2/pages/i2np_spec.html
index 973b2b36feccbb31f179d1580975d160ce4344f9..9a1a87fbcab00262f663f541ed36133b1c975ad0 100644
--- a/www.i2p2/pages/i2np_spec.html
+++ b/www.i2p2/pages/i2np_spec.html
@@ -1,6 +1,9 @@
{% extends "_layout.html" %}
{% block title %}I2NP Specification{% endblock %}
{% block content %}
+
+Updated June 2012, current as of router version 0.9
+
<h1>I2P Network Protocol (I2NP) Specification</h1>
<p>
The I2P Network Protocol (I2NP),
@@ -11,27 +14,39 @@ common transports supported.
</p>
<h2 id="structures">Common structures</h2>
-
-
+The following structures are elements of multiple I2NP messages.
+They are not complete messages.
<h3 id="struct_header">I2NP message header</h3>
<h4>Description</h4>
<p>
- Common header to all I2NP messages, which contains important information like an checksum, expiration date, etc.
+ Common header to all I2NP messages, which contains important information like a checksum, expiration date, etc.
</p>
<h4>Contents</h4>
<p>
- 1 byte <a href="common_structures_spec#type_Integer">Integer</a> specifying the type of this message, followed by an 4 byte <a href="common_structures_spec#type_Integer">Integer</a> specifying the message-id. After that there is an expiration <a href="common_structures_spec#type_Date">Date</a>, followed by an 2 byte <a href="common_structures_spec#type_Integer">Integer</a> specifying the length of the message payload, followed by an <a href="common_structures_spec#type_Hash">Hash</a>, which is truncated to the first byte. After that the actual message data follows.
+ 1 byte <a href="common_structures_spec#type_Integer">Integer</a> specifying the type of this message,
+ followed by a 4 byte <a href="common_structures_spec#type_Integer">Integer</a> specifying the message-id.
+ After that there is an expiration <a href="common_structures_spec#type_Date">Date</a>,
+ followed by a 2 byte <a href="common_structures_spec#type_Integer">Integer</a> specifying
+ the length of the message payload, followed by a <a href="common_structures_spec#type_Hash">Hash</a>,
+ which is truncated to the first byte. After that the actual message data follows.
</p>
<pre>
{% filter escape %}
-+----+----+----+----+----+
-|type| msg-id |
+Standard (16 bytes):
+
+----+----+----+----+----+----+----+----+
-| expiration |
+|type| msg-id | expiration
+----+----+----+----+----+----+----+----+
-| size |chks|
-+----+----+----+
+ | size |chks|
++----+----+----+----+----+----+----+----+
+
+Short (SSU, 5 bytes):
+
++----+----+----+----+----+
+|type| short expiration |
++----+----+----+----+----+
+
{% endfilter %}
</pre>
@@ -41,23 +56,27 @@ common transports supported.
type :: Integer
length -> 1 byte
- purpose -> identifies the message type(see table below)
+ purpose -> identifies the message type (see table below)
msg-id :: Integer
length -> 4 bytes
- purpose -> uniquely identifies this message(for some time at least)
+ purpose -> uniquely identifies this message (for some time at least)
expiration :: Date
8 bytes
date this message will expire
+short expiration :: Integer
+ 4 bytes
+ date this message will expire (seconds since the epoch)
+
size :: Integer
length -> 2 bytes
purpose -> length of the payload
-chks :: Hash
+chks :: Integer
length -> 1 byte
purpose -> checksum of the payload
@@ -69,11 +88,31 @@ data :: Data
purpose -> actual message contents
{% endfilter %}
</pre>
+<h4>Notes</h4>
+<ul><li>
+When transmitted over <a href="udp.html">SSU</a>,
+the 16-byte standard header is not used.
+Only a 1-byte type and a 4-byte expiration in seconds is included.
+The message id and size are
+incorporated into various parts of the SSU data packet format.
+The checksum is not required since errors are caught in decryption.
+</li><li>
+The standard header is also required for I2NP messages contained in other messages and structures
+(Data, TunnelData, TunnelGateway, and GarlicClove).
+As of release 0.8.12, to reduce overhead, checksum verification is disabled at
+some places in the protocol stack.
+However, for compatibility with older versions, checksum generation is still required.
+It is a topic for future research to determine points in the protocol stack
+where the far-end router's version is known and checksum generation can be disabled.
+</li></ul>
+
<h3 id="struct_BuildRequestRecord">BuildRequestRecord</h3>
<h4>Description</h4>
<p>
- One Record in a set of multiple records to request the creation of one hop in the tunnel. For more details see here.
+ One Record in a set of multiple records to request the creation of one hop in the tunnel. For more details see
+ <a href="tunnel-alt.html">the tunnel overview</a> and
+ <a href="tunnel-alt-creation.html">the tunnel creation specification</a>.
</p>
<h4>Contents</h4>
<p>
@@ -129,20 +168,36 @@ Cleartext:
| reply_iv |
+ +
| |
-+----+----+----+----+----+----+----+----+----+
-|flag| request_time | send_message_id |
-+----+----+----+----+----+----+----+----+----+
-| padding...
-+----+----+----+--//
++----+----+----+----+----+----+----+----+
+|flag| request_time | send_msg_id
++----+----+----+----+----+----+----+----+
+ | |
++----+ +
+| 29 bytes padding |
++ +
+| |
++ +----+----+
+| |
++----+----+----+----+----+----+
-encrypted:
+
+ElGamal encrypted:
+----+----+----+----+----+----+----+----+
| toPeer |
+ +
| |
+----+----+----+----+----+----+----+----+
| encrypted data ... |
+~ ~
+| |
++----+----+----+----+----+----+----+----+
+
+ElGamal and AES encrypted:
++----+----+----+----+----+----+----+----+
+| encrypted data ... |
+~ ~
+| |
+----+----+----+----+----+----+----+----+
{% endfilter %}
</pre>
@@ -172,7 +227,7 @@ iv_key :: SessionKey
reply_key :: SessionKey
length -> 32 bytes
-reply_iv :: Integer
+reply_iv :: data
length -> 16 bytes
flag :: Integer
@@ -180,33 +235,58 @@ flag :: Integer
request_time :: Integer
length -> 4 bytes
+ Hours since the epoch, i.e. current time / 3600
send_message_id :: Integer
length -> 4 bytes
padding :: Data
length -> 29 bytes
-
source -> random
-encrypted:
+total length: 222
+
-toPeer :: Hash
+ElGamal encrypted:
+
+toPeer :: First 16 bytes of the SHA-256 Hash of the peer's router identity
length -> 16 bytes
-encrypted_data :: ElGamal-2048 encrypted data
- length -> 514
+encrypted_data :: ElGamal-2048 encrypted data (see notes)
+ length -> 512
+
+total length: 528
+
+
+ElGamal and AES encrypted:
+
+encrypted_data :: ElGamal and AES encrypted data
+ length -> 528
+
+total length: 528
{% endfilter %}
</pre>
+<h4>Notes</h4>
+<ul><li>
+In the 512-byte encrypted record,
+the ElGamal data contains bytes 1-256 and 258-513 of the
+<a href="how_cryptography.html#elgamal">514-byte ElGamal encrypted block</a>.
+The two padding bytes from the block (the zero bytes at locations 0 and 257) are removed.
+</li><li>
+ See the <a href="tunnel-alt-creation.html">tunnel creation specification</a> for details on field contents.
+</li></ul>
+</p>
+
+
<h3 id="struct_BuildResponseRecord">BuildResponseRecord</h3>
<pre>
{% filter escape %}
unencrypted:
+----+----+----+----+----+----+----+----+
| random data... |
-
+~ ~
| |
+ +----+
| |ret |
@@ -221,16 +301,94 @@ bytes 0-526: random data
byte 527 : reply
encrypted:
-bytes 0-527: AES-encrypted record(note: same size as BuildRequestRecord!)
+bytes 0-527: AES-encrypted record(note: same size as BuildRequestRecord)
+
+total length: 528
+
{% endfilter %}
</pre>
+<h4>Notes</h4>
+<ul><li>
+ The first 527 bytes could, in the future, be used to return congestion or peer connectivity information
+ back to the requestor.
+</li><li>
+ See the <a href="tunnel-alt-creation.html">tunnel creation specification</a> for details on the reply field.
+</li></ul>
+
+
+<h3 id="struct_GarlicClove">GarlicClove</h3>
+<pre>
+{% filter escape %}
+unencrypted:
++----+----+----+----+----+----+----+----+
+| Delivery Instructions |
+~ ~
+~ ~
+| |
++----+----+----+----+----+----+----+----+
+| I2NP Message |
+~ ~
+~ ~
+| |
++----+----+----+----+----+----+----+----+
+| Clove ID | Expiration
++----+----+----+----+----+----+----+----+
+ | Certificate |
++----+----+----+----+----+----+----+
+{% endfilter %}
+</pre>
+<h4>Definition</h4>
+<pre>
+unencrypted:
+Delivery Instructions :: <a href="tunnel_message_spec.html#delivery">as defined here</a>
+ Length varies but is typically 39, 43, or 47 bytes
+
+I2NP Message :: Any I2NP Message
+
+Clove ID :: 4 byte Integer
+
+Expiration :: Date (8 bytes)
+
+Certificate :: Always NULL in the current implementation (3 bytes total, all zeroes)
+
+</pre>
+
+<h4>Notes</h4>
+<ul>
+<li>
+ Cloves are never fragmented.
+ When used in a Garlic Clove, the first bit of the Delivery Instructions flag byte (the fragment bit) is redefined.
+ If this bit is 0, the clove is not encrypted.
+ If 1, the clove is encrypted, and a 32 byte Session Key immediately follows the flag byte.
+ Clove encryption is not fully implemented.
+<li>
+ See also the <a href="how_garlicrouting.html">garlic routing specification</a>.
+<li>
+ See also <a href="tunnel_message_spec.html#delivery">Delivery Instructions definition</a>
+<li>
+ Maximum length is a function of the total length of all the cloves and the
+ maximum length of the GarlicMessage.
+<li>
+ In the future, the certificate could possibly be used for a HashCash to "pay" for the routing.
+<li>
+ The message can be any I2NP message (including a GarlicMessage, although that is not used in practice).
+ The messages used in practice are DataMessage, DeliveryStatusMessage, and DatabaseStoreMessage.
+<li>
+ The Clove ID is generally set to a random number on transmit and is checked for
+ duplicates on receive (same message ID space as top-level Message IDs)
+</ul>
+
+
+<h3 id="struct_DeliveryInstructions">Delivery Instructions</h3>
+Defined in the <a href="tunnel_message_spec.html#delivery">Tunnel Message Specification</a>.
+
<h2 id="messages">Messages</h2>
<table border=1>
<tr>
- <td>Message</td>
- <td>Type</td>
+ <th>Message</th>
+ <th>Type</th>
</tr>
<tr>
<td><a href="#msg_DatabaseStore">DatabaseStore</a></td>
@@ -283,6 +441,14 @@ bytes 0-527: AES-encrypted record(note: same size as BuildRequestRecord!)
</table>
<h3 id="msg_DatabaseStore">DatabaseStore</h3>
+<h4>Description</h4>
+<p>
+ An unsolicited database store, or the response to a successful Database Lookup Message
+</p>
+<h4>Contents</h4>
+<p>
+ An uncompressed LeaseSet or a compressed RouterInfo
+</p>
<pre>
with reply token:
+----+----+----+----+----+----+----+----+
@@ -317,7 +483,7 @@ with reply token == 0:
+ +
| |
+----+----+----+----+----+----+----+----+
-|type| reply token | data ...
+|type| 0 | data ...
+----+-------------------+---------\\
</pre>
<h4>Definition</h4>
@@ -335,27 +501,30 @@ type:
reply token:
4 bytes
- TODO: find out what this does
+ If greater than zero, a <a href="#msg_DeliveryStatus">Delivery Status Message</a>
+ is requested with the Message ID set to the value of the Reply Token.
+ A floodfill router is also expected to flood the data to the closest floodfill peers
+ if the token is greater than zero.
reply tunnelId:
- 4 bytes
- only included if reply token > 0
- TODO: what this tunnel information is needed for
+ 4 byte Tunnel ID
+ only included if reply token > 0
+ This is the <a href="common_structures_spec#type_TunnelID">tunnel ID</a> of the inbound gateway of the tunnel the response should be sent to
reply gateway:
32 bytes
Hash of the routerInfo entry to reach the gateway
- only included if reply token > 0
- TODO: what this tunnel information is needed for
+ only included if reply token > 0
+ This is the router hash of the inbound gateway of the tunnel the response should be sent to
data:
- rest of the message(could be anything)
+ If type == 0, data is a 2-byte integer specifying the number of bytes that follow, followed by a gzip-compressed RouterInfo.
+ If type == 1, data is an uncompressed LeaseSet.
</pre>
<h3 id="msg_DatabaseLookup">DatabaseLookup</h3>
<pre>
{% filter escape %}
-if flag==TRUE
+----+----+----+----+----+----+----+----+
| SHA256 hash as the key to look up |
+ +
@@ -366,8 +535,8 @@ if flag==TRUE
| |
+----+----+----+----+----+----+----+----+
| SHA256 hash of the routerInfo |
-+ who is asking +
-| |
++ who is asking, or the gateway to +
+| send the reply to |
+ +
| |
+ +
@@ -397,29 +566,53 @@ key:
from:
32 bytes
- SHA256 hash of the routerInfo entry this request came from(and to which the reply should be sent)
+ If flag == 0, the SHA256 hash of the routerInfo entry this request came from (and to which the reply should be sent)
+ If flag == 1, the SHA256 hash of the reply tunnel gateway (to which the reply should be sent)
flag:
1 byte
- mapping:
+ valid values:
0 FALSE => send reply directly
1 TRUE => send reply to some tunnel
reply tunnelId:
- 2 bytes
+ 4 byte Tunnel ID
only included if flag==TRUE
tunnelId of the tunnel to send the reply to
size:
- 2 bytes
- number of peers to exclude from the lookup(TODO: whatever this means)
+ 2 byte Integer
+ valid range: 0-512
+ number of peers to exclude from the Database Search Reply Message
excludedPeers:
- rest of the message are $size SHA256 hashes of 32 bytes each(total $size*32 bytes)
+ Rest of the message are $size SHA256 hashes of 32 bytes each (total $size*32 bytes)
+ If the lookup fails, these peers are requested to be excluded from the list in
+ the Database Search Reply Message.
+ If excludedPeers includes a hash of all zeroes, the request is exploratory, and
+ the Database Search Reply Message is requested to list non-floodfill routers only.
+
{% endfilter %}
</pre>
+<h4>Notes</h4>
+<p>
+ To do:
+ Use a bit of the flag field to request an AES-encrypted response.
+ Use parts of this message as the key and IV? Add a message ID also?
+ Backward compatibility?
+</p>
+
+
<h3 id="msg_DatabaseSearchReply">DatabaseSearchReply</h3>
+<h4>Description</h4>
+<p>
+ The response to a failed Database Lookup Message
+</p>
+<h4>Contents</h4>
+<p>
+ A list of router hashes closest to the requested key
+</p>
<pre>
{% filter escape %}
+----+----+----+----+----+----+----+----+
@@ -456,6 +649,7 @@ excludedPeers:
{% endfilter %}
+</pre>
<h4>Definition</h4>
<pre>
@@ -465,7 +659,7 @@ key:
SHA256 of the object being searched
num:
- 1 byte
+ 1 byte Integer
number of peer hashes that follow
peer hash:
@@ -479,11 +673,25 @@ from:
{% endfilter %}
</pre>
+<h4>Notes</h4>
+<p>
+ The 'from' hash is unauthenticated and cannot be trusted.
+</p>
+
<h3 id="msg_DeliveryStatus">DeliveryStatus</h3>
+<h4>Description</h4>
+<p>
+ A simple message acknowledgment. Generally created by the message originator, and wrapped
+ in a Garlic Message with the message itself, to be returned by the destination.
+</p>
+<h4>Contents</h4>
+<p>
+ The ID of the delivered message, and the creation or arrival time.
+</p>
<pre>
{% filter escape %}
+----+----+----+----+----+----+----+----+----+----+----+----+
-|msg-id | arrival-time |
+|msg-id | time stamp |
+----+----+----+----+----+----+----+----+----+----+----+----+
{% endfilter %}
</pre>
@@ -493,54 +701,133 @@ from:
{% filter escape %}
msg-id:
4 bytes
- unique ID of the message we deliver the DeliveryStatus for(see common I2NP header for details)
+ unique ID of the message we deliver the DeliveryStatus for (see common I2NP header for details)
-arrival-time:
+time stamp: Date
8 bytes
- time the message was successfully delivered
+ time the message was successfully created or delivered
{% endfilter %}
</pre>
+<h4>Notes</h4>
+<p>
+ It appears that the time stamp is always set by the creator to the current time.
+ However there are several uses of this in the code, and more may be added in the future.
+</p>
+
<h3 id="msg_Garlic">Garlic</h3>
+<h4>Description</h4>
+<p>
+ Used to wrap multiple encrypted I2NP Messages
+</p>
+<h4>Contents</h4>
+<p>
+ When decrypted, a series of <a href="#struct_GarlicClove">Garlic Cloves</a>.
+</p>
<pre>
{% filter escape %}
encrypted:
+----+----+----+----+----+----+----+----+
-|length | tag |
+| length | data |
+----+----+----+----+ +
| |
-+ +
+~ ~
+~ ~
| |
-+ +
++----+----+----+----+----+----+----+----+
+
+
+unencrypted data:
++----+----+----+----+----+----+----+----+
+|num | clove 1 |
++----+ +
| |
-+ +----+----+----+----+
-|
+~ ~
+~ ~
+| |
++----+----+----+----+----+----+----+----+
+| clove 2 ... |
+~ ~
+~ ~
+| |
++----+----+----+----+----+----+----+----+
+| Certificate | Message ID |
++----+----+----+----+----+----+----+----+
+ Expiration |
++----+----+----+----+----+----+----+
{% endfilter %}
</pre>
<h4>Definition</h4>
<pre>
{% filter escape %}
+Encrypted:
+
length:
- 4 bytes
- number of bytes that follow
+ 4 byte Integer
+ number of bytes that follow 0 - 64 KB
data:
$length bytes
- elgamal en
+ ElGamal encrypted data
+
+
+Unencrypted data:
+
+num:
+ 1 byte Integer number of Garlic Cloves to follow
+
+clove: A Garlic Clove
+
+Certificate :: Always NULL in the current implementation (3 bytes total, all zeroes)
+
+Message ID :: 4 byte Integer
+
+Expiration :: Date (8 bytes)
+
{% endfilter %}
</pre>
+<h4>Notes</h4>
+<ul>
+<li>
+ When unencrypted, data contains one or more <a href="#struct_GarlicClove">Garlic Cloves</a>.
+<li>
+ The AES encrypted block is padded to a minimum of 128 bytes; with the 32-byte Session Tag
+ the minimum size of the encrypted message is 160 bytes; with the 4 length bytes
+ the minimum size of the Garlic Message is 164 bytes.
+<li>
+ Actual max length is less than 64 KB; see the <a href="i2np.html">I2NP Overview</a>.
+<li>
+ See also the <a href="how_elgamalaes.html">ElGamal/AES specification</a>.
+<li>
+ See also the <a href="how_garlicrouting.html">garlic routing specification</a>.
+<li>
+ The 128 byte minimum size of the AES encrypted block is not currently configurable,
+ however the minimum size of a DataMessage in a GarlicClove in a GarlicMessage, with
+ overhead, is 128 bytes anyway. A configurable option to increase the minimum size
+ may be added in the future.
+<li>
+ The message ID is generally set to a random number on transmit and
+ appears to be ignored on receive.
+<li>
+ In the future, the certificate could possibly be used for a HashCash to "pay" for the routing.
+</ul>
+
+
<h3 id="msg_TunnelData">TunnelData</h3>
<pre>
{% filter escape %}
+----+----+----+----+----+----+----+----+
-| tunnelId | data |
+| tunnnelID | data |
+----+----+----+----+ |
| |
-
+~ ~
+~ ~
| |
-+----+----+----+----+----+----+----+----+
++ +----+----+----+----+
+| |
++----+----+----+----+
{% endfilter %}
</pre>
@@ -548,7 +835,7 @@ data:
<pre>
{% filter escape %}
tunnelId:
- 4 bytes
+ 4 byte Tunnel ID
identifies the tunnel this message is directed at
data:
@@ -557,6 +844,13 @@ data:
{% endfilter %}
</pre>
+<h4>Notes</h4>
+<ul>
+<li>
+ See also the <a href="tunnel_message_spec.html">Tunnel Message Specification</a>
+</ul>
+
+
<h3 id="msg_TunnelGateway">TunnelGateway</h3>
<pre>
{% filter escape %}
@@ -570,11 +864,11 @@ data:
<pre>
{% filter escape %}
tunnelId:
- 4 bytes
+ 4 byte Tunnel ID
identifies the tunnel this message is directed at
length:
- 2 bytes
+ 2 byte Integer
length of the payload
data:
@@ -583,10 +877,23 @@ data:
{% endfilter %}
</pre>
+<h4>Notes</h4>
+<ul>
+<li>
+ The payload is an I2NP message with a standard 16-byte header.
+</ul>
-{% endblock %}
<h3 id="msg_Data">Data</h3>
+<h4>Description</h4>
+<p>
+ Used as a wrapper for encrypted Garlic Messages and Garlic Cloves.
+ Also used previously for network load testing.
+</p>
+<h4>Contents</h4>
+<p>
+ A length Integer, followed by opaque data.
+</p>
<pre>
{% filter escape %}
+----+----+----+----+----+---//--+
@@ -630,38 +937,82 @@ data:
<h4>Definition</h4>
<pre>
{% filter escape %}
-Just 8 records attached together
+Just 8 Build Request Records attached together
Record size: 528 bytes
Total size: 8*528 = 4224 bytes
{% endfilter %}
</pre>
+<h4>Notes</h4>
+<p>
+ See also the <a href="tunnel-alt-creation.html">tunnel creation specification</a>.
+</p>
+
<h3 id="msg_TunnelBuildReply">TunnelBuildReply</h3>
<pre>
{% filter escape %}
-same format as TunnelBuild message
+same format as TunnelBuild message, with Build Response Records
{% endfilter %}
</pre>
+<h4>Notes</h4>
+<p>
+ See also the <a href="tunnel-alt-creation.html">tunnel creation specification</a>.
+</p>
+
<h3 id="msg_VariableTunnelBuild">VariableTunnelBuild</h3>
<pre>
{% filter escape %}
+----+----+----+----+----+----+----+----+
-|num | ....
+|num | BuildRequestRecords...
++----+----+----+----+----+----+----+----+
{% endfilter %}
</pre>
<h4>Definition</h4>
<pre>
{% filter escape %}
-same format as TunnelBuildMessage, except for the addition of an "num" field in front and $num number of records instead of 8
+Same format as TunnelBuildMessage, except for the addition of an "num" field in front and $num number of Build Request Records instead of 8
+
+num:
+ 1 byte Integer
+ Valid values: 1-8
+
+Record size: 528 bytes
+Total size: 1 + $num*528
{% endfilter %}
</pre>
+<h4>Notes</h4>
+<ul>
+<li>
+ This message was introduced in router version 0.7.12, and may not be sent to tunnel participants earlier than that version.
+<li>
+ See also the <a href="tunnel-alt-creation.html">tunnel creation specification</a>.
+</ul>
+
<h3 id="msg_VariableTunnelBuildReply">VariableTunnelBuildReply</h3>
<pre>
{% filter escape %}
-same format as VariableTunnelBuild message
++----+----+----+----+----+----+----+----+
+|num | BuildResponseRecords...
++----+----+----+----+----+----+----+----+
{% endfilter %}
</pre>
+
+<h4>Definition</h4>
+Same format as VariableTunnelBuild message, with Build Response Records.
+
+
+<h4>Notes</h4>
+<ul>
+<li>
+ This message was introduced in router version 0.7.12, and may not be sent to tunnel participants earlier than that version.
+<li>
+ See also the <a href="tunnel-alt-creation.html">tunnel creation specification</a>.
+</ul>
+
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/i2pcontrol.html b/www.i2p2/pages/i2pcontrol.html
new file mode 100644
index 0000000000000000000000000000000000000000..4538ae9e6299f42dfee4ba51aab7890876000cc8
--- /dev/null
+++ b/www.i2p2/pages/i2pcontrol.html
@@ -0,0 +1,206 @@
+{% extends "_layout.html" %}
+{% block title %}I2PControl API{% endblock %}
+{% block content %}
+<h1>I2PControl - Remote Control Service</h1>
+<p>I2P enables a <a href="http://en.wikipedia.org/wiki/JSON-RPC">JSONRPC2</a> interface via the plugin I2PControl.
+The aim of the interface is to provide simple way to interface with a running I2P node. A client, itoopie, has been developed in parallel.
+The JSONRPC2 implementation for the client as well as the plugin is provided by the java libraries <a href="http://software.dzhuvinov.com/json-rpc-2.0.html">JSON-RPC 2.0</a>.
+A list of implementations of JSON-RPC for various languages can be found at <a href="http://json-rpc.org/wiki/implementations">the JSON-RPC wiki</a>.
+</p>
+<p>I2PControl is by default listening on localhost:7650</p>
+
+<h2>API, version 1.</h2>
+<p>
+Parameters are only provided in a named way (maps).
+
+<h4>JSON-RPC 2 format</h4>
+<div class="box" style="clear: none;"><pre>
+Request:
+{"id":"id", "method":"Method-name","params":{"Param-key-1":"param-value-1", "Param-key-2":"param-value-2", "Token":"**actual token**"}, "jsonrpc":"2.0"}
+Response:
+{"id":"id","result":{"Result-key-1":"result-value-1","Result-key-2":"result-value-2"},"jsonrpc":"2.0"}
+
+</pre></div>
+</p>
+<ul>method-name – Description
+ <ul>Request
+ <li>Param-key-1 – Description</li>
+ <li>Param-key-2 – Description</li>
+ <li>Token – Token used for authenticating every request (excluding the 'Authenticate' RPC method)</li>
+ </ul>
+ <ul>Response
+ <li>Result-key-1 – Description</li>
+ <li>Result-key-2 – Description</li>
+ </ul>
+</ul>
+
+<h4>Implemented methods</h4>
+<ul>Authenticate – Creates and returns an authentication token used for further communication.
+ <ul>Request
+ <li>API – [long] The version of the I2PControl API used by the client.</li>
+ <li>Password – [String] The password used for authenticating against the remote server.</li>
+ </ul>
+ <ul>Response
+ <li>API – [long] The primare I2PControl API version implemented by the server.</li>
+ <li>Token – [String] The token used for further communication.</li>
+ </ul>
+</ul>
+<ul>Echo – Echoes the value of the echo key, used for debugging and testing.
+ <ul>Request
+ <li>Echo – [String] Value will be returned in response.</li>
+ <li>Token – [String]Token used for authenticating the client. Is provided by the server via the 'Authenticate' RPC method.</li>
+ </ul>
+ <ul>Response
+ <li>Result – [String] Value of the key 'echo' in the request.</li>
+ </ul>
+</ul>
+<ul>GetRate – Fetches rateStat from router statManager. Creates stat if not already created.
+ <ul>Request
+ <li>Stat – [String] Determines which rateStat to fetch, see <a href="ratestats.html">ratestats</a>.</li>
+ <li>Period – [long] Determines which period a stat is fetched for. Measured in ms.</li>
+ <li>Token – [String] Token used for authenticating the client. Is provided by the server via the 'Authenticate' RPC method.</li>
+ </ul>
+ <ul>Response
+ <li>Result – [double] Returns the average value for the reuested rateStat and period.</li>
+ </ul>
+</ul>
+<ul>I2PControl – Manages I2PControl. Ports, passwords and the like.
+ <ul>Request
+ <li>*i2pcontrol.address – [String] Sets a new listen address for I2PControl (only 127.0.0.1 and 0.0.0.0 are implemented in I2PControl currently).</li>
+ <li>*i2pcontrol.password – [String] Sets a new password for I2PControl, all Authentication tokens will be revoked.</li>
+ <li>*i2pcontrol.port – [String] Switches which port I2PControl will listen for connections on.</li>
+ <li>Token – [String] Token used for authenticating the client. Is provided by the server via the 'Authenticate' RPC method.</li>
+ </ul>
+ <ul>Response
+ <li>**i2pcontrol.address – [null] Returned if address was changed</li>
+ <li>**i2pcontrol.password – [null] Returned if setting was changed</li>
+ <li>**i2pcontrol.port – [null] Returned if setting was changed</li>
+ <li>SettingsSaved – [Boolean] Returns true if any changes were made.</li>
+ <li>RestartNeeded – [Boolean] Returns true if any changes requiring a restart to take effect were made.</li>
+ </ul>
+</ul>
+<ul>RouterInfo – Fetches basic information about hte I2P router. Uptime, version etc.
+ <ul>Request
+ <li>*i2p.router.status – [n/a]</li>
+ <li>*i2p.router.uptime – [n/a]</li>
+ <li>*i2p.router.version – [n/a]</li>
+ <li>*i2p.router.net.bw.inbound.1s – [n/a] </li>
+ <li>*i2p.router.net.bw.inbound.15s – [n/a] </li>
+ <li>*i2p.router.net.bw.outbound.1s – [n/a] </li>
+ <li>*i2p.router.net.bw.outbound.15s – [n/a] </li>
+ <li>*i2p.router.net.status – [n/a]</li>
+ <li>*i2p.router.net.tunnels.participating – [n/a] </li>
+ <li>*i2p.router.netdb.activepeers – [n/a] </li>
+ <li>*i2p.router.netdb.fastpeers – [n/a] </li>
+ <li>*i2p.router.netdb.highcapacitypeers – [n/a] </li>
+ <li>*i2p.router.netdb.isreseeding – [n/a] </li>
+ <li>*i2p.router.netdb.knownpeers – [n/a] </li>
+ <li>Token – [String] Token used for authenticating the client. Is provided by the server via the 'Authenticate' RPC method.</li>
+ </ul>
+ <ul>Response
+ <li>**i2p.router.status – [String] What the status of the router is.</li>
+ <li>**i2p.router.uptime – [long] What the uptime of the router is in ms.</li>
+ <li>**i2p.router.version – [String] What version of I2P the router is running.</li>
+ <li>**i2p.router.net.bw.inbound.1s – [double] The 1 second average inbound bandwidth in Bps.</li>
+ <li>**i2p.router.net.bw.inbound.15s – [double] The 15 second average inbound bandwidth in Bps.</li>
+ <li>**i2p.router.net.bw.outbound.1s – [double] The 1 second average outbound bandwidth in Bps.</li>
+ <li>**i2p.router.net.bw.outbound.15s – [double] The 15 second average outbound bandwidth in Bps.</li>
+ <li>**i2p.router.net.status – [long] What the current network status is. According to the below enum:
+ <ul>
+ <li>0 – OK</li>
+ <li>1 – TESTING</li>
+ <li>2 – FIREWALLED</li>
+ <li>3 – HIDDEN</li>
+ <li>4 – WARN_FIREWALLED_AND_FAST</li>
+ <li>5 – WARN_FIREWALLED_AND_FLOODFILL</li>
+ <li>6 – WARN_FIREWALLED_WITH_INBOUND_TCP</li>
+ <li>7 – WARN_FIREWALLED_WITH_UDP_DISABLED</li>
+ <li>8 – ERROR_I2CP</li>
+ <li>9 – ERROR_CLOCK_SKEW</li>
+ <li>10 – ERROR_PRIVATE_TCP_ADDRESS</li>
+ <li>11 – ERROR_SYMMETRIC_NAT</li>
+ <li>12 – ERROR_UDP_PORT_IN_USE</li>
+ <li>13 – ERROR_NO_ACTIVE_PEERS_CHECK_CONNECTION_AND_FIREWALL</li>
+ <li>14 – ERROR_UDP_DISABLED_AND_TCP_UNSET</li>
+ </ul>
+ </li>
+ <li>**i2p.router.net.tunnels.participating – [long] How many tunnels on the I2P net are we participating in.</li>
+ <li>**i2p.router.netdb.activepeers – [long] How many peers have we communicated with recently.</li>
+ <li>**i2p.router.netdb.fastpeers &ndasg; [long] How many peers are considered 'fast'.</li>
+ <li>**i2p.router.netdb.highcapacitypeers – [long] How many peers are considered 'high capacity'.</li>
+ <li>**i2p.router.netdb.isreseeding – [boolean] Is the router reseeding hosts to its NetDB?</li>
+ <li>**i2p.router.netdb.knownpeers – [long] How many peers are known to us (listed in our NetDB).</li>
+ </ul>
+</ul>
+<ul>RouterManager – Manages I2P router restart/shutdown.
+ <ul>Request
+ <li>*Reseed – [n/a] Initiates a router reseed, fetching peers into our NetDB from a remote host.</li>
+ <li>*Restart – [n/a] Restarts the router.</li>
+ <li>*RestartGraceful – [n/a] Restarts the router gracefully (waits for participating tunnels to expire).</li>
+ <li>*Shutdown – [n/a] Shuts down the router.</li>
+ <li>*ShutdownGraceful – [n/a] Shuts down the router gracefully (waits for participating tunnels to expire).</li>
+ <li>Token – [String] Token used for authenticating the client. Is provided by the server via the 'Authenticate' RPC method.</li>
+ </ul>
+ <ul>Response
+ <li>**Reseed – [null] If requested, verifies that a reseed has been initiated.</li>
+ <li>**Restart – [null] If requested, verifies that a restart has been initiated.</li>
+ <li>**RestartGraceful – [null] If requested, verifies that a graceful restart has been initiated.</li>
+ <li>**Shutdown – [null] If requested, verifies that a shutdown has been initiated</li>
+ <li>**ShutdownGraceful – [null] If requested, verifies that a graceful shutdown has been initiated</li>
+ </ul>
+</ul>
+<ul>NetworkSetting – Fetches or sets various network related settings. Ports, addresses etc.
+ <ul>Request
+ <li>*i2p.router.net.ntcp.port – [String] What port is used for the TCP transport. If null is submitted, current setting will be returned.</li>
+ <li>*i2p.router.net.ntcp.hostname – [String] What hostname is used for the TCP transport. If null is submitted, current setting will be returned.</li>
+ <li>*i2p.router.net.ntcp.autoip – [String] Use automatically detected ip for TCP transport. If null is submitted, current setting will be returned.</li>
+ <li>*i2p.router.net.ssu.port – [String] What port is used for the UDP transport. If null is submitted, current setting will be returned.</li>
+ <li>*i2p.router.net.ssu.hostname – [String] What hostname is used for the UDP transport. If null is submitted, current setting will be returned.</li>
+ <li>*i2p.router.net.ssu.autoip – [String] Which methods should be used for detecting the ip address of the UDP transport. If null is submitted, current setting will be returned.</li>
+ <li>*i2p.router.net.ssu.detectedip – [null] What ip has been detected by the UDP transport.</li>
+ <li>*i2p.router.net.upnp – [String] Is UPNP enabled. If null is submitted, current setting will be returned.</li>
+ <li>*i2p.router.net.bw.share – [String] How many percent of bandwidth is usable for participating tunnels. If null is submitted, current setting will be returned.</li>
+ <li>*i2p.router.net.bw.in – [String] How many KB/s of inbound bandwidth is allowed. If null is submitted, current setting will be returned.</li>
+ <li>*i2p.router.net.bw.out – [String] How many KB/s of outbound bandwidth is allowed. If null is submitted, current setting will be returned.</li>
+ <li>*i2p.router.net.laptopmode – [String] Is laptop mode enabled (change router identity and UDP port when IP changes ). If null is submitted, current setting will be returned.</li>
+ <li>Token – [String] Token used for authenticating the client. Is provided by the server via the 'Authenticate' RPC method. If null is submitted, current setting will be returned.</li>
+ </ul>
+ <ul>Response
+ <li>**i2p.router.net.ntcp.port – [String] If requested, returns the port used for the TCP transport.</li>
+ <li>**i2p.router.net.ntcp.hostname – [String] If requested, returns the hostname used for the TCP transport.</li>
+ <li>**i2p.router.net.ntcp.autoip – [String] If requested, returns the method used for automatically detecting ip for the TCP transport.</li>
+ <li>**i2p.router.net.ssu.port – [String] If requested, returns the port used for the UDP transport.</li>
+ <li>**i2p.router.net.ssu.hostname – [String] If requested, returns the hostname used for the UDP transport.</li>
+ <li>**i2p.router.net.ssu.autoip – [String] If requested, returns methods used for detecting the ip address of the UDP transport.</li>
+ <li>**i2p.router.net.ssu.detectedip – [String] If requested, returns what ip has been detected by the UDP transport.</li>
+ <li>**i2p.router.net.upnp – [String] If requested, returns the UPNP setting.</li>
+ <li>**i2p.router.net.bw.share – [String] If requested, returns how many percent of bandwidth is usable for participating tunnels.</li>
+ <li>**i2p.router.net.bw.in – [String] If requested, returns how many KB/s of inbound bandwidth is allowed.</li>
+ <li>**i2p.router.net.bw.out – [String] If requested, returns how many KB/s of outbound bandwidth is allowed.</li>
+ <li>**i2p.router.net.laptopmode – [String] If requested, returns the laptop mode.</li>
+ <li>SettingsSaved – [boolean] Have the provided settings been saved.</li>
+ <li>RestartNeeded – [boolean] Is a restart needed for the new settings to be used.</li>
+ </ul>
+</ul>
+<p>* denotes an optional value.</p>
+<p>** denotes a possibly occuring return value</p>
+
+<h3>Error codes</h3>
+<ul>Standard JSON-RPC2 error codes.
+ <li>-32700 – JSON parse error.</li>
+ <li>-32600 – Invalid request.</li>
+ <li>-32601 – Method not found.</li>
+ <li>-32603 – Internal error.</li>
+</ul>
+<ul>I2PControl specific error codes.
+ <li>-32001 – Invalid password provided.</li>
+ <li>-32002 – No authentication token presented.</li>
+ <li>-32003 – Authentication token doesn't exist.</li>
+ <li>-32004 – The provided authentication token was expired and will be removed.</li>
+ <li>-32005 – The version of the I2PControl API used wasn't specified, but is required to be specified.</li>
+ <li>-32006 – The version of the I2PControl API specified is not supported by I2PControl.</li>
+</ul>
+
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/i2ptunnel.html b/www.i2p2/pages/i2ptunnel.html
index 4d7a60ee5d9ae35a94b4eb0d2127dfe2b74864df..643796f48a6ba338353c269e43def0c4c95e61a8 100644
--- a/www.i2p2/pages/i2ptunnel.html
+++ b/www.i2p2/pages/i2ptunnel.html
@@ -1,85 +1,141 @@
{% extends "_layout.html" %}
{% block title %}i2ptunnel{% endblock %}
-{% block content %}Below is quick copy of aum's eepsite deployment guide.
-<br />
-<br />
+{% block content %}Description of i2ptunnel and tunneling modes
-<ol>
-<li><strong>Deploy a local server</strong>
-<ul>
-<li>For simplicity's sake, we will walk through the setup of a web server; however, this procedure is the same regardless what protocol of servers and/or clients you are setting up.</li>
-<li>I recommend the Tiny Httpd web server , thttpd, (windows version available on site) although you can use anything that you feel comfortable with.</li>
-<li>With the web server you've chosen, configure it to listen on a port of your choice, and serve its documents from a directory of your choice. For this example, we'll assume port 10880.</li>
-<li>Make sure your firewall is set up so that you cannot receive incoming connections on this port (which would breach your anonymity).</li>
-<li>Test the webserver, by pointing your normal browser (the one with the "direct connection") at <a href="http://localhost:10880" target="_blank">http://localhost:10880</a> (changing the 10880 to the port number you have chosen).</li>
-<li>Once your webserver is working, and you can access it locally with your browser, continue to the next step.</li>
-</ul></li>
-
-<li><strong>Open a 'Tunnel' from I2P To Your Server</strong>
+default services
+client modes
+serrver modes
+
+<h1>I2PTunnel</h1>
+<h2 id="overview">Overview</h2>
+<p>
+I2PTunnel is a tool for interfacing with and providing services on I2P.
+Destination of an I2PTunnel can be defined using a <a href="naming.html">hostname</a>,
+<a href="naming.html#base32">Base32</a>, or a full 516-byte destination key.
+An established I2PTunnel will be available on your client machine as localhost:port.
+If you wish to provide a service on I2P network, you simply create I2PTunnel to the
+appropriate ip_address:port. A corresponding 516-byte destination key will be generated
+for the service and it will become avaliable throughout I2P.
+A web interface for I2PTunnel management is avaliable on
+<a href="http://localhost:7657/i2ptunnel/">localhost:7657/i2ptunnel/</a>.
+</p>
+
+<br>
+<h2 id="default-services">Default Services</h2>
+<h3 id="default-server-tunnels">Server tunnels</h3>
<ul>
-<li>I2P does not deal in IP addresses. To protect your anonymity, it deals in unique addresses called destination keys.</li>
-<li>A destination key works a lot like a regular IP address, except that it can't be traced to your IP address or physical location. When users place a request to speak with you, your gateways are the ones that answer for you. So the requesting user can only know the IP address of your gateways. However, gateways don't know your IP address, because gateways are the last nodes on your tunnels, and you anonymously create tunnels by way of garlic routing. (So gateways are like puppets that can't see their masters, and everyone communicates through these puppets)</li>
-<li>To deploy a server on I2P, you create a destination keypair. You use the private key to authenticate your server when connecting it to I2P, and you make the public key (aka destination key) known publicly, so others can connect to your server. (indirectly, through your gateways)</li>
-<li>Each service you run on I2P requires a different keypair.</li>
-<li>The next steps will include the creation of your keypair.</li>
-<li>For clients elsewhere in I2P to be able to access your server, you must run a 'bridge' or 'tunnel', which takes connections from these clients and forwards them to your local server</li>
-<li>To activate such a tunnel, fire up your browser and open <a href="http://localhost:7657/i2ptunnel/">http://localhost:7657/i2ptunnel/</a></li>
-<li>Here you'll see a list of active and non-active tunnels already set up for you, there is the eepProxy, which all sites in I2P use, ircProxy, which is the tunnel that irc.duck.i2p uses, cvs.i2p, which is a way to view and edit (for those who have access) the cvs of i2p with a special kind of program. Under that list there is a line of buttons which do not interest us right now and under that button line there's a line with a drop down menu and a button which says: "GO".</li>
-<li>Click on the drop down menu and choose "Server tunnel", then press "GO".</li>
-<li>Now you will configure your server tunnel which will communicate your web server to the I2P network.</li>
-<li><q>Name: server 80</q><br />the name your server tunnel will be called on the tunnel list.</li>
-<li><q>Description: server 80</q><br />same as above, the description on the tunnel list.</li>
-<li><q>Type: Server tunnel</q><br />This is unchangeable because it's exactly what we want to make, a web server tunnel, so leave it as it is. ;-)</li>
-<li><q>Target host: localhost</q><br />Here is the web server's address</li>
-<li><q>Target port: 10880</q><br />This is the port your web server listens on which we've talked about before.</li>
-<li><q>Private key file: myServer.privKey</q><br />Here you'll write the name of your server's private key, after you'll create the tunnel it will tell you what's your public key.</li>
-<li><q>Tunnel depth: [0, 1 or 2]</q><br />This will tell I2P how many routers there will be connected in a line (router-1 -> router-2 ... ). The higher: slower and more anonymous; the lower: the faster and less anonymous. Read more about it in this <a href="how_tunnelrouting">tunnel routing document</a>.</li>
-<li><q>Tunnel count: [1, 2 or 3]</q><br />The higher the number, higher reliability, bigger bandwidth; the lower, lower reliability, smaller bandwidth - experiment.</li>
-<li><q>I2CP host: localhost</q>This address is where the tunnel talks to I2P server.</li>
-<li><q>I2CP port: 7654</q> The port of the address</li>
-<li><q>Other custom options: [leave blank]</q><br />Other options we don't care about.</li>
-<li><q>Start automatically? [left click to check]</q><br />Will the tunnel start automatically when I2P starts?</li>
-<li><q>Left click: Save</q> Click here when you're done to create the tunnel.</li>
-<li>Copy the destination key and save it, people who'll want to read your site will need it.</li>
-<li>If you did not check "Start automatically", you should go back to the tunnel list page and start it manually. Click "back" on the top of the page and click on "start" when you get to the tunnel list page.</li>
-<li>Within a few seconds, the 'tunnel' should now be active, and remote clients should be able to reach your server anonymously. Remember to let your router "warm up" before opening clients to it.</li>
-</ul></li>
-
-<li><strong>Update Your hosts.txt File</strong>
+<li><b>I2P Webserver</b> - A tunnel pointed to a Jetty webserver run
+ on <a href="http://localhost:7658">localhost:7658</a> for convenient and quick hosting on I2P.
+<br>The document root is:
+<br><b>Unix</b> - %APPDATA%\I2P\eepsite\docroot
+<br><b>Windows</b> - C:\Users\**username**\AppData\Roaming\I2P\eepsite\docroot
+</li>
+</ul>
+<h3 id="default-client-tunnels">Client tunnels</h3>
<ul>
-<li>To test your own server locally, you'll need to create an entry in your hosts.txt file, so I2P can translate the simple URL you place in the browser's address bar into the full public key text needed to find your server.</li>
-<li>Edit your hosts.txt, and add the line myserver.i2p=blahblahblah, where myserver.i2p is an I2P 'domain' you want to associate with your site, and the blahblahblah is the text of the base64 public key you created earlier in the file myWebPubKey.txt</li>
-<li>With this in place, you and others can reach your server with the simple domain name myserver.i2p in the browser's address bar.</li>
-</ul></li>
+<li><b>I2P HTTP Proxy</b> - <i>localhost:4444</i></a> - A HTTP proxy used for browsing I2P and the regular internet anonymously through I2P.
+Browsing internet through I2P uses a random proxy specified by the "Outproxies:" option.
+</li>
+<li><b>IRC Proxy</b> - <i>localhost:6668</i> - A IRC proxy to the default anonymous IRC-servers.</li>
+<li><b>mtn.i2p2.i2p</b> - <i>localhost:8998</i> - The anonymous <a href="http://en.wikipedia.org/wiki/Monotone_%28software%29">monotone</a>
+ sourcecode repository for I2P
+</li>
+<li><b>smtp.postman.i2p</b> - <i>localhost:7659</i> - A SMTP service provided by postman at
+ <a href="http://hq.postman.i2p/?page_id=16">hq.postman.i2p</a>
+ (<a href="http://hq.postman.i2p.to/?page_id=16">via inproxy</a>)
+</li>
+<li><b>pop3.postman.i2p</b> - <i>localhost:7660</i> - The accompanying POP sevice of postman at
+ <a href="http://hq.postman.i2p/?page_id=16">hq.postman.i2p</a>
+ (<a href="http://hq.postman.i2p.to/?page_id=16">via inproxy</a>)
+</ul>
-<li><strong>Surf Your Site Within I2P</strong><ul><li>Using your secondary browser - the one you earlier configured to use localhost:4444 as a proxy - point this browser to the address <a href="http://myserver.i2p" target="_blank">http://myserver.i2p</a></li>
-<li>You should see the main page of your webserver come up.</li>
-</ul></li>
+<br>
+<h2 id="client-modes">Client Modes</h2>
+<h3 id="client-modes-standard">Standard</h3>
+Opens a local TCP port that connects to a service (like HTTP, FTP or SMTP) on a destination inside of I2P.
+The tunnel is directed to a random host from the comma seperated (", ") list of destinations.
-<li><strong>Create a Local Client Tunnel Connection</strong>
+<br>
+<h3 id="client-mode-http">HTTP</h3>
+<p>A HTTP-client tunnel. The tunnel connects to the destination specified by the URL
+ in a HTTP request. Supports proxying onto internet if an outproxy is provided. Strips HTTP connections of the following headers:
+</p>
+<ul>
+<li><b>Accept, Accept-Charset, Accept-Encoding, Accept-Language
+ and Accept-Ranges</b> as they vary greatly between browsers and can be used as an identifier.
+</li>
+<li><b>Referer:</b></li>
+<li><b>Via:</b></li>
+<li><b>From:</b></li>
+</ul>
+<p>
+HTTP client/server tunnels are via I2Ptunnel force-enabling compression via the following http headers:
<ul>
-<li>We now have to think beyond just web servers.</li>
-<li>As you grow into I2P and get more of a 'feel' for it, you will want to use all manner of servers and clients.</li>
-<li>The beauty of I2P is that it allows standard Internet clients and servers for most protocols to be transparently 'tunneled' through the anonymous network.</li>
-<li>You can run mailservers/clients, newsservers/clients - almost anything at all.</li>
-<li>Now, we'll create a client tunnel. This is like the server tunnel we created earlier, but works in reverse. It listens to a port on your local machine; your local client connects to this port; the connection gets forwarded through I2P to the service on the other end.</li>
-<li>To open your client tunnel for your server, type the command java -jar lib/i2ptunnel.jar -nogui -e "config localhost 7654" -e "client 10888 textofbase64key" (all one line).</li>
-<li>The port 10888 is arbitrary - it just needs to be something other than the physical port your server is listening on.</li>
-<li>textofbase64key is simply the contents of the public key text file myWebPubKey.txt, reproduced fully on one line (alternately, instead of textofbase64key, you can specify the name from your hosts.txt - e.g. myserver.i2p)</li>
-<li>Within a minute or two of launching this command, the client tunnel from your local machine into I2P will be open and ready for use.</li>
-<li>Point your regular web browser (ie, not the one you configured to use localhost:4444), and point it to <a href="http://localhost:10888" target="_blank">http://localhost:10888</a></li>
-<li>Verify that the mainpage of your server eventually comes up in your browser.</li>
-<li>You use the same procedure for using any local client program to access a remote I2P server - just get the base64 public key (called destination key) of the remote server, choose a local port to connect to the remote server, open the tunnel, and just connect with your client to your heart's content.</li>
-</ul></li>
-
-<li><strong>Share your server details with others</strong>
+<li><b>Accept-Encoding: </b></li>
+<li><b>X-Accept-Encoding: </b> x-i2p-gzip;q=1.0, identity;q=0.5, deflate;q=0, gzip;q=0, *;q=0</li>
+</ul>
+<p>
+Depending on if the tunnel is using an outproxy or not it will append the following User-Agent:
+</p>
<ul>
-<li>Using an anonymous medium (eg the one of the I2P IRC servers or ugha's wiki), post your domain name (eg <a href="http://www.mynick.i2p" target="_blank">www.mynick.i2p</a> as well as your destination key. Others will then be able to reach your server remotely, without either of you jeopardizing your anonymity.</li>
-<li>Remember, you can go to What's on I2P and find the latest public keys linked to their URL. You should also post your own public key and URL their. However, you will want to do this anonymously, of course. Drupal.i2p.net is currently, as of this writing, only accessible from the net. So, to access the outside WWW anonymously from inside of I2P, you will need to start up your script called startSquid. Do it the same way you have been doing these other scripts. Reconfigure your browser to proxy on localhost:5555, as defined in the script, and when the script has generated it's keys, you can access the squid proxy. Put any WWW URL (such as Google or this i2p site) into your browser's address bar and you will be surfing the World Wide Web anonymously. Now you can safely post your public key, and no one can detect your IP address.</li>
-<li>Aum's website <a href="http://www.freenet.org.nz/i2p/" target="_blank">http://www.freenet.org.nz/i2p/</a> has a script called setupServer.py which automates all this nonsense into one simple command line . But I respect that people's tastes in user interfaces differ, and trying to write something which satisfies everyone's needs usually results in something so complex that it turns into newbie-repellent.</li>
-<li>So please feel free to use and/or customize setupServer.py to taste, or write your own in Python or another language.</li>
-<li>Also, you may want to write a script which handles the startup of the I2P Router, the eepProxy, plus any and all tunnels you are using. I've got such a script called startEverything.sh, which gets launched at system startup. (Be sure to search this site for template scripts to automate your I2P commands. If I create a page for one, I'll try to remember to link it here.</li>
-<li>Exercise for Windows users - port setupServer.py into a MS-DOS .BAT file.</li>
-</ul></li>
-</ol>
+<li><i>Outproxy: </i><b>User-Agent:</b> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6</li>
+<li><i>Internal I2P use: </i><b>User-Agent:</b> MYOB/6.66 (AN/ON)</li>
+</ul>
+</p>
+
+<h3 id="client-mode-irc">IRC</h3>
+Creates a connection to a random IRC server specified by the comma seprated (", ")
+list of destinations. Only a whitelisted subset of IRC commands are allowed due to anonymity concerns.
+<br>Whitelist:
+<ul>
+<li>MODE</li>
+<li>JOIN</li>
+<li>NICK</li>
+<li>QUIT</li>
+<li>PART</li>
+<li>WALLOPS</li>
+<li>ERROR</li>
+<li>KICK</li>
+<li>H</li>
+<li>TOPIC</li>
+</ul>
+
+<h3 id="client-mode-socks">SOCKS 4/4a/5</h3>
+Enables using the I2P router as a SOCKS proxy.
+
+<h3 id="client-mode-socks-irc">SOCKS IRC</h3>
+Enables using the I2P router as a SOCKS proxy with the command whitelist specified by
+ <a href="#client-mode-irc">IRC</a> client mode.
+
+<h3 id="client-mode-connect">CONNECT</h3>
+Creates a HTTP tunnel and uses the HTTP request method "CONNECT"
+to build a TCP tunnel that usually is used for SSL and HTTPS.
+
+<h3 id="client-mode-streamr">Streamr</h3>
+Creates a UDP-server attached to a Streamr client I2PTunnel. The streamr client tunnel will
+subscribe to a streamr server tunnel.
+<br>
+<img src="_static/images/I2PTunnel-streamr.png">
+
+
+<br>
+<h2 id="server-modes">Server Modes</h2>
+<h3 id="server-mode-standard">Standard</h3>
+Creates a destination to a local ip:port with an open TCP port.
+
+<h3 id="server-mode-http">HTTP</h3>
+Creates a destination to a local HTTP server ip:port. Supports gzip for requests with
+Accept-encoding: x-i2p-gzip, replies with Content-encoding: x-i2p-gzip in such a request.
+
+<h3 id="server-mode-http-bidir">HTTP Bidirectional</h3>
+Functions as both a I2PTunnel HTTP Server, and a I2PTunnel HTTP client with no outproxying
+ capabilities. An example application would be a web application that does client-type
+ requests, or loopback-testing an eepsite as a diagnostic tool.
+
+<h3 id="server-mode-irc">IRC</h3>
+Creates a destination that filters the reqistration sequence of a client and passes
+the clients destination key as a hostname to the IRC-server.
+
+<h3 id="server-mode-streamr">Streamr</h3>
+A UDP-client that connects to a media server is created. The UDP-Client is coupled with a Streamr server I2PTunnel.
{% endblock %}
\ No newline at end of file
diff --git a/www.i2p2/pages/index_ar.html b/www.i2p2/pages/index_ar.html
new file mode 100644
index 0000000000000000000000000000000000000000..d5b71a64f8715c5aa7410cf2b4468cae47b4f21b
--- /dev/null
+++ b/www.i2p2/pages/index_ar.html
@@ -0,0 +1,63 @@
+{% extends "_layout_ar.html" %}
+{% block title %}I2P شبكة التخÙÙŠ{% endblock %}
+{% block content %}
+<table cellspacing="10" class="announce"><tr class="announce"><td valign="top" class="announce">
+<div class="version">
+<b>الإصدار الأØدث</b><div class=underline></div>
+2012-07-30 - <strong>I2P 0.9.1</strong> - {{ urlify("release-0.9.1", "Announcement", "html")}}
+- <a href="download">تØميل</a><br /><div class="underline"></div>
+2007-09-28 - <strong>Syndie 1.101a</strong> -
+<!-- <a href="http://dev.i2p.net/pipermail/i2p/2007-September/001355.html">Announcement</a> -->
+- <a href="http://syndie.i2p2.de/download.html">Download</a>
+</div>
+<div class="news" >
+<b>Ø£Øدث الأخبار :</b><div class=underline></div>
+2012-07-30 - I2P 0.9.1 <a href="release-0.9.1.html">تمّ اطلاق النسخة</a> <br />
+2012-05-02 - I2P 0.9 <a href="release-0.9.html">تمّ اطلاق النسخة</a> <br />
+2012-02-27 - I2P 0.8.13 <a href="release-0.8.13.html">تمّ اطلاق النسخة</a> <br />
+2012-01-06 - I2P 0.8.12 <a href="release-0.8.12.html">تمّ اطلاق النسخة</a> <br />
+</div>
+<!--
+<td>
+<a href="download"><img src="/_static/images/logo07c.jpg" alt="0.7 logo" border="none"/></a> -->
+</table>
+<div class="underline"></div>
+<p>I2P هي شبكة تخÙÙŠ تؤمن طبقة يمكن أن تستخدمها التطبيقات الØساسة بالنسبة للهوية الشخصية للاتصال بشكل آمن Øيث تغطى جميع البيانات بعدة مستويات من التشÙير إضاÙةً لكون الشبكة موزعة Ùˆ ديناميكية بنÙس الوقت بدون الاعتماد على أطرا٠موثوقة</p>
+
+<p>
+تتواÙر العديد من التطبيقات التي تتخاطب مع I2P Ùˆ تشمل البريد الالكتروني ØŒ تطبيقات الندّ للندّ ØŒ Ù…Øادثة IRC Ùˆ غيرها
+<!--
+</p><p>
+I2P is growing fast! There were nine releases in 2009, and traffic grew by a factor of 5:
+</p>
+<center>
+<img src="/_static/images/bandwidth2009.png" alt="2009 bandwidth" />
+</center>
+-->
+
+<p>
+تمّ البدء بمشروع I2P ÙÙŠ العام 2003 لدعم جهود كل من ÙŠØاول بناء المجتمع الØرّ Ùˆ ذلك من خلال تأمين نظام تواصل Ø®Ùيّ ØŒ غير قابل للمراقبة Ùˆ آمن.
+I2P هي نتاج جهود تضاÙرت لإنتاج شبكة قليلة التأخير ،موزعة بشكل كامل ،مستقلة ،خÙيّة ،مرنة Ùˆ آمنة. الهد٠هو العمل Ø¨Ù†Ø¬Ø§Ø Ø¶Ù…Ù† بيئة معادية بالرغم من كون موارد المنظمة المالية او السياسية تØت الهجوم .
+كل ما يتعلق بهذه الشبكة Ù…ÙØªÙˆØ Ø§Ù„Ù…ØµØ¯Ø± Ùˆ متوÙر بدون أي تكلÙØ© Ùˆ هذا ما يضمن لمن يستخدمه أن هذه الشبكة تؤدي ما تدعيه ØŒ بالإضاÙØ© الى تمكين الآخرين من المشاركة ÙÙŠ تطويرها ÙÙŠ مواجهة المØاولات العدوانية لخنق الكلمة الØرة.</p>
+
+<p>
+التخÙÙŠ ليس شيئاً Øديّاً، بمعنى أننا لا Ù†Øاول أن نصنع شيئاً "Ø®Ùياً بالكامل" ØŒ Ùˆ لكن نعمل على أن نجعل الهجمات أكثر Ùˆ أكثر تكلÙةً لمن يريد أن يشنها.
+I2P هي مزيج من الشبكات قليلة التأخير Ùˆ هناك Øدود للتخÙÙŠ الموÙر بواسطة نظام كهذا ØŒ ولكن تطبيقات مثل <a href="http://syndie.i2p2.de/">Syndie</a> ØŒ I2P mail Ùˆ I2PSnark توسع هذا النظام Ùˆ توÙر المزيد من الوظائ٠إضاÙية Ùˆ الØماية .
+</p>
+
+<p>
+ما تزال I2P عملاً قيد الإنجاز لا يجب أن يعتمد عليه ÙÙŠ الوقت الراهن ÙÙŠ التخÙÙŠ بشكل "مضمون" Ùˆ ذلك بسبب Øجم الشبكة الصغير نسبياً وقلة المراجعة الأكاديمية المتوسعة.
+كما لا تعتبر Øالياً منيعةً ضد الهجمات من قبل أشخاص بموارد غير Ù…Øدودة Ùˆ قد لاتكون أبداً كذلك، تبعاً للمØدوديات الموروثة من كونها مزيج من الشبكات قليلة التأخير .
+</p>
+
+<p>
+تعمل I2P عن طريق توجيه سير البيانات عبر أطرا٠آخرين كما يظهر ÙÙŠ الصورة التالية.
+سير البيانات مشÙر ÙÙŠ مسيرها من الطر٠Øتى الطرÙ.
+لمعلومات أكثر عن عمل I2P انظر الرابط
+<a href="how_intro">المقدمة</a>.
+</p>
+<div class="box" style="text-align:center;">
+<img src="/_static/images/endToEndEncryption.png" alt="end to end layered encryption" />
+</div>
+
+{% endblock %}
diff --git a/www.i2p2/pages/index_cs.html b/www.i2p2/pages/index_cs.html
new file mode 100644
index 0000000000000000000000000000000000000000..bef586b9c29b231a24d68f8bab3be273f96c003a
--- /dev/null
+++ b/www.i2p2/pages/index_cs.html
@@ -0,0 +1,73 @@
+{% extends "_layout_cs.html" %}
+{% block title %}Anonymnà sÃÅ¥ I2P{% endblock %}
+{% block content %}
+<table cellspacing="10" class="announce"><tr class="announce"><td valign="top" class="announce">
+<div class="version">
+<b>Aktuálnà verze:</b>
+<div class="underline"></div>
+2012-07-30 - <strong>I2P 0.9.1</strong> - {{ urlify("release-0.9.1", "Poznámky k vydánÃ", "html")}}
+- <a href="download">Stáhnout</a>
+<br /><div class="underline"></div>
+2007-09-28 - <strong>Syndie 1.101a</strong> -
+<!-- <a href="http://dev.i2p.net/pipermail/i2p/2007-September/001355.html">Poznámky k vydánÃ</a> -->
+- <a href="http://syndie.i2p2.de/download.html">Stáhnout</a>
+</div>
+<div class="news">
+<b>Novinky:</b><div class=underline></div>
+2012-07-30 - I2P 0.9.1 <a href="release-0.9.1.html">VydánÃ</a><br />
+2012-05-02 - I2P 0.9 <a href="release-0.9.html">VydánÃ</a><br />
+2012-02-27 - I2P 0.8.13 <a href="release-0.8.13.html">VydánÃ</a><br />
+2012-01-06 - I2P 0.8.12 <a href="release-0.8.12.html">VydánÃ</a><br />
+</div>
+<!--
+<td>
+<a href="download"><img src="/_static/images/logo07c.jpg" alt="0.7 logo" border="none"/></a> -->
+</table>
+<div class="underline"></div>
+<p>
+I2P je anonymizaÄnà sÃÅ¥, která nabÃzà jednoduchou aplikaÄnà vrstvu pro bezpeÄnou komunikaci
+s utajenÃm totožnosti. VÅ¡echna pÅ™enášená data jsou nÄ›kolikanásobnÄ› zaÅ¡ifrována. Celá sÃÅ¥ je
+distribuovaná a dynamická a žádná strana nenà považována za důvěryhodnou.
+</p><p>
+Existuje celá Å™ada aplikacÃ, které mohou komunikovat pÅ™es I2P sÃÅ¥,
+vÄetnÄ› e-mailu, P2P, IRC chatu a dalÅ¡Ãch.
+<!--
+</p><p>
+I2P sÃÅ¥ roste rychle. V roce 2009 bylo uvolnÄ›no devÄ›t nových verzà a objem pÅ™enášených dat
+vzrostl pětinásobně:
+</p>
+<center>
+<img src="/_static/images/bandwidth2009.png" alt="Objem přenášených dat v roce 2009" />
+</center>
+-->
+
+<p>
+Projekt I2P vzniknul v roce 2003, aby podpoÅ™il snahy tÄ›ch, kteřà se pokouÅ¡Ã budovat svobodnÄ›jÅ¡Ã
+spoleÄnost poskytovánÃm necenzurovatelného, anonymnÃho a bezpeÄného komunikaÄnÃho systému. I2P
+je výzkumným projektem, jehož výsledkem je plnÄ› distribuovaná, autonomnÃ, Å¡kálovatelná, anonymnÃ,
+odolná a bezpeÄná sÃÅ¥ s nÃzkým zpoždÄ›nÃm. CÃlem je úspěšný provoz v nepřátelském prostÅ™edÃ, a to
+i v pÅ™ÃpadÄ› napadenà organizacà se znaÄnými finanÄnÃmi a politickými prostÅ™edky. VÅ¡echny prvky
+sÃtÄ› jsou k dispozici ve formÄ› otevÅ™eného zdrojového kódu a zcela zdarma. Obojà by mÄ›lo uživatelům
+sÃtÄ› dodat jistoty v tom, že software dÄ›lá to, co tvrdÃ. Také to vÅ¡em umožňuje pÅ™ispÃvat a kód
+vylepÅ¡ovat, a odrážet tak agresivnà pokusy o potlaÄenà svobody projevu.
+</p><p>
+Anonymita nenà booleovská hodnota, zapnuto/vypnuto - nesnažÃme se nÄ›co uÄinit "dokonale anonymnÃm".
+NamÃsto toho pracujeme na tom, aby útoky na anonymitu byly ÄÃm dál tÃm nákladnÄ›jÅ¡Ã. I2P je mixujÃcÃ
+sÃtà s nÃzkým zpoždÄ›nÃm (low latency mix network) a anonymita, kterou takový systém poskytuje má
+svá omezenÃ. Aplikace, které skrze tuto sÃÅ¥ komunikujÃ, jako jsou
+<a href="http://syndie.i2p2.de/">Syndie</a>, I2P mail a I2PSnark, vÅ¡ak poskytujà dalÅ¡Ã funkÄnost
+a ochranu.
+</p><p>
+SÃÅ¥ I2P nenà dokonÄená. ZatÃm se na ni nelze spoléhat pro "zaruÄenou" anonymitu. SÃÅ¥ je dosud
+pomÄ›rnÄ› malá a postrádá zevrubné akademické posouzenÃ. Nenà odolná proti útokům s neomezenými
+prostÅ™edky, a dÃky inherentnÃm omezenÃm mixujÃcÃch sÃtà s nÃzkým zpoždÄ›nÃm asi nikdy nebude.
+</p><p>
+SÃÅ¥ I2P pÅ™enášà data prostÅ™ednictvÃm ostatnÃch rovnocenných uzlů (peers), jak ukazuje následujÃcÃ
+obrázek. VÅ¡echna data jsou Å¡ifrována po celou dobu pÅ™enosu. VÃce informacà o tom, jak sÃÅ¥ funguje
+naleznete v <a href="how_intro">úvodu</a>.
+</p>
+<div class="box" style="text-align:center;">
+<img src="/_static/images/endToEndEncryption.png" alt="end to end layered encryption" />
+</div>
+
+{% endblock %}
diff --git a/www.i2p2/pages/index_de.html b/www.i2p2/pages/index_de.html
index 90060b7f433d7f67c66d94e05218867cf1bf020f..985281e16a5e4bc2af9178059c5d331c74693014 100644
--- a/www.i2p2/pages/index_de.html
+++ b/www.i2p2/pages/index_de.html
@@ -5,7 +5,7 @@
<div class="version">
<b>Aktuellste Version:</b>
<div class="underline"></div>
-2010-07-12 - <strong>I2P 0.8</strong> - {{ urlify("release-0.8", "Ankündigung", "html")}}
+2012-07-30 - <strong>I2P 0.9.1</strong> - {{ urlify("release-0.9.1", "Ankündigung", "html")}}
- <a href="download_de.html">Download</a>
<div class="underline"></div>
2007-09-28 - <strong>Syndie 1.101a</strong> -
@@ -13,50 +13,40 @@
- <a href="http://syndie.i2p2.de/download.html">Download</a>
</div>
<div class="news"><strong>Letzte Neuigkeiten:</strong><div class="underline"></div>
-2010-07-12 - I2P 0.8
-<a href="release-0.8.html">Publiziert</a>
-<br />
-2010-06-07 - I2P 0.7.14
-<a href="release-0.7.14.html">Publiziert</a>
-<br />
-2010-04-27 - I2P 0.7.13
-<a href="release-0.7.13.html">Publiziert</a>
-<br />
-2010-03-15 - I2P 0.7.12
-<a href="release-0.7.12.html">Publiziert</a>
-<br /></div>
+2012-07-30 - I2P 0.9.1 <a href="release-0.9.1.html">veröffentlicht</a><br />
+2012-05-02 - I2P 0.9 <a href="release-0.9.html">veröffentlicht</a><br />
+2012-02-27 - I2P 0.8.13 <a href="release-0.8.13.html">veröffentlicht</a><br />
+2012-01-06 - I2P 0.8.12 <a href="release-0.8.12.html">veröffentlicht</a><br />
+</div>
<!--
<td>
<a href="download"><img src="/_static/images/logo07c.jpg" alt="0.7 logo" border="none"/></a> -->
</table>
<div class="underline"></div>
-<p>I2P ist ein anonymisierendes Netzwerk, welches identitätskritischen Anwendungen eine einfache
-Schicht zum sicheren Kommunizieren anbietet. Alle Daten sind in mehreren Stufen verschlüsselt
-und das Netzwerk ist sowohl verteilt als auch dynamisch, ohne vertraute Partei.</p>
+<p>I2P ist ein anonymisierendes Netzwerk, welches identitätskritischen Anwendungen eine einfache
+Schicht zur sicheren Kommunikation bietet. Alle Daten sind in mehreren Schritten verschlüsselt
+und das Netzwerk ist sowohl verteilt als auch dynamisch, ohne vertraute Parteien.</p>
<p>
-Es existieren viele Anwendungen, die mit I2P zusammenarbeiten, unter anderem EMail, P2P
-und IRC chatten.
+Es existieren viele Anwendungen, die mit über I2P laufen, unter anderem EMail, P2P
+und IRC.
</p>
-<p>Anonymität ist nicht binär, wir versuchen nicht etwas absolut anonymes zu erstellen, stattdessen
-arbeiten wir daran, Angriffe auf das Netz immer schwerer und schwerer zu machen. I2P an sich ist
-das, was man ein "Mixnetzwerk mit geringer Latenz" nennen kann und es gibt Grenzen für die Anonymität,
-die solch ein System bieten kann. Jedoch versuchen die darauf aufbauenden Applikationen wie <a href="http://syndie.i2p2.de/">Syndie</a>, I2P Mail und
-I2PSnark es zu erweitern um mehr Funktionalität und Sicherheit zu bieten.</p>
+<p>Anonymität ist nicht binär - wir versuchen nicht, etwas absolut anonymes zu erstellen. Stattdessen
+arbeiten wir daran, Angriffe auf das Netz immer schwerer zu machen. I2P an sich ist
+das, was man ein "Mixnetzwerk mit geringer Latenz" nennen kann, und es gibt Grenzen für die Anonymität,
+die ein solches System bieten kann. Jedoch versuchen die darauf aufbauenden Applikationen wie <a href="http://syndie.i2p2.de/">Syndie</a>, die beiden EMail-Systeme in I2P und
+I2PSnark, es zu erweitern, um mehr Funktionalität und Sicherheit zu bieten.</p>
<p>I2P ist noch nicht fertig und sollte vor der Version 1.0 nur zum Testen oder zum Entwicklen
genutzt werden.
</p>
<p>
-I2P basiert darauf, dass es Daten über andere Knoten leitet, wie es in folgendem Bild dargestellt
-wird. Für Information zur Arbeitsweise von I2P, schaue in die <a href="how_intro_de">Einleitung</a>.
-</p><p>
-<center>
-<div class="box">
+I2P basiert darauf, dass es Daten über andere Knoten leitet, wie es in folgendem Bild dargestellt
+ist. Dabei sind alle Daten Ende-zu-Ende-verschlüsselt. Für weitere Informationen zur Arbeitsweise von I2P, schau bitte in die <a href="how_intro_de">Einleitung</a>.
+</p>
+<div class="box" style="text-align:center;">
<img src="/_static/images/endToEndEncryption.png" alt="end to end layered encryption" />
</div>
-</center>
-</p>
{% endblock %}
diff --git a/www.i2p2/pages/index_es.html b/www.i2p2/pages/index_es.html
new file mode 100644
index 0000000000000000000000000000000000000000..d540ed15ebf45fd0d29a8aac30563d4ce97d296b
--- /dev/null
+++ b/www.i2p2/pages/index_es.html
@@ -0,0 +1,54 @@
+{% extends "_layout_es.html" %}
+{% block title %}Red anónima I2P{% endblock %}
+{% block content %}
+<table cellspacing="10" class="announce"><tr class="announce"><td valign="top" class="announce">
+<div class="version">
+<b>Versión actual:</b>
+<div class="underline"></div>
+2012-07-30 - <strong>I2P 0.9.1</strong> - {{ urlify("release-0.9.1", "Anunciación", "html")}}
+- <a href="download_es.html">Descarga</a>
+<div class="underline"></div>
+2007-09-28 - <strong>Syndie 1.101a</strong> -
+<!-- <a href="http://dev.i2p.net/pipermail/i2p/2007-September/001355.html">Anunciación</a> -->
+- <a href="http://syndie.i2p2.de/download.html">Descarga</a>
+</div>
+<div class="news"><strong>Novedades:</strong><div class="underline"></div>
+2012-07-30 - I2P 0.9.1 <a href="release-0.9.1.html">publicada</a><br />
+2012-05-02 - I2P 0.9 <a href="release-0.9.html">publicada</a><br />
+2012-02-27 - I2P 0.8.13 <a href="release-0.8.13.html">publicada</a><br />
+2012-01-06 - I2P 0.8.12 <a href="release-0.8.12.html">publicada</a><br />
+</div>
+<!--
+<td>
+<a href="download"><img src="/_static/images/logo07c.jpg" alt="0.7 logo" border="none"/></a> -->
+</table>
+<div class="underline"></div>
+<p>I2P es una red anónima, que ofrece a las aplicaciones que requieren de protección de identidad
+una simple capa para la comunicación segura. Todos los datos son cifrados varias veces y la red misma
+es tanto distribuida como dinámica - sin parte ninguna en la que haya que confiar.</p>
+
+<p>
+Hay una gran variedad de aplicaciones que funcionan con I2P, entre ellos dos sistemas de correo electrónico (el clásico, basado en servidores y clientes: SusiMail; y el otro basado en tecnologÃa p2p: <a href="http://i2pbote.i2p/">I2P-Bote</a>), intercambio de ficheros (sistemas BitTorrent, Kad y Gnutella), mensajerÃa instantánea, creación de sitios web anónimos en I2P, IRC y otros.
+</p>
+
+<p>El proyecto se formó en 2003 para apoyar los esfuerzos de aquellos que tratan de crear una sociedad más libre, ofreciéndoles un sistema para la comunicación anónima, segura y no censurable. Tiene como objetivo entablar una red segura y anónima de baja latencia, que sea distribuida por completo, autónoma, escalable, flexible y dinámica. La meta es exitosamente facilitar la operación segura en un ambiente del todo hostil - también si una organización con mucho poder polÃtico y recursos financieros considerables lleva a cabo un ataque.
+Todas las partes de la red son libres - tanto las fuentes (que están disponible como código abierto bajo licencias libres), como es gratuito todo uso de la red. Sólo de esta manera cada uno de los usuarios puede comprobar el correcto funcionamiento y la ausencia de código espiador. A la vez esto facilita contribuir al proyecto, asà mejorándolo para prevenir intentos agresivos de censurar las opiniones de ciudadanos libres.
+</p>
+
+<p>El anonimato no es binario - es decir: no existe nada que pueda garantizar un anonimato total; en vez de esto, nosotros tratamos
+de desarrollar un sistema en el que cada vez sea más difÃcil montar un ataque contra el anonimato de sus usuarios, y donde nadie tenga que fiarse en las "garantÃas" de nadie, dado el Ãndole descentralizado y distribuido de la red.
+I2P es lo que se podrÃa llamar de "red mezcladora de baja latencia", y hay lÃmites para el anonimato que un tal sistema pueda ofrecer.
+No obstante, las aplicaciones que usan I2P - como <a href="http://syndie.i2p2.de/">Syndie</a>, ambos sistemas de correo electrónico y I2PSnark - toman medidas para brindar más seguridad, a la vez ofreciendo una amplia gama de funcionalidades.</p>
+
+<p>I2P es un sistema ya funcional pero a la vez en desarrollo. Antes de la versión 1.0 se recomienda su uso meramente para la evaluación y el desarrollo.
+</p>
+
+<p>
+I2P se basa en que los datos se encaminan a través de otros nodos, mezclándose con los flujos de datos de otros usuarios y de esta manera dificultando gravemente el rastreo de las diversas comunicaciones y practicamente imposibilitando que se sepa el origen o el destino de ellos. (¡Véase la imagen abajo!)
+En este proceso todos los datos están cifrados desde el encaminador proveniente hasta él del destinatario.
+Para obtener más información sobre el funcionamiento de I2P, ¡échale un vistazo a la <a href="how_intro">introducción</a>!
+</p>
+<div class="box" style="text-align:center;">
+<img src="/_static/images/endToEndEncryption.png" alt="end to end layered encryption" />
+</div>
+{% endblock %}
diff --git a/www.i2p2/pages/index_fr.html b/www.i2p2/pages/index_fr.html
index 34308be5dec5b2d9a6064fed4021f4d570961a8f..22f37c18d51e8923fe55378a0862b9e0114696ff 100644
--- a/www.i2p2/pages/index_fr.html
+++ b/www.i2p2/pages/index_fr.html
@@ -1,85 +1,69 @@
{% extends "_layout_fr.html" %}
-{% block title %}I2P Anonymous Network{% endblock %}
+{% block title %}I2P : Réseau anonyme{% endblock %}
{% block content %}
<table cellspacing="10" class="announce"><tr class="announce"><td valign="top" class="announce">
<div class="version">
-<b>Latest version:</b><div class=underline></div>
-2010-07-12 - <strong>I2P 0.8</strong> - {{ urlify("release-0.8", "Announcement", "html")}}
-- <a href="download">Téléchargements</a><br /><div class="underline"></div>
+<b>Dernière version:</b><div class=underline></div>
+2012-07-30 - <strong>I2P 0.9.1</strong> - {{ urlify("release-0.9.1_fr.html", "Annonce", "html")}}
+- <a href="download_fr.html">Téléchargements</a><br /><div class="underline"></div>
2007-09-28 - <strong>Syndie 1.101a</strong> -
<!-- <a href="http://dev.i2p.net/pipermail/i2p/2007-September/001355.html">Announcement</a> -->
-- <a href="http://syndie.i2p2.de/download.html">Download</a>
+- <a href="http://syndie.i2p2.de/download.html">Téléchargements</a>
</div>
<div class="news">
-<b>Dernière nouvelles :</b><div class=underline></div>
-2010-07-12 - I2P 0.8
-<a href="release-0.8.html">Released</a>
-<br />
-2010-06-07 - I2P 0.7.14
-<a href="release-0.7.14.html">Released</a>
-<br />
-2010-04-27 - I2P 0.7.13
-<a href="release-0.7.13.html">Released</a>
-<br />
-2010-03-15 - I2P 0.7.12
-<a href="release-0.7.12.html">Released</a>
-<br />
+<b>Dernières nouvelles :</b><div class=underline></div>
+2012-07-30 - I2P 0.9.1 <a href="release-0.9.1_fr.html">Publiée</a><br />
+2012-05-02 - I2P 0.9 <a href="release-0.9_fr.html">Publiée</a><br />
+2012-02-27 - I2P 0.8.13 <a href="release-0.8.13_fr.html">Publiée</a><br />
+2012-01-06 - I2P 0.8.12 <a href="release-0.8.12_fr.html">Publiée</a><br />
</div>
<!--
<td>
<a href="download"><img src="/_static/images/logo07c.jpg" alt="0.7 logo" border="none"/></a> -->
</table>
<div class="sanderling"></div>
-<p>I2P est un réseau anonyme qui fournit une couche logicielle qui peut être utilisée par les applications pour communiquer
-de manière sécutisée entre elles. Toutes les données sont enveloppées dans plusieurs couches de cryptage. Le réseau est
-distribué et dynamique, les données transitent par plusieurs noeuds, qui sont agencées de manière dynamique.
-Aucun serveur n'est requis ce qui renforme l'anonymat.
+Traduction de mai 2011. <a href="index.html">Version anglaise actuelle</a>
+<p>I2P est un réseau anonyme qui fournit une couche logicielle qui peut être utilisée par les applications pour
+communiquer de manière sécurisée entre elles. Toutes les données sont enveloppées dans plusieurs couches de cryptage.
+Le réseau est décentralisé et dynamique, les données transitent par plusieurs nœuds qui sont agencés de manière
+dynamique. Aucun serveur n'est requis ce qui renforme l'anonymat.
</p>
<p>
-Beaucoup d'applications sont disponibles et s'interfacent avec I2P.
-Logiciel de mail, p2p, IRC et d'autres.
+Beaucoup d'applications sont disponibles et s'interfacent avec I2P: logiciel de mail, p2p, IRC etc...
</p>
<p>
-Le projet I2P s'est formé en 2003 pour apporter un soutient aux personnes qui tentent
-de créer une société plus libre en offrant un moyen de communication sécutisé et non censurable.
-I2P essaye d'apporter un réseau à faible latence, complétement distribué, autonome, anonyme, évolutif, souple et sécurisé.
-Son but est d'être efficace dans des environnements hostiles, même si certaines organisations
-avec de gros moyens financiers et/ou politique tentent de l'attaquer.
-
-Tous les aspects du réseau sont "open source" et disponible gratuitement.
-Ce qui assure deux choses aux utilisateurs:
-1 _ Ce logiciel fait ce qu'il dit faire, et rien d'autre.
-2 _ Tout le monde peux y contribuer et l'améliorer en vue de combattre les tentatives
-d'étouffement de la liberté d'expression.
+Le projet I2P s'est formé en 2003 pour apporter un soutient aux personnes qui tentent de créer une société plus libre,
+en offrant un moyen de communication sécurisé et non censurable.
+I2P essaye d'apporter un réseau à faible latence, complétement décentralisé, autonome, anonyme, évolutif, souple et
+sécurisé. Son but est d'être efficace dans des environnements hostiles, même si certaines organisations avec de gros
+moyens financiers et/ou politiques tentaient de l'attaquer. Tous les aspects du réseau sont "open source" et
+disponibles gratuitement. Ceci assure deux choses aux utilisateurs:
+1 _ Ce logiciel fait ce qu'il dit qu'il fait, et rien d'autre.
+2 _ Tout le monde peux y contribuer et l'améliorer en vue de combattre les tentatives d'étouffement de la liberté
+d'expression.
</p>
-<p>L'anonymat n'est pas quelque chose que l'on peut activer ou désactiver.
-Nous n'essayons pas de faire quelque chose de parfaitement anonyme, Ã la place, nous travaillons
-à rendre les attaques de plus en plus compliquées et chères à mettre en place.
-I2P est un réseau mixé à faible latence (Low latency mix network), il y a des limites à l'anonymat offert par
-ce type de système, mais les applications qui utilisent I2P, comme <a href="http://syndie.i2p2.de/">Syndie</a>, I2P mail
-et I2Psnark offrent des fonctionnalités et de la protection supplémentaires</p>
-
-<p>I2P est toujours en développement.
-Il ne devrait pas encore être mise en avant pour garantir l'anonymat, car le réseau est encore petit
-et il nécessite encore un gros travail de test en profondeur et de relecture du code.
-Il n'est pas immunisé contre les attaques des gens qui ont toutes les ressources, et ne le sera
-peut être jamais à cause des limitations de ce type de réseau. (Low latency miwed network).
+<p>L'anonymat n'est pas une notion tout-ou-rien, quelque chose que l'on peut activer ou désactiver. Nous n'essayons pas
+de faire quelque chose de parfaitement anonyme, mais au lieu de ça, nous travaillons à rendre les attaques de plus en
+plus compliquées et coûteuse à mettre en œuvre. I2P est un réseau croisé à faible latence (Low latency mix network): il
+y a des limites à l'anonymat offert par ce type de systèmes, mais les applications qui utilisent I2P, comme
+<a href="http://syndie.i2p2.de/">Syndie</a>, I2P mail et I2Psnark offrent des fonctionnalités et des protections
+supplémentaires.</p>
+<p>I2P est toujours en développement. Il ne devrait pas encore être mise en avant pour garantir l'anonymat, parce que le
+réseau est encore petit et qu'il nécessite encore un gros travail de test en profondeur et de relecture du code. Il
+n'est pas immunisé contre les attaques des gens qui ont toutes les ressources, et ne le sera peut être jamais à cause
+des limitations de ce type de réseau (réseau croisé à faible latence).
</p>
<p>
I2P fonctionne en routant le traffic à travers les autres pairs connectés au réseau, comme le montre l'image ci-dessous.
-Tous le traffic est crypté du début à la fin.
-Pour plus d'informations sur le fonctionnement d'I2P, regardez
-l'<a href="how_intro">introduction</a>.
-</p><p>
-<center>
-<div class="box">
-<img src="/_static/images/endToEndEncryption.png" alt="end to end layered encryption" />
-</div>
-</center>
+Tout le trafic est crypté de bout en bout. Pour plus d'informations sur le fonctionnement d'I2P, regardez
+l'<a href="how_intro_fr">introduction</a>.
</p>
+<div class="box" style="text-align:center;">
+<img src="/_static/images/endToEndEncryption_fr.png" alt="Cryptage en couches de bout en bout" />
+</div>
{% endblock %}
diff --git a/www.i2p2/pages/index_it.html b/www.i2p2/pages/index_it.html
index 261f7bc264bc4f9a75d67fffd49f8fc9f3b4a949..844d84a47f0ebb118897d3e319b439663e36e1ab 100644
--- a/www.i2p2/pages/index_it.html
+++ b/www.i2p2/pages/index_it.html
@@ -4,7 +4,7 @@
<table cellspacing="10" class="announce"><tr class="announce"><td valign="top" class="announce">
<div class="version">
<b>Latest version:</b><div class=underline></div>
-2010-07-12 - <strong>I2P 0.8</strong> - {{ urlify("release-0.8", "Announcement", "html")}}
+2012-07-30 - <strong>I2P 0.9.1</strong> - {{ urlify("release-0.9.1", "Announcement", "html")}}
- <a href="download">Download</a><br /><div class="underline"></div>
2007-09-28 - <strong>Syndie 1.101a</strong> -
<!-- <a href="http://dev.i2p.net/pipermail/i2p/2007-September/001355.html">Announcement</a> -->
@@ -12,18 +12,10 @@
</div>
<div class="news">
<b>Latest News:</b><div class=underline></div>
-2010-07-12 - I2P 0.8
-<a href="release-0.8.html">Rilasciata</a>
-<br />
-2010-06-07 - I2P 0.7.14
-<a href="release-0.7.14.html">Rilasciata</a>
-<br />
-2010-04-27 - I2P 0.7.13
-<a href="release-0.7.13.html">Rilasciata</a>
-<br />
-2010-03-15 - I2P 0.7.12
-<a href="release-0.7.12.html">Rilasciata</a>
-<br />
+2012-07-30 - I2P 0.9.1 <a href="release-0.9.1.html">Rilasciata</a><br />
+2012-05-02 - I2P 0.9 <a href="release-0.9.html">Rilasciata</a><br />
+2012-02-27 - I2P 0.8.13 <a href="release-0.8.13.html">Rilasciata</a><br />
+2012-01-06 - I2P 0.8.12 <a href="release-0.8.12.html">Rilasciata</a><br />
</div>
<!--
<td>
@@ -37,13 +29,14 @@ da diversi strati di crittografia, e la rete è egualmente distrubuita e dinamic
<p>
Molte applicazioni sono utilizzabili tramite I2P, le attuali applicazioni sono
account email, peer-to-peer, Server IRC e molto altro.
+<!--
</p><p>
I2P stà crescendo velocemente! Solo nel 2009, sono state rilasciate nove versioni, e il traffico è salito con un coefficente di 5:
-</p><p>
+</p>
<center>
<img src="/_static/images/bandwidth2009.png" alt="2009 bandwidth" />
</center>
-</p>
+-->
<p>
Il progetto di I2P è nato nel 2003 per sostenere gli sforzi di coloro che cercano di
@@ -73,12 +66,9 @@ I2P funziona direzionando il traffico verso altri peer, come potete vedere nella
Tutto il traffico è crittografato end-to-end.
Per altre informazione su come funziona I2P, controllate l'
<a href="how_intro">Introduzione</a>.
-</p><p>
-<center>
-<div class="box">
+</p>
+<div class="box" style="text-align:center;">
<img src="/_static/images/endToEndEncryption.png" alt="end to end layered encryption" />
</div>
-</center>
-</p>
{% endblock %}
diff --git a/www.i2p2/pages/index_nl.html b/www.i2p2/pages/index_nl.html
index 144e6d08f5474b2ed023f23eef281da707f52f10..f321eff7d4a5c3d0da71c458c75ab8bfb05be83d 100644
--- a/www.i2p2/pages/index_nl.html
+++ b/www.i2p2/pages/index_nl.html
@@ -4,7 +4,7 @@
<table cellspacing="10" class="announce"><tr class="announce"><td valign="top" class="announce">
<div class="version">
<b>Laatste versie:</b><div class=underline></div>
-2010-07-12 - <strong>I2P 0.8</strong> - {{ urlify("release-0.8", "Aankondiging", "html")}}
+2012-07-30 - <strong>I2P 0.9.1</strong> - {{ urlify("release-0.9.1", "Aankondiging", "html")}}
- <a href="download">Download</a><br /><div class="underline"></div>
2007-09-28 - <strong>Syndie 1.101a</strong> -
<!-- <a href="http://dev.i2p.net/pipermail/i2p/2007-September/001355.html">Announcement</a> -->
@@ -12,18 +12,11 @@
</div>
<div class="news">
<b>Laatste Nieuws:</b><div class=underline></div>
-2010-07-12 - I2P 0.8
-<a href="release-0.8.html">Release</a>
-<br />
-2010-06-07 - I2P 0.7.14
-<a href="release-0.7.14.html">Release</a>
-<br />
-2010-04-27 - I2P 0.7.13
-<a href="release-0.7.13.html">Release</a>
-<br />
-2010-03-15 - I2P 0.7.12
-<a href="release-0.7.12.html">Release</a>
-<br /></div>
+2012-07-30 - I2P 0.9.1 <a href="release-0.9.1.html">Release</a><br />
+2012-05-02 - I2P 0.9 <a href="release-0.9.html">Release</a><br />
+2012-02-27 - I2P 0.8.13 <a href="release-0.8.13.html">Release</a><br />
+2012-01-06 - I2P 0.8.12 <a href="release-0.8.12.html">Release</a><br />
+</div>
<!--
<td>
<a href="download"><img src="/_static/images/logo07c.jpg" alt="0.7 logo" border="none"/></a> -->
@@ -35,13 +28,14 @@ gedistribueerd als dynamisch, zonder te moeten vertrouwen op een derde partij.</
<p>
Diverse applicaties met een koppeling naar I2P zijn beschikbaar, zoals mail, peer-peer, IRC chat en meer.
+<!--
</p><p>
I2P groeit snel! Er waren negen releases in 2009 en het verkeer groeide met een factor van 5:
-</p><p>
+</p>
<center>
<img src="/_static/images/bandwidth2009.png" alt="2009 bandbreedte" />
</center>
-</p>
+-->
<p>
Het I2P project is in 2003 opgericht met als doel om te helpen bij het
@@ -79,12 +73,9 @@ I2P werkt door verkeer te routeren door andere peers, zoals getoond in onderstaa
Al het verkeer is van begin tot eind geëncrypt.
Voor meer informatie over de werking van I2P zie de
<a href="how_intro">Introductie</a>.
-</p><p>
-<center>
-<div class="box">
+</p>
+<div class="box" style="text-align:center;">
<img src="/_static/images/endToEndEncryption.png" alt="van begin tot eind gelaagde encryptie" />
</div>
-</center>
-</p>
{% endblock %}
diff --git a/www.i2p2/pages/index_ru.html b/www.i2p2/pages/index_ru.html
index 482f886735a08298043932b75c94c678529c4b18..e86cb5c54bea794d7c8c74ded536cb6d7e60f67a 100644
--- a/www.i2p2/pages/index_ru.html
+++ b/www.i2p2/pages/index_ru.html
@@ -6,7 +6,7 @@
<div class="version">
<b>ПоÑледние ВерÑии:</b>
<div class=underline></div>
-2010-07-12 - <strong>I2P 0.8</strong> - {{ urlify("release-0.8", "Announcement", "html")}} - <a href="download_ru">Скачать</a><br />
+2012-07-30 - <strong>I2P 0.9.1</strong> - {{ urlify("release-0.9.1", "Announcement", "html")}} - <a href="download_ru">Скачать</a><br />
<div class="underline"></div>
2007-09-28 - <strong>Syndie 1.101a</strong> - <!-- <a href="http://dev.i2p.net/pipermail/i2p/2007-September/001355.html">Announcement</a> --> - <a href="http://syndie.i2p2.de/download.html">Скачать</a>
</div>
@@ -14,30 +14,29 @@
<div class="news">
<b>ПоÑледние ÐовоÑти:</b>
<div class=underline></div>
-2010-07-12 - I2P 0.8 <a href="release-0.8.html">Released</a> <br />
-2010-06-07 - I2P 0.7.14 <a href="release-0.7.14.html">Released</a> <br />
-2010-04-27 - I2P 0.7.13 <a href="release-0.7.13.html">Released</a> <br />
-2010-03-15 - I2P 0.7.12 <a href="release-0.7.12.html">Released</a> <br />
+2012-07-30 - I2P 0.9.1 <a href="release-0.9.1.html">Released</a><br />
+2012-05-02 - I2P 0.9 <a href="release-0.9.html">Released</a><br />
+2012-02-27 - I2P 0.8.13 <a href="release-0.8.13.html">Released</a><br />
+2012-01-06 - I2P 0.8.12 <a href="release-0.8.12.html">Released</a><br />
</div>
</table>
<!--
<td>
<a href="download"><img src="/_static/images/logo07c.jpg" alt="0.7 logo" border="none"/></a> -->
-</table>
<div class="underline"></div>
<p>I2P Ñто Ð°Ð½Ð¾Ð½Ð¸Ð¼Ð¸Ð·Ð¸Ñ€ÑƒÑŽÑ‰Ð°Ñ Ñеть, предоÑтавлÑÑŽÑ‰Ð°Ñ Ð¿Ñ€Ð¸Ð»Ð¾Ð¶ÐµÐ½Ð¸Ñм проÑтой программный Ð¸Ð½Ñ‚ÐµÑ€Ñ„ÐµÐ¹Ñ Ð´Ð»Ñ Ð·Ð°Ñ‰Ð¸Ñ‰ÐµÐ½Ð½Ð¾Ð¹ коммуникации. Ð’Ñе передаваемые данные зашифрованы в неÑколько Ñлоев, а Ñеть одновременно Ð´ÐµÑ†ÐµÐ½Ñ‚Ñ€Ð°Ð»Ð¸Ð·Ð¾Ð²Ð°Ð½Ð½Ð°Ñ Ð¸ динамичеÑкаÑ, без иÑÐ¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ð½Ð¸Ñ Ñлементов которым бы требовалоÑÑŒ заочно доверÑÑ‚ÑŒ.</p>
<p>СущеÑтвует множеÑтво приложений работающих через I2P, Ð²ÐºÐ»ÑŽÑ‡Ð°Ñ Ð¿Ð¾Ñ‡Ñ‚Ð¾Ð²Ñ‹Ðµ клиенты, P2P-клиенты, IRC-клиенты и прочее.</p>
-
+<!--
<p>
I2P быÑтро раÑтет! Ð’ 2009 году было выпущено девÑÑ‚ÑŒ обновлений, а трафик Ñети увеличилÑÑ Ð² 5 раз:
-</p><p>
+</p>
<center>
<img src="/_static/images/bandwidth2009.png" alt="трафик в 2009 году" />
</center>
-</p>
+-->
<p>Проект I2P был начат в 2003 году Ð´Ð»Ñ Ð¿Ð¾Ð´Ð´ÐµÑ€Ð¶ÐºÐ¸ вÑех, кто учаÑтвует в Ñоздании более Ñвободного общеÑтва и заинтереÑован в новом нецензурируемом, анонимном и безопаÑном ÑредÑтве общениÑ. I2P — Ñто попытка Ñоздать защищенную децентрализованную анонимную Ñеть Ñ Ð¼Ð°Ð»Ñ‹Ð¼ временем отклика и ÑвойÑтвами автономноÑти, отказоуÑтойчивоÑти и маÑштабируемоÑти. Конечной задачей ÑвлÑетÑÑ ÑпоÑобноÑÑ‚ÑŒ функционировать в жеÑтких уÑловиÑÑ…, даже под давлением организаций обладающих значительными финанÑовыми или политичеÑками реÑурÑами. Ð’Ñе аÑпекты Ñети доÑтупны в виде иÑходного кода и беÑплатны. Ðто одновременно и позволÑет пользователÑм убедитьÑÑ, что программное обеÑпечение делает именно то что заÑвлено, и облегчает Ñторонним разработчикам возможноÑÑ‚ÑŒ ÑовершенÑтвовать защиту Ñети от наÑтойчивых попыток ограничить Ñвободное общение.</p>
@@ -47,12 +46,8 @@ I2P быÑтро раÑтет! Ð’ 2009 году было выпущено дев
<p>ВеÑÑŒ трафик в Ñети I2P маршрутизируетÑÑ Ñ‡ÐµÑ€ÐµÐ· других пиров и шифруетÑÑ Ð¾Ñ‚ Ð¾Ñ‚Ð¿Ñ€Ð°Ð²Ð¸Ñ‚ÐµÐ»Ñ Ð´Ð¾ Ð¿Ð¾Ð»ÑƒÑ‡Ð°Ñ‚ÐµÐ»Ñ (Ñм. ниже на иллюÑтрации). Подробнее о том, как работает I2P, читайте на Ñтранице <a href="how_intro">Introduction</a>.</p>
-<p>
-<center>
-<div class="box">
+<div class="box" style="text-align:center;">
<img src="/_static/images/endToEndEncryption.png" alt="многоÑлойное Ñквозное шифрование" />
</div>
-</center>
-</p>
{% endblock %}
diff --git a/www.i2p2/pages/index_zh.html b/www.i2p2/pages/index_zh.html
index f3683681e2c9d065b8e234efb79a581d08e4baed..d762827d631f74c6d5f2e0674b8b534bfb914b48 100644
--- a/www.i2p2/pages/index_zh.html
+++ b/www.i2p2/pages/index_zh.html
@@ -5,7 +5,7 @@
<div class="version">
<b>最新版本:</b>
<div class=underline></div>
-2010-07-12 - <strong>I2P 0.8</strong> - {{ urlify("release-0.8", "Announcement", "html")}}
+2012-07-30 - <strong>I2P 0.9.1</strong> - {{ urlify("release-0.9.1", "Announcement", "html")}}
- <a href="download_zh.html">下载</a>
<div class="underline"></div>
2007-09-28 - <strong>Syndie 1.101a</strong> -
@@ -14,19 +14,11 @@
</div>
<div class="news">
<b>最新动æ€ï¼š</b><div class=underline></div>
-2010-07-12 - I2P 0.8
-<a href="release-0.8.html">新版å‘布</a>
-<br />
-2010-06-07 - I2P 0.7.14
-<a href="release-0.7.14.html">新版å‘布</a>
-<br />
-2010-04-27 - I2P 0.7.13
-<a href="release-0.7.13.html">新版å‘布</a>
-<br />
-2010-03-15 - I2P 0.7.12
-<a href="release-0.7.12.html">新版å‘布</a>
-<br />
-/div>
+2012-07-30 - I2P 0.9.1 <a href="release-0.9.1.html">新版å‘布</a><br />
+2012-05-02 - I2P 0.9 <a href="release-0.9.html">新版å‘布</a><br />
+2012-02-27 - I2P 0.8.13 <a href="release-0.8.13.html">新版å‘布</a><br />
+2012-01-06 - I2P 0.8.12 <a href="release-0.8.12.html">新版å‘布</a><br />
+</div>
<!--
<td>
<a href="download"><img src="/_static/images/logo07c.jpg" alt="0.7 logo" border="none"/></a> --></td></tr>
@@ -35,10 +27,11 @@
<p>I2P 是一个匿å网络项目,它æ供了一个简å•çš„网络层供对身份æ•æ„Ÿçš„程åºè¿›è¡Œå®‰å…¨çš„匿å通讯。I2P 网络是动æ€çš„分布å¼ç½‘络,它在设计上并ä¸ä¿¡ä»»ç½‘络ä¸çš„任何一方,其ä¸çš„所有数æ®éƒ½ç»è¿‡å¤šå±‚åŠ å¯†ã€‚</p>
<p>很多程åºå¯ä»¥ä½¿ç”¨ I2P ï¼Œå…¶ç”¨é€”æ¶‰åŠ Email,P2P,IRC èŠå¤©ç‰ã€‚</p>
-
+<!--
<p>在欧美 I2P 网络æ£åœ¨å¿«é€Ÿæˆé•¿ï¼2009 å¹´ I2P å…±å‘布 9 次更新,æµé‡ç¿»äº†5å€: </p>
-<p><center><img src="/_static/images/bandwidth2009.png" alt="2009 bandwidth" /></center></p>
+<center><img src="/_static/images/bandwidth2009.png" alt="2009 bandwidth" /></center>
+-->
<p>I2P 项目æˆç«‹äºŽ 2003 年旨在建立一套安全ã€åŒ¿åã€å…å—[æ•æ„Ÿè¯]的通讯系统促进社会的[æ•æ„Ÿè¯]。I2P çš„å¼€å‘致力于建立一套低延迟ã€å…¨åˆ†å¸ƒå¼ã€è‡ªä¸»ç®¡ç†ã€å¯æ‰©å±•ã€é€‚应性强的匿åå®‰å…¨ç½‘ç»œã€‚å®ƒçš„ç›®æ ‡æ˜¯èƒ½å¤Ÿåœ¨å……æ»¡æ•Œæ„的网络环境内æˆåŠŸè¿è¡Œã€‚I2P网络的å„个部分都是开æºå…费的,这既å¯ä»¥ä¿è¯ I2P 软件的真实有效,åˆæ–¹ä¾¿äººä»¬æ献代ç 帮助 I2P 改进。</p>
@@ -47,12 +40,9 @@
<p>I2P ä»ç„¶å¤„于开å‘状æ€ç›®å‰ I2P 网络的规模还ä¸å¤§ï¼Œç¼ºä¹å¹¿æ³›çš„å¦æœ¯å®¡è®¡ï¼Œç›®å‰çš„状æ€ä¸‹ï¼Œè¯·ä¸è¦æŒ‡æœ›å®ƒç‰¹ä¾›â€œæœ‰ä¿è¯â€çš„匿å性。出于低延迟混淆网络(例如Tor网络)自身的é™åˆ¶ï¼Œåœ¨æ‹¥æœ‰æ— é™èµ„æºçš„攻击者é¢å‰ï¼ŒI2P 并ä¸æ˜¯æ— 懈å¯å‡»çš„。</p>
<p>I2P çš„è¿è¡Œé€šè¿‡å…¶ä»–节点路由数æ®ï¼Œå…¶å·¥ä½œæ–¹å¼è§ä¸‹å›¾ã€‚所有数æ®å‡ç»è¿‡ç«¯åˆ°ç«¯åŠ 密。关于 I2P 工作原ç†çš„更多信æ¯è¯·çœ‹ <a href="how_intro">介ç»</a>.
-</p><p>
-<center>
-<div class="box">
+</p>
+<div class="box" style="text-align:center;">
<img src="/_static/images/endToEndEncryption_zh.png" alt="ç«¯åˆ°ç«¯åŠ å¯†" />
</div>
-</center>
-</p>
{% endblock %}
diff --git a/www.i2p2/pages/intro_ar.html b/www.i2p2/pages/intro_ar.html
new file mode 100644
index 0000000000000000000000000000000000000000..c18fffd1c53371d4ef5bd258dce001630320fc2a
--- /dev/null
+++ b/www.i2p2/pages/intro_ar.html
@@ -0,0 +1,51 @@
+{% extends "_layout_ar.html" %}
+{% block title %}تقديم{% endblock %}
+{% block content %}
+<h1> (The Invisible Internet Project I2P) مشروع الأنترنت الغير مرئية</h1>
+<p>
+ هي شبكة مجهولية تمكن البرامج من ارسال واستقبال بيانات بأمان Ùيما بينها. الشبكة تستعمل بروتوكول الانترنت
+
+<a href="http://ar.wikipedia.org/wiki/%D8%A8%D8%B1%D9%88%D8%AA%D9%88%D9%83%D9%88%D9%84_%D8%A7%D9%84%D8%A5%D9%86%D8%AA%D8%B1%D9%86%D8%AA"> IP </a>وهناك خوارزميات للتواصل على طريقة
+<a href="http://ar.wikipedia.org/wiki/TCP">TCP</a>
+جميع الاتصالات داخل الشبكة مشÙرة (ÙÙŠ المجموع هناك 4 طبقات تشÙير عند ارسال رسالة) ÙˆØتى المرسل اليه معر٠بالستعمال طريقة
+ <a href="http://ar.wikipedia.org/wiki/%D8%AA%D8%B4%D9%81%D9%8A%D8%B1_%D8%A8%D8%A7%D8%B3%D8%AA%D8%AE%D8%AF%D8%A7%D9%85_%D8%A7%D9%84%D9%85%D9%81%D8%AA%D8%A7%D8%AD_%D8%A7%D9%84%D9%85%D8%B9%D9%84%D9%86">تشÙير باستخدام المÙØªØ§Ø Ø§Ù„Ù…Ø¹Ù„Ù†</a>).</p>
+
+<h2>كي٠تشتغل؟</h2>
+ التي تقوم بتمرير الرسالة ÙÙŠ اتجاه معين (من Ùˆ إلى المستخدم على التوالي). وبدوره عندما يريد المستخدم ارسال رسالة
+<p>لاعطاء المجهولية لرسائل، كل مستخدم لديه "موجه" الذي يقوم بإنشاء بعض الأنÙاق الداخلية والخارجية<a href="how_tunnelrouting.html">tunnels</a>الى المتلقي، يمرر المرسل الرسالة إلى Ø£Øد الأنÙاق التي تستهد٠الصادرة Ø£Øد
+عميل آخر ÙÙŠ الأنÙاق واردة، ووصلت ÙÙŠ النهاية إلى الوجهة. كل
+مشارك ÙÙŠ الشبكة يختار طول هذه الأنÙاق ØŒ وبذلك،
+يجعل المÙاضلة بين عدم الكش٠عن هويته، سرعة الشبكة ØŒ والإنتاجية ÙˆÙقا لإØتيلجاته
+ الخاصة. والنتيجة هي أن عدد من أقرانه الذين يقومون بتمرير الرسالة بينهم البعض
+هو الØد الأدنى المطلق الضروري لتلبية كل من المرسل Ùˆ المرسل له.</p>
+
+
+<p>المرة الأولى التي يرغب Ùيها المستخدم الاتصال بمستخدم آخر، يتم الاتصال بشبكة موزعة<a href="how_networkdatabase.html">network
+database</a> <a href="http://en.wikipedia.org/wiki/Distributed_hash_table">
+distributed hash table (DHT)</a> مبنية على
+<a href="http://en.wikipedia.org/wiki/Kademlia"> Kademlia algorithm</a>
+هذا يتم للØصول على بيانات الاتصال للمستخدم الآخر بÙعالية لأول مرة، لكن الاتصالات التالية لا تØتاج البØØ« ÙÙŠ قاعدة البيانات الموزعة.
+</p>
+
+<p>المزيد من التÙاصيل Øول طريقة عمل البرنامج <a href="how.html">هنا</a>.</p>
+
+<h2>ماهي استعمالات البرنامج؟</h2>
+
+<p>
+داخل الشبكة I2PØŒ لاتوجد قيود Øول كيÙية تواصل البرامج Øيث تدعم بروتوكول TCP Ùˆ UDP.
+</p>
+
+<p>
+تستعمل I2PTunnel لتمكين المستخدمين من تنصيب موقع مجهول مسمى ("eepsite") بتشغيل خادم ويب عادي الذي يمكن المتصÙØين من زيارة الموقع بصÙØ© مجهولة عبر شبكة I2P باستعمال متصÙØ ÙˆÙŠØ¨ عادي باستعمال HTTP proxy .
+كما تستعمل Ù†Ùس الطريقة لتشغيل شبكة IRC مجهولة (Øيث خادم IRC مجهول والمستخدم يتصل عن طريق I2PTunnel للاتصال). هناك برامج أخرى قيد التطوير، مثل <a href="http://bitconjurer.org/BitTorrent/">BitTorrent</a> خادم بيانات غير ممركز مثل <a href="http://freenetproject.org/">Freenet</a>
+</p>
+
+<p>
+ليس شبكة بروكسي خارجي، Øيث المستخدم الذي ترسل له الرسالة معر٠بطريقة مشÙرة، وليس عن طريق عنوان IPØŒ لذلك الرسالة يجب ان تصل الى متلقي يستخدم I2P. ومع ذلك يمكن لأØد المستخدمين ان يوÙر خدمة بروكسي خارجي، يمكنك من الاتصال بعنوان خارج الشبكة المجهولة (مثلا "http://www.i2p.net") لتمكين من التصÙØ Ø§Ù„Ù…Ø¬Ù‡ÙˆÙ„ لشبكة الأنترنت العادية. لا ÙŠÙ†ØµØ Ø¨Ø§Ø³ØªØ®Ø¯Ø§Ù… بروكسي بسيط مثل هذه الطريقة لعدة اسباب امنية Ùˆ الØÙاظ على الخصوصية، لكن ÙÙŠ بعض الØالات قد تكون مناسبة.
+</p>
+
+<p> I2P تطوير<a href="team.html">Ùريق التطوير</a> هو مجموعة Ù…ÙتوØØ© على جميع المهتمين <a href="getinvolved.html"> ساهم ÙÙŠ المشروع </a>وجميع البرامج هي <a href="licenses.html">رخصة Ù…ÙتوØØ© المصدر</a>. البرنامج الرئيسي مصمم بلغة جاÙا
+<a href="sam.html">simple socket based API</a>
+وطبقة للاتصال بالشبكة عبر لغات برمجة أخرى (بلغة C Ùˆ Python Ùˆ Perl قيد التطوير). الشبكة قيد التطوير ولم تصل بعد الى اصدار 1.0 المزيد من التÙاصيل <a href="roadmap.html">خارطة الطريق</a>
+</p>
+{% endblock %}
diff --git a/www.i2p2/pages/intro_fr.html b/www.i2p2/pages/intro_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..e091d11cd12f6faeb0c63eca2834a1be20d5ea76
--- /dev/null
+++ b/www.i2p2/pages/intro_fr.html
@@ -0,0 +1,83 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Intro{% endblock %}
+{% block content %}
+Traduction de mars 2011. <a href="intro.html">Version anglaise actuelle</a>
+<h1>The Invisible Internet Project (I2P)</h1>
+<p>I2P est un réseau anonyme, proposant une simple couche que les applications peuvent
+utiliser pour s'envoyer des messages anonymement de façon sécurisée. Le réseau lui-même est
+strictement orienté messages ("à la
+<a href="http://en.wikipedia.org/wiki/Internet_Protocol">IP"</a>), mais une
+bibliothèque disponible permet les communications fiables pour les flux (streaming) ("à la
+<a href="http://en.wikipedia.org/wiki/Transmission_Control_Protocol">TCP"</a>).
+Toute communication est cryptée de bout en bout (il y a en tout quatre niveaux de cryptage
+utilisés lors de l'envoi d'un message, et même les partenaires ("destinations")
+sont des identifiants cryptographiques (essentiellement une paire de
+<a href="http://en.wikipedia.org/wiki/Public_key_encryption">clés publiques</a>).</p>
+
+<h2>Fonctionnement</h2>
+
+<p>Pour anonymiser les messages envoyés, le routeur I2P met à disposition de chaque application cliente
+quelques "<a href="how_tunnelrouting.html">tunnels</a>" sortants et entrants: une suite de pairs
+qui passent les messages dans une direction, de et vers le client respectivement.
+Lorsqu'un client veut envoyer un message à un autre, le premier passe ce message
+dans un de ses tunnels sortants en ciblant un des tunnels entrants de l'autre, et atteint éventuellement
+sa destination. Chaque participant du réseau choisit la longueur de ces tunnels, et ce faisant,
+arbitre entre anonymat, latence, et débit en fonction de ses besoins.
+En conséquence, le nombre de pairs intervenant dans le relayage le message de bout en bout est le minimum absolu
+nécessaire à l'atteinte des objectifs de sécurité à la fois de l'émetteur et du destinataire.</p>
+
+<p>La première fois qu'un client veut en contacter un autre, il émet une requête vers
+la "<a href="how_networkdatabase.html">base de donnée du réseau</a>" entièrement décentralisée (une table de hash
+décentralisée de structure personnalisée <a href="http://en.wikipedia.org/wiki/Distributed_hash_table">(DHT)</a>)
+basée sur <a href="http://en.wikipedia.org/wiki/Kademlia">algorithme Kademlia</a>. Ceci pour trouver efficacement
+les tunnels entrants des autres clients, mais en faisant en sorte que les messages suivants entre les
+partenaires incluent certaines données qui permettront la poursuite de la communication sans plus jamais
+besoin de réinterroger la base de donnée.</p>
+
+<p>Les explications sur le fonctionnement d'I2P sont disponibles en version
+<a href="how_intro_fr.html">simplifiée</a> et <a href="how_fr.html">détaillée</a>.</p>
+
+<h2>Que pouvez-vous en faire?</h2>
+
+<p>Au sein du réseau I2P, les applications ne sont pas bridées dans leur façon de communiquer:
+celles qui utilisent habituellement UDP peuvent utiliser les fonctionnalités de base d'I2P,
+et celles qui utilisent plutôt TCP peuvent utiliser la bibliothèque d'émulation TCP.
+Nous avons une application générique de pont TCP/I2P
+("<a href="i2ptunnel.html">I2PTunnel</a>") qui permet aux gens tant de transférer des flux TCP
+dans le réseau I2P que d'en recevoir en dehors du réseau et de les faire suivre
+vers une adresse IP particulière.</p>
+
+<p>I2PTunnel est couramment utilisé pour permettre l'exécution de votre propre serveur de site web anonyme
+("eepsite") en utilisant un serveur web normal et en aiguillant un tunnel I2P "Serveur"
+vers lui, auquel les gens accèderont anonymement sur I2P avec un navigateur normal via leur propre
+serveur mandataire HTTP de tunnel I2P ("eepproxy"). Nous utilisons la même
+technique pour l'exécution d'un réseau IRC anonyme (sur lequel le serveur IRC est hébergé
+anonymement, et où les clients IRC standards utilisent un tunnel I2P pour s'y connecter). Il y a
+d'autres efforts de développement d'applications en cours, tels qu'un pour élaborer une application de transferts
+de fichiers optimisée ("à la
+<a href="http://bitconjurer.org/BitTorrent/">BitTorrent</a>), un stockage décentralisé
+(façon <a href="http://freenetproject.org/">Freenet</a> /
+<a href="http://mnetproject.org/">MNet</a>), et un système de blog (entièrement décentralisé
+<a href="http://www.livejournal.com/">LiveJournal</a>), mais ils ne sont pas prêts à l'usage pour l'instant.</p>
+
+<p>I2P n'est pas intrinsèquement un réseau de "proxy sortant" - le client à qui vous envoyez un message
+est un identifiant cryptographique et non pas une quelconque adresse IP, et donc le message doit être
+adressé à quelqu'un qui utilise I2P. Cependant, il est possible à ce client d'être aussi
+un mandataire sortant, vous permettant alors d'utiliser anonymement sa connexion Internet.
+Pour le mettre en évidence, le "proxy eep" acceptera les URL non-I2P
+(p.e. "http://www.i2p.net") et les fera suivre à une destination particulière
+qui héberge un proxy HTTP <a href="http://www.squid-cache.org/">squid</a>, permettant
+simplement la navigation en mode anonyme sur l'Internet normal. De simples mandataires de ce genre ne sont pas
+viables sur le long terme pour plusieurs raisons (dont le coût, et aussi
+pour l'anonymat et les problèmes de sécurité qu'ils introduisent), mais dans certaines circonstances
+cette technique peut s'avérer appropriée.</p>
+
+<p>L'<a href="team_fr.html">équipe</a> de développement d'I2P est un groupe ouvert, accueillant tous ceux qui
+sont intéressé pour y <a href="getinvolved_fr.html">participer</a>, et tout le code <a href="licenses.html">open source</a>.
+Le cœur de l'outil de développement d'I2P et l'implémentation actuelle du routeur
+sont faits en Java (il fonctionne avec la version Sun/Oracle et kaffe, gcj est prévu pour plus tard),
+et il y a une <a href="sam.html">API basée "simple socket"</a> pour accéder au réseau depuis
+d'autres langages (avec une bibliothèque C disponible, et une pour Python et Perl en développement).
+Le réseau est activement développé et n'a pas encore atteint la version 1.0,
+mais la <a href="roadmap_fr.html">feuille de route</a> décrit notre planning.</p>
+{% endblock %}
diff --git a/www.i2p2/pages/jbigi.html b/www.i2p2/pages/jbigi.html
index b8eb9ce9fb6fd8d614f7f6d4480b833d4deb0cc0..47747a4d3414e8f6a19cfd921dddda68e8327875 100644
--- a/www.i2p2/pages/jbigi.html
+++ b/www.i2p2/pages/jbigi.html
@@ -1,10 +1,41 @@
{% extends "_layout.html" %}
{% block title %}jbigi{% endblock %}
-{% block content %}<p>Using JNI (Java Native Interface), a bit of C code (thanks ugha!), a little
-manual work and a piece of chewing gum it is possible to make the public key
-cryptography quite a bit faster.</p>
+{% block content %}
-<h2>Requirements</h2>
+Updated August 2011, current as of router version 0.8.7
+
+<h2>Overview</h2>
+<p>Using JNI (Java Native Interface), a bit of C code (thanks ugha!), a little
+manual work and a piece of chewing gum we have made several
+cryptography operations quite a bit faster.</p>
+
+<p>
+The speedup comes from the super-fast
+<a href="http://gmplib.org/">GNU MP Bignum library (libgmp)</a>.
+We use a single function from libgmp -
+<a href="http://gmplib.org/manual-4.3.2/Integer-Exponentiation.html#Integer-Exponentiation">mpz_powm()</a>
+as a replacement for the
+<a href="http://download.oracle.com/javase/1.5.0/docs/api/java/math/BigInteger.html#modPow%28java.math.BigInteger,%20java.math.BigInteger%29">Java Math library's BigInteger modPow()</a>.
+As modPow() is a significant computational portion of many crypto operations, this is of significant benefit.
+</p>
+
+<p>
+The standard I2P installation includes about 20 versions of the library for different platforms,
+each about 50KB, inside the jbigi.jar file.
+The initialization of the JBigI library, including CPU identification, selection, and extraction
+of the correct loadable module, is handled by the
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/util/NativeBigInteger.html">NativeBigInteger class</a>.
+If no module is available for the current platform, the standard
+<a href="http://download.oracle.com/javase/1.5.0/docs/api/java/math/BigInteger.html#modPow%28java.math.BigInteger,%20java.math.BigInteger%29">Java Math library's BigInteger modPow()</a>
+is used.
+</p>
+
+
+<h2>Rebuilding and Testing JBigI</h2>
+Following are the instructions to build a new jbigi library for your own platform
+and testing its performance.
+
+<h3>Requirements</h3>
<p>This works on Linux, and with a few changes in build.sh probably also on
other platforms. FreeBSD has also been reported to work too. On Kaffee the
speedup is very small, because it already uses native BitInteger internally.
@@ -17,19 +48,19 @@ included in your OS / distribution or installed already, it can be received from
have already installed it as binary, it might still be worth a try to compile
GMP yourself, since then it will be able to use the specific instructions of
your processor. The latest GMP may also
-be used instead of GMP 4.2.2, but it hasn't been tested by us.
+be used instead of GMP 5.0.2, but it hasn't been tested by us.
</p>
-<h2>Step-by-step instructions</h2>
+<h3>Step-by-step instructions</h3>
<ol>
-<li>Look at <a href="http://localhost:7657/logs.jsp">your wrapper logs</a>,
-at the point where I2P first starts. There should be one of two messages - either
+<li>Look at <a href="http://localhost:7657/logs.jsp">your running environment on the logs.jsp page</a>.
+There should be one of two status messages for JBigI - either
<tt>
-INFO: Locally optimized native BigInteger loaded from the library path
+Locally optimized native BigInteger loaded from the library path
</tt>
or
<tt>
-INFO: Native BigInteger library jbigi not loaded - using pure java</tt>.
+Native BigInteger library jbigi not loaded - using pure java</tt>.
If the native BitInteger library was NOT loaded, you definitely need to
compile your own.
Certain platforms, such as OS X, OpenSolaris, and 64-bit systems,
@@ -37,7 +68,7 @@ may require you to compile your own library.
If the BigInteger library was loaded, do at least the next step to see
what your performance is.
</li>
-<li>Look on <a href="http://localhost:7657/oldstats.jsp">http://localhost:7657/oldstats.jsp</a>
+<li>Look on <a href="http://localhost:7657/stats.jsp">http://localhost:7657/stats.jsp</a>
to see what the lifetime average values for <code>crypto.elGamal.decrypt</code> and
<code>crypto.elGamal.encrypt</code> are. The numbers are times in milliseconds. Copy these somewhere so you can compare
them later on.
@@ -52,8 +83,8 @@ out of the monotone database mtn.i2p2.de</li>
<li>Read the README file.
If you have a /usr/lib/libgmp.so file, you do not have to download GMP.
Use the 'dynamic' argument to build.sh.
-Otherwise, you must download GMP version 4.2.2 from
-from <a href="http://gmplib.org/#DOWNLOAD">http://gmplib.org/#DOWNLOAD</a>, saving it to gmp-4.2.2.tar.bz2.
+Otherwise, you must download GMP version 5.0.2 from
+from <a href="http://gmplib.org/#DOWNLOAD">http://gmplib.org/#DOWNLOAD</a>, saving it to gmp-5.0.2.tar.bz2.
If you decide to use a newer version, change the VER= line in <code>core/c/jbigi/build.sh</code>.
<li>Take a look at <code>build.sh</code>, if your <code>JAVA_HOME</code>
environment variable is set and you are using Linux then it might just work.
@@ -82,10 +113,11 @@ report.</li>
<li>Copy <code>libjbigi.so</code> to your i2p directory</li>
<li>Restart your I2P programs.</li>
<li>On
-<a href="http://localhost:7657/oldstats.jsp">http://localhost:7657/oldstats.jsp</a>
+<a href="http://localhost:7657/stats.jsp">http://localhost:7657/stats.jsp</a>
the <code>crypto.elGamal.decrypt</code> and <code>crypto.elGamal.encrypt</code>
should be a lot faster.</li>
</ol>
-<p>Feedback is appreciated</p>
+
+
{% endblock %}
diff --git a/www.i2p2/pages/jbigi_de.html b/www.i2p2/pages/jbigi_de.html
index 2d00ffd67434bbcc3df44bd32390cecdce2afaa2..260dffc4af0fe7d9811792281bb0d64ad8625fa6 100644
--- a/www.i2p2/pages/jbigi_de.html
+++ b/www.i2p2/pages/jbigi_de.html
@@ -1,6 +1,8 @@
{% extends "_layout_de.html" %}
{% block title %}jbigi{% endblock %}
-{% block content %}<p>Mit JNI (Java Native Interface), ein wenig C Quelltext (Danke ugha!), ein wenig
+{% block content %}
+<p>Die Webseite wird gerade überholt und dieses Dokument kann alte Informationen enthalten</p>
+<p>Mit JNI (Java Native Interface), ein wenig C Quelltext (Danke ugha!), ein wenig
manueller Arbeit und etwas Kaugummi ist es möglich, die "public key" Kryptography
ein ganzes Stück schneller zu machen.</p>
@@ -41,7 +43,7 @@ generell, das du die Bibliothek selber kompilierst.
Falls die BigInteger Bibliothek geladen wurde, schaue zumindest mit dem
letzten Schritt nach, wie deine Performance ist.
</li>
-<li>Schaue auf <a href="http://localhost:7657/oldstats.jsp">http://localhost:7657/oldstats.jsp</a>
+<li>Schaue auf <a href="http://localhost:7657/stats.jsp">http://localhost:7657/stats.jsp</a>
um deine Durchschnittszeiten seit dem Start von I2P für <code>crypto.elGamal.decrypt</code>
und <code>crypto.elGamal.encrypt</code> abzulesen. Diese Zahlen sind Zeiten in Millisekunden.
Notiere dir diese Werte zum späteren Vergleich.
@@ -82,7 +84,7 @@ gebe uns das bitte bekannt.</li>
<li>Kopiere die <code>libjbigi.so</code> in dein i2p Verzeichnis</li>
<li>Restarte deinen I2P Router.</li>
<li>Auf
-<a href="http://localhost:7657/oldstats.jsp">http://localhost:7657/oldstats.jsp</a>
+<a href="http://localhost:7657/stats.jsp">http://localhost:7657/stats.jsp</a>
sollten <code>crypto.elGamal.decrypt</code> und <code>crypto.elGamal.encrypt</code>
erheblich schneller sein.</li>
</ol>
diff --git a/www.i2p2/pages/license-agreements.html b/www.i2p2/pages/license-agreements.html
index 1c984dd5849116e6c9f7a1a3e5a01250c3977d7f..6ed222d80a813ac27088d4a9ba4d6f312bc7e3e3 100644
--- a/www.i2p2/pages/license-agreements.html
+++ b/www.i2p2/pages/license-agreements.html
@@ -7,12 +7,22 @@
Developers must use this file in ~/.monotone/monotonerc or
_MTN/montonerc in their i2p.i2p workspace.
<pre>
+function intersection(a,b)
+ local s={}
+ local t={}
+ for k,v in pairs(a) do s[v.name] = 1 end
+ for k,v in pairs(b) do if s[v] ~= nil then table.insert(t,v) end end
+ return t
+ end
+
function get_revision_cert_trust(signers, id, name, val)
local trusted_signers = { "complication@mail.i2p", "zzz@mail.i2p", "dev@welterde.de",
"Oldaris@mail.i2p", "sponge@mail.i2p", "dream@mail.i2p", "mathiasdm@mail.i2p",
"mkvore-commit@mail.i2p", "z3d@mail.i2p", "cervantes@mail.i2p", "BlubMail@mail.i2p",
"walking@mail.i2p", "neutron@mail.i2p", "HungryHobo@mail.i2p", "russiansponsor@mail.i2p",
- "echelon@mail.i2p", "forget@mail.i2p", "privateer@mail.i2p", "duck@mail.i2p" }
+ "echelon@mail.i2p", "forget@mail.i2p", "privateer@mail.i2p", "duck@mail.i2p",
+ "m1xxy@mail.i2p", "hiddenz@mail.i2p", "dev@robertfoss.se", "hamada@mail.i2p",
+ "magma@mail.i2p", "kytv@mail.i2p", "str4d@mail.i2p", "meeh@mail.i2p" }
local t = intersection(signers, trusted_signers)
if t == nil then return false end
if table.getn(t) >= 1 then return true end
@@ -459,5 +469,247 @@ iEYEARECAAYFAkwKdKoACgkQTo2HeGooF8zClwCfVh8uaCHNP4MQwrB1egFKO40j
aqEAn3zAoSf0hCbTU/A489RKeQ6DA6GM
=mA0j
-----END PGP SIGNATURE-----
+
+m1xxy:
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Applicable to the code I contribute to the I2P project,
+I, mixxy/m1xxy, hereby state that:
+* Unless marked otherwise, all code I commit is implicitly licensed under the component's primary license
+* If specified in the source, the code may be explicitly licensed under one of the component's alternate licenses
+* I have the right to release the code I commit under the terms I am committing it.
+* The following is my monotone signing key:
+
+c9b970f5e8917eada663d4c6b22096617021c95c m1xxy@mail.i2p
+
+[pubkey m1xxy@mail.i2p]
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/aaFUq37RQdJpMC8aacqYLdd88wNVjwI+4HY5d7a61HvYIAecg1KJlq/CDFFrygmCcusnFaBmmBQFLO+gJXPKi9PMo1vaENiqCTVfY4EUpMMYzpuqKMKjyfuT6eoOHCZEKfZosUowyJt61FsTzGu+B9y27d0jxXwXT/fml100EwIDAQAB
+[end]
+
+mixxy
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.10 (GNU/Linux)
+
+iQIcBAEBAgAGBQJM1gjUAAoJECDrk8/2C++w+WwP/1GLBHpTGYiDO/zfqECgVRu2
+S+qxTdEWcJyfz1MY8tJ9vMIhlr66jxveI1KZ4sNUln91yPR2KDgMrBa31wL8IHAz
+T4uj7paMt8zLtptMbn2nGqdl/X3fmGloDQvW/VB0MWj3YpBgxXiMfEf3Mv9BcnV4
+B6IUvnXAWVe86Dlon1KLoQjAB3hjiGZV0vUV8sjEOYxX/qztLAfP1FPHCRdKlNYY
+hb2zNdRTHlCF+CKdZ+TX4HB7qlsjYUbhRJhh2pN2Rwz/2w/CddwXQ4jaKjCkn5T9
+D5Ekz4/b68doGq1hhjTf/GZ1FqVt+gkYr8MYPGZP5oJ6O4X5yPc3QhRy5cMlERSj
+S5+lXB/nM09w5bScHtdfHauxUI/vWOdF78BzCJHhOBBHZ/jrsV2iX6QDaf+X/FbT
+64SWXTa4jzQeE7MafF9Bkex1rWGJiom5Ew4NG73e1GyGtkwvRV6j5H3AKvpgRJzG
+G7W3/7MSZjNP7aIs2+BqYe9YveV0GCzC0l0lhIHvKNzRv6Avvvx7krORMQZqSt1k
+lVPIAUyoW+ScB+E26dVpRFne/0q9yUcQOeKyqehGCEFtgqQCqLsdTHynxayp58bJ
+lccrgLY+pzPpNg5w/5kJFm70ih9MOHRdRik9TiGvj56tzLUEPrD7WeMzl4mkeg0Y
+2WPghzlpoV5C1SJkv+dR
+=YLVN
+-----END PGP SIGNATURE-----
+
+hiddenz:
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Applicable to the code I contribute to the I2P project,
+I, hiddenz/anon8373/slow, hereby state that:
+* Unless marked otherwise, all code I commit is implicitly licensed under the component's primary license
+* If specified in the source, the code may be explicitly licensed under one of the component's alternate licenses
+* I have the right to release the code I commit under the terms I am committing it.
+* The following is my monotone signing key:
+
+[pubkey hiddenz@mail.i2p]
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnpEeIignM2UUsJT9+hSMcVOUuf0PZTxi9G3zRhDjal8Qdy/NUZQELAc6/gBhnZcSP4BHp/0BTTxXthlTjko8nkwx+EgzQO425Vgb1v/7RneCqEDjMP6QyZUOn1Hi2UBw+jvnbjFk1wDqt9BPdAKITfp3l7bR1xGr4gs1M4MSrcwIDAQAB
+[end]
+
+hiddenz
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQEcBAEBAgAGBQJM3u7uAAoJEFp3lNknxN+16HoIAMNYVELPBHOM4iqO1lWeFqmK
+mSw/+eME05KvboZUq9SsJjInUkxlbfDWHf/DuUlCnTPePuQY+wTQPOa18ncldG0y
+bgO71WnCSyIydrw8dIUtMBfvVzcSP4c5h0ty10Dw+YxdKL2TLTIw4JuqYCPhE4cm
+1IqBfHT5or7A2ahCXLkUt2YX9NW9SAl8xUs+/g5rzc42EAgh656JK83G7kA38UID
+nn6ZA+A/3hrTe1+lJ0yHa6sCnJGJ6+tdJlLzjeU6K34cRPCcn2sPO9LUlM6VHVga
+AkTEFPvxhJC9yJ4cgIJ5AlrcF8B4Ufb0gsfsEfebAl1puA0C/MRxywTSjZTTB3k=
+=UDcv
+
+
+hottuna:
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+hottuna:
+
+Applicable to the code I contribute to the I2P project,
+I hereby state that:
+
+* Unless marked otherwise, all code I commit
+is implicitly licensed under the component's primary license
+
+* If specified in the source, the code may be explicitly licensed
+under one of the component's alternate licenses
+
+* I have the right to release the code I commit
+under the terms I am committing it
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.16 (MingW32)
+
+iQGcBAEBAgAGBQJNKd3GAAoJEBVx72WXYlXhZjEL/3miyEMtggiJF73UJ26qLyAp
+9vFqoztcCHZTdDS3jpXaDY3v2WnfT6bB3eQjrFYkwDO8UpVqjdCnPUhs/sqHg0eX
+eqesy6IqDhluxJTO3vlvgBJVh449/g1P15hOQ1aR3vv12okmv85yOD7qbprkAZ9P
+J2uByT2L1EaLUuYVABVkmoZyBhvmSFZkfvXmToYlywo413r36mW4M+Y7yFkBuw0x
+aEvZ43zVVDaMsJQwTPdcUb4RmfSPk8d15FOr9WbWzSfKhUZ1HUtCWjPUuYWPzIrg
+APnJswb07ekm8G9bPeKctOg8lJnJTbM0HzA1KGaCzvpJ+asz6HY8+2mq5RzvQ5XX
++6x+heNjNNG6f55cdwTw+ivWcsZiKDliAMUWlSkHMoWLjdzYOzrCM0vNf+BQMYeU
++Qg/bOU4Pt11Hfn5/PwY7zdK3KTp/bqtWE6kBdlFXtnPdZKaYtUTmwdCgB/2EC2T
+pJOW/MBcMyHC5MxdistNFpXDv4O8dt7SNe83ADB2bA==
+=aXNE
+-----END PGP SIGNATURE-----
+
+hamada:
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Hamada affirm that:
+
+ * Unless marked otherwise, all code I commit is implicitly
+licensed under the component's primary license
+ * If specified in the source, the code may be explicitly licensed
+under one of the component's alternate licenses
+ * I have the right to release the code I commit under the terms I
+am committing it
+
+Hamada
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQEcBAEBAgAGBQJNUs9+AAoJEOEGJ9ydVi3DddMH/0Bl4Mh3oSWFfx8peOj2JG2z
+bXHrK7kDHSK+aJrcFORQ4YPg2INjCH5GDDxaALhHKnVpTqZHy2F+RWII1SYVnU6l
+SQKBKOKw4bHQZSS0ibdsRkUbP1cyoxR9bh0SXfDFjwLu3rzsU4FFc6vmRAIdwiOo
+xQK3RpiPpzegsZPOFr4+vHIJUGcgGce86EIjC5VSoQHb3gHXsnsYGYBIszEj1MZ4
+OCzbjV7Gl44sZ6R8Q2AU1Dita7ANJv6bkbk8W8Rurxqi2lUDHiWkW2XaoZ18mvnj
+dZ65tC2kHgJHVU0oIn5rGMA7uuQizFL0d6pzQfJgw1hMA29sGQmxovy+Bp85Pqk=
+=HeGr
+-----END PGP SIGNATURE-----
+
+magma:
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+I affirm that:
+
+ * Unless marked otherwise, all code I commit is implicitly licensed under the component's primary license
+ * If specified in the source, the code may be explicitly licensed under one of the component's alternate licenses
+ * I have the right to release the code I commit under the terms I am committing it
+
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.14 (GNU/Linux)
+
+iQIcBAEBAgAGBQJNg8FwAAoJEKiufQgd4cCY8sEP/13U7rmFMyYgbITiJHxRM/Kl
+BFW/iVYPqF4Kr9qjT0S80kOw0wvHctWGPAoHv23YxUYRrJuW0gd5EAdv+1KQBmE/
+lpKaTXMAt8DKba80dRk5I1S6SnJhAKyesF+nlxi53EfqIp1mRwSwzzRWgx9mz08R
+jJSyEbPHX/ipwmohEAZ1diIYQv9QFjrrXOv+avFZgm56tj3ckBtKZNuZ+P/0sttJ
+zmom7H7v9O1WlHiF50TuiLRM8V4XMKRRFw2GHaUgC/Uh5jN6PHEBoeQT5ssXvVIu
+7IcCx9wTmABoGo2PALO51C+2aMvDXFml7QCEjwKtG2zelWJLXR1tyZuQdn+fxLa0
+CDLc/V4mSgjscNN9gOJwX8AIUqwzA/SalZ5ng6gs6IqHk6wnrznw5kKNsEi1FInI
+n2MlDsgCiv1D6gqqOYEJYrWYmQqOoU7fNi/cgi9vJ1XQOA0pd40SeoNMNzs4LmIu
+oPifPJ+ODqfxTeBGSAZ3UDDdv80hzFlhMXHKk/a0+CpsBd1OmIkE+YhCQTI23wfv
+xBzzO3WoecufpM1Ykg0yOYlGJ3IMJ1n7zvobJfiExeLDBM7fPFmJqB1sFRyV0n9f
+sNMV1SjtLKZr65oePxFL1ludkQ6aMqlLCzNOSec6cUUSnkd+YwieT5yFpOXb6d8a
+w4O9LtQO1R4tgrVXhBw4
+=j/xY
+-----END PGP SIGNATURE-----
+
+kytv:
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+I KillYourTV/KYTV affirm that:
+
+ * Unless marked otherwise, all code I commit is implicitly licensed under the component's primary license
+ * If specified in the source, the code may be explicitly licensed under one of the component's alternate licenses
+ * I have the right to release the code I commit under the terms I am committing it
+
+[pubkey kytv@mail.i2p]
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMMTHQs4AQ0KuXjHsPRvfeBo2EydIAcGcBH7VCO26AofX2ns3ezTKfvmv6QcFhcxn41I6OdG29DdFVRz4D8hIZvOoFYfe87nswgyXW85rEilJP02Z8HCr/dcYJbPsWAlMr7/UIDsT/9swd0U6QTf9X2W+VORyhDdYXcG8zikBqXQIDAQAB
+[end]
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.10 (GNU/Linux)
+
+iQEcBAEBAgAGBQJN0b3UAAoJEKvgwxnfCgoaQaMH/RdNoOt+1lm4cztvv5f2QBL3
+W4h3PjloDqkLE4ATDm+AcctahQaWuA221AMOrhR0aS+93wm+mOxzSmeoE91V475n
+2fpC/zWx0WRAzjQkr1M6OkcXNy6f+H5/UkBcaivzI9y5wUv5ETUHwiy+5qzG4oQ7
+AzbPHeJic88c6dyGX6rwa5VFMXLKYnr7h/i562/Ynaqus8tu/td1KEGkdNFgW4We
+y/aXYqaNYtds4xova49m99Y5u1kfKltv4YVEwY5a7Cj8p/31aeD8c10rWrf00R9H
+XlL2/b0lIx1C8CAK5TmdrD8G1SXl614SJTGuQfBT2N6yCT+jcrOMJIghCZhvmLQ=
+=U1Tw
+-----END PGP SIGNATURE-----
+
+str4d:
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+I str4d affirm that:
+
+ * Unless marked otherwise, all code I commit is implicitly licensed under the component's primary license.
+ * If specified in the source, the code may be explicitly licensed under one of the component's alternate licenses.
+ * I have the right to release the code I commit under the terms I am committing it.
+ * The following is my monotone signing key:
+
+01265f0c817b24548478341fb75e672720a78b21 str4d@mail.i2p
+
+[pubkey str4d@mail.i2p]
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe4zkWVW8fBXGtnMpWbw316qbxWhKdnM86bnPyU3a8C2ERaofESzoZPXm21BR4jEqHLFzVzni4MTAJ+J0XjW70Le5DZTm/AG18qXd8UsK2+IreCHqnv5XPL8Lw8oY6zNoT834emGqH2n0T98OHF6zNUStBrvuv9AFPa6FZocF2mwIDAQAB
+[end]
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.10 (GNU/Linux)
+
+iQEcBAEBAgAGBQJPE5faAAoJENXeOJaUpGWy5kUIAIhe1ow0VpMgJitkBr8cBF8B
+iJoKJ/DrCQ+XGk8API05VpyW0BLnG9qVRZh8DZux3NealIk3k37gN5rVHas0vpjU
+5qzqFNwpeyPSSFhylLMqf3fYdjJJZieZfWU/XW7HUMYGgZ03Lq95sxPRPyl8A0D8
+2ahv537Vy4EOZCdE8CvBgS/Hk0TVrG9EPL/vR1T6cx9YSV5/R0xiNNKujgoUHurX
+8gHudomaEf+VxqDFCFQbjIWqDuf1sm1eRQokvO+wELqNjkUsWhDMAS54EjTmYN+h
+Zc8XFXkeLUdRU6zJHo0tRWo0zswIW+a0r5W+T5MHwUnYOiTUUVgOjtwTGN7uURQ=
+=nEwG
+-----END PGP SIGNATURE-----
+
+meeh:
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Applicable to the code I contribute to the I2P project,
+I hereby state that:
+
+* Unless marked otherwise, all code I commit is implicitly licensed under the component's primary license
+* If specified in the source, the code may be explicitly licensed under one of the component's alternate licenses
+* I have the right to release the code I commit under the terms I am committing it
+
+Meeh, 9 Aug 2012
+
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQIcBAEBAgAGBQJQJC9mAAoJELj1P6o1Twr4+i0QANHrOH8CyUJHVXkbTAxRdKW0
+u4avJvhQchyXjGvEPxYzUbQw2th41XlaNVKXgoiWTMKdOc88kkhL9dHj8yasMIHI
+hncureihJ7bFS11IFBauqP8nV8UG3oONq9GqzW+6YxQ4SL6UAMP84iXCfB6W0wBd
+ZE/06i5ezdsbeGfIgbrgkNsQMVcGRrbV5S3kBbW+lV4RitEsF2qb2IYlwbSUUSL9
+/7/8FX87xocLRs3GOjhmRiyifMSoSRShnmMmckDNGlkY3Yz19HSThE47xnyg9Aaj
+NYzmZMJFVnY6Rt1d4iLEw+/DUlYqs0afovHT2MnqymuN89204I6Yccn3n6AGKJxx
+yJX6U4x49BwohG7ZW1S9RINoobqcg3l1Ne1Lp5EBe8jyxFjz0n1684biDuyKJx/o
+ryp8mJ2cRKEWOduAyIChMeo/tFaDkMg/tTyuLrpSw404XpXa4EaUUlbZVQRHf25g
+1Kil1XL+KhFcAP3hgjmpfc2ukFcL6j09yI0eZhlkJLosI+lKMpK3dqcjbdOiOauk
+vQlJdkYZyxW2AReymH2XDI+cDg8tRw9iU22rAABXFs8zy5brK2Gjn1DK/sEVIdna
+NVr7aW4hiQWqHVWivVy5Otf8Ioacoi8i2NISZtbCc68WtEkoFmEdW7QB+kwSsXIq
+R2VFZ/114yCNY74KmujA
+=jfFH
+-----END PGP SIGNATURE-----
+
+
</pre>
{% endblock %}
diff --git a/www.i2p2/pages/license-agreements_de.html b/www.i2p2/pages/license-agreements_de.html
index a1a833f7812cef63623c1a4c672a4ce75df3fe06..a4eaafe462e3f59d5e58e3e6dd88c726fadb5290 100644
--- a/www.i2p2/pages/license-agreements_de.html
+++ b/www.i2p2/pages/license-agreements_de.html
@@ -7,12 +7,22 @@
Developers must use this file in ~/.monotone/monotonerc or
_MTN/montonerc in their i2p.i2p workspace.
<pre>
+function intersection(a,b)
+ local s={}
+ local t={}
+ for k,v in pairs(a) do s[v.name] = 1 end
+ for k,v in pairs(b) do if s[v] ~= nil then table.insert(t,v) end end
+ return t
+ end
+
function get_revision_cert_trust(signers, id, name, val)
local trusted_signers = { "complication@mail.i2p", "zzz@mail.i2p", "dev@welterde.de",
"Oldaris@mail.i2p", "sponge@mail.i2p", "dream@mail.i2p", "mathiasdm@mail.i2p",
"mkvore-commit@mail.i2p", "z3d@mail.i2p", "cervantes@mail.i2p", "BlubMail@mail.i2p",
"walking@mail.i2p", "neutron@mail.i2p", "HungryHobo@mail.i2p", "russiansponsor@mail.i2p",
- "echelon@mail.i2p", "forget@mail.i2p", "privateer@mail.i2p", "duck@mail.i2p" }
+ "echelon@mail.i2p", "forget@mail.i2p", "privateer@mail.i2p", "duck@mail.i2p",
+ "m1xxy@mail.i2p", "hiddenz@mail.i2p", "dev@robertfoss.se", "hamada@mail.i2p",
+ "magma@mail.i2p", "kytv@mail.i2p", "str4d@mail.i2p", "meeh@mail.i2p" }
local t = intersection(signers, trusted_signers)
if t == nil then return false end
if table.getn(t) >= 1 then return true end
@@ -20,6 +30,7 @@ function get_revision_cert_trust(signers, id, name, val)
end
</pre>
+
</p><p>Agreements:
<pre>
@@ -476,5 +487,219 @@ iEYEARECAAYFAkwKdKoACgkQTo2HeGooF8zClwCfVh8uaCHNP4MQwrB1egFKO40j
aqEAn3zAoSf0hCbTU/A489RKeQ6DA6GM
=mA0j
-----END PGP SIGNATURE-----
+
+m1xxy:
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Applicable to the code I contribute to the I2P project,
+I, mixxy/m1xxy, hereby state that:
+* Unless marked otherwise, all code I commit is implicitly licensed under the component's primary license
+* If specified in the source, the code may be explicitly licensed under one of the component's alternate licenses
+* I have the right to release the code I commit under the terms I am committing it.
+* The following is my monotone signing key:
+
+c9b970f5e8917eada663d4c6b22096617021c95c m1xxy@mail.i2p
+
+[pubkey m1xxy@mail.i2p]
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/aaFUq37RQdJpMC8aacqYLdd88wNVjwI+4HY5d7a61HvYIAecg1KJlq/CDFFrygmCcusnFaBmmBQFLO+gJXPKi9PMo1vaENiqCTVfY4EUpMMYzpuqKMKjyfuT6eoOHCZEKfZosUowyJt61FsTzGu+B9y27d0jxXwXT/fml100EwIDAQAB
+[end]
+
+mixxy
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.10 (GNU/Linux)
+
+iQIcBAEBAgAGBQJM1gjUAAoJECDrk8/2C++w+WwP/1GLBHpTGYiDO/zfqECgVRu2
+S+qxTdEWcJyfz1MY8tJ9vMIhlr66jxveI1KZ4sNUln91yPR2KDgMrBa31wL8IHAz
+T4uj7paMt8zLtptMbn2nGqdl/X3fmGloDQvW/VB0MWj3YpBgxXiMfEf3Mv9BcnV4
+B6IUvnXAWVe86Dlon1KLoQjAB3hjiGZV0vUV8sjEOYxX/qztLAfP1FPHCRdKlNYY
+hb2zNdRTHlCF+CKdZ+TX4HB7qlsjYUbhRJhh2pN2Rwz/2w/CddwXQ4jaKjCkn5T9
+D5Ekz4/b68doGq1hhjTf/GZ1FqVt+gkYr8MYPGZP5oJ6O4X5yPc3QhRy5cMlERSj
+S5+lXB/nM09w5bScHtdfHauxUI/vWOdF78BzCJHhOBBHZ/jrsV2iX6QDaf+X/FbT
+64SWXTa4jzQeE7MafF9Bkex1rWGJiom5Ew4NG73e1GyGtkwvRV6j5H3AKvpgRJzG
+G7W3/7MSZjNP7aIs2+BqYe9YveV0GCzC0l0lhIHvKNzRv6Avvvx7krORMQZqSt1k
+lVPIAUyoW+ScB+E26dVpRFne/0q9yUcQOeKyqehGCEFtgqQCqLsdTHynxayp58bJ
+lccrgLY+pzPpNg5w/5kJFm70ih9MOHRdRik9TiGvj56tzLUEPrD7WeMzl4mkeg0Y
+2WPghzlpoV5C1SJkv+dR
+=YLVN
+-----END PGP SIGNATURE-----
+
+hiddenz:
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Applicable to the code I contribute to the I2P project,
+I, hiddenz/anon8373/slow, hereby state that:
+* Unless marked otherwise, all code I commit is implicitly licensed under the component's primary license
+* If specified in the source, the code may be explicitly licensed under one of the component's alternate licenses
+* I have the right to release the code I commit under the terms I am committing it.
+* The following is my monotone signing key:
+
+[pubkey hiddenz@mail.i2p]
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnpEeIignM2UUsJT9+hSMcVOUuf0PZTxi9G3zRhDjal8Qdy/NUZQELAc6/gBhnZcSP4BHp/0BTTxXthlTjko8nkwx+EgzQO425Vgb1v/7RneCqEDjMP6QyZUOn1Hi2UBw+jvnbjFk1wDqt9BPdAKITfp3l7bR1xGr4gs1M4MSrcwIDAQAB
+[end]
+
+hiddenz
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQEcBAEBAgAGBQJM3u7uAAoJEFp3lNknxN+16HoIAMNYVELPBHOM4iqO1lWeFqmK
+mSw/+eME05KvboZUq9SsJjInUkxlbfDWHf/DuUlCnTPePuQY+wTQPOa18ncldG0y
+bgO71WnCSyIydrw8dIUtMBfvVzcSP4c5h0ty10Dw+YxdKL2TLTIw4JuqYCPhE4cm
+1IqBfHT5or7A2ahCXLkUt2YX9NW9SAl8xUs+/g5rzc42EAgh656JK83G7kA38UID
+nn6ZA+A/3hrTe1+lJ0yHa6sCnJGJ6+tdJlLzjeU6K34cRPCcn2sPO9LUlM6VHVga
+AkTEFPvxhJC9yJ4cgIJ5AlrcF8B4Ufb0gsfsEfebAl1puA0C/MRxywTSjZTTB3k=
+=UDcv
+-----END PGP SIGNATURE-----
+
+hottuna:
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+hottuna:
+
+Applicable to the code I contribute to the I2P project,
+I hereby state that:
+
+* Unless marked otherwise, all code I commit
+is implicitly licensed under the component's primary license
+
+* If specified in the source, the code may be explicitly licensed
+under one of the component's alternate licenses
+
+* I have the right to release the code I commit
+under the terms I am committing it
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.16 (MingW32)
+
+iQGcBAEBAgAGBQJNKd3GAAoJEBVx72WXYlXhZjEL/3miyEMtggiJF73UJ26qLyAp
+9vFqoztcCHZTdDS3jpXaDY3v2WnfT6bB3eQjrFYkwDO8UpVqjdCnPUhs/sqHg0eX
+eqesy6IqDhluxJTO3vlvgBJVh449/g1P15hOQ1aR3vv12okmv85yOD7qbprkAZ9P
+J2uByT2L1EaLUuYVABVkmoZyBhvmSFZkfvXmToYlywo413r36mW4M+Y7yFkBuw0x
+aEvZ43zVVDaMsJQwTPdcUb4RmfSPk8d15FOr9WbWzSfKhUZ1HUtCWjPUuYWPzIrg
+APnJswb07ekm8G9bPeKctOg8lJnJTbM0HzA1KGaCzvpJ+asz6HY8+2mq5RzvQ5XX
++6x+heNjNNG6f55cdwTw+ivWcsZiKDliAMUWlSkHMoWLjdzYOzrCM0vNf+BQMYeU
++Qg/bOU4Pt11Hfn5/PwY7zdK3KTp/bqtWE6kBdlFXtnPdZKaYtUTmwdCgB/2EC2T
+pJOW/MBcMyHC5MxdistNFpXDv4O8dt7SNe83ADB2bA==
+=aXNE
+-----END PGP SIGNATURE-----
+
+hamada:
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Hamada affirm that:
+
+ * Unless marked otherwise, all code I commit is implicitly
+licensed under the component's primary license
+ * If specified in the source, the code may be explicitly licensed
+under one of the component's alternate licenses
+ * I have the right to release the code I commit under the terms I
+am committing it
+
+Hamada
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQEcBAEBAgAGBQJNUs9+AAoJEOEGJ9ydVi3DddMH/0Bl4Mh3oSWFfx8peOj2JG2z
+bXHrK7kDHSK+aJrcFORQ4YPg2INjCH5GDDxaALhHKnVpTqZHy2F+RWII1SYVnU6l
+SQKBKOKw4bHQZSS0ibdsRkUbP1cyoxR9bh0SXfDFjwLu3rzsU4FFc6vmRAIdwiOo
+xQK3RpiPpzegsZPOFr4+vHIJUGcgGce86EIjC5VSoQHb3gHXsnsYGYBIszEj1MZ4
+OCzbjV7Gl44sZ6R8Q2AU1Dita7ANJv6bkbk8W8Rurxqi2lUDHiWkW2XaoZ18mvnj
+dZ65tC2kHgJHVU0oIn5rGMA7uuQizFL0d6pzQfJgw1hMA29sGQmxovy+Bp85Pqk=
+=HeGr
+-----END PGP SIGNATURE-----
+
+kytv:
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+I KillYourTV/KYTV affirm that:
+
+ * Unless marked otherwise, all code I commit is implicitly licensed under the component's primary license
+ * If specified in the source, the code may be explicitly licensed under one of the component's alternate licenses
+ * I have the right to release the code I commit under the terms I am committing it
+
+[pubkey kytv@mail.i2p]
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMMTHQs4AQ0KuXjHsPRvfeBo2EydIAcGcBH7VCO26AofX2ns3ezTKfvmv6QcFhcxn41I6OdG29DdFVRz4D8hIZvOoFYfe87nswgyXW85rEilJP02Z8HCr/dcYJbPsWAlMr7/UIDsT/9swd0U6QTf9X2W+VORyhDdYXcG8zikBqXQIDAQAB
+[end]
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.10 (GNU/Linux)
+
+iQEcBAEBAgAGBQJN0b3UAAoJEKvgwxnfCgoaQaMH/RdNoOt+1lm4cztvv5f2QBL3
+W4h3PjloDqkLE4ATDm+AcctahQaWuA221AMOrhR0aS+93wm+mOxzSmeoE91V475n
+2fpC/zWx0WRAzjQkr1M6OkcXNy6f+H5/UkBcaivzI9y5wUv5ETUHwiy+5qzG4oQ7
+AzbPHeJic88c6dyGX6rwa5VFMXLKYnr7h/i562/Ynaqus8tu/td1KEGkdNFgW4We
+y/aXYqaNYtds4xova49m99Y5u1kfKltv4YVEwY5a7Cj8p/31aeD8c10rWrf00R9H
+XlL2/b0lIx1C8CAK5TmdrD8G1SXl614SJTGuQfBT2N6yCT+jcrOMJIghCZhvmLQ=
+=U1Tw
+-----END PGP SIGNATURE-----
+
+str4d:
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+I str4d affirm that:
+
+ * Unless marked otherwise, all code I commit is implicitly licensed under the component's primary license.
+ * If specified in the source, the code may be explicitly licensed under one of the component's alternate licenses.
+ * I have the right to release the code I commit under the terms I am committing it.
+ * The following is my monotone signing key:
+
+01265f0c817b24548478341fb75e672720a78b21 str4d@mail.i2p
+
+[pubkey str4d@mail.i2p]
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe4zkWVW8fBXGtnMpWbw316qbxWhKdnM86bnPyU3a8C2ERaofESzoZPXm21BR4jEqHLFzVzni4MTAJ+J0XjW70Le5DZTm/AG18qXd8UsK2+IreCHqnv5XPL8Lw8oY6zNoT834emGqH2n0T98OHF6zNUStBrvuv9AFPa6FZocF2mwIDAQAB
+[end]
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.10 (GNU/Linux)
+
+iQEcBAEBAgAGBQJPE5faAAoJENXeOJaUpGWy5kUIAIhe1ow0VpMgJitkBr8cBF8B
+iJoKJ/DrCQ+XGk8API05VpyW0BLnG9qVRZh8DZux3NealIk3k37gN5rVHas0vpjU
+5qzqFNwpeyPSSFhylLMqf3fYdjJJZieZfWU/XW7HUMYGgZ03Lq95sxPRPyl8A0D8
+2ahv537Vy4EOZCdE8CvBgS/Hk0TVrG9EPL/vR1T6cx9YSV5/R0xiNNKujgoUHurX
+8gHudomaEf+VxqDFCFQbjIWqDuf1sm1eRQokvO+wELqNjkUsWhDMAS54EjTmYN+h
+Zc8XFXkeLUdRU6zJHo0tRWo0zswIW+a0r5W+T5MHwUnYOiTUUVgOjtwTGN7uURQ=
+=nEwG
+-----END PGP SIGNATURE-----
+
+meeh:
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+Applicable to the code I contribute to the I2P project,
+I hereby state that:
+
+* Unless marked otherwise, all code I commit is implicitly licensed under the component's primary license
+* If specified in the source, the code may be explicitly licensed under one of the component's alternate licenses
+* I have the right to release the code I commit under the terms I am committing it
+
+Meeh, 9 Aug 2012
+
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQIcBAEBAgAGBQJQJC9mAAoJELj1P6o1Twr4+i0QANHrOH8CyUJHVXkbTAxRdKW0
+u4avJvhQchyXjGvEPxYzUbQw2th41XlaNVKXgoiWTMKdOc88kkhL9dHj8yasMIHI
+hncureihJ7bFS11IFBauqP8nV8UG3oONq9GqzW+6YxQ4SL6UAMP84iXCfB6W0wBd
+ZE/06i5ezdsbeGfIgbrgkNsQMVcGRrbV5S3kBbW+lV4RitEsF2qb2IYlwbSUUSL9
+/7/8FX87xocLRs3GOjhmRiyifMSoSRShnmMmckDNGlkY3Yz19HSThE47xnyg9Aaj
+NYzmZMJFVnY6Rt1d4iLEw+/DUlYqs0afovHT2MnqymuN89204I6Yccn3n6AGKJxx
+yJX6U4x49BwohG7ZW1S9RINoobqcg3l1Ne1Lp5EBe8jyxFjz0n1684biDuyKJx/o
+ryp8mJ2cRKEWOduAyIChMeo/tFaDkMg/tTyuLrpSw404XpXa4EaUUlbZVQRHf25g
+1Kil1XL+KhFcAP3hgjmpfc2ukFcL6j09yI0eZhlkJLosI+lKMpK3dqcjbdOiOauk
+vQlJdkYZyxW2AReymH2XDI+cDg8tRw9iU22rAABXFs8zy5brK2Gjn1DK/sEVIdna
+NVr7aW4hiQWqHVWivVy5Otf8Ioacoi8i2NISZtbCc68WtEkoFmEdW7QB+kwSsXIq
+R2VFZ/114yCNY74KmujA
+=jfFH
+-----END PGP SIGNATURE-----
+
+
</pre>
{% endblock %}
diff --git a/www.i2p2/pages/licenses.html b/www.i2p2/pages/licenses.html
index ff40f2fc7b1de9893b1755ebf66ec22885aad1d1..327a21c4ce7179bd3d7d3474ce99f25ef31ec459 100644
--- a/www.i2p2/pages/licenses.html
+++ b/www.i2p2/pages/licenses.html
@@ -282,7 +282,7 @@ summary of the license terms - please see the specific license for the component
or source code in question for authoritative terms. Component source locations and
resource packaging may be changed if the repository is reorganized.</p>
-<h2><a id="commit">Commit privileges</h2>
+<h2><a id="commit">Commit privileges</a></h2>
<p>
Developers may push changes to a distributed monotone repository if you
receive permission from the person running that repository.
@@ -291,7 +291,7 @@ See the <a href="monotone.html">Monotone Page</a> for details.
<p>
However, to have changes included in a release, developers
-must be trusted by the release managers (currently Complication and zzz).
+must be trusted by the release manager (currently zzz).
In addition, they must explicitly agree with the above terms to be trusted.
That means that they must send one of the release managers a signed message affirming that:</p>
<ul>
@@ -299,7 +299,7 @@ That means that they must send one of the release managers a signed message affi
the component's primary license</li>
<li>If specified in the source, the code may be explicitly licensed under one
of the component's alternate licenses</li>
- <li>I have the right to release the code they commit under the terms I
+ <li>I have the right to release the code I commit under the terms I
am committing it</li>
</ul>
diff --git a/www.i2p2/pages/licenses_de.html b/www.i2p2/pages/licenses_de.html
index 3dc67b92bcf2b8322e2a95952e4248ddbc8a07bb..0a1e3938ab7d0d738ad13b997a7acfb05d848142 100644
--- a/www.i2p2/pages/licenses_de.html
+++ b/www.i2p2/pages/licenses_de.html
@@ -262,7 +262,7 @@ Siehe auf die <a href="monotone.html">Monotone Seite</a> für Details.
</p>
<p>
-Dennoch muss der Releasemanager (derzeit Complication und zzz) dem Entwickler
+Dennoch muss der Releasemanager (derzeit zzz) dem Entwickler
vertrauen, wenn dieser Änderungen in ein Release einbringen möchte.
Zusätzlich muss ein Entwickler den oberen Bestimmungen explizit zustimmen
um vertrauenswürdig zu sein.
diff --git a/www.i2p2/pages/links.html b/www.i2p2/pages/links.html
index a55ecbd6637d4145088af33772d1e4a61d886953..242320c5bbb420eb96da2ae5b19d4d9ca9a18024 100644
--- a/www.i2p2/pages/links.html
+++ b/www.i2p2/pages/links.html
@@ -2,12 +2,23 @@
{% block title %}Links{% endblock %}
{% block content %}
<h1>Recommended Links & Resources</h1>
+<p>
+See also the page with
+<a href="papers.html">links to papers, presentations, videos, and tutorials about I2P</a>.
+</p>
+
<div class="links">
<ul>
<h4>Friends of I2P</h4>
<li><a href="http://anomos.info/">Anomos Pseudonymous Encrypted Bittorrent</a></li>
+<li><a href="http://www.eff.org/">EFF</a></li>
+<li><a href="https://gnunet.org/">GNUnet</a></li>
+<li><a href="https://www.ipredator.se/?lang=en">Ipredator</a></li>
+<li><a href="http://www.isdpodcast.com/">InfoSec Daily Podcast</a></li>
<li><a href="http://www.abenteuerland.at/onioncat/">Onioncat</a></li>
+<li><a href="https://www.relakks.com/?cid=gb">Relakks</a></li>
<li><a href="http://www.pegasusnk.org/">The Pegasus Project</a></li>
+<li><a href="http://www.thepegasuspress.com/">The Pegasus Press</a></li>
<li><a href="http://telecomix.org/">Telecomix</a></li>
<li><a href="http://www.torproject.org/">Tor</a></li>
<h4>More Projects and Documentation</h4>
@@ -21,6 +32,7 @@
<li><a href="http://freenetproject.org/">Freenet</a></li>
<li><a href="http://anon.inf.tu-dresden.de/index_en.html">JAP</a></li>
<h4>Press</h4>
+<li><a href="http://www.isdpodcast.com/podpress_trac/web/2719/0/infosec-daily-podcast-episode-454.mp3">zzz interviewed on the InfoSec Daily Podcast (mp3)</a> (August 18, 2011)</li>
<li><a href="http://www.gulli.com/news/i2p-an-anonymous-network-2009-03-09/">zzz interviewed by gulli.com</a> (March '09)</li>
<li><a href="http://www.netzwelt.de/news/75371-i2p-das-anonyme-netz-im.html">Netzwelt.de article about being anonymous in the Internet</a></li>
<h4>Boards, newssite, others</h4>
diff --git a/www.i2p2/pages/links_de.html b/www.i2p2/pages/links_de.html
index 76edbf423f976700764f0ee27eb44bd19caf7f76..c2f00f4cd679fe174cb39a63ac61882681e953e1 100644
--- a/www.i2p2/pages/links_de.html
+++ b/www.i2p2/pages/links_de.html
@@ -6,6 +6,7 @@
<ul>
<h4>Friends of I2P</h4>
<li><a href="http://anomos.info/">Anomos Pseudonymous Encrypted Bittorrent</a></li>
+<li><a href="http://www.eff.org/">EFF</a></li>
<li><a href="http://www.abenteuerland.at/onioncat/">Onioncat</a></li>
<li><a href="http://www.pegasusnk.org/">The Pegasus Project</a></li>
<li><a href="http://telecomix.org/">Telecomix</a></li>
diff --git a/www.i2p2/pages/links_fr.html b/www.i2p2/pages/links_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..3ad80795314c5db6de59d315ecd05273e0cb74ea
--- /dev/null
+++ b/www.i2p2/pages/links_fr.html
@@ -0,0 +1,45 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Liens{% endblock %}
+{% block content %}
+<h1>Liens & Ressources recommandés</h1>
+<p>
+Voir aussi la page de
+<a href="papers_fr.html">liens vers des articles, présentations, videos, et tutoriels sur I2P</a>.
+</p>
+<div class="links">
+<ul>
+<h4>Les amis d'I2P</h4>
+<li><a href="http://anomos.info/">Anomos Pseudonymous Encrypted Bittorrent</a></li>
+<li><a href="http://www.eff.org/">EFF</a></li>
+<li><a href="https://gnunet.org/">GNUnet</a></li>
+<li><a href="https://www.ipredator.se/?lang=fr">Ipredator</a></li>
+<li><a href="http://www.abenteuerland.at/onioncat/">Onioncat</a></li>
+<li><a href="https://www.relakks.com/?cid=fr">Relakks</a></li>
+<li><a href="http://www.pegasusnk.org/">The Pegasus Project</a></li>
+<li><a href="http://www.thepegasuspress.com/">The Pegasus Press</a></li>
+<li><a href="http://telecomix.org/">Telecomix</a></li>
+<li><a href="http://www.torproject.org/">Tor</a></li>
+<h4>Autres projets & documentation</h4>
+<li><a href="http://freehaven.net/anonbib/topic.html">Freehaven's Anonymity Bibliography</a></li>
+<li><a href="http://gnunet.org/links.php3">GNUNet's related projects</a></li>
+<li><a href="http://www.tik.ee.ethz.ch/~morphmix/">Morphmix</a></li>
+<li><a href="http://www.pdos.lcs.mit.edu/tarzan/">Tarzan</a></li>
+<li><a href="http://www.onion-router.net/">Onion Routing</a></li>
+<li><a href="http://mixmaster.sourceforge.net/">Mixmaster</a></li>
+<li><a href="http://mixminion.net/">Mixminion</a></li>
+<li><a href="http://freenetproject.org/">Freenet</a></li>
+<li><a href="http://anon.inf.tu-dresden.de/index_en.html">JAP</a></li>
+<h4>Presse</h4>
+<li><a href="http://www.gulli.com/news/i2p-an-anonymous-network-2009-03-09/">zzz interviewed by gulli.com</a> (March '09)</li>
+<li><a href="http://www.netzwelt.de/news/75371-i2p-das-anonyme-netz-im.html">Netzwelt.de article about being anonymous in the Internet</a></li>
+<h4>Boards, nouvelles, autres</h4>
+<li><a href="http://twitter.com/i2p">i2p (zzz) on twitter</a></li>
+<li><a href="http://board.planetpeer.de/index.php?board=80.0">Planet Peer Board (English)</a></li>
+<li><a href="http://board.planetpeer.de/index.php?board=18.0">Planet Peer Board (Deutsch)</a></li>
+<h4>Vielleries</h4>
+<li><a href="http://invisibleip.sourceforge.net/iip/index.php">Invisible IRC Project</a> - the distant predecessor of I2P</li>
+<li><a href="http://news.gmane.org/gmane.network.i2p">The ancient I2P mailing list</a> 2004-07 to 2006-10 (gmane)
+<li><a href="http://news.gmane.org/gmane.comp.security.invisiblenet.iip.devel">The even more ancient invisiblenet mailing list</a> 2002-10 to 2004-01 (gmane)
+<li><a href="http://www.businessweek.com/magazine/content/03_37/b3849089_mz063.htm">2003 Business Week article referencing invisiblenet</a>
+</ul></div>
+{% endblock %}
diff --git a/www.i2p2/pages/links_zh.html b/www.i2p2/pages/links_zh.html
index 2d961ec4ed5697f1564ae25dd574d48b4b289749..605537b0c5ca951641176d9857477d94efc8f650 100644
--- a/www.i2p2/pages/links_zh.html
+++ b/www.i2p2/pages/links_zh.html
@@ -7,7 +7,8 @@
<div class="links">
<ul>
<h4> I2P å‹å¥½é¡¹ç›®</h4>
-<li><a href="http://anomos.info/">Anomos Pseudonymous Encrypted Bittorrent</a></li>
+<li><a href="http://anomos.info/">Anomos Pseudonymous Encrypted Bittorrent</a></li>
+<li><a href="http://www.eff.org/">EFF</a></li>
<li><a href="http://www.abenteuerland.at/onioncat/">Onioncat</a></li>
<li><a href="http://www.pegasusnk.org/">The Pegasus Project</a></li>
<li><a href="http://telecomix.org/">Telecomix</a></li>
diff --git a/www.i2p2/pages/manualwrapper.html b/www.i2p2/pages/manualwrapper.html
new file mode 100644
index 0000000000000000000000000000000000000000..b2c71411f420a3399056b84efe8f2f9c739aec92
--- /dev/null
+++ b/www.i2p2/pages/manualwrapper.html
@@ -0,0 +1,54 @@
+{% extends "_layout.html" %}
+{% block title %}Manually Installing the Java Wrapper{% endblock %}
+{% block content %}
+<h1>Manually Installing the Java Wrapper</h1>
+
+<p>The installation package for the <a href="download">I2P router</a> comes
+with a Java wrapper for the most common architectures. If your system is not
+supported by our installer—or if you want to update the wrapper to a
+newer version—the following steps describe installing the wrapper manually.
+</p>
+
+<ul>
+ <li> Check Tanuki Software's <a href="http://wrapper.tanukisoftware.com/doc/english/download.jsp#stable">download page</a>
+ for your platform. Is your platform listed? If so, you're in
+ luck! Download the most recent version of the Community Edition for your OS and
+ CPU and move to <a href="#packaged">the next step</a></li>
+ <li>If your platform does not have an already compiled wrapper available, you
+ may be able to compile it yourself. If you are willing to have a go at it, move
+ on to <a href="#compiling">compiling</a> the wrapper for your system.</li>
+</ul>
+<h2 id="packaged">Using existing binaries</h2>
+In the steps below, $I2P means <em>the location I2P was installed to</em>.
+<ol>
+ <li><code>tar xzf wrapper-*.tar.gz</code></li>
+ <li><code>cp wrapper*/bin/wrapper $I2P/i2psvc</code></li>
+ <li><code>cp wrapper*/lib/wrapper.jar $I2P/lib</code></li>
+ <li><code>cp wrapper*/lib/libwrapper.so $I2P/lib</code></li>
+ <li>Try to start I2P using <code>$I2P/i2prouter start</code></li>
+ <li><code>tail -f /tmp/wrapper.log</code> and look for any problems.</li></ol>
+If this did not work you'll need to use <code>runplain.sh</code> to start I2P.
+<h2 id="compiling">Compiling from source</h2>
+These steps worked to compile the wrapper for use on a mipsel system running Debian. The steps <strong>will</strong> need to be altered for your system.
+<ol>
+ <li>Download the source archive for the community version of the wrapper from <a href="http://wrapper.tanukisoftware.com/downloads">wrapper download page</a>.</li>
+ <li>Extract the tarball<br />
+ <code>tar xzf wrapper_3.5.13_src.tar.gz</code></li>
+ <li>Set environment variables ANT_HOME and JAVA_HOME. In Debian, one can<br />
+ <code>export ANT_HOME=/usr/share/ant</code><br />
+ <code>export JAVA_HOME=/usr/lib/jvm/default-java</code></li>
+ <li>Since there isn't a Makefile for Mipsel, we'll make a copy of an already existing makefile<br />
+ <code>cp src/c/Makefile-linux-x86-32.make src/c/Makefile-linux-mipsel-32.make</code></li>
+ <li>Now we can attempt to compile the wrapper<br />
+ <code>./build32.sh</code> (use <code>./build64.sh</code> if you have a 64bit CPU and JVM)</li>
+ <li>Copy the wrapper into its proper place:
+ <ul>
+ <li><code>cp bin/wrapper $I2P/i2psvc</code></li>
+ <li><code>cp lib/wrapper.jar $I2P/lib</code></li>
+ <li><code>cp lib/libwrapper.so $I2P/lib</code></li>
+ </ul></li>
+ <li>Try to start I2P using <code>$I2P/i2prouter start</code></li>
+ <li><code>tail -f /tmp/wrapper.log</code> and look for any problems.</li>
+</ol>
+If this did not work you'll need to use <code>runplain.sh</code> to start I2P.
+{% endblock %}
diff --git a/www.i2p2/pages/meeting48.html b/www.i2p2/pages/meeting48.html
deleted file mode 100644
index 8866a099fdc7872a500fc836b4e92aaf8b82ab69..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/meeting48.html
+++ /dev/null
@@ -1,746 +0,0 @@
-{% extends "_layout.html" %}
-{% block title %}I2P Development Meeting 48{% endblock %}
-{% block content %}<div class="irclog">
-<p>--- Log opened Tue Jul 15 17:46:47 2003</p>
-<p>17:46 < gott> yo.</p>
-<p>17:46 <@nop> just a heads up on my silence</p>
-<p>17:46 <@hezekiah> Tue Jul 15 21:46:49 UTC 2003</p>
-<p>17:47 <@hezekiah> OK. The iip-dev meeting has started.</p>
-<p>17:47 <@hezekiah> Is it the 48th or 49th?</p>
-<p>17:47 < jrand0m> nop> this is why its critical that we get the router</p>
-<p> architecture pounded out asap. I understand that different people have</p>
-<p> different rates of speed, and we must segment so different components can</p>
-<p> proceed accordingly</p>
-<p>17:47 < mihi> 49th</p>
-<p>17:47 <@hezekiah> OK! Welcome to the 49th iip-dev meeting!</p>
-<p>17:47 < jrand0m> I have three more days at my job, after which 90+ hours /</p>
-<p> week will be dedicated to getting this going</p>
-<p>17:48 < jrand0m> I know and don't expect everyone to be able to do that,</p>
-<p> which is why we need to segment</p>
-<p>17:48 < jrand0m> hi hezekiah :)</p>
-<p>17:48 <@hezekiah> lol</p>
-<p>17:48 <@nop> to rebutt on that</p>
-<p>17:48 <@hezekiah> I'll wait a minute. Then we can do the agenda. :)</p>
-<p>17:48 <@nop> the security of the router architecture is dependant that you</p>
-<p> do not rush as well</p>
-<p>17:49 <@nop> if we do</p>
-<p>17:49 <@nop> we overlook</p>
-<p>17:49 <@nop> which could leave us cleaning up a big mess later</p>
-<p>17:49 -!- Rain [Rain@anon.iip] has quit [I Quit]</p>
-<p>17:49 < jrand0m> nop> disagree. we can still build app layer and APIs</p>
-<p> without implementing the router (or even knowing how the network will operate)</p>
-<p>17:49 <@nop> I agree with that</p>
-<p>17:50 <@nop> I'm specifically talking about the underlying network</p>
-<p>17:50 < jrand0m> if we can agree to the API I sent out, then thats the</p>
-<p> segmentation we need</p>
-<p>17:50 < jrand0m> right, router impl and network design still isn't done</p>
-<p>17:50 <@nop> ok</p>
-<p>17:50 <@nop> oh, I can definitely agree with your api so far</p>
-<p>17:51 <@hezekiah> jrand0m: One problem.</p>
-<p>17:51 < jrand0m> shoot hezekiah</p>
-<p>17:51 <@hezekiah> It will look different if you implement it in C.</p>
-<p>17:51 < jrand0m> not too different</p>
-<p>17:51 < gott> oh dear</p>
-<p>17:51 < jrand0m> less capital letters, and replace the objects with structs</p>
-<p>17:51 < gott> what languages are people considering implementing it in?</p>
-<p>17:51 < jrand0m> (for the api)</p>
-<p>17:51 <@hezekiah> Uh, jrand0m? There is no 'byte[]' in C.</p>
-<p>17:51 < jrand0m> gott> read the mail archives for some example answers to that</p>
-<p>17:52 <@hezekiah> You will be using void*'s with an integer to specifiy the</p>
-<p> length most likely.</p>
-<p>17:52 < jrand0m> hezekiah> then unsigned int[]</p>
-<p>17:52 < gott> jrand0m: for once, a religious war that I'm not a part of</p>
-<p>17:52 <@hezekiah> If I remember correctly (help me out here nop), you can't</p>
-<p> just return an unsigned int[] from a function.</p>
-<p>17:53 <@hezekiah> gott: It's not a religious war. I'm just saying that the</p>
-<p> API as a concept might be fine, but in C it would look seriously different.</p>
-<p>17:53 < gott> hezekiah: as opposed to what? pseudocode?</p>
-<p>17:53 < jrand0m> right, syntactic changes. but yes, if there are real</p>
-<p> differences, we need to get them worked out ASAP. (like, today) Perhaps</p>
-<p> now would be a good tiem to look at the email I sent entitled "high level</p>
-<p> router architecture and API" and review?</p>
-<p>17:54 <@hezekiah> nop? UserX? Are you game for that?</p>
-<p>17:54 < jrand0m> not too different, but different none the less, yes.</p>
-<p> which is why I said Java API on todays email :)</p>
-<p>17:54 -!- WinBear [WinBear@anon.iip] has joined #iip-dev</p>
-<p>17:55 <@nop> wait</p>
-<p>17:55 <@nop> reading above</p>
-<p>17:55 -!- mihi_2 [~none@anon.iip] has joined #iip-dev</p>
-<p>17:55 -!- mihi is now known as nickthief60234</p>
-<p>17:55 -!- mihi_2 is now known as mihi</p>
-<p>17:55 < jrand0m> wb mihi</p>
-<p>17:55 < gott> btw, is this being live logged?</p>
-<p>17:55 -!- nickthief60234 [~none@anon.iip] has quit [EOF From client]</p>
-<p>17:55 <@hezekiah> gott: Yes.</p>
-<p>17:55 < mihi> redundancy rules ;)</p>
-<p>17:55 < gott> I'll just read it later on then.</p>
-<p>17:55 -!- gott [~gott@anon.iip] has left #iip-dev [gott]</p>
-<p>17:56 <@nop> ok</p>
-<p>17:56 <@nop> yes</p>
-<p>17:56 < WinBear> jrand0m: hi</p>
-<p>17:56 <@nop> definitely differences</p>
-<p>17:56 <@nop> what we need</p>
-<p>17:56 < jrand0m> heya WinBear</p>
-<p>17:56 <@nop> is a team of certain developers to write the main api level</p>
-<p> controls for these languages</p>
-<p>17:56 <@nop> we know that jrand0m can handle java</p>
-<p>17:56 <@nop> and probably could team up with thecrypto as well</p>
-<p>17:56 <@nop> and hezekiah and the gang can do C</p>
-<p>17:56 <@nop> and jeremiah if he's willing</p>
-<p>17:56 <@nop> can do python</p>
-<p>17:56 <@hezekiah> I can do C++ too! ;-)</p>
-<p>17:56 <@nop> ok</p>
-<p>17:56 <@nop> C++ as well</p>
-<p>17:57 <@hezekiah> lol</p>
-<p>17:57 <@nop> C++ will probably work</p>
-<p>17:57 <@nop> with C</p>
-<p>17:57 <@nop> if you don't template the crap out of it</p>
-<p>17:57 < jrand0m> heh</p>
-<p>17:57 <@hezekiah> lol</p>
-<p>17:57 <@hezekiah> Actually, while MSVC can link C and C++ object files,</p>
-<p> gcc doesn't seem to like that.</p>
-<p>17:57 <@nop> aka, stick to structs that are compatible with C, or is that</p>
-<p> not viable</p>
-<p>17:57 < jrand0m> first question, prior to that, is what applications will use</p>
-<p> these APIs? I know of apps that will want to use java, will iproxy be in C?</p>
-<p>17:58 <@hezekiah> nop: I don't think C and C++ are object compatible.</p>
-<p>17:58 <@nop> ok</p>
-<p>17:58 <@hezekiah> nop: C++ won't get along with C much better than Java.</p>
-<p>17:58 <@nop> well maybe USerX could do C</p>
-<p>17:58 <@nop> and you could pull C++</p>
-<p>17:58 <@hezekiah> We don</p>
-<p>17:58 <@nop> ?</p>
-<p>17:58 <@hezekiah> don't even need to _do_ C++ if you don't want to. It's</p>
-<p> just that I prefer it.</p>
-<p>17:59 <@nop> well, the thing is</p>
-<p>17:59 <@nop> there are a lot of C++ developers</p>
-<p>17:59 <@nop> especially in the microsoft world</p>
-<p>17:59 <@hezekiah> Even in the Linux world. (see: KDE and Qt.)</p>
-<p>17:59 < jrand0m> C and C++ are binary compatible if you just make .so or .a</p>
-<p>17:59 < jrand0m> (btw)</p>
-<p>18:00 <@nop> can C be a good placement for C++, aka C++ developers would be</p>
-<p> able to handle a c api easier than a C++ api with a c developer?</p>
-<p>18:00 <@hezekiah> jrand0m: Yeah. You can probably have libraries ... but if</p>
-<p> you can</p>
-<p>18:00 <@hezekiah> jrand0m: can't even use classes, it sorta defeats the</p>
-<p> purpose.</p>
-<p>18:00 <@nop> right</p>
-<p>18:00 <@nop> let's stick with C</p>
-<p>18:01 <@nop> because C++ coders can still call a C library rather easily</p>
-<p>18:01 <@hezekiah> If one module needs to call anothers functions, then they</p>
-<p> had best both be the same language.</p>
-<p>18:01 <@hezekiah> nop: C++ coders will know C well enough ... though it</p>
-<p> might take some work if they never /learned/ C.</p>
-<p>18:02 <@hezekiah> However, C coders wouldn't know C++ since C is just a</p>
-<p> subset of C++.</p>
-<p>18:02 -!- logger_ [~logger@anon.iip] has joined #iip-dev</p>
-<p>18:02 -!- Topic for #iip-dev: logfiles will be online after the meeting:</p>
-<p> http://wiki.invisiblenet.net/?Meetings</p>
-<p>18:02 [Users #iip-dev]</p>
-<p>18:02 [@hezekiah] [+Ehud ] [ leenookx] [ moltar] [ tek ]</p>
-<p>18:02 [@nop ] [ jeremiah] [ logger_ ] [ Neo ] [ WinBear]</p>
-<p>18:02 [@UserX ] [ jrand0m ] [ mihi ] [ ptsc ]</p>
-<p>18:02 -!- Irssi: #iip-dev: Total of 14 nicks [3 ops, 0 halfops, 1 voices,</p>
-<p>10 normal]</p>
-<p>18:02 < jrand0m> right</p>
-<p>18:02 -!- Irssi: Join to #iip-dev was synced in 9 secs</p>
-<p>18:02 < jrand0m> (with JMS :)</p>
-<p>18:02 <@nop> yep</p>
-<p>18:03 -!- You're now known as logger</p>
-<p>18:03 < jrand0m> ok, can we review the overall architecture to see whether</p>
-<p> the APIs are even relevent first?</p>
-<p>18:03 <@nop> fine 18:04 < jrand0m> :)</p>
-<p>18:04 < jrand0m> ok, see the email I sent w/ the routerArchitecture.png.</p>
-<p> any thoughts on that seperation?</p>
-<p>18:04 -!- tek [~tek@anon.iip] has quit []</p>
-<p>18:05 < WinBear> jrand0m: is that on the wiki?</p>
-<p>18:05 < jrand0m> WinBear> no, on the mailing list, though the archives</p>
-<p> are down. lemmie add it to the wikki</p>
-<p>18:06 <@hezekiah> Correct me if I'm wrong ...</p>
-<p>18:07 <@hezekiah> ... but it looks like we're going to have 3 seperate API's</p>
-<p> that are as similar as possible.</p>
-<p>18:07 <@hezekiah> Right?</p>
-<p>18:07 < jrand0m> yes hezekiah</p>
-<p>18:07 <@hezekiah> So since each API is in a different language, are they</p>
-<p> going all each have seperate implementations?</p>
-<p>18:07 < jrand0m> yes</p>
-<p>18:07 <@hezekiah> Or is there a way for Java or Python to access a C library?</p>
-<p>18:08 < jrand0m> yes, but we don't want to go that route</p>
-<p>18:08 < mihi> for java: JNI</p>
-<p>18:08 <@hezekiah> So this talk about Java, C, C++, Python, etc. working</p>
-<p> together is mute since they never will?</p>
-<p>18:08 < jrand0m> how do I attach an image to the wiki?</p>
-<p>18:08 <@hezekiah> Each API has its own backend written in that language.</p>
-<p>18:08 < jrand0m> no hezekiah, look at the diagram</p>
-<p>18:09 <@hezekiah> Oh, duh!</p>
-<p>18:09 <@hezekiah> The API's don't link to a backend.</p>
-<p>18:10 <@hezekiah> They talk via sockets.</p>
-<p>18:10 < jrand0m> si sr</p>
-<p>18:10 <@hezekiah> This is still a little confusing though.</p>
-<p>18:10 <@hezekiah> Give me a sec here. :)</p>
-<p>18:11 <@hezekiah> OK. What is the thing labeled 'transport'?</p>
-<p>18:11 < jrand0m> for example, bidirectional HTTP transport, SMTP transport,</p>
-<p> plain socket transport, polling HTTP socket, etc</p>
-<p>18:11 < jrand0m> the thing that moves bytes between routers</p>
-<p>18:12 <@hezekiah> OK.</p>
-<p>18:12 <@hezekiah> So the diagram I'm looking at shows one person's computer.</p>
-<p>18:12 <@hezekiah> He has a router that talks to other people's computers</p>
-<p> via the transports.</p>
-<p>18:12 < jrand0m> correct</p>
-<p>18:12 <@hezekiah> Person 1 (Alice) has 2 applications running.</p>
-<p>18:12 <@hezekiah> One is in C, the other in Java.</p>
-<p>18:13 <@hezekiah> Both are linked to a library (that's the API).</p>
-<p>18:13 < jrand0m> both are "linked" to seperate libraries (the APIs)</p>
-<p>18:13 <@nop> simple concept</p>
-<p>18:13 <@nop> yes</p>
-<p>18:13 <@hezekiah> Those libraries, take input from the program encrypt it,</p>
-<p> and send it via sockets (unix or TCP) to the router ... which is another</p>
-<p> program Alice is running.</p>
-<p>18:13 < jrand0m> correct</p>
-<p>18:14 <@hezekiah> OK. So it's kinda like isproxy being split in two.</p>
-<p>18:14 < jrand0m> bingo :)</p>
-<p>18:14 <@hezekiah> One part is low end and written in C, and the other is</p>
-<p> high end and written in whatever.</p>
-<p>18:14 < jrand0m> exactly</p>
-<p>18:14 <@hezekiah> OK. I get it. :)</p>
-<p>18:14 < jrand0m> w00t</p>
-<p>18:14 <@hezekiah> So no language needs to play nice with any other language.</p>
-<p>18:14 < jrand0m> WinBear> sorry, I can't toss it on the wiki as it only</p>
-<p> takes text :/</p>
-<p>18:15 <@hezekiah> Since they all comunicate with the router via sockets,</p>
-<p> you could write an API in PASCAL for all the design cares.</p>
-<p>18:15 <@nop> yes</p>
-<p>18:15 <@nop> arbitrary</p>
-<p>18:15 < jrand0m> right</p>
-<p>18:15 <@nop> it handles arbitrary sockets</p>
-<p>18:15 < jrand0m> though some things need to be standardized (like the data</p>
-<p> structures for Destination, Lease, etc)</p>
-<p>18:15 < WinBear> jrand0m: i get a vague idea based on what hezekiah is saying</p>
-<p>18:15 < jrand0m> word</p>
-<p>18:16 <@hezekiah> jrand0m: Right. The structure and order of the bytes that</p>
-<p> go across that socket is set in a design somewhre</p>
-<p>18:16 <@hezekiah> somewhere.</p>
-<p>18:17 <@hezekiah> But you can still implement how those bytes are send and</p>
-<p> received any joly way you please.</p>
-<p>18:17 <@nop> WinBear: it's the same exact way that the irc client works</p>
-<p> with isproxy</p>
-<p>18:17 < jrand0m> exactly</p>
-<p>18:17 <@hezekiah> Good.</p>
-<p>18:17 <@hezekiah> I understand now. :)</p>
-<p>18:17 -!- moltar [~me@anon.iip] has left #iip-dev [moltar]</p>
-<p>18:17 <@nop> well</p>
-<p>18:17 <@nop> not exactly</p>
-<p>18:17 <@hezekiah> Uh oh.</p>
-<p>18:17 <@nop> but imagine how that works</p>
-<p>18:17 <@nop> and you can understand arbitrary sockets</p>
-<p>18:17 <@nop> isproxy just routes</p>
-<p>18:17 <@nop> and delivers</p>
-<p>18:18 <@nop> now jrand0m</p>
-<p>18:18 <@nop> quick question</p>
-<p>18:18 < jrand0m> si sr?</p>
-<p>18:18 <@nop> is this api designed for only new applications that are designed</p>
-<p> to work on this network</p>
-<p>18:18 -!- mode/#iip-dev [+v logger] by hezekiah</p>
-<p>18:18 < WinBear> nop: with the highlevel replacing the irc client?</p>
-<p>18:18 < jrand0m> nop> yes. though a SOCKS5 proxy could use this API as well</p>
-<p>18:18 <@nop> or can it be able to have a middle man that can allow already</p>
-<p> standard clients</p>
-<p>18:18 <@nop> for instance</p>
-<p>18:19 <@nop> so all we would have to do is write the middleman -> api</p>
-<p>18:19 < jrand0m> (but note that there's no 'lookup' service available -</p>
-<p> no DNS for this network)</p>
-<p>18:19 < jrand0m> correct</p>
-<p>18:19 <@nop> so that we can support say Mozilla etc</p>
-<p>18:19 <@nop> so they can just code plugins</p>
-<p>18:19 < jrand0m> nop> yes</p>
-<p>18:19 <@nop> ok</p>
-<p>18:19 <@nop> or transports :)</p>
-<p>18:20 < jrand0m> (e.g. the SOCKS5 has the HTTP outproxies hardcoded to</p>
-<p> destination1, destination2, and destination3)</p>
-<p>18:20 <@nop> ok</p>
-<p>18:20 < WinBear> i think i get it</p>
-<p>18:21 < jrand0m> w00t</p>
-<p>18:21 < jrand0m> ok, one of the things I had to think about in this design</p>
-<p> was keeping the private keys in the app's memory space - the router never</p>
-<p> gets a hold of destination private keys.</p>
-<p>18:21 <@hezekiah> So the application can send raw data over the I2P network</p>
-<p> by sending it to the API, and it doesn't need to worry about the rest.</p>
-<p>18:22 <@hezekiah> Right?</p>
-<p>18:22 < jrand0m> that means the APIs need to implement the end to end part</p>
-<p> of the crypto</p>
-<p>18:22 < jrand0m> exactly hezekiah</p>
-<p>18:22 <@hezekiah> OK.</p>
-<p>18:22 <@nop> yes</p>
-<p>18:22 <@nop> that's the idea</p>
-<p>18:22 <@nop> it does it for you</p>
-<p>18:22 <@nop> you just call the hook</p>
-<p>18:23 <@hezekiah> One quick question:</p>
-<p>18:23 <@hezekiah> This 'router' obviously needs to speak a certain protocol</p>
-<p> over it's transports.</p>
-<p>18:23 < jrand0m> correct</p>
-<p>18:23 <@hezekiah> So it is possible to provide multiple implementations of</p>
-<p> the router ...</p>
-<p>18:23 < jrand0m> yes</p>
-<p>18:24 <@hezekiah> ... as long as they both speak the same protocol.</p>
-<p>18:24 < jrand0m> (which is why the spec has placeholders for bitbuckets)</p>
-<p>18:24 < jrand0m> right</p>
-<p>18:24 <@hezekiah> So you have a router in Java, and one in C, and one</p>
-<p> in PASCAL.</p>
-<p>18:24 * jrand0m cringes</p>
-<p>18:24 < jrand0m> but yeah</p>
-<p>18:24 <@hezekiah> And they all can talk together since they're talking over</p>
-<p> TCP/IP using the same protocol.</p>
-<p>18:24 * WinBear jumps</p>
-<p>18:24 <@hezekiah> jrand0m: And yes. I don't remember my PASCAL days overly</p>
-<p> fondly either.</p>
-<p>18:25 < jrand0m> well, Pascal can talk to the C one through the TCP transport,</p>
-<p> and the C one can talk to the Java one over the HTTP transport, for example</p>
-<p>18:25 <@hezekiah> Right.</p>
-<p>18:25 < jrand0m> (transports talk to other like transports, routers manage</p>
-<p> the messages delivered between them but don't deal with how they're delivered)</p>
-<p>18:26 <@hezekiah> The point I was looking to make was that the protocol is the</p>
-<p> same, so it doesn't matter what language someone's router is implemented in.</p>
-<p>18:26 < jrand0m> right</p>
-<p>18:26 <@hezekiah> Cool.</p>
-<p>18:26 < jrand0m> now you understand why I said "who cares" to all the C vs</p>
-<p> Java vs etc debates? :)</p>
-<p>18:26 <@hezekiah> Yup.</p>
-<p>18:26 <@hezekiah> lol</p>
-<p>18:27 <@hezekiah> I've got to hand it to you jrand0m. This will make it very</p>
-<p> kind for develoeprs to write programs for this network.</p>
-<p>18:27 < jrand0m> heh, well, the API ain't quite original. this is how</p>
-<p> Message Oriented Middleware (MOM) works</p>
-<p>18:27 <@hezekiah> And you could even make routers that specialize in certain</p>
-<p> platform specific features (like 64-bit CPU's).</p>
-<p>18:28 < jrand0m> absolutely</p>
-<p>18:28 <@hezekiah> jrand0m: Humble too! ;-)</p>
-<p>18:28 <@hezekiah> Well, it looks good to me.</p>
-<p>18:28 < jrand0m> ok, UserX, nop, does this seperation make sense?</p>
-<p>18:28 <@nop> of course</p>
-<p>18:28 <@nop> is userx still here</p>
-<p>18:29 <@hezekiah> He's been idle for 1:26.</p>
-<p>18:29 < jrand0m> 'k. so then we have two tasks: design the network, and</p>
-<p> design how the API works.</p>
-<p>18:29 <@nop> right</p>
-<p>18:29 <@hezekiah> Quick simple question: The API's do end to end crypto. Do</p>
-<p> the routers to node to node crypto ?</p>
-<p>18:29 <@nop> yes</p>
-<p>18:30 < jrand0m> yes</p>
-<p>18:30 < jrand0m> (transport level)</p>
-<p>18:30 <@hezekiah> Good. :)</p>
-<p>18:30 <@nop> hezekiah: it's very similar to what we have so far</p>
-<p>18:30 <@nop> in that aspect</p>
-<p>18:31 < jrand0m> ok.. er, shit, thecrypto aint around for comments on the</p>
-<p> performance model.</p>
-<p>18:31 < Neo> and for the paranoid, the apps can do the pgp encryption before</p>
-<p> it hits the API ;)</p>
-<p>18:31 < jrand0m> absolutely neo</p>
-<p>18:31 < jrand0m> I was even tempted to leave the end to end crypto out of</p>
-<p> the API and leave it up to the apps...</p>
-<p>18:31 <@hezekiah> jrand0m: That would be cruel.</p>
-<p>18:31 < jrand0m> heheh</p>
-<p>18:32 <@hezekiah> BTW, the API's and the router communicate via sockets.</p>
-<p>18:32 <@hezekiah> On UNIX will they be using UNIX sockets or local TCP/IP</p>
-<p> sockets?</p>
-<p>18:32 < jrand0m> prolly just local tcp/ip for simplicity</p>
-<p>18:32 <@nop> hold</p>
-<p>18:32 <@hezekiah> (I suppose you could make a router that accepts both.)</p>
-<p>18:33 * hezekiah is really liking this interchangable parts setup</p>
-<p>18:33 <@nop> if you hold on a sec</p>
-<p>18:34 <@hezekiah> Holding ... :)</p>
-<p>18:34 <@nop> I'll call thecrypto at his house</p>
-<p>18:34 <@nop> see if he can get on</p>
-<p>18:34 < jrand0m> hehe word</p>
-<p>18:34 <@hezekiah> lol</p>
-<p>18:34 * hezekiah dons a thick Itallian accent</p>
-<p>18:34 <@hezekiah> Nop ha' got ... CONNECTIONS!</p>
-<p>18:34 < jeremiah> lo</p>
-<p>18:34 <@nop> hey jeremiah</p>
-<p>18:35 < jrand0m> heya jeremiah</p>
-<p>18:35 <@nop> would you be willing at the api level to assist with a python api</p>
-<p>18:35 < jeremiah> sure</p>
-<p>18:35 * jeremiah reads backlog</p>
-<p>18:35 < jrand0m> heh word</p>
-<p>18:35 * nop is calling</p>
-<p>18:36 <@nop> he's not home</p>
-<p>18:36 <@nop> he'll be back in an hour</p>
-<p>18:36 < jrand0m> 'k, has anyone else read the .xls and/or have comments on</p>
-<p> the model?</p>
-<p>18:37 <@hezekiah> I read the .xls ... but I don't know much about p2p so</p>
-<p> most of it was over my head.</p>
-<p>18:37 <@hezekiah> UserX is good at that stuff.</p>
-<p>18:37 <@nop> I have to read it still</p>
-<p>18:37 < jrand0m> (btw, morphmix had some insane numbers... they were saying</p>
-<p> they could expect random hosts on the net to have average 20-150ms ping times,</p>
-<p> rather than the 3-500 I was expecting)</p>
-<p>18:37 < jrand0m> coo'</p>
-<p>18:37 <@nop> it's staroffice or openoffice?</p>
-<p>18:37 < jrand0m> openoffice, but I exported it to .xls</p>
-<p>18:37 <@nop> which is excell?</p>
-<p>18:37 < jrand0m> correct</p>
-<p>18:38 <@hezekiah> BTW, concerning the API ...</p>
-<p>18:38 < jrand0m> si sr?</p>
-<p>18:38 <@hezekiah> ... in C the boolean would be int.</p>
-<p>18:38 <@nop> which email</p>
-<p>18:38 <@nop> hezekiah: yes</p>
-<p>18:38 <@hezekiah> The classes would be sent as structure pointers.</p>
-<p>18:38 <@nop> unless you typedef boolean</p>
-<p>18:39 <@hezekiah> And the functions that use byte[] would use a void* with</p>
-<p> an additional parameter that specefies the length of the buffer.</p>
-<p>18:39 <@nop> hezekiah: you're being picky :)</p>
-<p>18:39 < jrand0m> nop> I cant access the archives so I'm not sure what the</p>
-<p> subject line was, but it was last week...</p>
-<p>18:39 <@nop> save it for a later time</p>
-<p>18:39 <@hezekiah> nop: Picky?</p>
-<p>18:39 < jrand0m> heh, yeah, y'all working on the C api can work that detail out</p>
-<p>18:39 * jeremiah is done reading backlog</p>
-<p>18:39 <@nop> what's the file called</p>
-<p>18:39 <@hezekiah> nop: I'm just trying to find all the stuff that is different,</p>
-<p> so we can hammer it out like jrand0m asked.</p>
-<p>18:40 <@hezekiah> I'm trying to be helpful. :)</p>
-<p>18:40 <@nop> hezekiah: yes, probably off meeting time</p>
-<p>18:40 < jrand0m> nop> simple_latency.xls</p>
-<p>18:40 <@hezekiah> boolean sendMessage(Destination dest, byte[] payload);</p>
-<p>18:40 <@hezekiah> would be</p>
-<p>18:40 <@hezekiah> int sendMessage(Destination dest, void* payload, int length);</p>
-<p>18:40 <@hezekiah> .</p>
-<p>18:40 <@hezekiah> byte[] recieveMessage(int msgId);</p>
-<p>18:40 <@hezekiah> that could either be:</p>
-<p>18:41 <@hezekiah> void* recieveMessage(int msgId, int* length);</p>
-<p>18:41 <@hezekiah> or</p>
-<p>18:41 <@nop> jrand0m: got it</p>
-<p>18:41 <@hezekiah> void recieveMessage(int msgId, void* buf, int* length);</p>
-<p>18:41 <@hezekiah> or</p>
-<p>18:41 < jrand0m> hezekia: why not typedef struct { int length; void* data;</p>
-<p> } Payload;</p>
-<p>18:41 <@hezekiah> DataBlock* recieveMessage(int msgId)l</p>
-<p>18:41 <@hezekiah> DataBlock* recieveMessage(int msgId);</p>
-<p>18:41 < jeremiah> where's this xls?</p>
-<p>18:41 <@nop> oh iip-dev</p>
-<p>18:41 <@hezekiah> jrand0m: The struct you just mentioned is basically what</p>
-<p> DataBlock is.</p>
-<p>18:42 < jrand0m> word hezekiah</p>
-<p>18:42 <@nop> subject more models</p>
-<p>18:42 <@hezekiah> Chances are the C version would have DataBlocks.</p>
-<p>18:43 <@hezekiah> Beyond that the only other thing to note is that each</p>
-<p> 'interface' would just be a set of functions.</p>
-<p>18:43 <@hezekiah> nop: Did I find all the differences that would exist in</p>
-<p> a C API?</p>
-<p>18:43 < jrand0m> right. perhaps #include "i2psession.h" or something</p>
-<p>18:43 < jeremiah> is there a mockup python api?</p>
-<p>18:44 < jrand0m> no jeremiah, I don't really know python :/</p>
-<p>18:44 <@nop> I would have to re-review the java api, but I would say that</p>
-<p> you're right on target</p>
-<p>18:44 < jrand0m> but it would probably be similar to the java, as python is OO</p>
-<p>18:44 < jeremiah> cool, i can derive one from the C one</p>
-<p>18:44 * nop is not a java head</p>
-<p>18:44 < jrand0m> cool jeremiah</p>
-<p>18:44 < jeremiah> is the c api in the thing you sent out a few days ago?</p>
-<p>18:44 <@hezekiah> Yeah. Python should be able to handle the Java api.</p>
-<p>18:44 < jrand0m> jeremiah> that was the Java one</p>
-<p>18:45 < jrand0m> oh, the Java one was today</p>
-<p>18:45 < jrand0m> the older one was language independent</p>
-<p>18:45 <@hezekiah> Hmm</p>
-<p>18:45 <@nop> UserX says he should be able to assist with C api</p>
-<p>18:45 < jrand0m> word</p>
-<p>18:45 <@nop> he's busy at work at the moment</p>
-<p>18:46 < jrand0m> coo'</p>
-<p>18:46 <@hezekiah> One last note: With the C api, each function would probably</p>
-<p> take a structure* to the structure that it is an 'interface' of in Java.</p>
-<p>18:46 <@nop> hezekiah: loos good</p>
-<p>18:46 <@nop> looks good</p>
-<p>18:46 <@hezekiah> I2PSession createSession(String keyFileToLoadFrom,</p>
-<p> Properties options);</p>
-<p>18:46 <@hezekiah> would be:</p>
-<p>18:46 <@nop> java and their non-native data types</p>
-<p>18:46 <@hezekiah> I2PSession* createSession(I2PClient* client, char*</p>
-<p> keyFileToLoadFrom, Properties* options);</p>
-<p>18:46 <@nop> ;)</p>
-<p>18:46 < jrand0m> hehe</p>
-<p>18:46 < jrand0m> right hezekiah</p>
-<p>18:47 < jeremiah> are we addressing unicode?</p>
-<p>18:47 <@hezekiah> Anyway, if you can live with those differences, the C and</p>
-<p> Java API's should be identical beyond that.</p>
-<p>18:47 <@hezekiah> nop? Unicode? :)</p>
-<p>18:47 < jrand0m> UTF8 if not UTF16</p>
-<p>18:48 <@hezekiah> Perhaps Unicode should be dealt with on the application</p>
-<p> level.</p>
-<p>18:48 < jrand0m> right, charset is all the content of the message</p>
-<p>18:48 <@hezekiah> Oh.</p>
-<p>18:48 < jeremiah> ok</p>
-<p>18:48 <@hezekiah> Java String's are done in Unicode, aren't they jrand0m?</p>
-<p>18:48 < jrand0m> the bitbuckets'll all be bit defined</p>
-<p>18:48 < jrand0m> yes hezekiah</p>
-<p>18:48 < jrand0m> (unless you explicitly instruct them to change charsets)</p>
-<p>18:49 <@hezekiah> So the string sent to the Java API would be different than</p>
-<p> the one sent to the C API unless the C API implements strings using Unicode.</p>
-<p>18:49 < jrand0m> not relevent</p>
-<p>18:49 <@hezekiah> OK.</p>
-<p>18:49 < jrand0m> (app->API != API->router. we only define API->router)</p>
-<p>18:49 <@hezekiah> What I'm saying is this, jrand0m:</p>
-<p>18:50 <@hezekiah> If I set my password with the Java API, it goes to the</p>
-<p> router out someplace else.</p>
-<p>18:50 < jrand0m> password? you mean you create a Destination?</p>
-<p>18:50 <@hezekiah> Then it find another router, which sends it to another API</p>
-<p> (?) which is implemented in C.</p>
-<p>18:50 <@hezekiah> void setPassphrase(String old, String new);</p>
-<p>18:50 <@hezekiah> That function.</p>
-<p>18:51 < jrand0m> hezekiah> thats the administrative password to access the</p>
-<p> administrative methods of the router</p>
-<p>18:51 <@hezekiah> Ah</p>
-<p>18:51 <@hezekiah> Do any functions in the API which use Java String's end</p>
-<p> up with that String being sent to another API?</p>
-<p>18:51 < jrand0m> 99.9% of apps will only use I2PSession, not I2PAdminSession</p>
-<p>18:51 <@nop> also, anything carried with the router gets converted for</p>
-<p> network travel correct?</p>
-<p>18:51 <@hezekiah> If so, we should probably use Unicode.</p>
-<p>18:51 <@nop> unicode wouldn't be releavant</p>
-<p>18:52 < jrand0m> hezekiah> no. all inter-router info will be defined by</p>
-<p> bit buckets</p>
-<p>18:52 <@hezekiah> OK.</p>
-<p>18:52 < jrand0m> correct nop, at the transport level</p>
-<p>18:52 <@hezekiah> (I'm assuming a bit bucket is just a binary buffer, right?)</p>
-<p>18:53 < jrand0m> a bit bucket is a statement that the first bit means X,</p>
-<p> the second bit means Y, bits 3-42 mean Z, etc</p>
-<p>18:53 < jrand0m> (e.g. we may want to use X.509 for the certificates bitbucket)</p>
-
-<p>18:53 <@hezekiah> I've never dealt with that before.</p>
-<p>18:54 <@hezekiah> I'll worry about it when I get there. :)</p>
-<p>18:54 < jrand0m> heh word</p>
-<p>18:55 < jrand0m> ok, the four things I wanted us to hit today: *router</p>
-<p> architecture, *performance model, *attack analysis, *psyc. We've done</p>
-<p> the first, thecrypto is offline so perhaps we delay this (unless you have</p>
-<p> thoughts on the model nop?)</p>
-<p>18:57 <@hezekiah> Um ... jrand0m. I have yet another question.</p>
-<p>18:57 < jeremiah> jrand0m: where's the latest version of the network spec? is</p>
-<p> it what you sent out on the 13th?</p>
-<p>18:57 < jrand0m> si sr?</p>
-<p>18:57 <@hezekiah> Well the router architecture has the API's handle keys</p>
-<p> /sent to them by the Application/.</p>
-<p>18:57 < jrand0m> jeremiah> yes</p>
-<p>18:57 <@nop> I don't at this time</p>
-<p>18:58 <@hezekiah> Now ... the only way I see that the API gets the key is</p>
-<p> from createSession.</p>
-<p>18:58 < jrand0m> hezekiah> the router gets public keys and signatures,</p>
-<p> not private keys</p>
-<p>18:58 < jrand0m> right</p>
-<p>18:58 <@hezekiah> But that requires a file.</p>
-<p>18:58 < jrand0m> the keys are stored in a file or in the API's memory</p>
-<p>18:58 < jrand0m> yes</p>
-<p>18:58 <@hezekiah> Now if the application generates a key, why can't it just</p>
-<p> send it to the API via a buffer?</p>
-<p>18:59 <@hezekiah> Must it really store it in a file, and then provide the</p>
-<p> file name?</p>
-<p>18:59 < jrand0m> no, it can be in memory if you'd like</p>
-<p>18:59 <@hezekiah> There is not function to all that in the API though.</p>
-<p>18:59 <@hezekiah> It's just a thought.</p>
-<p>19:00 <@hezekiah> If the key is supposed to be generated only once and used</p>
-<p> many, many times (like GPG keys), then a file makes sense.</p>
-<p>19:00 -!- mihi [none@anon.iip] has quit [bye all, it's getting late...]</p>
-<p>19:00 <@hezekiah> But if it will be generated more often, then perhaps some</p>
-<p> way to directly send it to the API via a structure or buffer of some sort</p>
-<p> might be nice</p>
-<p>19:00 <@hezekiah> .</p>
-<p>19:01 < jrand0m> yes, its generated once and only once (unless you're wearing</p>
-<p> a tinfoil hat)</p>
-<p>19:02 < jrand0m> though the createDestination(keyFileToSaveTo) lets you</p>
-<p> create that key</p>
-<p>19:02 <@hezekiah> OK.</p>
-<p>19:02 <@hezekiah> So there's really no need for transfer directly from the</p>
-<p> App to the API. A file will suffice.</p>
-<p>19:03 <@hezekiah> So where were we before I so rudely interupted? :)</p>
-<p>19:06 < jeremiah> so right now we're just working on the router API, not</p>
-<p> the client one, right?</p>
-<p>19:06 < jrand0m> well, we're skipping on performance analysis for now</p>
-<p> (hopefully we can get some chatter re: it on the mailing list before next</p>
-<p> week?). and probably the same wrt attack analysis (unless anyone read the</p>
-<p> new spec and has comments)</p>
-<p>19:07 <@hezekiah> So we're since we're skipping that, what are we supposed</p>
-<p> to be talking about now?</p>
-<p>19:07 <@hezekiah> Psyc?</p>
-<p>19:07 < jrand0m> unless anyone else has other comments to bring up...?</p>
-<p>19:08 <@hezekiah> Well, for once, my comment hole (also notoriously known</p>
-<p> as my mouth) is empty.</p>
-<p>19:08 < jrand0m> hehe</p>
-<p>19:09 < jrand0m> ok, anyone have any thoughts on how the IRC side of things</p>
-<p> will work, and whether psyc may be relevent or useful?</p>
-<p>19:09 < jeremiah> sidenote (that pissed me off): wired's "Wired, Tired,</p>
-<p> Expired" list had Waste as 'wired'</p>
-<p>19:09 < jrand0m> heh</p>
-<p>19:09 < jrand0m> do you realize how much we're going to blow everyone away?</p>
-<p>19:09 < jeremiah> yep</p>
-<p>19:09 <@hezekiah> jrand0m: That assumes we get this to work.</p>
-<p>19:10 < jrand0m> I guarantee it will work.</p>
-<p>19:10 <@hezekiah> There are a lot of other failed efforts out there.</p>
-<p>19:10 < jrand0m> I quit my job to work on this.</p>
-<p>19:10 <@hezekiah> Then we're going to blow everyone away. :)</p>
-<p>19:10 <@hezekiah> Yeah. How is bread getting on the table when you do that?</p>
-<p>19:10 <@hezekiah> GPL code doesn't pay well. ;-)</p>
-<p>19:10 < jrand0m> heh</p>
-<p>19:11 <@hezekiah> As for psyc ... let me put it this way:</p>
-<p>19:11 <@hezekiah> The first time I heard of it was when you emailed us</p>
-<p> about it.</p>
-<p>19:11 < jrand0m> shit, I wasn't the one who found it :)</p>
-<p>19:11 <@hezekiah> However, IRC is probably one of the most (if not /the/</p>
-<p> most) prolific chat protocols around.</p>
-<p>19:11 <@hezekiah> People will want IRC apps LONG before they even /know/</p>
-<p> what psyc is.</p>
-<p>19:11 <@hezekiah> jrand0m: Oops. Sorry. I forgot that detail. :)</p>
-<p>19:12 < jrand0m> not according to psyc. their history goes back to 86 I think</p>
-<p>19:12 <@hezekiah> The point is that the supperiority of the protocol, isn't</p>
-<p> really as relevant as to who uses it.</p>
-<p>19:12 <@hezekiah> Their _history_ may go back that far.</p>
-<p>19:12 <@hezekiah> But how many people _use_ Psyc?</p>
-<p>19:12 < jeremiah> yeah if they've been around since a year after I was born</p>
-<p> (ahem) and they aren't that big yet</p>
-<p>19:12 <@hezekiah> My point is that even if it's a better protocol, most</p>
-<p> people _use_ IRC.</p>
-<p>19:13 <@hezekiah> We can make the best I2P network on the planet ...</p>
-<p>19:13 -!- Ehud [logger@anon.iip] has quit [Ping timeout]</p>
-<p>19:14 < jeremiah> can someone explain briefly why we care? I thought IRC</p>
-<p> would only be one possible application but that the network is flexible to</p>
-<p> support psyc as well if it wanted to</p>
-<p>19:14 <@hezekiah> Right.</p>
-<p>19:14 <@hezekiah> Psyc can be made ...</p>
-<p>19:14 <@hezekiah> ... but I'm saying we should do IRC first because more</p>
-<p> people use it.</p>
-
-<p>19:14 <@hezekiah> jrand0m, we can make a great I2P network, but people won't</p>
-<p> use it unless it has something they want.</p>
-<p>19:14 < jrand0m> jeremiah> the reason psyc is interesting is that we may</p>
-<p> want to implement IRC in the same vein that psyc works</p>
-<p>19:15 <@hezekiah> Hence we should provide them with a 'killer-app'.</p>
-<p>19:15 < jeremiah> ok</p>
-<p>19:15 < jrand0m> right, IIP is invisible IRC project, and will allow people</p>
-<p> to run IRC</p>
-<p>19:16 < jrand0m> with no central server (or any server at all, actually),</p>
-<p> theres a lot of thinking to be done to figure out how IRC will work.</p>
-<p> psyc has a possible answer to that</p>
-<p>19:16 < jrand0m> though there are others</p>
-<p>19:17 <@hezekiah> As I said, psyc might do better, but people want to use IRC,</p>
-<p> not psyc.</p>
-<p>19:17 < jrand0m> and they will</p>
-<p>19:17 < jrand0m> they'll use irc</p>
-<p>19:17 <@hezekiah> It's all about marketing, baby! ;-)</p>
-<p>19:17 < jeremiah> I'll try to read the spec and some stuff on psyc tonight</p>
-<p>19:17 < jrand0m> word</p>
-<p>19:17 <@hezekiah> lol</p>
-<p>19:17 < jeremiah> planning to meet at 5:00 UTC tommorow?</p>
-<p>19:17 <@hezekiah> No?</p>
-<p>19:18 < jeremiah> or whenever</p>
-<p>19:18 < jrand0m> I'm on iip 24x7 :)</p>
-<p>19:18 < jeremiah> yeah but i eat</p>
-<p>19:18 <@hezekiah> jrand0m: I noticed.</p>
-<p>19:18 < jrand0m> 05:00 utc or 17:00 utc?</p>
-<p>19:18 <@hezekiah> jeremiah: LOL!</p>
-<p>19:18 <@hezekiah> Well the iip-dev meeting officially starts at 21:00 UTC.</p>
-<p>19:18 -!- Ehud [~logger@anon.iip] has joined #iip-dev</p>
-<p>19:19 < jeremiah> ok, i just said 05:00 UTC because I was talking out of my ass</p>
-<p>19:19 < jeremiah> where's mids?</p>
-<p>19:19 <@hezekiah> mids, left the project for a while.</p>
-<p>19:19 <@hezekiah> Weren't you there a few meetings back?</p>
-<p>19:19 < jeremiah> ok</p>
-<p>19:19 < jeremiah> guess not</p>
-<p>19:19 <@hezekiah> We had a goodbye party of sorts as part of the agenda.</p>
-<p>19:19 < jeremiah> oh</p>
-<p>19:20 <@hezekiah> OK ...</p>
-<p>19:20 <@hezekiah> Is there anything still on the agenda?</p>
-<p>19:20 * jrand0m doesn't have any left on mine</p>
-<p>19:20 < jeremiah> about psyc:</p>
-<p>19:20 < jeremiah> if this is a psyc feature, I know you mentioned it a</p>
-<p> while ago</p>
-<p>19:20 * hezekiah never had an agenda in the first placve</p>
-<p>19:21 <@hezekiah> pace</p>
-<p>19:21 <@hezekiah> place</p>
-<p>19:21 < jeremiah> I don't think having each user send a message to every</p>
-<p> other use in the room is s smart idea</p>
-<p>19:21 <@hezekiah> There!</p>
-<p>19:21 < jrand0m> jeremiah> so you'd have redundant nominated pseudoservers</p>
-<p> redistribute the messages?</p>
-<p>19:21 < jrand0m> (pseudoservers = peers in the channel who have the list</p>
-<p> of users)</p>
-<p>19:21 < jeremiah> I don't think 'broadcasting' is that smart either, but it</p>
-
-<p> seems like it'll require a _lot_ of bandwith for a given user who may be on</p>
-<p> a modem, and with the lag from sending say... 20 messages separately would</p>
-<p> screw up conversation</p>
-<p>19:21 < jeremiah> I don't know the best solution, maybe that would be one</p>
-<p>19:22 < jeremiah> I think direct messaging would be good if you wanted it,</p>
-<p> but there are cases where it's probalby not that important</p>
-<p>19:22 <@hezekiah> The message would need to be signed by the authors private</p>
-<p> key to garuntee authenticity.</p>
-<p>19:22 <@hezekiah> Though this issue won't matter for a long time still,</p>
-<p> I think jeremiah has a point</p>
-<p>19:22 < jrand0m> hezekiah> that requires users wanting provable comm :)</p>
-<p>19:23 < jrand0m> definitely.</p>
-<p>19:23 <@hezekiah> If I had to send a message to 100 users in a channel ...</p>
-<p>19:23 < jeremiah> although my average message is only a few hundred bytes,</p>
-<p> so sending it to hundreds of users might not be so hard</p>
-<p>19:23 <@hezekiah> ... well, my conversation would be /very/ slow.</p>
-<p>19:23 < jeremiah> especially if you didn't wait for a response</p>
-<p>19:23 <@hezekiah> 20K to send one message.</p>
-<p>19:23 <@hezekiah> I don't think so. :)</p>
-<p>19:23 < jrand0m> well, if there are 100 users in a channel, *someone* has</p>
-<p> to send out 100 messages</p>
-<p>19:23 < jeremiah> it's 20k?</p>
-<p>19:23 < jeremiah> oh, right</p>
-<p>19:23 <@hezekiah> 200 users</p>
-<p>19:24 < jeremiah> hmm</p>
-<p>19:24 < jeremiah> wouldn't the routers be good at that?</p>
-<p>19:24 < jeremiah> we can somewhat safely assume they have decent bandwith,</p>
-<p> right?</p>
-<p>19:24 <@hezekiah> I thought each person had a 'router implementation'</p>
-<p>19:24 < jrand0m> not really. if there are relays, the nomination mechanism</p>
-<p> needs to take that into consideration</p>
-<p>19:24 < jrand0m> yes hezekiah</p>
-<p>19:24 < jeremiah> i haven't read the spec</p>
-<p>19:25 < jrand0m> a router is your local router</p>
-<p>19:25 <@hezekiah> Ugh!</p>
-<p>19:25 <@hezekiah> I'm still mixing your nicks up!</p>
-<p>19:25 <@hezekiah> lol</p>
-<p>19:25 < jrand0m> hehe</p>
-<p>19:25 <@hezekiah> Um ... where'd nop go?</p>
-<p>19:25 <@hezekiah> Oh.</p>
-<p>19:26 <@hezekiah> He's still here.</p>
-<p>19:26 <@hezekiah> I thought he was gone for a moment,</p>
-<p>19:26 < jrand0m> but jeremiah is right, psyc has some ideas we may want to</p>
-<p> consider, though we may want to reject them</p>
-<p>19:26 <@hezekiah> Let's just get the network running first.</p>
-<p>19:26 * jrand0m drinks to that</p>
-<p>19:26 <@hezekiah> If you strech your vision to the finish line, you'll trip</p>
-<p> over the rock 3 inches in front of you.</p>
-<p>19:27 * jeremiah feels inspired</p>
-<p>19:27 <@hezekiah> lol</p>
-<p>19:27 < jrand0m> I think what would be really great if we could aim to review</p>
-<p> the network spec by next week, sending out emails to iip-dev whenever anyone</p>
-<p> has thoughts or comments. am I out of my mind?</p>
-<p>19:27 <@hezekiah> nop? Do you have anything else to add to the agenda,</p>
-<p> or do we adjurn?</p>
-<p>19:27 <@hezekiah> jrand0m: Well, I don't know if I could read all that by</p>
-<p> next week, but I can try. :)</p>
-<p>19:27 < jrand0m> heh</p>
-<p>19:28 < jrand0m> its a grueling 15 pages ;)</p>
-<p>19:28 <@hezekiah> 15 pages?</p>
-<p>19:28 <@hezekiah> It looked more like 120!</p>
-<p>19:29 < jrand0m> heh, well, depends on your resolution I suppose ;)</p>
-<p>19:29 < jeremiah> he has a lot of anchors in there, makes it look like</p>
-<p> it's huge</p>
-<p>19:29 < jrand0m> hehe</p>
-<p>19:29 <@hezekiah> The left side has a LOT more than 15 links, budy!</p>
-<p>19:29 <@hezekiah> 'Fess up!</p>
-<p>19:29 <@hezekiah> It's more than 15. :)</p>
-<p>19:29 <@hezekiah> Oh!</p>
-<p>19:29 <@hezekiah> Those aren't pages! They're just anchors!</p>
-<p>19:29 <@hezekiah> I'm saved!</p>
-<p>19:30 * hezekiah feels like a seaman just rescued from drowning</p>
-<p>19:30 < jeremiah> class turn to volume 4 chapter 2 Message Byte Structure</p>
-<p>19:30 < jrand0m> lol</p>
-<p>19:30 <@hezekiah> lol</p>
-<p>19:30 <@nop> adjourn</p>
-<p>19:30 <@hezekiah> *baf*!</p>
-<p>19:30 <@hezekiah> Next week, 21:00 UTC, same place.</p>
-<p>19:30 <@hezekiah> See y'all there. :)</p>
-<p>19:30 < jeremiah> seeya</p>
-<p>--- Log closed Tue Jul 15 19:30:51 2003</p>
-</div>
-{% endblock %}
\ No newline at end of file
diff --git a/www.i2p2/pages/meetings_de.html b/www.i2p2/pages/meetings_de.html
index e7987b217646540343eb4b22ea85be0cd1ca88a7..f502ad4b3362e845308eaf4a811df053c327be6a 100644
--- a/www.i2p2/pages/meetings_de.html
+++ b/www.i2p2/pages/meetings_de.html
@@ -3,7 +3,7 @@
{% block content %}
<h1>Logs of past I2P meetings</h1>
<p>Regularly scheduled meetings are not being held at this time.
-If you have somthing to discuss, please find the developers on IRC #i2p.
+If you have somthing to discuss, please find the developers on IRC in #i2p-dev.
See also <a href="statusnotes.html">the old weekly status notes</a>.
</p><div class="underline"></div>
<ul class="infolist">
@@ -153,7 +153,6 @@ See also <a href="statusnotes.html">the old weekly status notes</a>.
<li><a href="meeting51">Meeting 51</a></li>
<li><a href="meeting50">Meeting 50</a></li>
<li><a href="meeting49">Meeting 49</a></li>
-<li><a href="meeting48">Meeting 48</a></li>
<li><a href="meeting47">Meeting 47</a></li>
<li><a href="meeting35">Meeting 35</a></li>
<li><a href="meeting34">Meeting 34</a></li>
diff --git a/www.i2p2/pages/meetings_fr.html b/www.i2p2/pages/meetings_fr.html
index 132505105cad76c1dc3f33565991f93977fe1aa7..717c40d360a594c54454285755737c46e6eb4de0 100644
--- a/www.i2p2/pages/meetings_fr.html
+++ b/www.i2p2/pages/meetings_fr.html
@@ -1,122 +1,124 @@
-{% extends "_layout.html" %}
-{% block title %}Meetings{% endblock %}
+{% extends "_layout_fr.html" %}
+{% block title %}Rencontres{% endblock %}
{% block content %}
+Traduction de février 2011. <a href="meetings.html">Version anglaise actuelle</a>
<h1>Journaux des rencontres I2P passées</h1>
<p>Les rencontres régulières ne sont plus maintenues en ce moment.
-Si vous voulez discuter avec l'équipe vous trouverez les développeurs sur l'IRC, canal #i2p,
-et #i2p-fr pour les discutions en français.
-Vous pouvez aussi consulter les notes des <a href="statusnotes.html">anciennes réunions hébdomadaires</a>.
+Si vous voulez discuter avec l'équipe vous trouverez les développeurs sur l'IRC, canal #i2p-dev,
+et #i2p-fr pour les discutions en français.
+Vous pouvez aussi consulter les notes des <a href="statusnotes.html">anciennes réunions hebdomadaires</a>.
</p><div class="underline"></div>
<ul class="infolist">
-<li><a href="meeting207">Rencontre 207</a> - F´vrier 10, 2009</li>
-<li><a href="meeting206">Rencontre 206</a> - Avril 10, 2007</li>
-<li><a href="meeting205">Rencontre 205</a> - Avril 3, 2007</li>
-<li><a href="meeting204">Rencontre 204</a> - Mars 27, 2007</li>
-<li><a href="meeting203">Rencontre 203</a> - Mars 20, 2007</li>
-<li><a href="meeting202">Rencontre 202</a> - Mars 13, 2007</li>
-<li><a href="meeting201">Rencontre 201</a> - F´vrier 20, 2007</li>
-<li><a href="meeting200">Rencontre 200</a> - F´vrier 13, 2007</li>
-<li><a href="meeting199">Rencontre 199</a> - F´vrier 6, 2007</li>
-<li><a href="meeting198">Rencontre 198</a> - Janvier 30, 2007</li>
-<li><a href="meeting197">Rencontre 197</a> - Janvier 16, 2007</li>
-<li><a href="meeting196">Rencontre 196</a> - Janvier 9, 2007</li>
-<li><a href="meeting195">Rencontre 195</a> - Janvier 2, 2007</li>
-<li><a href="meeting194">Rencontre 194</a> - Décembre 26, 2006</li>
-<li><a href="meeting193">Rencontre 193</a> - Décembre 12, 2006</li>
-<li><a href="meeting192">Rencontre 192</a> - Décembre 05, 2006</li>
-<li><a href="meeting191">Rencontre 191</a> - Novembre 28, 2006</li>
-<li><a href="meeting190">Rencontre 190</a> - Novembre 21, 2006</li>
-<li><a href="meeting189">Rencontre 189</a> - Novembre 14, 2006</li>
-<li><a href="meeting188">Rencontre 188</a> - Novembre 7, 2006</li>
-<li><a href="meeting187">Rencontre 187</a> - Octobre 31, 2006</li>
-<li><a href="meeting186">Rencontre 186</a> - Octobre 24, 2006</li>
-<li><a href="meeting185">Rencontre 185</a> - Octobre 17, 2006</li>
-<li><a href="meeting184">Rencontre 184</a> - Séptembre 12, 2006</li>
-<li><a href="meeting183">Rencontre 183</a> - Août 1, 2006</li>
-<li><a href="meeting182">Rencontre 182</a> - Juin 13, 2006</li>
-<li><a href="meeting181">Rencontre 181</a> - Mai 30, 2006</li>
-<li><a href="meeting180">Rencontre 180</a> - Mai 16, 2006</li>
-<li><a href="meeting179">Rencontre 179</a> - Mai 9, 2006</li>
-<li><a href="meeting178">Rencontre 178</a> - Mai 2, 2006</li>
-<li><a href="meeting177">Rencontre 177</a> - Avril 25, 2006</li>
-<li><a href="meeting176">Rencontre 176</a> - Avril 18, 2006</li>
-<li><a href="meeting175">Rencontre 175</a> - Avril 4, 2006</li>
-<li><a href="meeting174">Rencontre 174</a> - Mars 28, 2006</li>
-<li><a href="meeting173">Rencontre 173</a> - Mars 21, 2006</li>
-<li><a href="meeting172">Rencontre 172</a> - Mars 14, 2006</li>
-<li><a href="meeting171">Rencontre 171</a> - Mars 7, 2006</li>
-<li><a href="meeting170">Rencontre 170</a> - F´vrier 28, 2006</li>
-<li><a href="meeting169">Rencontre 169</a> - F´vrier 21, 2006</li>
-<li><a href="meeting168">Rencontre 168</a> - F´vrier 14, 2006</li>
-<li><a href="meeting167">Rencontre 167</a> - F´vrier 7, 2006</li>
-<li><a href="meeting166">Rencontre 166</a> - Janvier 31, 2006</li>
-<li><a href="meeting165">Rencontre 165</a> - Janvier 24, 2006</li>
-<li><a href="meeting164">Rencontre 164</a> - Janvier 17, 2006</li>
-<li><a href="meeting163">Rencontre 163</a> - Janvier 10, 2006</li>
-<li><a href="meeting162">Rencontre 162</a> - Janvier 4, 2006</li>
-<li><a href="meeting161">Rencontre 161</a> - Décembre 20, 2005</li>
-<li><a href="meeting160">Rencontre 160</a> - Décembre 13, 2005</li>
-<li><a href="meeting159">Rencontre 159</a> - Décembre 6, 2005</li>
-<li><a href="meeting158">Rencontre 158</a> - Novembre 29, 2005</li>
-<li><a href="meeting157">Rencontre 157</a> - Novembre 22, 2005</li>
-<li><a href="meeting156">Rencontre 156</a> - Novembre 15, 2005</li>
-<li><a href="meeting155">Rencontre 155</a> - Novembre 8, 2005</li>
-<li><a href="meeting154">Rencontre 154</a> - Novembre 1, 2005</li>
-<li><a href="meeting153">Rencontre 153</a> - Octobre 25, 2005</li>
-<li><a href="meeting152">Rencontre 152</a> - Octobre 18, 2005</li>
-<li><a href="meeting151">Rencontre 151</a> - Octobre 11, 2005</li>
-<li><a href="meeting150">Rencontre 150</a> - Octobre 4, 2005</li>
-<li><a href="meeting149">Rencontre 149</a> - Séptembre 27, 2005</li>
-<li><a href="meeting148">Rencontre 148</a> - Séptembre 20, 2005</li>
-<li><a href="meeting147">Rencontre 147</a> - Séptembre 13, 2005</li>
-<li><a href="meeting146">Rencontre 146</a> - Séptembre 6, 2005</li>
-<li><a href="meeting145">Rencontre 145</a> - Août 30, 2005</li>
-<li><a href="meeting144">Rencontre 144</a> - Août 23, 2005</li>
-<li><a href="meeting143">Rencontre 143</a> - Août 16, 2005</li>
-<li><a href="meeting142">Rencontre 142</a> - Août 9, 2005</li>
-<li><a href="meeting141">Rencontre 141</a> - Août 2, 2005</li>
-<li><a href="meeting140">Rencontre 140</a> - Mai 3, 2005</li>
-<li><a href="meeting139">Rencontre 139</a> - Avril 26, 2005</li>
-<li><a href="meeting138">Rencontre 138</a> - Avril 19, 2005</li>
-<li><a href="meeting137">Rencontre 137</a> - Avril 12, 2005</li>
-<li><a href="meeting136">Rencontre 136</a> - Avril 5, 2005</li>
-<li><a href="meeting135">Rencontre 135</a> - Mars 28, 2005</li>
-<li><a href="meeting134">Rencontre 134</a> - Mars 22, 2005</li>
-<li><a href="meeting133">Rencontre 133</a> - Mars 15, 2005</li>
-<li><a href="meeting132">Rencontre 132</a> - Mars 8, 2005</li>
-<li><a href="meeting131">Rencontre 131</a> - Mars 1, 2005</li>
-<li><a href="meeting130">Rencontre 130</a> - F´vrier 22, 2005</li>
-<li><a href="meeting129">Rencontre 129</a> - F´vrier 15, 2005</li>
-<li><a href="meeting128">Rencontre 128</a> - F´vrier 8, 2005</li>
-<li><a href="meeting127">Rencontre 127</a> - F´vrier 1, 2005</li>
-<li><a href="meeting126">Rencontre 126</a> - Janvier 25, 2005</li>
-<li><a href="meeting125">Rencontre 125</a> - Janvier 18, 2005</li>
-<li><a href="meeting124">Rencontre 124</a> - Janvier 11, 2005</li>
-<li><a href="meeting123">Rencontre 123</a> - Janvier 4, 2005</li>
-<li><a href="meeting122">Rencontre 122</a> - Décembre 28, 2004</li>
-<li><a href="meeting121">Rencontre 121</a> - Décembre 21, 2004</li>
-<li><a href="meeting120">Rencontre 120</a> - Décembre 14, 2004</li>
-<li><a href="meeting119">Rencontre 119</a> - Décembre 7, 2004</li>
-<li><a href="meeting118">Rencontre 118</a> - Novembre 30, 2004</li>
-<li><a href="meeting117">Rencontre 117</a> - Novembre 23, 2004</li>
-<li><a href="meeting116">Rencontre 116</a> - Novembre 16, 2004</li>
-<li><a href="meeting115">Rencontre 115</a> - Novembre 9, 2004</li>
-<li><a href="meeting114">Rencontre 114</a> - Novembre 2, 2004</li>
-<li><a href="meeting113">Rencontre 113</a> - Octobre 26, 2004</li>
-<li><a href="meeting112">Rencontre 112</a> - Octobre 19, 2004</li>
-<li><a href="meeting111">Rencontre 111</a> - Octobre 12, 2004</li>
-<li><a href="meeting110">Rencontre 110</a> - Octobre 5, 2004</li>
-<li><a href="meeting109">Rencontre 109</a> - Séptembre 28, 2004</li>
-<li><a href="meeting108">Rencontre 108</a> - Séptembre 21, 2004</li>
-<li><a href="meeting107">Rencontre 107</a> - Séptembre 14, 2004</li>
-<li><a href="meeting106">Rencontre 106</a> - Séptembre 7, 2004</li>
-<li><a href="meeting105">Rencontre 105</a> - Août 31, 2004</li>
-<li><a href="meeting104">Rencontre 104</a> - Août 24, 2004</li>
-<li><a href="meeting103">Rencontre 103</a> - Août 17, 2004</li>
-<li><a href="meeting102">Rencontre 102</a> - Août 10, 2004</li>
-<li><a href="meeting101">Rencontre 101</a> - Août 3, 2004</li>
-<li><a href="meeting100">Rencontre 100</a> - Juillet 27, 2004</li>
-<li><a href="meeting99">Rencontre 99</a> - Juillet 20, 2004</li>
+<li><a href="meeting208">Rencontre 208</a> - 8 septembre 2010</li>
+<li><a href="meeting207">Rencontre 207</a> - 10 février 2009</li>
+<li><a href="meeting206">Rencontre 206</a> - 10 avril 2007</li>
+<li><a href="meeting205">Rencontre 205</a> - 3 avril 2007</li>
+<li><a href="meeting204">Rencontre 204</a> - 27 mars 2007</li>
+<li><a href="meeting203">Rencontre 203</a> - 20 mars 2007</li>
+<li><a href="meeting202">Rencontre 202</a> - 13 mars 2007</li>
+<li><a href="meeting201">Rencontre 201</a> - 20 février 2007</li>
+<li><a href="meeting200">Rencontre 200</a> - 13 février 2007</li>
+<li><a href="meeting199">Rencontre 199</a> - 6 février 2007</li>
+<li><a href="meeting198">Rencontre 198</a> - 30 janvier 2007</li>
+<li><a href="meeting197">Rencontre 197</a> - 16 janvier 2007</li>
+<li><a href="meeting196">Rencontre 196</a> - 9 janvier 2007</li>
+<li><a href="meeting195">Rencontre 195</a> - 2 janvier 2007</li>
+<li><a href="meeting194">Rencontre 194</a> - 26 décembre 2006</li>
+<li><a href="meeting193">Rencontre 193</a> - 12 décembre 2006</li>
+<li><a href="meeting192">Rencontre 192</a> - 5 décembre 2006</li>
+<li><a href="meeting191">Rencontre 191</a> - 28 novembre 2006</li>
+<li><a href="meeting190">Rencontre 190</a> - 21 novembre 2006</li>
+<li><a href="meeting189">Rencontre 189</a> - 14 novembre 2006</li>
+<li><a href="meeting188">Rencontre 188</a> - 7 novembre 2006</li>
+<li><a href="meeting187">Rencontre 187</a> - 31 octobre 2006</li>
+<li><a href="meeting186">Rencontre 186</a> - 24 octobre 2006</li>
+<li><a href="meeting185">Rencontre 185</a> - 17 octobre 2006</li>
+<li><a href="meeting184">Rencontre 184</a> - 12 septembre 2006</li>
+<li><a href="meeting183">Rencontre 183</a> - 1er août 2006</li>
+<li><a href="meeting182">Rencontre 182</a> - 13 Juin 2006</li>
+<li><a href="meeting181">Rencontre 181</a> - 30 mai 2006</li>
+<li><a href="meeting180">Rencontre 180</a> - 16 mai 2006</li>
+<li><a href="meeting179">Rencontre 179</a> - 9 mai 2006</li>
+<li><a href="meeting178">Rencontre 178</a> - 2 mai 2006</li>
+<li><a href="meeting177">Rencontre 177</a> - 25 avril 2006</li>
+<li><a href="meeting176">Rencontre 176</a> - 18 avril 2006</li>
+<li><a href="meeting175">Rencontre 175</a> - 4 avril 2006</li>
+<li><a href="meeting174">Rencontre 174</a> - 28 mars 2006</li>
+<li><a href="meeting173">Rencontre 173</a> - 21 mars 2006</li>
+<li><a href="meeting172">Rencontre 172</a> - 14 mars 2006</li>
+<li><a href="meeting171">Rencontre 171</a> - 7 mars 2006</li>
+<li><a href="meeting170">Rencontre 170</a> - 28 février 2006</li>
+<li><a href="meeting169">Rencontre 169</a> - 21 février 2006</li>
+<li><a href="meeting168">Rencontre 168</a> - 14 février 2006</li>
+<li><a href="meeting167">Rencontre 167</a> - 7 février 2006</li>
+<li><a href="meeting166">Rencontre 166</a> - 31 janvier 2006</li>
+<li><a href="meeting165">Rencontre 165</a> - 24 janvier 2006</li>
+<li><a href="meeting164">Rencontre 164</a> - 17 janvier 2006</li>
+<li><a href="meeting163">Rencontre 163</a> - 10 janvier 2006</li>
+<li><a href="meeting162">Rencontre 162</a> - 4 janvier 2006</li>
+<li><a href="meeting161">Rencontre 161</a> - 20 décembre 2005</li>
+<li><a href="meeting160">Rencontre 160</a> - 13 décembre 2005</li>
+<li><a href="meeting159">Rencontre 159</a> - 6 décembre 2005</li>
+<li><a href="meeting158">Rencontre 158</a> - 29 novembre 2005</li>
+<li><a href="meeting157">Rencontre 157</a> - 22 novembre 2005</li>
+<li><a href="meeting156">Rencontre 156</a> - 15 novembre 2005</li>
+<li><a href="meeting155">Rencontre 155</a> - 8 novembre 2005</li>
+<li><a href="meeting154">Rencontre 154</a> - 1er novembre 2005</li>
+<li><a href="meeting153">Rencontre 153</a> - 25 octobre 2005</li>
+<li><a href="meeting152">Rencontre 152</a> - 18 octobre 2005</li>
+<li><a href="meeting151">Rencontre 151</a> - 11 octobre 2005</li>
+<li><a href="meeting150">Rencontre 150</a> - 4 octobre 2005</li>
+<li><a href="meeting149">Rencontre 149</a> - 27 septembre 2005</li>
+<li><a href="meeting148">Rencontre 148</a> - 20 septembre 2005</li>
+<li><a href="meeting147">Rencontre 147</a> - 13 septembre 2005</li>
+<li><a href="meeting146">Rencontre 146</a> - 6 septembre 2005</li>
+<li><a href="meeting145">Rencontre 145</a> - 30 août 2005</li>
+<li><a href="meeting144">Rencontre 144</a> - 23 août 2005</li>
+<li><a href="meeting143">Rencontre 143</a> - 16 août 2005</li>
+<li><a href="meeting142">Rencontre 142</a> - 9 août 2005</li>
+<li><a href="meeting141">Rencontre 141</a> - 2 août 2005</li>
+<li><a href="meeting140">Rencontre 140</a> - 3 mai 2005</li>
+<li><a href="meeting139">Rencontre 139</a> - 26 avril 2005</li>
+<li><a href="meeting138">Rencontre 138</a> - 19 avril 2005</li>
+<li><a href="meeting137">Rencontre 137</a> - 12 avril 2005</li>
+<li><a href="meeting136">Rencontre 136</a> - 5 avril 2005</li>
+<li><a href="meeting135">Rencontre 135</a> - 28 mars 2005</li>
+<li><a href="meeting134">Rencontre 134</a> - 22 mars 2005</li>
+<li><a href="meeting133">Rencontre 133</a> - 15 mars 2005</li>
+<li><a href="meeting132">Rencontre 132</a> - 8 mars 2005</li>
+<li><a href="meeting131">Rencontre 131</a> - 1er mars 2005</li>
+<li><a href="meeting130">Rencontre 130</a> - 22 février 2005</li>
+<li><a href="meeting129">Rencontre 129</a> - 15 février 2005</li>
+<li><a href="meeting128">Rencontre 128</a> - 8 février 2005</li>
+<li><a href="meeting127">Rencontre 127</a> - 1er février 2005</li>
+<li><a href="meeting126">Rencontre 126</a> - 25 janvier 2005</li>
+<li><a href="meeting125">Rencontre 125</a> - 18 janvier 2005</li>
+<li><a href="meeting124">Rencontre 124</a> - 11 janvier 2005</li>
+<li><a href="meeting123">Rencontre 123</a> - 5 janvier 2005</li>
+<li><a href="meeting122">Rencontre 122</a> - 28 décembre 2004</li>
+<li><a href="meeting121">Rencontre 121</a> - 21 décembre 2004</li>
+<li><a href="meeting120">Rencontre 120</a> - 14 décembre 2004</li>
+<li><a href="meeting119">Rencontre 119</a> - 7 décembre 2004</li>
+<li><a href="meeting118">Rencontre 118</a> - 30 novembre 2004</li>
+<li><a href="meeting117">Rencontre 117</a> - 23 novembre 2004</li>
+<li><a href="meeting116">Rencontre 116</a> - 16 novembre 2004</li>
+<li><a href="meeting115">Rencontre 115</a> - 9 novembre 2004</li>
+<li><a href="meeting114">Rencontre 114</a> - 2 novembre 2004</li>
+<li><a href="meeting113">Rencontre 113</a> - 26 octobre 2004</li>
+<li><a href="meeting112">Rencontre 112</a> - 19 octobre 2004</li>
+<li><a href="meeting111">Rencontre 111</a> - 12 octobre 2004</li>
+<li><a href="meeting110">Rencontre 110</a> - 5 octobre 2004</li>
+<li><a href="meeting109">Rencontre 109</a> - 28 septembre 2004</li>
+<li><a href="meeting108">Rencontre 108</a> - 21 septembre 2004</li>
+<li><a href="meeting107">Rencontre 107</a> - 14 septembre 2004</li>
+<li><a href="meeting106">Rencontre 106</a> - 7 septembre 2004</li>
+<li><a href="meeting105">Rencontre 105</a> - 31 août 2004</li>
+<li><a href="meeting104">Rencontre 104</a> - 24 août 2004</li>
+<li><a href="meeting103">Rencontre 103</a> - 17 août 2004</li>
+<li><a href="meeting102">Rencontre 102</a> - 10 août 2004</li>
+<li><a href="meeting101">Rencontre 101</a> - 3 août 2004</li>
+<li><a href="meeting100">Rencontre 100</a> - 27 juillet 2004</li>
+<li><a href="meeting99">Rencontre 99</a> - 20 juillet 2004</li>
<li><a href="meeting95">Rencontre 95</a></li>
<li><a href="meeting93">Rencontre 93</a></li>
<li><a href="meeting92">Rencontre 92</a></li>
@@ -154,7 +156,6 @@ Vous pouvez aussi consulter les notes des <a href="statusnotes.html">anciennes r
<li><a href="meeting51">Rencontre 51</a></li>
<li><a href="meeting50">Rencontre 50</a></li>
<li><a href="meeting49">Rencontre 49</a></li>
-<li><a href="meeting48">Rencontre 48</a></li>
<li><a href="meeting47">Rencontre 47</a></li>
<li><a href="meeting35">Rencontre 35</a></li>
<li><a href="meeting34">Rencontre 34</a></li>
diff --git a/www.i2p2/pages/ministreaming.html b/www.i2p2/pages/ministreaming.html
index d0d1489cc5c260b741d5daa7907ec9ad3372d8ad..ac950db5c9f8aa89e7df6bcd6c31461ff9f01f23 100644
--- a/www.i2p2/pages/ministreaming.html
+++ b/www.i2p2/pages/ministreaming.html
@@ -1,6 +1,21 @@
{% extends "_layout.html" %}
-{% block title %}ministreaming{% endblock %}
-{% block content %}<p>The ministreaming library is a layer on top of the core
+{% block title %}Ministreaming Library{% endblock %}
+{% block content %}
+
+<h2>Note</h2>
+The ministreaming library has been enhanced and extended by the
+"full" <a href="streaming.html">streaming library</a>.
+Ministreaming is deprecated and is incompatible with today's applications.
+The following documentation is old.
+Also note that streaming extends ministreaming in the same Java package (net.i2p.client.streaming),
+so the current
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/streaming/package-summary.html">API documentation</a>
+contains both.
+Obsolete ministreaming classes and methods are clearly marked as deprecated in the Javadocs.
+
+<h2>Ministreaming Library</h2>
+
+<p>The ministreaming library is a layer on top of the core
<a href="i2cp">I2CP</a> that allows reliable, in order, and authenticated streams
of messages to operate across an unreliable, unordered, and unauthenticated
message layer. Just like the TCP to IP relationship, this streaming
@@ -9,7 +24,7 @@ rather than embed that functionality into the base I2P code, it has been factore
off into its own library both to keep the TCP-esque complexities separate and to
allow alternative optimized implementations.</p>
-<p>The current ministreaming library was written by mihi as a part of his
+<p>The ministreaming library was written by mihi as a part of his
<a href="i2ptunnel">I2PTunnel</a> application and then factored out and released
under the BSD license. It is called the "mini"streaming library because it makes
some simplifications in the implementation, while a more robust streaming library
@@ -23,11 +38,10 @@ messages sent (or include any application level ACK or SACK), so it must wait
on average twice the time it takes to send a message before sending another.</p>
<p>Even with those issues, the ministreaming library performs quite well in many
-situations, and its <a href="http://www.i2p.net/javadoc/net/i2p/client/streaming/package-summary.html">API</a>
+situations, and its <a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/streaming/package-summary.html">API</a>
is both quite simple and capable of remaining unchanged as different streaming
implementations are introduced. The library is deployed in its own
-ministreaming.jar, and it is located in CVS under
-<a href="http://dev.i2p.net/cgi-bin/cvsweb.cgi/i2p/apps/ministreaming/">
-i2p/apps/ministreaming/</a>. Developers in Java who would like to use it can
+ministreaming.jar.
+Developers in Java who would like to use it can
access the API directly, while developers in other languages can use it through
-<a href="sam">SAM</a>'s streaming support.</p>{% endblock %}
\ No newline at end of file
+<a href="sam">SAM</a>'s streaming support.</p>{% endblock %}
diff --git a/www.i2p2/pages/monotone.html b/www.i2p2/pages/monotone.html
index 4481d759881774b4d4c5e16357f036a2e6864392..10797055c8ffc8ddd8fc82d094239788359f4030 100644
--- a/www.i2p2/pages/monotone.html
+++ b/www.i2p2/pages/monotone.html
@@ -1,27 +1,1037 @@
{% extends "_layout.html" %}
{% block title %}Monotone{% endblock %}
-{% block content %}<p>The I2P sourcecode is kept in several distributed monotone repositories.
-See the
-<a href="http://www.monotone.ca/">Monotone website</a> for information
-on monotone.
-See
-<a href="http://forum.i2p2.de/viewtopic.php?t=2524">this forum post on i2p monotone</a>
-for more information on how to get started and check out the source anonymously.
-There is also a quick-start guide on the
-<a href="newdevelopers.html">new developer's page</a>.
+{% block content %}
+<h1>Monotone Guide</h1>
+
+<div id="TOC">
+ <ol>
+ <li>
+ <a href="#operating-a-monotone-client">Operating a Monotone client</a>
+ <ol>
+ <li><a href="#generating-monotone-keys">Generating Monotone keys</a></li>
+ <li><a href="#trust-and-initializing-your-repository">Trust and initializing your repository</a></li>
+ <li>
+ <a href="#obtaining-and-deploying-developers-keys">Obtaining and deploying developers' keys</a>
+ <ol>
+ <li><a href="#monotone-keys-for-zzz">Monotone keys for zzz</a></li>
+ <li><a href="#monotone-keys-for-welterde">Monotone keys for welterde</a></li>
+ <li><a href="#monotone-keys-for-complication">Monotone keys for Complication</a></li>
+ <li><a href="#monotone-keys-for-jrandom">Monotone keys for jrandom</a></li>
+ </ol>
+ </li>
+ <li><a href="#setting-up-trust-evaluation-hooks">Setting up trust evaluation hooks</a></li>
+ <li><a href="#servers-and-creating-a-client-tunnel-to-mtn.i2p2.i2p">Servers, and creating a client tunnel to <code>mtn.i2p2.i2p</code></a></li>
+ <li><a href="#pulling-the-i2p.i2p-i2p.www-and-i2p.syndie-branches">Pulling the <code>i2p.i2p</code>, <code>i2p.www</code> and <code>i2p.syndie</code> branches</a></li>
+ <li><a href="#verifying-that-trust-evaluation-works">Verifying that trust evaluation works</a></li>
+ <li>
+ <a href="#verifying-that-i2p-maintains-continuity-with-jrandoms-last-tarball">Verifying that I2P maintains continuity with jrandom’s last tarball</a>
+ <ol>
+ <li><a href="#obtaining-jrandoms-public-gpg-key">Obtaining jrandom’s public GPG key</a></li>
+ <li><a href="#obtaining-the-0.6.1.30-source-tarball-and-jrandoms-signature-of-it">Obtaining the 0.6.1.30 source tarball and jrandom’s signature of it</a></li>
+ <li><a href="#verifying-and-extracting-the-source-tarball">Verifying and extracting the source tarball</a></li>
+ <li><a href="#checking-out-0.6.1.30-sources-from-monotone">Checking out 0.6.1.30 sources from Monotone</a></li>
+ <li><a href="#diffing-source-trees-against-each-other">Diffing source trees against each other</a></li>
+ <li><a href="#examining-changes-from-0.6.1.30-onwards">Examining changes from 0.6.1.30 onwards</a></li>
+ </ol>
+ </li>
+ <li><a href="#checking-out-a-working-copy-of-the-latest-version">Checking out a working copy of the latest version</a></li>
+ <li><a href="#updating-your-working-copy-to-the-latest-version">Updating your working copy to the latest version</a></li>
+ <li><a href="#why-i2p.www-cannot-be-verified">Why <code>i2p.www</code> cannot be verified</a></li>
+ <li><a href="#why-syndie-doesnt-need-a-signed-tarball-to-verify">Why Syndie doesn’t need a signed tarball to verify</a></li>
+ </ol>
+ </li>
+ <li>
+ <a href="#operating-a-monotone-server">Operating a Monotone Server</a>
+ <ol>
+ <li><a href="#obtaining-and-deploying-developers-transport-keys">Obtaining and deploying developers’ transport keys</a></li>
+ <li><a href="#granting-push-and-pull-access">Granting push and pull access</a></li>
+ <li><a href="#running-monotone-in-server-mode">Running Monotone in server mode</a></li>
+ <li><a href="#differences-under-debian-gnulinux">Differences under Debian GNU/Linux</a></li>
+ </ol>
+ </li>
+ </ol>
+</div>
+
+<p>
+ <i>This is a revised version of <a href="transition-guide.txt">Complication's original
+ guide</a> detailing the use of Monotone in I2P development.
+ For basic instructions see the <a href="newdevelopers.html">quick-start guide</a>.</i>
+</p>
+
+<p>
+ I2P has a distributed development model. The source code is replicated across
+ independently administered <a href="http://www.monotone.ca/">Monotone</a> repositories --
+ typically one repository per developer or contributor -- among which
+ development work can be shared and merged cooperatively, and work that's
+ considered satisfactory is eventually merged into a single trusted repository
+ that serves as the project's master. In practice however, since contributors
+ are often given commit privileges (after signing the <a href="licenses.html#commit">developer
+ agreement]</a>), it's more common for completed work to be
+ pushed directly to the master repository by its original authors.
+</p>
+
+<p>
+ For I2P development, some of Monotone's noteworthy qualities are: distributed
+ version control, cryptographic authentication, access control, small size, few
+ dependencies, storage of projects in a compressed SQLite database file, and
+ fitness for use over the I2P network due to its ability to cleanly resume a
+ previously interrupted sync operation.
+</p>
+
+
+<h2 id="operating-a-monotone-client">Operating a Monotone Client</h2>
+
+<h3 id="generating-monotone-keys">Generating Monotone keys</h3>
+
+<p>
+ A transport key authenticates your computer to a Monotone repository server,
+ granting you read access. Likewise, a commit key provides write access.
+</p>
+
+<p>
+ To commit code into Monotone (authenticate your code as originating from you),
+ you are strongly encouraged to use a separate key: a commit key.
+</p>
+
+<p>
+ If you don't generate any keys, you can get away with it. Public
+ repositories generally provide read access to anyone, and Monotone will
+ automatically generate temporary keys when you pull code from a repository
+ without specifying a key. However, operating without either key will place
+ limitations on your activities.
+</p>
+
+<p>
+ Without a transport key, you cannot:
+ <ul>
+ <li>pull code from a server which doesn't allow global read access</li>
+ <li>push code to any server</li>
+ <li>run Monotone as a server</li>
+ </ul>
+</p>
+
+<p>
+ Without a commit key, you cannot:
+ <ul>
+ <li>commit any code</li>
+ </ul>
+</p>
+
+<p>
+ If you are certain that you will not be doing any of that, you can skip
+ generating keys, and proceed to the
+ <a href="#trust-and-initializing-your-repository">next section</a>. If you want
+ to generate keys, read the following.
+</p>
+
+<p>
+ By convention, keys are named like an e-mail addresses. A corresponding e-mail
+ address does not need to exist. For example, your keys might be named:
+ <ul>
+ <li>complication@mail.i2p</li>
+ <li>complication-transport@mail.i2p</li>
+ </ul>
+</p>
+
+<p>
+ Monotone stores keys under `/home/username/.monotone/keys`, in text files which
+ are named identically to the keys, for example:
+ <ul>
+ <li>/home/complication/.monotone/keys/complication@mail.i2p</li>
+ </ul>
+</p>
+
+<p>
+ To generate a transport key, and optionally also a commit key, issue in any
+ directory commands like the following:
+ <ul>
+ <li>$ mtn genkey yourname-transport@someplace</li>
+ <li>$ mtn genkey yourname@someplace</li>
+ </ul>
+</p>
+
+<p>
+ While creating keys, Monotone will prompt you for a passphrase to protect your
+ keys against unauthorized use by encrypting them. It is very strongly
+ recommended to protect a commit key. You may want to skip passphrase-protecting
+ a transport key if you run Monotone in server mode, and require capability for
+ automatic restarts.
+</p>
+
+
+<h3 id="trust-and-initializing-your-repository">Trust, and initializing your repository</h3>
+
+<p>
+ <i>Monotone helps ensure that nobody can easily impersonate a developer without
+ others noticing. Since developers make mistakes and can be compromised, nothing
+ but manual review can ensure quality of code. Authentication ensures you read
+ the right diffs. It does not replace reading diffs.</i>
+</p>
+
+<p>
+ A Monotone repository is a single file (an SQLite database) which contains in
+ compressed form, all of the project's source code and history.
+</p>
+
+<p>
+ During the course of work, a Monotone repository may come contain code which
+ you aren't actively working with, or even code which you don't entirely trust.
+ This is normal. For example, you may trust a repository which gave you code,
+ but not the author who committed it there.
+</p>
+
+<p>
+ When set up correctly (meaning: *do not* skip the sections
+ <a href="#obtaining-and-deploying-developers-keys">Obtaining and
+ deploying developers' keys</a> or
+ <a href="#setting-up-trust-evaluation-hooks">Setting up trust evaluation hooks</a>)
+ Monotone evaluates whether it trusts the committer of code, and prevents code
+ from untrusted code from being checked out.
+</p>
+
+<p>
+ Code authentication happens not during syncs to repositories, but when checking
+ out or updating a working copy from your local repository.
+</p>
+
+<p>
+ Commands exist which let you clean your repository of untrusted code, but they
+ are rarely needed, if push access on the server is well managed.
+</p>
+
+<p>
+ A repository can hold many branches. For example, our repository holds the
+ following main branches:
+ <ul>
+ <li><b>i2p.i2p</b> -- The I2P router and associated programs</li>
+ <li><b>i2p.www</b> -- The I2P project website</li>
+ <li><b>i2p.syndie</b> -- Syndie, a distributed forums tool</li>
+ </ul>
+</p>
+
+<p>
+ For historical reasons, you may find other branches, but they are not used.
+ They originate from the import of the CVS repository which was used before
+ `dev.i2p` disappeared.
+</p>
+
+<p>
+ By convention, the I2P Monotone repository is named `i2p.mtn`. Before you pull
+ source code from servers, you need to initialize your own repository (it can
+ become a new server if needed).
+</p>
+
+<p>
+ To initialize your local repository, change into a directory where you want the
+ `i2p.mtn` file and branch directories to appear, and issue the following
+ command:
+ <ul>
+ <li>$ mtn --db="i2p.mtn" db init</li>
+ </ul>
+</p>
+
+
+<h3 id="obtaining-and-deploying-developers-keys">Obtaining and deploying developers' keys</h3>
+
+<p>
+ Keys which developers use to commit code are essential for trust evaluation in
+ Monotone. If you aren't running a Monotone server, you don't need their
+ transport keys.
+</p>
+
+<p>
+ Developers' commit keys are provided GPG-signed below. Keys for zzz,
+ Complication and welterde are provided clearsigned. The key for jrandom must be
+ verified differently, since he's away, and only left a binary detached
+ signature for his key.
+</p>
+
+<p>
+ To import developers' keys after verifying them, copy them all into a single
+ text file. Create this file (e.g. `keys.txt`) in the same directory where
+ `i2p.mtn` is. Import it by issuing:
+ <ul>
+ <li>$ cat keys.txt | mtn --db="i2p.mtn" read</li>
+ </ul>
+</p>
+
+<p>
+ Leave `/home/username/.monotone/keys` purely for your own keys. Monotone
+ doesn't like having duplicate keys in two places. If you deploy other people's
+ keys into that directory, you will soon also have them in `i2p.mtn`, and
+ Monotone will start reporting an error: "extraneous data in keystore".
+</p>
+
+<p>
+ <i>It would be inappropriate to supply anyone's GPG public keys in this guide.
+ Find the public keys from an independent source. Current developers have their
+ GPG keys on their eepsites. Jrandom's Syndie release key can be found on a
+ number of public keyservers.</i>
+</p>
+
+
+<h3 id="monotone-keys-for-zzz">Monotone keys for zzz</h3>
+
+<p>
+ <u>Tip:</u> To find zzz's GPG key, on his eepsite locate the key `0xA76E0BED`, with
+ the name `zzz@mail.i2p` and the fingerprint `4456 EBBE C805 63FE 57E6 B310 4155
+ 76BA A76E 0BED`.
+</p>
+
+<code><pre>
+ -----BEGIN PGP SIGNED MESSAGE-----
+ Hash: SHA1
+
+ [pubkey zzz-transport@mail.i2p]
+ MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDa2uZI1BobxS4TapMqmf4Ws3nyL3GYgkfb
+ MEawyWl0E1pfHJ4dLZkdxQdcLyCsN9OCY4jRNzmoYnDa2HtBLINq15BJmGJ0cfIDLXIB2GBO
+ ViAPRkEKQTVoc7IpcjtPPjtSBVganD/AW78m9cgUYag86Lbm2ynUaXWpw9i4gpLdLQIDAQAB
+ [end]
+ [pubkey zzz@mail.i2p]
+ MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtgaWY0Wc1c8pFGIxASZx78pHpHZKQV8z6
+ IRQkgy65gQMjpLquaQpy3Xk8rkpnfA+6h3TS6bjplsEhlaQoxvpGxacRYOt+y1HC/n20O3RI
+ E1A/e3sGKHGDEQW+3ItF4WSNfeQ18DzLeun32vFknq2k9im6Ts4tiYfKs8CZ5KW0/QIDAQAB
+ [end]
+ -----BEGIN PGP SIGNATURE-----
+ Version: GnuPG v1.4.6 (GNU/Linux)
+
+ iD8DBQFHnN51QVV2uqduC+0RAv8NAJ9B/7pWKLvqVI6HnAifs9oedsdWSACfYS1E
+ sFwJiw4A+Sr9wQrtoO4X4ow=
+ =SVDV
+ -----END PGP SIGNATURE-----
+</pre></code>
+
+
+<h3 id="monotone-keys-for-welterde">Monotone keys for welterde</h3>
+
+<p>
+ <b>Tip:</b> To find welterde's GPG key, on public keyservers locate the key
+ `0x62E011A1`, with the name `welterde@arcor.de` and the fingerprint `6720 FD81
+ 3872 6DFC 6016 64D1 EBBC 0374 62E0 11A1`.
+</p>
+
+<code><pre>
+ -----BEGIN PGP SIGNED MESSAGE-----
+ Hash: SHA1
+
+ [pubkey dev@welterde.de]
+ MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRnJUBY0d4310UpZYGUlsWgxWHoD8bsKtT
+ vGw83vwUQRtM2xPKxCHvEntg9Dgiqr5RurOKHK7Eak6WgxCXQFfC9ALr4SoC5abI4ZFvM/CA
+ WRb547UIPTchSnuDUn/TSgDGqtGvMFS9t6OUp9Z/7QzIjLQhhBCqj4/hZhxUJ61XBwIDAQAB
+ [end]
+ [pubkey transport@welterde.de]
+ MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCujyq15a7t0Gki/sKoZQbv7CHJWbT3YB5O
+ DQyU3zfqXnHNj82tz6wVsvjZmKUYZvax7wLLRErMGX3PTGxb23I5iypLmYtWt+lbkxMZdcGT
+ GEXBU8JnAfhnSIdLzBJ2soe55vBQp0Tx1Ta+7/CNYwVPUxr5l6J/2gcGFJg3cAD99wIDAQAB
+ [end]
+ -----BEGIN PGP SIGNATURE-----
+ Version: GnuPG v1.4.7 (Darwin)
+
+ iD8DBQFHojoC67wDdGLgEaERAsALAKCwNlkNFaTyC4pV4rsinXQ8hu7UvgCbBeeV
+ Ni/uLlSdl3Kz7KfVipwnjm4=
+ =oE5t
+ -----END PGP SIGNATURE-----
+</pre></code>
+
+
+<h3 id="monotone-keys-for-complication">Monotone keys for Complication</h3>
+
+<p>
+ <b>Tip:</b> To find Complication's GPG key, on his eepsite locate the key
+ `0x79FCCE33`, with the name `complication@mail.i2p` and the fingerprint `73CF
+ 2862 87A7 E7D2 19FF DB66 FA1D FC6B 79FC CE33`.
+</p>
+
+<code><pre>
+ -----BEGIN PGP SIGNED MESSAGE-----
+ Hash: SHA1
+
+ I confirm that my Monotone commit and transport keys are:
+
+ [pubkey complication@mail.i2p]
+ MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCx1F6nwBUCIiCPVsogy/h/+2d8X3uMcEdn
+ RIN+gxO+0pK+yrGZiFwi7TG/K3PjDfJWuxsPRKLeb9Q4NmfxrAePelGig9llalrDnRkIcRFu
+ cnNUOJo9C0MjvzYR9D6bIS3+udPdl6ou94JX+ueo2jLXI1lGgtdWDWTetJx9I++EvwIDAQAB
+ [end]
+ [pubkey complication-transport@mail.i2p]
+ MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDP55FmBUIZjamtDinVDrLmS9uU40KoNfLd
+ iB+t/iEgEWHDPQxlwugh/aBQwsXKGGJMJSNURKwwjfrcr5y3oz9jpRjtLVqoZMBVLgp28WGA
+ 9KbzXi4/dYhdyNmr4gHc17mDSlhCfk/L5QxifSYwSaeeFPsoAAyBBB221Z3197bmVQIDAQAB
+ [end]
+
+ Complication.
+ -----BEGIN PGP SIGNATURE-----
+ Version: GnuPG v1.4.6 (GNU/Linux)
+
+ iD8DBQFHpdQT+h38a3n8zjMRAtW8AJ0fmuw1hrZePDzOx61xSh5cK27ikQCeJn+U
+ g8X/m/JAsedzOFJDN0tlTig=
+ =LM+C
+ -----END PGP SIGNATURE-----
+</pre></code>
+
+<h3 id="monotone-keys-for-jrandom">Monotone keys for jrandom</h3>
+
+<p>
+ <b>Tip:</b> To find jrandom's GPG key for Syndie releases, on public keyservers locate
+ the key `0x393F2DF9`, with the name `syndie-dist-key@i2p.net` and the
+ fingerprint `AE89 D080 0E85 72F0 B777 B2ED C2FA 68C0 393F 2DF9`.
+</p>
+
+<p>
+ Jrandom had to leave unexpectedly in the end of 2007. His commit key was
+ deployed in the Syndie Monotone repository, in a file named `mtn-committers`.
+ That file also had a GPG signature, `mtn-committers.sig`, but it was a binary
+ detached signature. I am going to supply both files in GPG ASCII-armoured form
+ below.
+</p>
+
+<p>
+ First, the file `mtn-committers` containing jrandom's Monotone key. Save as
+ `mtn-committers.asc` and unpack it using `gpg --output mtn-committers --dearmor
+ mtn-committers.asc`:
+</p>
+
+<code><pre>
+ -----BEGIN PGP ARMORED FILE-----
+ Version: GnuPG v1.4.6 (GNU/Linux)
+ Comment: Use "gpg --dearmor" for unpacking
+
+ W3B1YmtleSBqcmFuZG9tQGkycC5uZXRdCk1JR2ZNQTBHQ1NxR1NJYjNEUUVCQVFV
+ QUE0R05BRENCaVFLQmdRRE9MdzA1a1pidXg1S0xkcHJjR0hlQ1RseXQrR2poR1ho
+ NwpBdXBzK1FNRC9GRWJJVkVGUEdJQkcyanUzMDY5VEtJSHBYcjVIRWU1bWFCZ3RJ
+ SkJNOU5QVnZNTkZDZ09TcmVnbW5WSXB4U2cKSGQrV2l1MUl5emhkMFN4QzVwQ0hk
+ bndTanYwNTFmY3RZY3AxcnM1T2NVb2pVZHZGN3RxOTF6QUFZK2tMeHBYNnpRSURB
+ UUFCCltlbmRdCg==
+ =035X
+ -----END PGP ARMORED FILE-----
+</pre></code>
+
+<p>
+ Now the file `mtn-committers.sig`, containing the GPG signature. Save as
+ `mtn-committers.sig.asc` and unpack it using `gpg --output mtn-committers.sig
+ --dearmor mtn-committers.sig.asc`. Use it to verify the above supplied
+ `mtn-committers` file:
+</p>
+
+<code><pre>
+ -----BEGIN PGP ARMORED FILE-----
+ Version: GnuPG v1.4.6 (GNU/Linux)
+ Comment: Use "gpg --dearmor" for unpacking
+
+ iD8DBQBFLssNwvpowDk/LfkRAtytAKCOiaDIveC3sri0lrdvwxt/TQciigCfXgyC
+ ZY3qq910P/TX94qoJGePbuc=
+ =8NHt
+ -----END PGP ARMORED FILE-----
+</pre></code>
+
+
+<h3 id="setting-up-trust-evaluation-hooks">Setting up trust evaluation hooks</h3>
+
+<p>
+ The default Monotone trust policy is way too lax: it trusts every committer
+ like bad old CVS. To operate in I2P, you definitely want to change that.
+</p>
+
+<p>
+ Change into your `/home/username/.monotone` directory, and open the file
+ `monotonerc` with a text editor. Copy and paste two functions into this file:
+<p>
+
+<code><pre>
+ function intersection(a,b)
+ local s={}
+ local t={}
+ for k,v in pairs(a) do s[v.name] = 1 end
+ for k,v in pairs(b) do if s[v] ~= nil then table.insert(t,v) end end
+ return t
+ end
+
+ function get_revision_cert_trust(signers, id, name, val)
+ local trusted_signers = {
+ "jrandom@i2p.net",
+ "complication@mail.i2p",
+ "zzz@mail.i2p",
+ "dev@welterde.de"
+ }
+ local t = intersection(signers, trusted_signers)
+ if t == nil then return false end
+ if table.getn(t) >= 1 then return true end
+ return false
+ end
+</pre></code>
+
+<p>
+ Read the functions carefully to understand their purpose, and compare them with
+ sample functions and descriptions provided in section 6.1.5 ("Trust evaluation
+ hooks") of the following document:
+ <a href="http://monotone.ca/docs/Hooks.html">http://monotone.ca/docs/Hooks.html</a>
+</p>
+
+<p>
+ The first function determines an intersection between two sets, in our case a
+ revision's signers and trusted signers.
+</p>
+
+<p>
+ The second function determines trust in a given revision, by calling the first
+ function with "signers" and "trusted" as arguments. If the intersection is
+ null, the revision is not trusted. If the intersection is not empty, the
+ revision is trusted. Otherwise, the revision is not trusted.
+</p>
+
+
+<h3 id="servers-and-creating-a-client-tunnel-to-mtn.i2p2.i2p">Servers, and creating a client tunnel to `mtn.i2p2.i2p'</h3>
+
+<p>
+ First, you need to choose a server. Some I2P developers run accessible Monotone
+ servers, but when developers are anonymous, their servers are *very slow*.
+</p>
+
+<p>
+ When you set up Monotone correctly, code will be authenticated by developers'
+ commit keys, so you should be able to safely use a public Monotone server
+ despite risk of someone subverting it.
+</p>
+
+<p>
+ For this reason, it's recommended to pull sources and sync your code
+ contributions using our public MTN server operated by welterde: `mtn.i2p2.i2p`
+ inside I2P, or `mtn.i2p2.de` on the regular Internet. I will only provide
+ instructions for accessing it over I2P.
+</p>
+
+<p>
+ First, you need the I2P destination key of the server. When I wrote this
+ transition guide, its key was not yet included in an I2P installation (in the
+ future it will be). The destination key of `mtn.i2p2.i2p` is:
+</p>
+
+<code><pre>
+ G6VmsrLYbdcxBq585OUcQn7wbwC7J5jfXDWWL6lPBw5iq68VxqxibraiPwwF6NM2
+ aHV8BkqyCKYSL9fUuYWoeUc1zL~2l1DX2x~LfyItGJKDIUGImWQivXF1w7EGYMhj
+ q4UCmPKTsnl4G86oKW8PGaaF8mzjjUKW1R7G7941my~mnbeTrhjlLgaMK-tauVod
+ gTPIYkxfMJaq3zWuirztuUgDcXXIbkpzaA2Iben0VqbjbMJisj4fFh0EvqNkYAG5
+ 4YBc26~W6SPWyBgZilXvFlcizF90Q5NkIGMMHXTq46qEYHkpQC3CoaH6PMNVDetD
+ PmFc3QXmc68cNcj~VPh4XVsn3qiKhXuRdXggEC3RoTcxqaeassfIG5xhRdnJzGSV
+ hYUE3At~8wI-AuRV~AglV1Q-AZTWT~9VxBzcxfI1PpfzeA-5z5T4542bh1e-RM9t
+ zXEx5ErPCt6M~zJ2~4-tz-aBsZEhBkn0iDi8pazshg6lTl1~hCnueZBxYICqPrlB
+ AAAA
+</pre></code>
+
+<p>
+ If you want to copy it from here, you need to manually join the lines back
+ together in a text editor. Sorry, I could not GPG-sign that very long line.
+</p>
+
+<p>
+ To address this destination using a convenient name, you need to enter it into
+ the host database of your I2P router. This can be done manually by editing the
+ `hosts.txt` file, or more easily using the SusiDNS tool:
+</p>
+
+<ol>
+ <li>Open SusiDNS <a href="http://localhost:7657/susidns/index.jsp">http://localhost:7657/susidns/index.jsp</a></li>
+ <li>Open the router addressbook</li>
+ <li>Find the "Add new destination:" part at the bottom</li>
+ <li>Enter `mtn.i2p2.i2p` into the "Hostname" box</li>
+ <li>Enter the key into the "Destination:" box</li>
+ <li>Click "Add destination"</li>
+</ol>
+
+<p>
+ Next, you need to create a client tunnel pointing at the server. This can be
+ done manually by editing `i2ptunnel.config` or more easily using the I2PTunnel
+ tool:
+</p>
+
+<ol>
+ <li>Open I2PTunnel <a href="http://localhost:7657/i2ptunnel/index.jsp">http://localhost:7657/i2ptunnel/index.jsp</a></li>
+ <li>Find the "Add new client tunnel:" part at the middle</li>
+ <li>Pick "Standard" for the tunnel type, click "Create"</li>
+ <li>Enter `mtn.i2p2.i2p` in the "Name:" box</li>
+ <li>Enter `mtn.i2p2.i2p` in the "Description:" box</li>
+ <li>Enter `8998` in the "Access Point Port:" box</li>
+ <li>Select "Bulk connection" in the "Profile" box</li>
+ <li>Enable the "Shared client" checkbox</li>
+ <li>Enable the "Auto start" checkbox</li>
+ <li> Pick your anonymity level at the bottom</li>
+ <li>Click "Save"</li>
+ <li>The tunnel will start automatically</li>
+</ol>
+
+
+<h3 id="pulling-the-i2p.i2p-i2p.www-and-i2p.syndie-branches">Pulling the `i2p.i2p`, `i2p.www` and `i2p.syndie` branches</h3>
+
+<p>
+ When you pull code as a client, the action itself implies that you want data
+ from the server. You thus don't need to grant the server any extra permissions.
+</p>
+
+<p>
+ Enter the directory where you initialized `i2p.mtn`. Depending on whether you
+ want only I2P sources, or also sources for the I2P website and Syndie, you can
+ perform the `pull` operation in different ways.
+</p>
+
+<p>
+ If you only want I2P sources:
+ <ul>
+ <li>$ mtn --db="i2p.mtn" -k "" pull 127.0.0.1:8998 i2p.i2p</li>
+ </ul>
+</p>
+
+<p>
+ If you want all branches:
+ <ul>
+ <li>$ mtn --db="i2p.mtn" -k "" pull 127.0.0.1:8998 "i2p.*"</li>
+ </ul>
+</p>
+
+<p>
+ Restart the process if it stops due to network errors. Note how pulling in the
+ above examples is anonymous (doesn't use your transport key). There is a reason
+ for this: when everyone pulls anonymously, it is harder for an attacker who
+ gains control of the server, to selectively provide some people with tampered
+ data. It is therefore advised to pull anonymously.
+</p>
+
+
+<h3 id="verifying-that-trust-evaluation-works">Verifying that trust evaluation works</h3>
+
+<p>
+ To verify that trust evaluation works, modify your `monotonerc` file in the
+ following way:
+</p>
+
+<code><pre>
+ - local trusted_signers = {
+ - "jrandom@i2p.net",
+ - "complication@mail.i2p",
+ - "zzz@mail.i2p",
+ - "dev@welterde.de"
+ - }
+
+ + local trusted_signers = {
+ + }
+</pre></code>
+
+<p>
+ Save the file, and your Monotone stops trusting all committers. Change into the
+ directory where you created `i2p.mtn`, and attempt a checkout of the I2P branch
+ like this:
+ <ul>
+ <li>$ mtn --db="i2p.mtn" co --branch="i2p.i2p"</li>
+ </ul>
+</p>
+
+<p>
+ A directory named `i2p.i2p` should *not* appear. You should encounter great
+ numbers of error messages like:
+</p>
+
+<code><pre>
+ mtn: warning: trust function disliked 1 signers
+ of branch cert on revision 523c15f6f50cad3bb002f830111fc189732f693b
+ mtn: warning: trust function disliked 1 signers
+ of branch cert on revision 8ac13edc2919dbd5bb596ed9f203aa780bf23ff0
+ mtn: warning: trust function disliked 1 signers
+ of branch cert on revision 8c4dd8ad4053baabb102a01cd3f91278142a2cd1
+ mtn: misuse: branch 'i2p.i2p' is empty
+</pre></code>
+
+<p>
+ If you are satisfied with results, change your `monotonerc` back to match the
+ section <a href="#setting-up-trust-evaluation-hooks">Setting up trust evaluation
+ hooks</a>.
+</p>
+
+
+<h3 id="verifying-that-i2p-maintains-continuity-with-jrandoms-last-tarball">Verifying that I2P maintains continuity with jrandom's last tarball</h3>
+
+<p>
+ When jrandom had to leave, and soon after that `dev.i2p` went down, other
+ developers and server operators (e.g. Complication, zzz, welterde) had to take
+ over his job.
+</p>
+
+<p>
+ It is important for the I2P project's trustability, that practical and widely
+ known methods exist for verifying that code integrity was preserved. Perhaps
+ the most important part in this is ability to verify the initial import into
+ Monotone by zzz.
+</p>
+
+<p>
+ Fortunately the 0.6.1.30 source tarball, signed by jrandom, should make
+ verification fairly simple. I will describe the recommended course of action
+ below.
+</p>
+
+
+<h3 id="obtaining-jrandoms-public-gpg-key">Obtaining jrandom's public GPG key</h3>
+
+<p>
+ <i>It would be inappropriate to supply jrandom's GPG public key in this guide.
+ Find the public key from an independent source. Jrandom's GPG public key can be
+ found in many places, including a number of public keyservers.</i>
+</p>
+
+<p>
+ <b>Tip:</b> To find jrandom's GPG key for I2P releases, on public keyservers locate
+ the key `0x065E37EE`, with the name `jrandom@i2p.net` and the fingerprint `829E
+ F1C6 89A5 72DC E66F D5BF 42E2 7451 065E 37EE`.
+</p>
+
+
+<h3 id="obtaining-the-0.6.1.30-source-tarball-and-jrandoms-signature-of-it">Obtaining the 0.6.1.30 source tarball and jrandom's signature of it</h3>
+
+<p>
+ There are multiple places where you can find the 0.6.1.30 source tarball and
+ signature. I will provide two, and recommend the first one, since it's
+ massively faster.
+</p>
+
+<ul>
+ <li><a href="http://mirror.i2p2.de/i2p-0.6.1.30.tar.bz2">http://mirror.i2p2.de/i2p-0.6.1.30.tar.bz2</a></li>
+ <li><a href="http://mirror.i2p2.de/i2p-0.6.1.30.tar.bz2.sig">http://mirror.i2p2.de/i2p-0.6.1.30.tar.bz2.sig</a></li>
+</ul>
+
+<ul>
+ <li><a href="http://complication.i2p/i2p/0.6.1.30/i2p-0.6.1.30.tar.bz2">http://complication.i2p/i2p/0.6.1.30/i2p-0.6.1.30.tar.bz2</li>
+ <li><a href="http://complication.i2p/i2p/0.6.1.30/i2p-0.6.1.30.tar.bz2.sig">http://complication.i2p/i2p/0.6.1.30/i2p-0.6.1.30.tar.bz2.sig</a></li>
+</ul>
+
+
+<h3 id="verifying-and-extracting-the-source-tarball">Verifying and extracting the source tarball</h3>
+
+<p>
+ Deploy the tarball and signature into the directory where `i2p.mtn` is.
+ Assuming you have jrandom's GPG key imported into your GPG keyring, verify the
+ tarball this way:
+ <ul>
+ <li>$ gpg --verify i2p-0.6.1.30.tar.bz2.sig i2p-0.6.1.30.tar.bz2</li>
+ </ul>
+</p>
+
+<p>
+ Extract the tarball into a source tree like below, and a directory named
+ `i2p_0_6_1_30` should appear.
+ <ul>
+ <li>$ tar -xjvf i2p-0.6.1.30.tar.bz2</li>
+ </ul>
+</p>
+
+
+<h3 id="checking-out-0.6.1.30-sources-from-monotone">Checking out 0.6.1.30 sources from Monotone</h3>
+
+<p>
+ To compare code in Monotone against the source tarball, we must check out the
+ revision which corresponds to 0.6.1.30 from Monotone.
+</p>
+
+<p>
+ That revision is `928aadc3796083b8412829c2d18e95fdeecd8196`. To check it out,
+ change into the directory where `i2p.mtn` is located, and over there issue:
+ <ul>
+ <li>$ mtn --db="i2p.mtn" co --revision="928aadc3796083b8412829c2d18e95fdeecd8196"</li>
+ </ul>
+</p>
+
+<p>
+ A directory named `i2p.i2p` must appear in the current directory. You may
+ notice that it contains a subdirectory named `_MTN`, which the source tarball
+ does not contain.
+</p>
+
+<p>
+ That subdirectory is for Monotone internal use. We'll ignore it while diffing.
+ To ascertain that the extra directory is safe, you can perform a few checks:
+ <ul>
+ <li>Check Monotone docs to ascertain that it must exist</li>
+ <li>Ascertain that nothing in I2P code uses it</li>
+ <li>Examine its content</li>
+ </ul>
+</p>
+
+
+<h3 id="diffing-source-trees-against-each-other">Diffing source trees against each other</h3>
+
+<p>
+ To perform a recursive (`-r`) `diff` of the source tarball against the Monotone
+ checkout, writing output into `result.diff`, treating absent files and
+ directories as empty (`-N`) for comparison, and excluding (`-x`) any `_MTN`
+ subdirectories, you should issue:
+ <ul>
+ <li>$ diff -r -N -x "_MTN" i2p_0_6_1_30 i2p.i2p > changes.diff</li>
+ </ul>
+</p>
+
+<p>
+ You should read `changes.diff` with a text editor. Your work will be easier if
+ your text editor highlights `diff` syntax, but that is optional. The only kind of
+ changes you should see are:
+ <ol>
+ <li>
+ changes of CVS `$Id:` tags into empty tags, like below:
+ <ul>
+ <li>$Id: readme.license.txt,v 1.1.1.1 2004-04-07 23:41:55 jrandom Exp $</li>
+ <li>$Id$</li>
+ </ul>
+ </li>
+
+ <li>changes of date format in CVS `$Id:` tags, like below:
+ <ul>
+ <li>$Id: README,v 1.1 2005-01-24 18:43:38 smeghead Exp $</li>
+ <li>$Id: README,v 1.1 2005/01/24 17:42:05 smeghead Exp $</li>
+ </ul>
+ </li>
+
+ <li>revision number bumps without changes in file content, like below:
+ <ul>
+ <li>$Revision: 1.2 $</li>
+ <li>$Revision: 1.1 $</li>
+ </ul>
+ </li>
+
+ <li>changes in date tags, presumably part of the release process
+ <ul>
+ <li><i2p.news date="$Date: 2007-10-07 22:09:35 $"></li>
+ <li><i2p.news date="$Date: 2007-08-23 19:33:29 $"></li>
+ </ul>
+ </li>
+ </ol>
+</p>
+
+<p>
+ That should be all. The diff ought be about 300 lines long. There should be
+ absolutely no changes in anything but formal tags. If you see consequential
+ changes in code, please report.
+</p>
+
+
+<h3 id="examining-changes-from-0.6.1.30-onwards">Examining changes from 0.6.1.30 onwards</h3>
+
+<p>
+ To examine what has been modified from the current moment back to release
+ 0.6.1.30, use ordinary Monotone facilities. For example you could change into
+ the `i2p.i2p` directory and there issue:
+
+<code><pre>
+ $ mtn update
+ $ mtn log --to="928aadc3796083b8412829c2d18e95fdeecd8196" > ../changes.log
+ $ mtn diff --revision="928aadc3796083b8412829c2d18e95fdeecd8196" > ../changes.diff
+</pre></code>
+</p>
+
+<p>
+ The first command would update your local copy to the "head" or latest version.
+ The second one would print a concise log of changes going back to 0.6.1.30,
+ into a file in the parent directory of the working copy, and the third command
+ would print a full diff into another file.
+</p>
+
+<p>
+ This diff will be *big*, and will get bigger with development. Fortunately
+ there are compelling reasons to read it only during a short period after the
+ transition.
+</p>
+
+
+<h3 id="checking-out-a-working-copy-of-the-latest-version">Checking out a working copy of the latest version</h3>
+
+<p>
+ Do this only if you haven't already checked out a working copy. If you checked
+ it out according to the section
+ <a href="#checking-out-0.6.1.30-sources-from-monotone">Checking out 0.6.1.30 sources from
+ Monotone</a>, skip to the <a href="#updating-your-working-copy-to-the-latest-version">next
+ section</a> and do an update instead.
+</p>
+
+<p>
+ Change into the directory where `i2p.mtn` is located. Over there issue:
+ <ul>
+ <li>$ mtn --db="i2p.mtn" co --branch="i2p.i2p"</li>
+ </ul>
+</p>
+
+<p>
+ Checkout should complete without error messages, and a directory named
+ `i2p.i2p` should appear in the current directory. Congratulations, you have
+ successfully checked out the latest I2P sources. They should be ready to
+ compile.
+</p>
+
+
+<h3 id="updating-your-working-copy-to-the-latest-version">Updating your working copy to the latest version</h3>
+
+<p>
+ If you haven't done this already, pull fresh code from the server to your local
+ Monotone repository. To accomplish this, change into the directory where
+ `i2p.mtn` is located and issue:
+ <ul>
+ <li>$ mtn --db="i2p.mtn" -k "" pull 127.0.0.1:8998 i2p.i2p</li>
+ </ul>
+</p>
+
+<p>
+ Now change into your `i2p.i2p` directory, and over there issue:
+ <ul>
+ <li>$ mtn update</li>
+ </ul>
+</p>
+
+<p>
+ Congratulations, you have successfully updated to the latest I2P sources. They
+ should be ready to compile.
+</p>
+
+
+<h3 id="why-i2p.www-cannot-be-verified">Why `i2p.www` cannot be verified</h3>
+
+<p>
+ The branch `www.i2p` cannot be properly verified, because jrandom did not
+ produce signed tarballs of it.
+</p>
+
+<p>
+ Fortunately, only a few people need the project website, and it's small enough
+ to review manually in a modest period of time. I thus hope it's not a risk
+ which comes back to bite us.
+</p>
+
+<p>
+ Changes which occur in this branch since its import into Monotone will be
+ verifiable in future.
+</p>
+
+
+<h3 id="why-syndie-doesnt-need-a-signed-tarball-to-verify">Why Syndie doesn't need a signed tarball to verify</h3>
+
+<p>
+ Because it was verified using jrandom's Monotone key.
+</p>
+
+<p>
+ If you obtained the `mtn-committers` and `mtn-committers.sig` files from this
+ guide, and obtained jrandom's Syndie release key from an independent source,
+ and the signature verified, one of the following should be true:
+ <ul>
+ <li>The Monotone key this document supplies is correct</li>
+ <li>Your independent source is colluding with me</li>
+ </ul>
+</p>
+
+<p>
+ However if the signed tarball should become available, this document will be
+ updated with information about it.
+</p>
+
+
+<h2 id="operating-a-monotone-server">Operating a Monotone Server</h2>
+
+<h3 id="obtaining-and-deploying-developers-transport-keys">Obtaining and deploying developers' transport keys</h3>
+
+<p>
+ As a server operator you may want to grant push access to certain developers.
+</p>
+
+<p>
+ If development is distributed between multiple servers you may also want to
+ give other servers push access. Servers also have transport keys -- ask the
+ server operators for them.
+</p>
+
+<p>
+ The procedure for importing transport keys is the same as for importing commit
+ keys, which is described in the section
+ <a href="#servers-and-creating-a-client-tunnel-to-mtn.i2p2.i2p">Servers, and creating a client tunnel
+ to `mtn.i2p2.i2p`</a>.
+</p>
+
+
+<h3 id="granting-push-and-pull-access">Granting push and pull access</h3>
+
+<p>
+ By default the Monotone server denies all access.
+</p>
+
+<p>
+ To grant pull access to all clients, set the following in
+ `/home/username/.monotone/read-permissions`:
+
+<code><pre>
+ pattern "*"
+ allow "*"
+</pre></code>
+</p>
+
+<p>
+ To grant push access to certain developers, add their transport keys to
+ `/home/username/.monotone/write-permissions`:
+
+<code><pre>
+ zzz-transport@mail.i2p
+ complication-transport@mail.i2p
+</pre></code>
+</p>
+
+
+<h3 id="running-monotone-in-server-mode">Running Monotone in server mode</h3>
+
+<p>
+ First, to run a Monotone server, don't use your development database. Monotone
+ locks a database while serving it to others, and this will greatly
+ inconvenience your development work.
+</p>
+
+<p>
+ Instead, make a copy of your development database -- possibly into a different
+ directory, possibly for a different user (your choice) and finally in the right
+ directory. As the right user issue something like:
+ <ul>
+ <li>$ mtn serve --bind="127.0.0.1:8998" --db="i2p.mtn" --key "myserver-transport@mail.i2p"</li>
+ </ul>
+</p>
+
+<p>
+ If your key is protected with a passphrase, Monotone may request the passphrase
+ not during startup, but when the first client connects. This is probably a bug
+ in Monotone, and will be fixed. You can get around this effect by connecting as
+ a client to your own server.
+</p>
+
+<p>
+For your server to be accessible for others over I2P, you will need to create a
+server tunnel for it. Use the "Standard" tunnel type and "Bulk" profile.
+</p>
+
+
+<h3 id="differences-under-debian-gnulinux">Differences under Debian GNU/Linux</h3>
+
+<p>
+ Some Linux distros have taken an extra step and integrated Monotone into their
+ framework of daemons/services. Debian is among them, even though you can run
+ Monotone "the ordinary way" under Debian too.
+</p>
+
+<p>
+ You can find the `read-permissions`, `write-permissions` and `hooks.lua` file
+ under `/etc/monotone`.
+</p>
+
+<p>
+ You'll likely need to modify `/etc/default/monotone`, since it contains
+ settings like the interface to listen on, and the location of data files
+ (`i2p.mtn`).
</p>
<p>
-If you want to get the source non-anonymously, pull from the public server mtn.welterde.de.
-The i2p source code branch is "i2p.i2p".
+ A script `/etc/init.d/monotone` is provided for running a Monotone server. You
+ can register it for running automatically using `update-rc.d`.
</p>
-<h2>Guide</h2>
<p>
-The following is a detailed guide by Complication.
+ When more information becomes available it will be added here.
</p>
-<pre>
- {% include "transition-guide.txt" %}
-</pre>
{% endblock %}
diff --git a/www.i2p2/pages/naming.html b/www.i2p2/pages/naming.html
index 947858abd5bc3560e3b1ba735eb61d5cc2258bff..5635ee3b4d707eea072213101e6d717331999553 100644
--- a/www.i2p2/pages/naming.html
+++ b/www.i2p2/pages/naming.html
@@ -1,19 +1,19 @@
{% extends "_layout.html" %}
-{% block title %}Naming, Addressbook, and SusiDNS{% endblock %}
+{% block title %}Naming and Addressbook{% endblock %}
{% block content %}
<h1>Naming in I2P</h1>
-<h2>Overview</h2>
-(copied from
-<a href="techintro.html">the tech intro</a>)
+<h2 id="overview">Overview</h2>
+This page was last updated in March 2012 and is accurate for router version 0.8.13.
<p>
-Naming within I2P has been an oft-debated topic since the very beginning with
-advocates across the spectrum of possibilities. However, given I2P's inherent
-demand for secure communication and decentralized operation, the traditional
-DNS-style naming system is clearly out, as are "majority rules" voting systems.
-Instead, I2P ships with a generic naming library and a base implementation
-designed to work off a local name to destination mapping, as well as an optional
-add-on application called the "addressbook". The addressbook is a web-of-trust
+I2P ships with a generic naming library and a base implementation
+designed to work off a local name to destination mapping, as well as an
+add-on application called the <a href="#addressbook">addressbook</a>.
+I2P also supports <a href="#base32">Base32 hostnames</a> similar to Tor's .onion addresses.
+</p>
+
+<p>
+The addressbook is a web-of-trust
driven secure, distributed, and human readable naming system, sacrificing only
the call for all human readable names to be globally unique by mandating only
local uniqueness. While all messages in I2P are cryptographically addressed
@@ -27,69 +27,43 @@ traditional DNS.
</p>
<p>
-I2P does not promote the use of DNS-like services though, as the damage done
-by hijacking a site can be tremendous - and insecure destinations have no
-value. DNSsec itself still falls back on registrars and certificate authorities,
-while with I2P, requests sent to a destination cannot be intercepted or the reply
-spoofed, as they are encrypted to the destination's public keys, and a destination
-itself is just a pair of public keys and a certificate. DNS-style systems on the
-other hand allow any of the name servers on the lookup path to mount simple denial
-of service and spoofing attacks. Adding on a certificate authenticating the
-responses as signed by some centralized certificate authority would address many of
-the hostile nameserver issues but would leave open replay attacks as well as
-hostile certificate authority attacks.
-</p>
-
-<p>
-Voting style naming is dangerous as well, especially given the effectiveness of
-Sybil attacks in anonymous systems - the attacker can simply create an arbitrarily
-high number of peers and "vote" with each to take over a given name. Proof-of-work
-methods can be used to make identity non-free, but as the network grows the load
-required to contact everyone to conduct online voting is implausible, or if the
-full network is not queried, different sets of answers may be reachable.
+NOTE: For the reasoning behind the I2P naming system, common arguments against it
+and possible alternatives see the <a href="naming_discussion.html">naming discussion</a>
+page.
</p>
-<p>
-As with the Internet however, I2P is keeping the design and operation of a
-naming system out of the (IP-like) communication layer. The bundled naming library
-includes a simple service provider interface which alternate naming systems can
-plug into, allowing end users to drive what sort of naming tradeoffs they prefer.
-</p>
-
-<p>
-Here is
-<a href="http://forum.i2p/viewtopic.php?t=134">the often-referenced October 2004 forum post by duck on the subject</a>
-but it is dated and somewhat confusing.
-
-<h2>Naming System Components</h2>
+<h2 id="components">Naming System Components</h2>
<p>
There is no central naming authority in I2P.
All hostnames are local.
-</p><p>
+</p>
+<p>
The naming system is quite simple and most of it is implemented
in applications external to the router, but bundled with
the I2P distribution.
The components are:
+</p>
<ol>
-<li>The client application which does local lookups in hosts.txt
-<li>The HTTP proxy which asks the router for lookups and points
+<li>The <a href="#lookup">client application</a> which does local lookups in hosts.txt
+and also takes care of the <a href="#base32">Base32 hostnames</a>.
+<li>The <a href="#httpproxy">HTTP proxy</a> which asks the router for lookups and points
the user to remote jump services to assist with failed lookups
-<li>HTTP host-add forms which allow others to add hosts to their local hosts.txt
-<li>HTTP jump services which provide their own lookups and redirection
-<li>The 'addressbook' application which merges external
+<li>HTTP <a href="#add-services">host-add forms</a> which allow users to add hosts to their local hosts.txt
+<li>HTTP <a href="#jump-services">jump services</a> which provide their own lookups and redirection
+<li>The <a href="#addressbook">addressbook</a> application which merges external
host lists, retrieved via HTTP, with the local list
-<li>The 'SusiDNS' application which is a simple web front-end
+<li>The <a href="#susidns">SusiDNS</a> application which is a simple web front-end
for addressbook configuration and viewing of the local host lists.
</ol>
-</p>
-<h2>Naming Files and Lookups</h2>
+<h2 id="lookup">Naming Files and Lookups</h2>
<p>
-All destinations in I2P are 516-byte keys.
+All destinations in I2P are 516-byte (or longer) keys.
(To be more precise, it is a 256-byte public key plus a 128-byte signing key
plus a null certificate, which in Base64 representation is 516 bytes.
-Certificates are not used now, if they are, the keys will be longer.
+<a href="naming_discussion.html#certificates">Certificates</a> are not used now,
+if they are, the keys will be longer.
One possible use of certificates is for <a href="todo.html#hashcash">proof of work</a>.)
</p><p>
If an application (i2ptunnel or the HTTP proxy) wishes to access
@@ -103,86 +77,93 @@ look up host names and convert them to a 516-byte destination key:
<li>userhosts.txt
<li>hosts.txt
</ol>
-The lookup is case-insensitive.
+<p>The lookup is case-insensitive.
The first match is used, and conflicts are not detected.
There is no enforcement of naming rules in lookups.
</p><p>
Lookups are cached for a few minutes.
There is an experimental facility for real-time lookups (a la DNS) over the network within the router,
although it is not enabled by default
-(see "EepGet" below under "Alternatives").
+(see "EepGet" under <a href="naming_discussion.html#alternatives">Alternatives on the discussion page</a>).
</p>
-<h2>HTTP Proxy</h2>
-The HTTP proxy does a lookup via the router for all hostnames ending in '.i2p'.
+<h2 id="httpproxy">HTTP Proxy</h2>
+<p>The HTTP proxy does a lookup via the router for all hostnames ending in '.i2p'.
Otherwise, it forwards the request to a configured HTTP outproxy.
Thus, in practice, all HTTP (eepsite) hostnames must end in the pseudo-Top Level Domain '.i2p'.
+</p>
<p>
If the router fails to resolve the hostname, the HTTP proxy returns
an error page to the user with links to several "jump" services.
See below for details.
+</p>
-
-
-
-<h2>Addressbook</h2>
+<h2 id="addressbook">Addressbook</h2>
<h3>Incoming Subscriptions and Merging</h3>
<p>
The addressbook application periodically
retrieves other users' hosts.txt files and merges
them with the local hosts.txt, after several checks.
+Naming conflicts are resolved on a first-come first-served
+basis.
</p><p>
Subscribing to another user's hosts.txt file involves
giving them a certain amount of trust.
You do not want them, for example, 'hijacking' a new site
by quickly entering in their own key for a new site before
passing the new host/key entry to you.
-
</p><p>
For this reason, the only subscription configured by
-default is http://www.i2p2.i2p/hosts.txt,
+default is <code>http://www.i2p2.i2p/hosts.txt</code>,
which contains a copy of the hosts.txt included
in the I2P release.
Users must configure additional subscriptions in their
-local addressbook application (via subscriptions.txt or SusiDNS).
-
+local addressbook application (via subscriptions.txt or <a href="#susidns">SusiDNS</a>).
</p><p>
+Some other public addressbook subscription links:
+</p>
+<ul>
+<li><a href="http://i2host.i2p/cgi-bin/i2hostetag">http://i2host.i2p/cgi-bin/i2hostetag</a>
+<li><a href="http://stats.i2p/cgi-bin/newhosts.txt">http://stats.i2p/cgi-bin/newhosts.txt</a>
+</ul>
+<p>
+The operators of these services may have various policies for listing hosts.
+Presence on this list does not imply endorsement.
+</p>
+
<h3>Naming Rules</h3>
<p>
While there are hopefully not any technical limitations within I2P on host names,
-as of release 0.6.1.31,
the addressbook enforces several restrictions on host names
imported from subscriptions.
It does this for basic typographical sanity and compatibility with browsers,
and for security.
The rules are essentially the same as those in RFC2396 Section 3.2.2.
-Any hostnames violating these rules may not be propagated widely
-to routers running release 0.6.1.31 or later.
+Any hostnames violating these rules may not be propagated
+to other routers.
</p><p>
-Naming rules:
+Naming rules:</p>
<ul>
-<li>Names are converted to lower case on import
+<li>Names are converted to lower case on import.
<li>Names are checked for conflict with existing names in the existing userhosts.txt and hosts.txt
-(but not privatehosts.txt)
-after conversion to lower case
-<li>Must contain only [a-z] [0-9] '.' and '-' after conversion to lower case
-<li>Must not start with '.' or '-'
-<li>Must end with '.i2p'
-<li>67 characters maximum, including the '.i2p'
-<li>Must not contain '..'
-<li>Must not contain '.-' or '-.' (as of 0.6.1.33)
-<li>Must not contain '--' except in 'xn--' for IDN (as of 0.6.1.32)
-<li>Base 32 hostnames (*.b32.i2p) are not allowed.
-<li>Certain hostnames reserved for project use are not allowed.
-<li>Keys are checked for base64 validity
+(but not privatehosts.txt) after conversion to lower case.
+<li>Must contain only [a-z] [0-9] '.' and '-' after conversion to lower case.
+<li>Must not start with '.' or '-'.
+<li>Must end with '.i2p'.
+<li>67 characters maximum, including the '.i2p'.
+<li>Must not contain '..'.
+<li>Must not contain '.-' or '-.' (as of 0.6.1.33).
+<li>Must not contain '--' except in 'xn--' for IDN.
+<li>Base32 hostnames (*.b32.i2p) are not allowed.
+<li>Certain hostnames reserved for project use are not allowed
+ (proxy.i2p, router.i2p, console.i2p, *.proxy.i2p, *.router.i2p, *.console.i2p, and others)
+<li>Keys are checked for base64 validity.
<li>Keys are checked for conflict with existing keys in hosts.txt (but not privatehosts.txt).
-<li>Keys containing non-null certificates with length greater than zero were rejected before release 0.6.5.
- Keys containing non-null certificates with zero length were rejected before release 0.7.8.
-<li>Maximum key length 516 bytes
-<li>Maximum key length 616 bytes
+<li>Minimum key length 516 bytes.
+<li>Maximum key length 616 bytes (to account for certs up to 100 bytes).
</ul>
-</p><p>
+<p>
Any name received via subscription that passes all the checks is added to the local hosts.txt.
</p><p>
Note that the '.' symbols in a host name are of no significance,
@@ -195,16 +176,14 @@ and the desirability and feasibility of these methods,
are topics for future discussion.
</p><p>
International Domain Names (IDN) also work in i2p (using punycode 'xn--' form).
-To see IDN .i2p domain names rendered correctly in firefox's location bar,
+To see IDN .i2p domain names rendered correctly in Firefox's location bar,
add 'network.IDN.whitelist.i2p (boolean) = true' in about:config.
</p><p>
-
As the addressbook application does not use privatehosts.txt at all, in practice
this file is the only place where it is appropriate to place private aliases or
"pet names" for sites already in hosts.txt.
-
-
</p>
+
<h3>Outgoing Subscriptions</h3>
<p>
Addressbook will publish the merged hosts.txt to a location
@@ -213,11 +192,9 @@ for their subscriptions.
This step is optional and is disabled by default.
</p>
-
<h3>Hosting and HTTP Transport Issues</h3>
<p>
-As of release 0.6.1.30,
-the addressbook application, together with eepget, saves the Etag and/or Last-Modified
+The addressbook application, together with eepget, saves the Etag and/or Last-Modified
information returned by the web server of the subscription.
This greatly reduces the bandwidth required, as the web server will
return a '304 Not Modified' on the next fetch if nothing has changed.
@@ -235,7 +212,7 @@ This will dramatically reduce the network bandwidth, and
reduce chances of corruption.
</p>
-<h2>Host Add Services</h2>
+<h2 id="add-services">Host Add Services</h2>
<p>
A host add service is a simple CGI application that takes a hostname and a Base64 key as parameters
and adds that to its local hosts.txt.
@@ -244,25 +221,25 @@ will be propagated through the network.
</p><p>
It is recommended that host add services impose, at a minimum, the restrictions imposed by the addressbook application listed above.
Host add services may impose additional restrictions on hostnames and keys, for example:
+</p>
<ul>
-<li>Limit on number of 'subdomains'
-<li>Authorization for 'subdomains' through various methods
-<li>Hashcash or signed certificates
-<li>Editorial review of host names and/or content
-<li>Categorization of hosts by content
-<li>Reservation or rejection of certain host names
-<li>Restrictions on number of names registered in a given time period
-<li>Delays between registration and publication
-<li>Requirement that the host be up for verification
-<li>Expiration and/or revocation
-<li>IDN spoof rejection
+<li>A limit on number of 'subdomains'.
+<li>Authorization for 'subdomains' through various methods.
+<li>Hashcash or signed certificates.
+<li>Editorial review of host names and/or content.
+<li>Categorization of hosts by content.
+<li>Reservation or rejection of certain host names.
+<li>Restrictions on the number of names registered in a given time period.
+<li>Delays between registration and publication.
+<li>Requirement that the host be up for verification.
+<li>Expiration and/or revocation.
+<li>IDN spoof rejection.
</ul>
-</p>
-<h2>Jump Services</h2>
+<h2 id="jump-services">Jump Services</h2>
<p>
A jump service is a simple CGI application that takes a hostname as a parameter
-and returns a 301 redirect to the proper URL with a ?i2paddresshelper=key
+and returns a 301 redirect to the proper URL with a <code>?i2paddresshelper=key</code>
string appended.
The HTTP proxy will interpret the appended string and
use that key as the actual destination.
@@ -279,214 +256,36 @@ To provide the best service, a jump service should be subscribed to
several hosts.txt providers so that its local host list is current.
</p>
-<h2>SusiDNS</h2>
+<h2 id="susidns">SusiDNS</h2>
<p>
-While the naming system within I2P is often called "SusiDNS",
SusiDNS is simply a web interface front-end to configuring addressbook subscriptions
and accessing the four addressbook files.
All the real work is done by the 'addressbook' application.
</p><p>
-Currently, there is no enforcement of addressbook naming rules within SusiDNS,
-so you can enter hostnames locally that would be rejected by
-your own or others' addressbook subscriptions.
+Currently, there is little enforcement of addressbook naming rules within SusiDNS,
+so a user may enter hostnames locally that would be rejected by
+the addressbook subscription rules.
</p>
-<h2>Discussion</h2>
-See also <a href="https://zooko.com/distnames.html">Names: Decentralized, Secure, Human-Meaningful: Choose Two</a>.
-<h3>Comments by jrandom</h3>
-(adapted from a post in the old Syndie, November 26, 2005)
-<p>
-Q:
-What to do if some hosts
-do not agree on one address and if some addresses are working, others are not?
-Who is the right source of a name?
-<p>
-A:
-You don't. This is actually a critical difference between names on I2P and how
-DNS works - names in I2P are human readable, secure, but <b>not globally
-unique</b>. This is by design, and an inherent part of our need for security.
-<p>
-If I could somehow convince you to change the destination associated with some
-name, I'd successfully "take over" the site, and under no circumstances is that
-acceptable. Instead, what we do is make names <b>locally unique</b>: they are
-what <i>you</i> use to call a site, just as how you can call things whatever
-you want when you add them to your browser's bookmarks, or your IM client's
-buddy list. Who you call "Boss" may be who someone else calls "Sally".
-<p>
-Names will not, ever, be securely human readable and globally unique.
-
-<h3>Comments by zzz</h3>
-The following from zzz is a review of several common
-complaints about I2P's naming system.
-<ul>
-<li>Inefficiency<br>
-The whole hosts.txt is downloaded (if it has changed, since eepget uses the etag and last-modified headers).
-It's about 400K right now for almost 800 hosts.
-<p>
-True, but this isn't a lot of traffic in the context of i2p, which is itself wildly inefficient
-(floodfill databases, huge encryption overhead and padding, garlic routing, etc.).
-If you downloaded a hosts.txt file from someone every 12 hours it averages out to about 10 bytes/sec.
-<p>
-As is usually the case in i2p, there is a fundamental tradeoff here between anonymity and efficiency.
-Some would say that using the etag and last-modified headers is hazardous because it exposes when you
-last requested the data.
-Others have suggested asking for specific keys only (similar to what jump services do, but
-in a more automated fashion), possibly at a further cost in anonymity.
-<p>
-Possible improvements would be a replacement or supplement to addressbook (see <a href="http://i2host.i2p/">i2host.i2p</a>),
-or something simple like subscribing to http://example.i2p/cgi-bin/recenthosts.cgi rather than http://example.i2p/hosts.txt.
-If a hypothetical recenthosts.cgi distributed all hosts from the last 24 hours, for example,
-that could be both more efficient and more anonymous than the current hosts.txt with last-modified and etag.
-<p>
-A sample implementation is on stats.i2p at
-<a href="http://stats.i2p/cgi-bin/newhosts.txt">http://stats.i2p/cgi-bin/newhosts.txt</a>.
-This script returns an Etag with a timestamp.
-When a request comes in with the If-None-Match etag,
-the script ONLY returns new hosts since that timestamp, or 304 Not Modified if there are none.
-In this way, the script efficiently returns only the hosts the subscriber
-does not know about, in an addressbook-compatible manner.
-
-
-<p>
-So the inefficiency is not a big issue and there are several ways to improve things without
-radical change.
-
-<li>Not Scalable<br>
-The 400K hosts.txt (with linear search) isn't that big at the moment and
-we can probably grow by 10x or 100x before it's a problem.
-<p>
-As far as network traffic see above.
-But unless you're going to do a slow real-time query over the network for
-a key, you need to have the whole set of keys stored locally, at a cost of about 500 bytes per key.
-<li>Requires configuration and "trust"<br>
-Out-of-the-box addressbook is only subscribed to dev.i2p, which is rarely updated,
-leading to poor new-user experience.
-<p>
-This is very much intentional. jrandom wants a user to "trust" a hosts.txt
-provider, and as he likes to say, "trust is not a boolean".
-The configuration step attempts to force users to think about issues of trust in an anonymous network.
-<p>
-As another example, the "Eepsite Unknown" error page in the HTTP Proxy
-lists some jump services, but doesn't "recommend" any one in particular,
-and it's up to the user to pick one (or not).
-jrandom would say we trust the listed providers enough to list them but not enough to
-automatically go fetch the key from them.
-<p>
-How successful this is, I'm not sure.
-But there must be some sort of hierarchy of trust for the naming system.
-To treat everyone equally may increase the risk of hijacking.
-
-<li>It isn't DNS<br>
-Unfortunately real-time lookups over i2p would significantly slow down web browsing.
-<p>
-Also, DNS is based on lookups with limited caching and time-to-live, while i2p
-keys are permanent.
-<p>
-Sure, we could make it work, but why? It's a bad fit.
-<li>Not reliable<br>
-It depends on specific servers for addressbook subscriptions.
-<p>
-Yes it depends on a few servers that you have configured.
-Within i2p, servers and services come and go.
-Any other centralized system (for example DNS root servers) would
-have the same problem. A completely decentralized system (everybody is authoritative)
-is possible by implementing an "everybody is a root DNS server" solution, or by
-something even simpler, like a script that adds everybody in your hosts.txt to your addressbook.
-<p>
-People advocating all-authoritative solutions generally haven't thought through
-the issues of conflicts and hijacking, however.
-
-<li>Awkward, not real-time<br>
-It's a patchwork of hosts.txt providers, key-add web form providers, jump service providers,
-eepsite status reporters.
-Jump servers and subscriptions are a pain, it should just work like DNS.
-<p>
-See the reliability and trust sections.
-
-</ul>
-So, in summary, the current system is not horribly broken, inefficient, or un-scalable,
-and proposals to "just use DNS" aren't well thought-through.
-
-<h2>Base 32 Names</h2>
-As of release 0.7, I2P supports Base32 hostnames similar to Tor's .onion addresses.
+<h2 id="base32">Base32 Names</h2>
+<p>I2P supports Base32 hostnames similar to Tor's .onion addresses.
Base32 addresses are much shorter and easier to handle than the
full 516-character Base64 Destinations or addresshelpers.
-<p>
+Example: <code>ukeu3k5oycgaauneqgtnvselmt4yemvoilkln7jpvamvfx7dnkdq.b32.i2p</code>
+</p><p>
In Tor, the address is 16 characters (80 bits), or half of the SHA-1 hash.
I2P uses 52 characters (256 bits) to represent the full SHA-256 hash.
The form is {52 chars}.b32.i2p.
-Base32 is implemented in the HostsTxt naming service, which queries the
+Base32 is implemented in the naming service, which queries the
router over I2CP to lookup the LeaseSet to get the full Destination.
Base32 lookups will only be successful when the Destination is up and publishing
a LeaseSet.
-<p>
+Because resolution may require a network database lookup, it may take significantly
+longer than a local address book lookup.
+</p><p>
Base32 addresses can be used in most places where hostnames or full destinations
are used, however there are some exceptions where they may fail if the
name does not immediately resolve. I2PTunnel will fail, for example, if
the name does not resolve to a destination.
-
-<h2>Alternatives</h2>
-The I2P source contains several pluggable naming systems and supports configuration options
-to enable experimentation with naming systems.
-<ul>
-<li><b>Meta (default through 0.6.1.32)</b> - calls two or more other naming systems in order.
-By default, calls PetName then HostsTxt.
-<li><b>PetName</b> - Looks up in a petnames.txt file.
-The format for this file is NOT the same as hosts.txt.
-<li><b>HostsTxt (default as of 0.6.1.33)</b> - Looks up in the following files, in order:
-<ol>
-<li>privatehosts.txt
-<li>userhosts.txt
-<li>hosts.txt
-</ol>
-<li><b>AddressDB</b> - Each host is listed in a separate file in a addressDb/ directory.
-<li>
-<b>Eepget (introduced in 0.6.1.33)</b> - does an HTTP lookup request from an external
-server - must be stacked after the HostsTxt lookup with Meta.
-This could augment or replace the jump system.
-Includes in-memory caching.
-<li>
-<b>Exec (introduced in 0.6.1.33)</b> - calls an external program for lookup, allows
-additional experimentation in lookup schemes, independent of java.
-Can be used after HostsTxt or as the sole naming system.
-Includes in-memory caching.
-<li><b>Dummy</b> - used as a fallback for Base64 names, otherwise fails.
-</ul>
-<p>
-The current naming system can be changed with the advanced config option 'i2p.naming.impl'
-(restart required).
-See core/java/src/net/i2p/client/naming for details.
-<p>
-Any new system should be stacked with HostsTxt, or should
-implement local storage and/or the addressbook subscription functions, since addressbook
-only knows about the hosts.txt files and format.
-</ul>
</p>
-
-<h2>Certificates</h2>
-<p>
-I2P destinations contain a certificate, however at the moment that certificate
-is always null.
-With a null certificate, base64 destinations are always 516 bytes ending in "AAAA",
-and this is checked in the addressbook merge mechanism, and possibly other places.
-Also, there is no method available to generate a certificate or add it to a
-destination. So these will have to be updated to implement certificates.
-
-<p>
-One possible use of certificates is for <a href="todo.html#hashcash">proof of work</a>.
-<p>
-Another is for "subdomains" (in quotes because there is really no such thing,
-i2p uses a flat naming system) to be signed by the 2nd level domain's keys.
-<p>
-With any certificate implementation must come the method for verifying the
-certificates.
-Presumably this would happen in the addressbook merge code.
-Is there a method for multiple types of certificates, or multiple certificates?
-
-<p>
-
-Adding on a certificate authenticating the
-responses as signed by some centralized certificate authority would address many of
-the hostile nameserver issues but would leave open replay attacks as well as
-hostile certificate authority attacks.
{% endblock %}
diff --git a/www.i2p2/pages/naming_discussion.html b/www.i2p2/pages/naming_discussion.html
new file mode 100644
index 0000000000000000000000000000000000000000..55d45258c032a342bb1c85702e6b211648752569
--- /dev/null
+++ b/www.i2p2/pages/naming_discussion.html
@@ -0,0 +1,230 @@
+{% extends "_layout.html" %}
+{% block title %}Naming discussion{% endblock %}
+{% block content %}
+<p>
+NOTE: The following is a discussion of the reasons behind the I2P naming system,
+common arguments and possible alternatives.
+See <a href="naming.html">the naming page</a> for current documentation.
+</p>
+
+<h2>Discarded alternatives</h2>
+
+<p>
+Naming within I2P has been an oft-debated topic since the very beginning with
+advocates across the spectrum of possibilities. However, given I2P's inherent
+demand for secure communication and decentralized operation, the traditional
+DNS-style naming system is clearly out, as are "majority rules" voting systems.
+</p>
+
+<p>
+I2P does not promote the use of DNS-like services though, as the damage done
+by hijacking a site can be tremendous - and insecure destinations have no
+value. DNSsec itself still falls back on registrars and certificate authorities,
+while with I2P, requests sent to a destination cannot be intercepted or the reply
+spoofed, as they are encrypted to the destination's public keys, and a destination
+itself is just a pair of public keys and a certificate. DNS-style systems on the
+other hand allow any of the name servers on the lookup path to mount simple denial
+of service and spoofing attacks. Adding on a certificate authenticating the
+responses as signed by some centralized certificate authority would address many of
+the hostile nameserver issues but would leave open replay attacks as well as
+hostile certificate authority attacks.
+</p>
+
+<p>
+Voting style naming is dangerous as well, especially given the effectiveness of
+Sybil attacks in anonymous systems - the attacker can simply create an arbitrarily
+high number of peers and "vote" with each to take over a given name. Proof-of-work
+methods can be used to make identity non-free, but as the network grows the load
+required to contact everyone to conduct online voting is implausible, or if the
+full network is not queried, different sets of answers may be reachable.
+</p>
+
+<p>
+As with the Internet however, I2P is keeping the design and operation of a
+naming system out of the (IP-like) communication layer. The bundled naming library
+includes a simple service provider interface which <a href="#alternatives">alternate naming systems</a> can
+plug into, allowing end users to drive what sort of naming tradeoffs they prefer.
+</p>
+
+<h2>Discussion</h2>
+<p>
+See also <a href="https://zooko.com/distnames.html">Names: Decentralized, Secure, Human-Meaningful: Choose Two</a>.
+</p>
+
+<h3>Comments by jrandom</h3>
+<p>(adapted from a post in the old Syndie, November 26, 2005)</p>
+<p>
+Q:
+What to do if some hosts
+do not agree on one address and if some addresses are working, others are not?
+Who is the right source of a name?
+</p><p>
+A:
+You don't. This is actually a critical difference between names on I2P and how
+DNS works - names in I2P are human readable, secure, but <b>not globally
+unique</b>. This is by design, and an inherent part of our need for security.
+</p><p>
+If I could somehow convince you to change the destination associated with some
+name, I'd successfully "take over" the site, and under no circumstances is that
+acceptable. Instead, what we do is make names <b>locally unique</b>: they are
+what <i>you</i> use to call a site, just as how you can call things whatever
+you want when you add them to your browser's bookmarks, or your IM client's
+buddy list. Who you call "Boss" may be who someone else calls "Sally".
+</p><p>
+Names will not, ever, be securely human readable and globally unique.
+</p>
+
+<h3>Comments by zzz</h3>
+<p>The following from zzz is a review of several common
+complaints about I2P's naming system.
+<ul>
+<li>Inefficiency<br/>
+The whole hosts.txt is downloaded (if it has changed, since eepget uses the etag and last-modified headers).
+It's about 400K right now for almost 800 hosts.
+<p>
+True, but this isn't a lot of traffic in the context of i2p, which is itself wildly inefficient
+(floodfill databases, huge encryption overhead and padding, garlic routing, etc.).
+If you downloaded a hosts.txt file from someone every 12 hours it averages out to about 10 bytes/sec.
+<p>
+As is usually the case in i2p, there is a fundamental tradeoff here between anonymity and efficiency.
+Some would say that using the etag and last-modified headers is hazardous because it exposes when you
+last requested the data.
+Others have suggested asking for specific keys only (similar to what jump services do, but
+in a more automated fashion), possibly at a further cost in anonymity.
+<p>
+Possible improvements would be a replacement or supplement to addressbook (see <a href="http://i2host.i2p/">i2host.i2p</a>),
+or something simple like subscribing to http://example.i2p/cgi-bin/recenthosts.cgi rather than http://example.i2p/hosts.txt.
+If a hypothetical recenthosts.cgi distributed all hosts from the last 24 hours, for example,
+that could be both more efficient and more anonymous than the current hosts.txt with last-modified and etag.
+<p>
+A sample implementation is on stats.i2p at
+<a href="http://stats.i2p/cgi-bin/newhosts.txt">http://stats.i2p/cgi-bin/newhosts.txt</a>.
+This script returns an Etag with a timestamp.
+When a request comes in with the If-None-Match etag,
+the script ONLY returns new hosts since that timestamp, or 304 Not Modified if there are none.
+In this way, the script efficiently returns only the hosts the subscriber
+does not know about, in an addressbook-compatible manner.
+
+
+<p>
+So the inefficiency is not a big issue and there are several ways to improve things without
+radical change.
+
+<li>Not Scalable<br/>
+The 400K hosts.txt (with linear search) isn't that big at the moment and
+we can probably grow by 10x or 100x before it's a problem.
+<p>
+As far as network traffic see above.
+But unless you're going to do a slow real-time query over the network for
+a key, you need to have the whole set of keys stored locally, at a cost of about 500 bytes per key.
+<li>Requires configuration and "trust"<br/>
+Out-of-the-box addressbook is only subscribed to http://www.i2p2.i2p/hosts.txt, which is rarely updated,
+leading to poor new-user experience.
+<p>
+This is very much intentional. jrandom wants a user to "trust" a hosts.txt
+provider, and as he likes to say, "trust is not a boolean".
+The configuration step attempts to force users to think about issues of trust in an anonymous network.
+<p>
+As another example, the "Eepsite Unknown" error page in the HTTP Proxy
+lists some jump services, but doesn't "recommend" any one in particular,
+and it's up to the user to pick one (or not).
+jrandom would say we trust the listed providers enough to list them but not enough to
+automatically go fetch the key from them.
+<p>
+How successful this is, I'm not sure.
+But there must be some sort of hierarchy of trust for the naming system.
+To treat everyone equally may increase the risk of hijacking.
+
+<li>It isn't DNS<br/>
+Unfortunately real-time lookups over i2p would significantly slow down web browsing.
+<p>
+Also, DNS is based on lookups with limited caching and time-to-live, while i2p
+keys are permanent.
+<p>
+Sure, we could make it work, but why? It's a bad fit.
+<li>Not reliable<br/>
+It depends on specific servers for addressbook subscriptions.
+<p>
+Yes it depends on a few servers that you have configured.
+Within i2p, servers and services come and go.
+Any other centralized system (for example DNS root servers) would
+have the same problem. A completely decentralized system (everybody is authoritative)
+is possible by implementing an "everybody is a root DNS server" solution, or by
+something even simpler, like a script that adds everybody in your hosts.txt to your addressbook.
+<p>
+People advocating all-authoritative solutions generally haven't thought through
+the issues of conflicts and hijacking, however.
+
+<li>Awkward, not real-time<br/>
+It's a patchwork of hosts.txt providers, key-add web form providers, jump service providers,
+eepsite status reporters.
+Jump servers and subscriptions are a pain, it should just work like DNS.
+<p>
+See the reliability and trust sections.
+</p>
+</ul>
+<p>So, in summary, the current system is not horribly broken, inefficient, or un-scalable,
+and proposals to "just use DNS" aren't well thought-through.
+</p>
+
+<h2 id="alternatives">Alternatives</h2>
+<p>The I2P source contains several pluggable naming systems and supports configuration options
+to enable experimentation with naming systems.
+<ul>
+<li><b>Meta</b> - calls two or more other naming systems in order.
+By default, calls PetName then HostsTxt.
+<li><b>PetName</b> - Looks up in a petnames.txt file.
+The format for this file is NOT the same as hosts.txt.
+<li><b>HostsTxt</b> - Looks up in the following files, in order:
+<ol>
+<li>privatehosts.txt
+<li>userhosts.txt
+<li>hosts.txt
+</ol>
+<li><b>AddressDB</b> - Each host is listed in a separate file in a addressDb/ directory.
+<li>
+<b>Eepget</b> - does an HTTP lookup request from an external
+server - must be stacked after the HostsTxt lookup with Meta.
+This could augment or replace the jump system.
+Includes in-memory caching.
+<li>
+<b>Exec</b> - calls an external program for lookup, allows
+additional experimentation in lookup schemes, independent of java.
+Can be used after HostsTxt or as the sole naming system.
+Includes in-memory caching.
+<li><b>Dummy</b> - used as a fallback for Base64 names, otherwise fails.
+</ul>
+<p>
+The current naming system can be changed with the advanced config option 'i2p.naming.impl'
+(restart required).
+See core/java/src/net/i2p/client/naming for details.
+<p>
+Any new system should be stacked with HostsTxt, or should
+implement local storage and/or the addressbook subscription functions, since addressbook
+only knows about the hosts.txt files and format.
+
+<h2 id="certificates">Certificates</h2>
+<p>
+I2P destinations contain a certificate, however at the moment that certificate
+is always null.
+With a null certificate, base64 destinations are always 516 bytes ending in "AAAA",
+and this is checked in the addressbook merge mechanism, and possibly other places.
+Also, there is no method available to generate a certificate or add it to a
+destination. So these will have to be updated to implement certificates.
+</p><p>
+One possible use of certificates is for <a href="todo.html#hashcash">proof of work</a>.
+</p><p>
+Another is for "subdomains" (in quotes because there is really no such thing,
+i2p uses a flat naming system) to be signed by the 2nd level domain's keys.
+</p><p>
+With any certificate implementation must come the method for verifying the
+certificates.
+Presumably this would happen in the addressbook merge code.
+Is there a method for multiple types of certificates, or multiple certificates?
+</p><p>
+Adding on a certificate authenticating the
+responses as signed by some centralized certificate authority would address many of
+the hostile nameserver issues but would leave open replay attacks as well as
+hostile certificate authority attacks.
+</p>
+{% endblock %}
diff --git a/www.i2p2/pages/naming_fr.html b/www.i2p2/pages/naming_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..b262a7950e5e8b5792d3ecfbe3ee03b9d26ddd54
--- /dev/null
+++ b/www.i2p2/pages/naming_fr.html
@@ -0,0 +1,242 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Nommage et carnet d'adresses{% endblock %}
+{% block content %}
+Traduction d'avril 2011. <a href="naming.html">Version anglaise actuelle</a>
+<h1>Nommage dans I2P</h1>
+<h2 id="overview">Aperçu</h2>
+
+<p>
+I2P est distribué avec une bibliothèque générique de nommage et une implémentation de base conçue pour fonctionner Ã
+partir d'une correspondance nom/destination locale, ainsi qu'avec une application compagne appelée le
+<a href="#addressbook">carnet d'adresses</a>.
+I2P supporte également les <a href="#base32">noms d'hôtes Base32</a> identiques aux adresses .onion de Tor.</p>
+
+<p>
+Le carnet d'adresses est un système de nommage fondé sur un réseau de confiance, décentralisé et lisible par un être
+humain, qui ne déroge au principe d'unicité globale de ces systèmes de nommages lisibles par l'humain en n'exigeant
+qu'une unicité locale. Comme tous les messages dans I2P sont adressés à leur destination sur une base cryptographique,
+différentes personnes peuvent avoir l'entrée "Alice" dans leur carnet d'adresses local qui représente des destinations
+différentes. Les utilisateurs découvrir de nouveaux noms en important les carnets d'adresses publiés par les pairs de
+leur réseau de confiance, en ajoutant des entrées fournies par un tiers, ou (si quelques uns organisent une série de
+carnets d'adresses publiés en utilisant un système d'enregistrement "premier venu, premier servi") en choisissant de se
+servir de ces carnets d'adresses en tant que serveurs de noms, émulant ainsi le DNS traditionnel.
+</p>
+
+<p>
+NOTE : pour en savoir plus sur les raisons de ce choix de nommage pour I2P, sur les arguments courants à son encontre,
+et sur alternatives possibles, voir la page <a href="naming_discussion.html">discussion sur le nommage</a>.
+</p>
+
+<h2 id="components">Composants du système de nommage</h2>
+<p>
+Il n'y a pas d'autorité de nommage centrale dans I2P. Tous les noms d'hôtes sont locaux.
+</p>
+<p>
+Le système de nommage est assez simple et sa plus grande partie est implémentée dans des applications externes au
+routeur, mais incluses dans sa distribution.
+Les composants :
+</p>
+<ol>
+<li>L'<a href="#lookup">application cliente</a>, qui effectue les recherches locales dans le fichier hosts.txt et gère
+les <a href="#base32">noms d'hôtes Base32</a>.
+<li>Le <a href="#httpproxy">mandataire HTTP</a>, qui confie les recherches au routeur et dirige l'utilisateur vers les
+services de saut distants en tant qu'assistance en cas recherches infructueuses.
+<li>Des <a href="#add-services">formulaires d'ajout d'hôte</a> HTTP, qui permettent aux utilisateurs… d'ajouter
+des hôtes à leur hosts.txt local.
+<li>Des <a href="#jump-services">services de sauts</a> HTTP, qui fournissent leur propres recherches et listes de
+redirections.
+<li>L'application <a href="#addressbook">carnet d'adresses</a>, qui fusionne les listes externes d'hôtes trouvées par
+HTTP Ã la liste locale.
+<li>L'application <a href="#susidns">SusiDNS</a>, simple interface web de configuration du carnet d'adresses et
+d'affichage les listes d'hôtes locales.
+</ol>
+
+<h2 id="lookup">Fichiers de nommage et recherches</h2>
+<p>
+Dans I2P toutes les destinations sont des clés de 516 octets. (Plus précisément, c'est une clé publique de 256 octets
+plus une clé de signature de 128 octets et un certificat blanc, ce qui fait 516 octets une fois tout ceci représenté
+dans le code base64. Les <a href="naming_discussion.html#certificates">certificats</a> ne sont pas utilisés
+actuellement. Les clés seront plus longues quand ils le seront. Une utilisation possible des certificats est le
+mécanisme de vérification par <a href="todo_fr.html#hashcash">épreuve de travail</a>.)
+</p><p>
+Si une application (i2ptunnel ou le mandataire HTTP) veut accéder à une destination par son nom, le routeur effectue
+une recherche locale très simple pour résoudre ce nom. L'application cliente (techniquement, le côté client du
+protocole I2CP dans l'API I2P) fait une recherche linéaire dans trois fichiers locaux, dans l'ordre suivant, pour
+trouver un nom d'hôte et le convertir en clé de destination de 516 octets :
+<ol>
+<li>privatehosts.txt
+<li>userhosts.txt
+<li>hosts.txt
+</ol>
+<p>Le recherche n'est pas sensible à la casse. La première occurrence est utilisée, et les conflits ne sont pas
+détectés. Il n'y a pas d'obligation de règles de nommage pour les recherches.
+</p><p>
+Les recherches sont conservées en mémoire quelques minutes. Il y a une fonctionnalité expérimentale de recherches en
+temps réel (à la DNS) sur le réseau intégrée au routeur, mais par défaut elle n'est pas activée (voir "EepGet" dans
+<a href="naming_discussion.html#alternatives">Alternatives sur la page de discussion</a>).
+</p>
+
+<h2 id="httpproxy">Mandataire HTTP</h2>
+<p>Le proxy HTTP fait une recherche via le routeur pour tous les noms d'hôtes en '.i2p'. Pour les autres, il transfère
+la requête à un mandataire sortant HTTP configuré. Donc en pratique, tous les noms d'hôtes eepsites HTTP doivent se
+terminer par le pseudo domaine de plus haut niveau '.i2p'.
+</p>
+
+<p>
+Si le routeur échoue dans sa requête de résolution, le mandataire HTTP renvoie une page d'erreur indiquant des liens
+vers plusieurs services de saut (voir détails plus bas).
+</p>
+
+<h2 id="addressbook">Carnet d'adresses</h2>
+<h3>Abonnements entrants et fusionnement</h3>
+<p>
+L'application carnet d'adresses trouve régulièrement le fichier hosts.txt d'autres utilisateurs et les fusionne au
+fichier local après plusieurs vérifications. Les conflits sont résolus par la règle "premier entré/premier servi".
+</p><p>
+L'abonnement au fichier hosts.txt d'un autre utilisateur implique l'octroi d'un certain niveau de confiance. Vous ne
+souhaitez par exemple pas qu'il détourne un nouveau site en vous indiquant une autre clé.
+</p><p>
+Pour cette raison, le seul abonnement configuré par défaut est <code>http://www.i2p2.i2p/hosts.txt</code>,
+qui contient une copie du hosts.txt inclus dans la distribution d'I2P. Les utilisateurs doivent configurer des
+abonnements supplémentaires dans leur application carnet d'adresses locale (via subscriptions.txt ou
+<a href="#susidns">SusiDNS</a>).
+</p><p>
+Quelques autres liens d'abonnement de carnets d'adresses publics :
+</p>
+<ul>
+<li><a href="http://i2host.i2p/cgi-bin/i2hostetag">http://i2host.i2p/cgi-bin/i2hostetag</a>
+<li><a href="http://stats.i2p/cgi-bin/newhosts.txt">http://stats.i2p/cgi-bin/newhosts.txt</a>
+<li><a href="http://tino.i2p/hosts.txt">http://tino.i2p/hosts.txt</a>
+</ul>
+<p>
+Les opérateurs de ces services peuvent avoir diverses politiques de référencement des hôtes. Leur présence sur cette
+page n'implique pas l'aval de l'équipe d'I2P.
+</p>
+
+<h3>Règles de nommage</h3>
+<p>
+Bien qu'il n'y ait heureusement pas de limitations techniques dans les noms d'hôtes I2P, le carnet d'adresses applique
+certaines restrictions aux noms d'hôtes importés par les abonnements. Il fait ceci pour la propreté typographique et la
+compatibilité avec les navigateurs, et par sécurité. Les règles sont principalement celles de la section 3.2.2 de la
+RFC2396. Tout nom d'hôte qui viole ces règles n'est pas importé.
+</p><p>
+Règles de nommage :</p>
+<ul>
+<li>Les noms sont convertis en minuscules à l'importation.
+<li>Les noms sont vérifiés pour détecter les conflits avec des noms pré-existants dans les fichiers userhosts.txt et
+hosts.txt (mais pas dans privatehosts.txt) après la conversion en minuscules.
+<li>Ils ne doivent contenir que [a-z] [0-9] '.' et '-' après la conversion.
+<li>Ils ne doivent pas commencer par '.' or '-'.
+<li>Ils doivent finir par '.i2p'.
+<li>Longueur maximum de 67 caractères, '.i2p' inclus.
+<li>Ils ne doivent pas contenir '..'.
+<li>Ils ne doivent pas contenir '.-' ou '-.' (depuis la version 0.6.1.33).
+<li>Ils ne doivent pas contenir '--', à part dans 'xn--' pour les noms de domaines internationalisés (IDN).
+<li>Les noms d'hôtes Base32 (*.b32.i2p) ne sont pas permis.
+<li>Certains noms d'hôtes réservés au projet ne sont pas permis (proxy.i2p, router.i2p, console.i2p, *.proxy.i2p,
+*.router.i2p, *.proxy.i2p).
+<li>Une vérification de validité base64 des clés est effectuée.
+<li>Les clés font l'objet d'une vérification de conflit par rapport au fichier hosts.txt (mais pas privatehosts.txt).
+<li>La longueur minimum des clés est 516 octets.
+<li>La longueur maximum des clés est 616 octets (pour permettre des certificats de longueur pouvant aller jusqu'à 100
+octets).
+</ul>
+<p>
+Tout nom reçu via un abonnement est ajouté à hosts.txt s'il passe tous ces tests avec succès.
+</p><p>
+Notons que caractère '.' dans un nom d'hôte n'a aucune signification, et ne signale aucune hiérarchie de confiance. Si
+le nom 'hôte.i2p' existe déjà , rien n'empêche personne d'ajouter un nom 'a.hôte.i2p' à son hosts.txt, et ce nom sera
+alors importé par les autres. Des méthodes pour refuser des sous-domaines aux non-"propriétaires" du domaine (par des
+certificats?), ainsi que l'intérêt et la faisabilité de ces méthodes sont l'objet de discutions ultérieures.
+</p><p>
+Les IDN fonctionnent aussi sur I2P (en utilisant la forme punycode 'xn--').
+Pour voir les IDN .i2p correctement affichés dans la barre d'adresses de Firefox, ajouter
+'network.IDN.whitelist.i2p (boolean) = true' dans about:config.
+</p><p>
+Comme l'application carnet d'adresses n'utilise pas du tout le fichier privatehosts.txt, ce fichier est tout désigné
+pour recevoir des alias privés ou des noms abrégés pour des hôtes déjà présents dans hosts.txt.
+</p>
+
+<h3>Abonnements sortants</h3>
+<p>
+Le carnet d'adresses publie le fichier fusionné hosts.txt à un endroit (habituellement hosts.txt dans le répertoire
+home du site eep) accessible aux autres pour leurs abonnements. Cette étape optionnelle est désactivée par défaut.
+</p>
+
+<h3>Problèmes d'hébergement et de transport</h3>
+<p>
+L'application carnet d'adresses, avec eepget, enregistre l'Etag et/ou l'info dernière modification renvoyée par le
+serveur de l'abonnement. Ceci réduit grandement la bande passante nécessaire car le serveur renvoie un '304 Not
+Modified' si rien n'a changé à la tentative suivante.
+</p>
+<p>
+Cependant le fichier hosts.txt est entièrement téléchargé s'il a été modifié. Voir la discussion plus bas sur ce
+problème.
+</p>
+<p>
+Les hôtes qui fournissent un fichier hosts.txt statique ou une application CGI équivalente sont vivement encouragés Ã
+utiliser une en-tête de longueur de contenu, et soit une en-tête Etag, soit une en-tête de date de dernière
+modification. Assurez-vous aussi que le serveur envoie le message '304 Not Modified' quand c'est nécessaire, eu égard Ã
+la bande passante et pour diminuer les risques de corruption.
+</p>
+
+<h2 id="add-services">Services d'ajout d'hôtes</h2>
+<p>
+Un service d'ajout d'hôte est une simple application CGI qui prend en paramètres un nom d'hôte et et une clé base64
+pour les ajouter au fichier hosts.txt local. Si d'autres routeurs s'abonnent à ce fichier, l'ajout sera propagé.
+</p><p>
+Il est recommandé que le service impose au minimum les mêmes restrictions que celles en vigueur au niveau de
+l'application carnet d'adresses listées plus haut. Le service peut ajouter des restriction supplémentaires, par exemple
+: </p>
+<ul>
+<li>une limite au nombre de sous-domaines.
+<li>autorisations de sous-domaines via diverses méthodes.
+<li>pénalités de contrôle (Hashcash) ou certificats signés.
+<li>vérification d'éditorial et/ou de contenu du site.
+<li>catégorisation des hôtes par contenu.
+<li>réservation ou rejet de certains noms d'hôtes.
+<li>restrictions du nombre d'enregistrements par unité de temps.
+<li>délais entre enregistrement et publication.
+<li>vérification de l'état fonctionnel de l'hôte comme prérequis à l'enregistrement.
+<li>expiration et/ou révocation.
+<li>rejet d'usurpation d'IDN.
+</ul>
+
+<h2 id="jump-services">Services de saut</h2>
+<p>
+Un service de saut est une application CGI simple qui prend en paramètres un nom d'hôte et retourne un message '301
+redirect' vers la bonne URL, complété d'une chaîne <code>?i2paddresshelper=clé</code>. Le mandataire HTTP interceptera
+la chaîne et utilisera la clé en tant que destination réelle. De plus, le proxy mettra cette clé en cache de sorte que
+l'assistant d'adresse ne soit plus nécessaire pour elle jusqu'au prochain redémarrage du routeur.</p>
+<p>
+Remarquons au passage, que comme pour les abonnements, l'utilisation d'un service de saut implique un certain niveau de
+confiance, car le service pourrait insidieusement rediriger vers une destination usurpée.</p>
+<p>
+Pour apporter le meilleur service, un service de saut devrait être abonné à plusieurs fournisseurs de fichiers
+hosts.txt pour que sa liste d'hôtes soit récente.
+</p>
+
+<h2 id="susidns">SusiDNS</h2>
+<p>
+SusiDNS est simplement une interface web destinée à configurer les abonnements de carnets d'adresses et accéder au
+quatre fichiers de carnets d'adresses. Tout le travail réel est effectué par l'application 'carnet d'adresses'.</p>
+<p>
+Actuellement, il n'y a pas de vérification des règles de nommage du carnet d'adresses intégrée dans SusiDNS, si bien
+que vous pouvez entrer des noms d'hôtes qui pourraient être rejetés par vos propres abonnements ou ceux des autres.</p>
+
+<h2 id="base32">Noms Base32</h2>
+<p>I2P supporteles noms d'hôtes Base32 similaires aux adresses '.onion' de Tor. Les adresses base32 sont plus courtes
+et plus faciles à manipuler que les adresses complètes des destinations base64 à 516 caractères ou les assistants
+d'adresses. Exemple: <code>ukeu3k5oycgaauneqgtnvselmt4yemvoilkln7jpvamvfx7dnkdq.b32.i2p</code>
+</p><p>
+Dans Tor, l'adresse fait 16 caractères (80 bits), soit la moitié de l'empreinte SHA-1. I2P utilise 52 caractères
+(256 bits) pour représenter l'empreinte SHA-256 complète. La forme est {52 caractères}.b32.i2p. Le codage base32 est
+implémenté dans les service de nommage HostsTxt, qui interroge le routeur sur le protocole I2CP pour chercher le jeu de
+baux afin d'obtenir la destination complète. Les recherches base32 ne réussissent que lorsque la destination est active
+et qu'elle publie un jeu de baux.
+</p><p>
+Les adresses Base32 peuvent être utilisées dans la plupart des situations où les noms d'hôtes ou les destinations
+complètes sont utilisées, sauf quelques exceptions où elles peuvent échouer si le nom n'est pas résolu immédiatement.
+Par exemple, I2PTunnel échouera si le nom ne se résout pas en destination.
+</p>
+{% endblock %}
diff --git a/www.i2p2/pages/newdevelopers.html b/www.i2p2/pages/newdevelopers.html
index d92c6ca740dd766a425669947110a55e70087102..fae25fc93be871bacb78650c41774619bbddd6ae 100644
--- a/www.i2p2/pages/newdevelopers.html
+++ b/www.i2p2/pages/newdevelopers.html
@@ -1,81 +1,181 @@
{% extends "_layout.html" %}
{% block title %}New Developer's Guide{% endblock %}
{% block content %}
-Here's a very quick guide to getting started.
-<ul>
-<li>
-Not quite ready for coding?
-Try <a href="getinvolved.html">getting involved</a> first.
-
-<li>
-For development on the i2p router or the embedded applications,
-learn Java, love Java :)
-
-<li>
-Study the <a href="how_intro.html">how intro</a>,
-the <a href="how.html">other "how" documents</a>,
-the <a href="techintro.html">tech intro</a>,
-and associated documents.
-
-<li>
-For development on the i2p router or the embedded applications,
-get the monotone source repository installed - short instructions:
-<ul>
-<li>Install <a href="http://www.monotone.ca/">monotone</a>
-<li>Skim over the <a href="http://monotone.ca/docs/Tutorial.html">monotone tutorial</a>
-<li>Enable the i2ptunnel client tunnel on port 8998 pointing to mtn.i2p2.i2p
-<li>mtn -d i2p.mtn db init
-<li>mtn -d i2p.mtn pull 127.0.0.1:8998 i2p.i2p
-<li>mtn -d i2p.mtn co --branch=i2p.i2p
-</ul>
-Non-anonymous access: mtn.i2p2.de:4691 or mtn.i2p-projekt.de:4691
-<br>
-Website branch: use i2p.www instead of i2p.i2p.
-<br>
-Full list of branches: see <a href="http://stats.i2p/cgi-bin/viewmtn/">viewmtn</a>.
-<br>
-Long version: see the <a href="monotone.html">monotone page</a>.
-
-<li>
-To compile the code, you need the Sun Java Development Kit 5 or higher, or equivalent JDK
-(<a href="http://java.sun.com/javase/downloads/index.jsp">Sun JDK 6</a> strongly recommended) and
-<a href="http://ant.apache.org/">Apache ant</a>
-version 1.7.0 or higher.
-
-<li>
-To build or work on console translations, you need
-the xgettext, msgfmt, and msgmerge tools from the
-<a href="http://www.gnu.org/software/gettext/">GNU gettext package</a>.
-
-<li>
-For development on new applications,
-see the <a href="applications">application development guide</a>.
-
-<li>
-See <a href="http://zzz.i2p/forums/3">zzz's TODO lists</a>,
-<a href="todo.html">this website's TODO list</a> or
-<a href="http://trac.i2p2.i2p/report/2">Trac</a>
-for ideas.
-
-<li>
-Say hi to the developers on #i2p
-
-<li>
-See the bottom of <a href="licenses.html">licenses.html</a> for
-commit privilege requirements.
-
-<li>
-Short version of how to generate and use keys if you plan to commit:
+<p>
+ So you want to start work on I2P? Great!
+ Here's a quick guide to getting started
+ on contributing to the website or the software, doing development or creating translations.
+</p>
+<p>
+ Not quite ready for coding?
+ Try <a href="getinvolved.html">getting involved</a> first.
+</p>
+
+<div id="TOC">
+ <ol>
+ <li><a href="#basic-study">Basic study</a></li>
+ <li><a href="#getting-the-i2p-code">Getting the I2P code</a></li>
+ <li><a href="#building-i2p">Building I2P</a></li>
+ <li><a href="#development-ideas">Development ideas</a></li>
+ <li><a href="#making-the-results-available">Making the results available</a></li>
+ <li><a href="#get-to-know-us">Get to know us!</a></li>
+ <li><a href="#translations">Translations</a></li>
+ <li><a href="#tools">Tools</a></li>
+ </ol>
+</div>
+
+<h2 id="basic-study">Basic 'study'</h2>
+
+<p>
+ Basic development on the I2P router or the embedded applications uses Java as the main development language.
+ If you don't have experience with Java, you can always have a look at <a href="http://www.mindview.net/Books/TIJ/">Thinking in Java</a>.
+</p>
+<p>
+ Study the <a href="how_intro.html">how intro</a>,
+ the <a href="how.html">other "how" documents</a>,
+ the <a href="techintro.html">tech intro</a>,
+ and associated documents.
+ These will give you a good overview of how I2P is structured and what different things it does.
+</p>
+
+<h2 id="getting-the-i2p-code">Getting the I2P code</h2>
+
+<p>
+ For development on the i2p router or the embedded applications,
+ get the monotone source repository installed - short instructions:
+</p>
<ul>
-<li>mtn genkey yourname-transport@mail.i2p <i>(use an empty passphrase)</i>
-<li>mtn genkey yourname@mail.i2p <i>(enter a passphrase)</i>
-<li>mtn pubkey yourname-transport@mail.i2p <i>(<a href="mailto:mtn@welterde.de">send</a> this to a mtn repo operator to get push privileges)</i>
-<li>mtn pubkey yourname@mail.i2p <i>(send this to a release manager to get commit privileges)</i>
-<li>mtn ci -k yourname@mail.i2p <i>(check in with this key)</i>
-<li>mtn sync -k yourname-transport@mail.i2p <i>(push with this key)</i>
+ <li>
+ Install <a href="http://www.monotone.ca/">monotone</a>.
+ Monotone is a version control system.
+ We use it because it allows us to keep track of who does what changes to the source code (and for a lot of complicated things, but 'keeping track of changes' is the basic idea).
+ </li>
+ <li>Skim over the <a href="http://monotone.ca/docs/Tutorial.html">monotone tutorial</a>, to make sure you understand the concepts.</li>
+ <li>
+ <p>
+ If you want to remain anonymous, you need to do an additional step, to set up a connection to a monotone server over I2P:
+ </p>
+ <p>
+ Enable the <a href="i2ptunnel.html">i2ptunnel</a> client tunnel on port 8998 pointing to mtn.i2p2.i2p (if you are having nonce issues, see <a href="http://trac.i2p2.de/ticket/64">ticket #64</a> for a workaround)
+ </p>
+ </li>
+ <li>
+ Pick a directory where you want to put all your I2P files, and create a monotone database: <b>mtn -d i2p.mtn db init</b>
+ </li>
+ <li>
+ Pull the I2P sources to your machine. This may take a long time, especially if you are doing this over I2P!
+ <ul>
+ <li>Anonymously: <b>mtn -d i2p.mtn pull 127.0.0.1:8998 i2p.i2p</b></li>
+ <li>
+ <p>
+ Non-anonymously: <b>mtn -d i2p.mtn pull mtn.i2p2.de i2p.i2p</b>
+ </p>
+ <p>
+ Alternatively, instead of 'mtn.i2p2.de', you can also download from mtn.i2p-projekt.de.
+ </p>
+ </ul>
+ </li>
+ <li>
+ <p>
+ All the sources are now present on your machine, in the database file. To make them available in a directory, you need to check them out: <b>mtn -d i2p.mtn co --branch=i2p.i2p</b>
+ </p>
+ <p>
+ The above command creates a directory i2p.i2p, which contains all of the I2P sources.
+ </p>
+ </li>
</ul>
-Long version: see the <a href="monotone.html">monotone page</a>.
+<h3>Remarks</h3>
+<p>
+ To download the website files instead of the I2P source files, use 'i2p.www' instead of 'i2p.i2p'.
+</p>
+<p>
+ The initial pull may take several hours using the tunnel.
+ If it fails after a partial pull, simply rerun it, it will start where it left off.
+ If you are in a hurry, use the non-anonymous access.
+</p>
+<p>
+ A full list of branches, including i2p.i2p and i2p.www can be found on <a href="http://stats.i2p/cgi-bin/viewmtn/">viewmtn</a>.
+</p>
+<p>
+ A long explanation about using monotone is available on the <a href="monotone.html">monotone page</a>.
+</p>
-</ul>
+<h2 id="building-i2p">Building I2P</h2>
+
+<p>
+ To compile the code, you need the Sun Java Development Kit 6 or higher, or equivalent JDK
+ (<a href="http://java.sun.com/javase/downloads/index.jsp">Sun JDK 6</a> strongly recommended) and
+ <a href="http://ant.apache.org/">Apache ant</a>
+ version 1.7.0 or higher.
+ If you go are working on the main I2P code, you can go into the i2p.i2p directory and run 'ant' to see the build options.
+</p>
+
+<p>
+ To build or work on console translations, you need
+ the xgettext, msgfmt, and msgmerge tools from the
+ <a href="http://www.gnu.org/software/gettext/">GNU gettext package</a>.
+</p>
+
+<p>
+ For development on new applications,
+ see the <a href="applications">application development guide</a>.
+</p>
+
+<h2 id="development-ideas">Development ideas</h2>
+<p>
+ See <a href="http://zzz.i2p/forums/3">zzz's TODO lists</a>,
+ <a href="todo.html">this website's TODO list</a> or
+ <a href="http://trac.i2p2.de/report/1">Trac</a>
+ for ideas.
+</p>
+
+<h2 id="making-the-results-available">Making the results available</h2>
+
+<p>
+ See the bottom of <a href="licenses.html">licenses.html</a> for
+ commit privilege requirements. You need these to put code into i2p.i2p (not required for the website!).
+</p>
+
+<p>
+ Short version of how to generate and use keys if you plan to commit:
+ <ul>
+ <li>mtn genkey yourname-transport@mail.i2p <i>(use an empty passphrase)</i>
+ <li>mtn genkey yourname@mail.i2p <i>(enter a passphrase)</i>
+ <li>mtn pubkey yourname-transport@mail.i2p <i>(<a href="mailto:mtn@welterde.de">send</a> this to a mtn repo operator to get push privileges)</i>
+ <li>mtn pubkey yourname@mail.i2p <i>(send this to <a href="mailto:zzz@mail.i2p">a release manager</a> to get commit privileges - not required for website)</i>
+ <li>mtn ci -k yourname@mail.i2p <i>(check in with this key)</i>
+ <li>mtn sync -k yourname-transport@mail.i2p <i>(push with this key)</i>
+ </ul>
+ Long version: see the <a href="monotone.html">monotone page</a>.
+</p>
+
+<h2 id="get-to-know-us">Get to know us!</h2>
+<p>
+ The developers hang around on IRC. They can be reached on the Freenode network, and on the I2P internal networks. The usual place to look is #i2p. Join the channel and say hi!
+ We also have <a href="dev-guidelines.html">additional guidelines for regular developers</a>.
+</p>
+
+<h2 id="translations">Translations</h2>
+<p>
+ Website and router console translators: See the <a href="newtranslators.html">New Translators Page</a>
+ for next steps.
+</p>
+
+<h2 id="tools">Tools</h2>
+<p>
+I2P is open source software that is mostly developed using open sourced
+toolkits. The I2P project recently acquired a license for the YourKit Java
+Profiler. Open source projects are eligible to receive a free license provided
+that YourKit is referenced on the project web site. Please get in touch if you
+are interested in profiling the I2P codebase.
+</p>
+
+<p>
+YourKit is kindly supporting open source projects with its full-featured Java Profiler.
+YourKit, LLC is the creator of innovative and intelligent tools for profiling
+Java and .NET applications. Take a look at YourKit's leading software products:
+<a href="http://www.yourkit.com/java/profiler/index.jsp">YourKit Java Profiler</a> and
+<a href="http://www.yourkit.com/.net/profiler/index.jsp">YourKit .NET Profiler</a>.
+</p>
{% endblock %}
diff --git a/www.i2p2/pages/newdevelopers_de.html b/www.i2p2/pages/newdevelopers_de.html
index b5b04c890c0a2556077e81786eeaba5dec57cdf0..8aee1b6afaea3bf9c6585b9603981fc8e673ece4 100644
--- a/www.i2p2/pages/newdevelopers_de.html
+++ b/www.i2p2/pages/newdevelopers_de.html
@@ -54,7 +54,7 @@ schaue dir die <a href="applications_de">Anleitung zum Entwickeln von Anwendunge
<li>
Siehe nach in der <a href="http://zzz.i2p/forums/3">zzz Aufgabenliste</a>,
<a href="todo_de.html">Aufgabenliste dieser Webseite</a> oder
-<a href="http://trac.i2p2.i2p/report/2">Trac</a>
+<a href="http://trac.i2p2.de/report/1">Trac</a>
für Ideen.
<li>
@@ -65,4 +65,26 @@ Schaue in den unteren Teil der <a href="licenses_de.html">Lizenzen</a> Seite
um Rechte zum Einpflegen von Quelltext zu bekommen.
</ul>
+
+<p>
+Website and router console translators: See the <a href="newtranslators.html">New Translators Page</a>
+for next steps.
+
+<h2 id="tools">Tools</h2>
+<p>
+I2P is open source software that is mostly developed using open sourced
+toolkits. The I2P project recently acquired a license for the YourKit Java
+Profiler. Open source projects are eligible to receive a free license provided
+that YourKit is referenced on the project web site. Please get in touch if you
+are interested in profiling the I2P codebase.
+</p>
+
+<p>
+YourKit is kindly supporting open source projects with its full-featured Java Profiler.
+YourKit, LLC is the creator of innovative and intelligent tools for profiling
+Java and .NET applications. Take a look at YourKit's leading software products:
+<a href="http://www.yourkit.com/java/profiler/index.jsp">YourKit Java Profiler</a> and
+<a href="http://www.yourkit.com/.net/profiler/index.jsp">YourKit .NET Profiler</a>.
+</p>
+
{% endblock %}
diff --git a/www.i2p2/pages/newdevelopers_fr.html b/www.i2p2/pages/newdevelopers_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..6395c85bb009b4b782f68e181298ac99caf176b8
--- /dev/null
+++ b/www.i2p2/pages/newdevelopers_fr.html
@@ -0,0 +1,189 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Guide du nouveau développeur{% endblock %}
+{% block content %}
+Traduction de mars 2011. <a href="newdevelopers.html">Version anglaise actuelle</a>
+<p>
+ Alors comme ça vous voulez commencer à trimer sur I2P? Sympa!<br />
+ Voici donc de quoi vous mettre le pied à l'étrier, pour participer à l'élaboration du site ou du logiciel,
+ à développer ou à faire des traductions.
+</p>
+<p>
+ Pas prêt pour coder?
+ Essayez <a href="getinvolved_fr.html">engagez-vous!</a> d'abord.
+</p>
+
+<div id="TOC">
+ <ol>
+ <li><a href="#basic-study">Préliminaires</a></li>
+ <li><a href="#getting-the-i2p-code">Obtenir le code I2P</a></li>
+ <li><a href="#building-i2p">Compiler I2P</a></li>
+ <li><a href="#development-ideas">Idées de développement</a></li>
+ <li><a href="#making-the-results-available">Publier le travail</a></li>
+ <li><a href="#get-to-know-us">Venez nous rencontrer!</a></li>
+ <li><a href="#translations">Traductions</a></li>
+ <li><a href="#tools">Tools</a></li>
+ </ol>
+</div>
+
+<h2 id="basic-study">Préliminaires</h2>
+
+<p>
+ Le développement de base pour le routeur I2P ou les applications intégrées se fait avec Java comme langage de
+ programmation principal. Si vous n'avez aucune expérience de Java, vous pouvez quand même parcourir
+ <a href="http://www.mindview.net/Books/TIJ/">Thinking in Java</a> ou en français
+ <a href="http://penserenjava.free.fr/">ici</a>.
+</p>
+<p>
+ Étudiez l'<a href="how_intro_fr.html">intro</a>,
+ les <a href="how_fr.html">autre documents "comment ceci cela"</a>,
+ l'<a href="techintro_fr.html">intro technique</a>, et les documents associés. Ceci vous donnera un bon aperçu de la
+ structure d'I2P et de ses différentes possibilités.
+</p>
+
+<h2 id="getting-the-i2p-code">Obtenir le code I2P</h2>
+
+<p>
+ Pour le développement sur le routeur i2p ou les applications embarquées, installez le dépôt de sources monotone.
+ En bref: </p>
+<ul>
+ <li>
+ Installez <a href="http://www.monotone.ca/">monotone</a>.
+ Monotone est un système de gestion de versions (CVS). Nous l'avons choisi car il nous permet de garder la trace de
+ qui fait quoi dans les changements du code source (et pour beaucoup d'autres choses compliquées, mais 'garder la
+ trace des modifs' est l'idée maîtresse).
+ </li>
+ <li>Balladez_vous dans le <a href="http://monotone.ca/docs/Tutorial.html">guide de monotone</a> pour vous assurer
+ un minimum de compréhension des concepts.</li>
+ <li>
+ <p>
+ Si vous souhaitez rester anonyme, il vous faudra en passer par une étape supplémentaire, établir une connexion
+ via I2P au serveur monotone:
+ </p>
+ <p>
+ Activez le tunnel client <a href="i2ptunnel.html">i2ptunnel</a> sur le port 8998 pointant vers mtn.i2p2.i2p
+ (si vous avez des problèmes d'unicité, voyez le <a href="http://trac.i2p2.de/ticket/64">ticket #64</a>
+ pour un contournement).
+ </p>
+ </li>
+ <li>
+ Créez un dossier pour mettre tous vos fichiers I2P, et créez y une base de données monotone:
+ <b>mtn -d i2p.mtn db init</b>
+ </li>
+ <li>
+ Ramenez les sources I2P sur votre machine. Ça peut prendre un moment surtout si vous le faites via I2P!
+ <ul>
+ <li>Anonymement: <b>mtn -d i2p.mtn pull 127.0.0.1:8998 i2p.i2p</b></li>
+ <li>
+ <p>
+ Normalement: <b>mtn -d i2p.mtn pull mtn.i2p2.de i2p.i2p</b><br />
+ Et alternativement, au lieu de 'mtn.i2p2.de', vous pouvez aussi télécharger depuis mtn.i2p-projekt.de.
+ </p>
+ </ul>
+ </li>
+ <li>
+ <p>
+ Vous avez maintenant toutes les sources dans votre machine, dans le fichier base de données i2p.mtn. Pour
+ travailler sur le routeur, vous devez les extraires dans un répertoire: <b>mtn -d i2p.mtn co --branch=i2p.i2p</b>
+ (ou <b>mtn -d i2p.mtn co --branch=i2p.www</b> pour celles du site web)
+ </p>
+ <p>
+ Les commandes ci-dessus créent le dossier i2p.i2p (et/ou i2p.www), qui contient toutes les sources du code d'I2P.
+ </p>
+ </li>
+</ul>
+
+<h3>Remarques</h3>
+<p>
+ Le téléchargement initial peut prendre quelques heures en passant par le tunnel.
+ S'il échoue pendant ce temps, relancez-le tout simplement, il reprendra là où il en était.
+ Si vous êtes pressé(e), utilisez l'accès non-anonyme normal.
+</p>
+<p>
+ Une liste complète des branches, dont i2p.i2p et i2p.www est disponible sur
+ <a href="http://stats.i2p/cgi-bin/viewmtn/">viewmtn</a>.
+</p>
+<p>
+ L'explication détaillée de l'utilisation de monotone est présentée sur la <a href="monotone.html">page monotone</a>.
+</p>
+
+<h2 id="building-i2p">Compiler I2P</h2>
+
+<p>
+ Pour compiler le code, il vous faut le kit de développement Java v6 ou ultérieur, ou un JDK équivalent
+ (<a href="http://java.sun.com/javase/downloads/index.jsp">Sun JDK 6</a> chaudement recommandé) et
+ <a href="http://ant.apache.org/">Apache ant</a> version 1.7.0 ou plus récente.
+ Si vous partez pour travailler sur le code principal d'I2P, vous pouvez allez dans le dossier i2p.i2p et lancer
+ 'ant' pour voir les options de compilation.
+</p>
+
+<p>
+ Pour compiler ou travailler sur les traductions de la console, vous avez besoin des outils xgettext, msgfmt, et
+ msgmerge du package <a href="http://www.gnu.org/software/gettext/">GNU gettext</a>.
+</p>
+
+<p>
+ Pour le développement sur de nouvelles applications, lisez le
+ <a href="applications">guide de développement d'applications</a>.
+</p>
+
+<h2 id="development-ideas">Idées de développement</h2>
+<p>
+ Voir les <a href="http://zzz.i2p/forums/3">zzz's TODO lists</a>,
+ <a href="todo_fr.html">la liste des TODOs</a> de ce site, ou
+ <a href="http://trac.i2p2.de/report/1">Trac</a> pour des suggestions.
+</p>
+
+<h2 id="making-the-results-available">Publier le travail</h2>
+
+<p>
+ Voir en bas des <a href="licenses.html">licences</a> pour les autorisations nécessaires. Vous en avez besoin pour
+ envoyer du code dans i2p.i2p (pas nécessaire pour le site web!).
+</p>
+
+<p>
+ Version courte de la génération et utilisation des clefs si vous voulez publier:
+ <ul>
+ <li>mtn genkey nom-transport@mail.i2p <i>(passphrase vide)</i>
+ <li>mtn genkey nom@mail.i2p <i>(choisissez une passphrase)</i>
+ <li>mtn pubkey nom-transport@mail.i2p <i>(<a href="mailto:mtn@welterde.de">envoyez</a> ça à l'opérateur du dépôt
+ pour obtenir le privilège push)</i>
+ <li>mtn pubkey nom@mail.i2p <i>(envoyez ça <a href="mailto:zzz@mail.i2p">au responsable de publication</a>
+ pour avoir le privilège commit - pas requis pour le site web)</i>
+ <li>mtn ci -k nom@mail.i2p <i>(injectez votre travail dans la base locale avec cette clef)</i>
+ <li>mtn sync(ou pull) -k nom-transport@mail.i2p <i>(synchronisez (sync=pull+push) avec le serveur
+ avec cette clef)</i>
+ <li>mtn update (ou mtn up en abrégé)<i> (met à jour les fichiers locaux dans les dossiers i2p.i2p et/ou i2p.www Ã
+ partir de la base de données synchronisée)</i>
+ </ul>
+ Version longue: voir la page <a href="monotone.html">monotone</a>.
+</p>
+
+<h2 id="get-to-know-us">Venez nous rencontrer!</h2>
+<p>
+ Les développeurs trainent sur l'IRC. Ils peuvent être contactés sur le réseau Freenode, et sur les réseaux internes
+ I2P. Leur QG est le canal #i2p-dev. Viendez et disez hi!
+</p>
+
+<h2 id="translations">Traductions</h2>
+<p>
+ Traducteurs du site et de la console, ceci est pour vous: <a href="newtranslators_fr.html">
+ Guide du traducteur débutant</a> pour les étapes suivantes.
+</p>
+<h2 id="tools">Tools</h2>
+<p>
+I2P is open source software that is mostly developed using open sourced
+toolkits. The I2P project recently acquired a license for the YourKit Java
+Profiler. Open source projects are eligible to receive a free license provided
+that YourKit is referenced on the project web site. Please get in touch if you
+are interested in profiling the I2P codebase.
+</p>
+
+<p>
+YourKit is kindly supporting open source projects with its full-featured Java Profiler.
+YourKit, LLC is the creator of innovative and intelligent tools for profiling
+Java and .NET applications. Take a look at YourKit's leading software products:
+<a href="http://www.yourkit.com/java/profiler/index.jsp">YourKit Java Profiler</a> and
+<a href="http://www.yourkit.com/.net/profiler/index.jsp">YourKit .NET Profiler</a>.
+</p>
+
+{% endblock %}
diff --git a/www.i2p2/pages/newdevelopers_it.html b/www.i2p2/pages/newdevelopers_it.html
index 4e31d652605a1f4fa0c612536080a597ff72eafb..88f548b6371ae1b1b78a172a9656c4b42d75ba72 100644
--- a/www.i2p2/pages/newdevelopers_it.html
+++ b/www.i2p2/pages/newdevelopers_it.html
@@ -53,7 +53,7 @@ leggete la<a href="applications">guida su come creare nuove applicazioni</a>.
<li>
Guardate <a href="http://zzz.i2p/forums/3">zzz's TODO lists</a>,
<a href="todo.html">TODO list di questo sito</a> o
-<a href="http://trac.i2p2.i2p/report/2">Trac</a>
+<a href="http://trac.i2p2.de/report/1">Trac</a>
per idee.
<li>
diff --git a/www.i2p2/pages/news.xml b/www.i2p2/pages/news.xml
deleted file mode 100644
index b72927f15e033c8cef1c2ee803264ae56496e435..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/news.xml
+++ /dev/null
@@ -1,26 +0,0 @@
-<i2p.news date="$Date: 2007-10-07 23:03:40 $">
- <i2p.release version="0.6.1.30" date="2007/02/15" minVersion="0.6"
- anonurl="http://i2p/NF2RLVUxVulR3IqK0sGJR0dHQcGXAzwa6rEO4WAWYXOHw-DoZhKnlbf1nzHXwMEJoex5nFTyiNMqxJMWlY54cvU~UenZdkyQQeUSBZXyuSweflUXFqKN-y8xIoK2w9Ylq1k8IcrAFDsITyOzjUKoOPfVq34rKNDo7fYyis4kT5bAHy~2N1EVMs34pi2RFabATIOBk38Qhab57Umpa6yEoE~rbyR~suDRvD7gjBvBiIKFqhFueXsR2uSrPB-yzwAGofTXuklofK3DdKspciclTVzqbDjsk5UXfu2nTrC1agkhLyqlOfjhyqC~t1IXm-Vs2o7911k7KKLGjB4lmH508YJ7G9fLAUyjuB-wwwhejoWqvg7oWvqo4oIok8LG6ECR71C3dzCvIjY2QcrhoaazA9G4zcGMm6NKND-H4XY6tUWhpB~5GefB3YczOqMbHq4wi0O9MzBFrOJEOs3X4hwboKWANf7DT5PZKJZ5KorQPsYRSq0E3wSOsFCSsdVCKUGsAAAA/i2p/i2pupdate.sud"
- publicurl="http://mirror.i2p2.de/i2pupdate.sud"
- anonannouncement="http://i2p/NF2RLVUxVulR3IqK0sGJR0dHQcGXAzwa6rEO4WAWYXOHw-DoZhKnlbf1nzHXwMEJoex5nFTyiNMqxJMWlY54cvU~UenZdkyQQeUSBZXyuSweflUXFqKN-y8xIoK2w9Ylq1k8IcrAFDsITyOzjUKoOPfVq34rKNDo7fYyis4kT5bAHy~2N1EVMs34pi2RFabATIOBk38Qhab57Umpa6yEoE~rbyR~suDRvD7gjBvBiIKFqhFueXsR2uSrPB-yzwAGofTXuklofK3DdKspciclTVzqbDjsk5UXfu2nTrC1agkhLyqlOfjhyqC~t1IXm-Vs2o7911k7KKLGjB4lmH508YJ7G9fLAUyjuB-wwwhejoWqvg7oWvqo4oIok8LG6ECR71C3dzCvIjY2QcrhoaazA9G4zcGMm6NKND-H4XY6tUWhpB~5GefB3YczOqMbHq4wi0O9MzBFrOJEOs3X4hwboKWANf7DT5PZKJZ5KorQPsYRSq0E3wSOsFCSsdVCKUGsAAAA/pipermail/i2p/2005-September/000878.html"
- publicannouncement="http://dev.i2p.net/pipermail/i2p/2005-September/000878.html" />
- <i2p.notes date="2005/08/08"
- anonurl="http://i2p/NF2RLVUxVulR3IqK0sGJR0dHQcGXAzwa6rEO4WAWYXOHw-DoZhKnlbf1nzHXwMEJoex5nFTyiNMqxJMWlY54cvU~UenZdkyQQeUSBZXyuSweflUXFqKN-y8xIoK2w9Ylq1k8IcrAFDsITyOzjUKoOPfVq34rKNDo7fYyis4kT5bAHy~2N1EVMs34pi2RFabATIOBk38Qhab57Umpa6yEoE~rbyR~suDRvD7gjBvBiIKFqhFueXsR2uSrPB-yzwAGofTXuklofK3DdKspciclTVzqbDjsk5UXfu2nTrC1agkhLyqlOfjhyqC~t1IXm-Vs2o7911k7KKLGjB4lmH508YJ7G9fLAUyjuB-wwwhejoWqvg7oWvqo4oIok8LG6ECR71C3dzCvIjY2QcrhoaazA9G4zcGMm6NKND-H4XY6tUWhpB~5GefB3YczOqMbHq4wi0O9MzBFrOJEOs3X4hwboKWANf7DT5PZKJZ5KorQPsYRSq0E3wSOsFCSsdVCKUGsAAAA/pipermail/i2p/2005-July/000826.html"
- publicurl="http://dev.i2p.net/pipermail/i2p/2005-July/000826.html"
- anonlogs="http://i2p/Nf3ab-ZFkmI-LyMt7GjgT-jfvZ3zKDl0L96pmGQXF1B82W2Bfjf0n7~288vafocjFLnQnVcmZd~-p0-Oolfo9aW2Rm-AhyqxnxyLlPBqGxsJBXjPhm1JBT4Ia8FB-VXt0BuY0fMKdAfWwN61-tj4zIcQWRxv3DFquwEf035K~Ra4SWOqiuJgTRJu7~o~DzHVljVgWIzwf8Z84cz0X33pv-mdG~~y0Bsc2qJVnYwjjR178YMcRSmNE0FVMcs6f17c6zqhMw-11qjKpY~EJfHYCx4lBWF37CD0obbWqTNUIbL~78vxqZRT3dgAgnLixog9nqTO-0Rh~NpVUZnoUi7fNR~awW5U3Cf7rU7nNEKKobLue78hjvRcWn7upHUF45QqTDuaM3yZa7OsjbcH-I909DOub2Q0Dno6vIwuA7yrysccN1sbnkwZbKlf4T6~iDdhaSLJd97QCyPOlbyUfYy9QLNExlRqKgNVJcMJRrIual~Lb1CLbnzt0uvobM57UpqSAAAA/meeting141"
- publiclogs="http://www.i2p.net/meeting141" />
-•
-2007-10-07: 0.6.1.30
-<a href="http://dev.i2p/pipermail/i2p/2007-October/001356.html">released</a>
-with
-streaming lib, eepget, and i2psnark improvements, and a memory leak fix.
-<br />
-<!--
-•
-2007-04-10:
-<a href="http://dev.i2p/pipermail/i2p/2007-April/001343.html">status notes</a>
-and
-<a href="http://www.i2p/meeting206">meeting log</a>
-<br />
--->
-</i2p.news>
diff --git a/www.i2p2/pages/newtranslators.html b/www.i2p2/pages/newtranslators.html
new file mode 100644
index 0000000000000000000000000000000000000000..1fe830d0d30b64f80645b0896ebdd412133a4f90
--- /dev/null
+++ b/www.i2p2/pages/newtranslators.html
@@ -0,0 +1,175 @@
+{% extends "_layout.html" %}
+{% block title %}New Translator's Guide{% endblock %}
+{% block content %}
+Here's a very quick guide to getting started.
+
+<h2>How to Translate the Website</h2>
+
+<ol>
+<li>
+Preparation
+ <ol>
+ <li>
+ Come to #i2p-dev on irc and talk to people.
+ Claim the language -
+ To make sure other coworkers don't bump onto the files you are working on,
+ please update the translation status on <a href="http://ugha.i2p/i2pTranslation">this wiki page</a> .
+ <li>
+ Follow the <a href="newdevelopers.html">new developer's guide</a>,
+ Including the installation of monotone,
+ checking out i2p.www branch, and generate your own monotone keys.
+ It is not required that you sign a dev agreement.
+ </ol>
+
+<li>
+Create files:
+ If the file for your language does not exist yet, copy another language file to a new file foo_xx.bar for your language.
+ Then 'mtn add' the file.
+ Also add a _layout_xx.html for your language xx.
+ Add a flag image file for the menu (copy from the router).
+
+<li>
+Edit files:
+ Edit _layout_xx.html and _menu.html, and other files.
+ Edit the files with any text editor.
+ Be sure not to use an editor in HTML mode that reformats everything.
+
+<li>
+Check in:
+ mtn pull, mtn update. Then check in by "mtn ci -k yourname@mail.i2p file1 file2 ..."
+ This collects the diff info of your changed file into your local repo. Then "mtn sync mtn.i2p2.de -k yourname-transport@mail.i2p i2p.i2p".
+ This synchronizes your local repo with the repo on the target machine.
+
+<li>
+Repeat. Check in often. Don't wait until it is perfect.
+
+
+
+</ol>
+
+<h2>How to Translate the Router Console</h2>
+
+<ol>
+<li>
+Preparation
+ <ol>
+ <li>
+ Come to #i2p-dev on irc and talk to people.
+ Claim the language -
+ To make sure other coworkers don't bump onto the files you are working on,
+ please update the translation status on <a href="http://ugha.i2p/i2pTranslation">this wiki page</a> .
+ <li>
+ Follow the <a href="newdevelopers.html">new developer's guide</a>,
+ Including the installation of monotone and the gettext tools,
+ checking out i2p.i2p branch, and generate your own monotone keys.
+ <li>
+ Generate your own gpg key and sign the dev agreement.
+ </ol>
+
+<li>
+Before starting a console translation, better help translate some i2p webpages first.
+At least an i2p homepage in your language would be great. This will also help you learn monotone.
+
+<li>
+What to translate:
+ There are about 15 files in the i2p.i2p branch that needs translation:
+
+ <ol>
+ <li>
+ installer/resources/readme/readme_xx.html
+ <li>
+ installer/resources/initialNews/initialNews_xx.xml
+ <li>
+ apps/routerconsole/locale/messages_xx.po
+ <li>
+ installer/resources/proxy/*_xx.ht (about 9 files)
+ <li>
+ apps/routerconsole/jsp/help_xx.jsp
+ <li>
+ installer/resources/eepsite.help/help/index_xx.html
+ <li>
+ apps/i2ptunnel/locale/messages_xx.po
+ <li>
+ apps/i2psnark/locale/messages_xx.po
+ <li>
+ apps/susidns/locale/messages_xx.po
+ </ol>
+
+ Where xx is your language code like fr/de/ch/zh/...
+
+ There may be or may not be files with your lang code. If not, you can create your own. by copying and renaming other language files you know with your own lang code.
+
+
+<li>
+Create files:
+ If the file for your language does not exist yet, copy another language file to a new file foo_xx.bar for your language.
+ Then 'mtn add' the file.
+ After creating a .po file, edit the headers. Then run 'ant distclean poupdate'.
+
+<li>
+Start to work:
+ Edit the HTML files with any text editor.
+ Be sure not to use an editor in HTML mode that reformats everything.
+ To work with .po files efficiently, you may wish to use <a href="http://www.poedit.net/download.php">POEdit</a>
+
+<li>
+Check in:
+ mtn pull, mtn update. Then check in by "mtn ci -k yourname@mail.i2p file1 file2 ..."
+ This collects the diff info of your changed file into your local repo. Then "mtn sync mtn.i2p2.de -k yourname-transport@mail.i2p i2p.i2p".
+ This synchronizes your local repo with the repo on the target machine.
+
+<li>
+Repeat. Check in often. Don't wait until it is perfect.
+
+
+</ol>
+
+As you see it's simple.
+If you have questions about the meaning of the terms in the console, ask in #i2p-dev on IRC.
+
+
+
+<h2>FAQ</h2>
+
+<b>Q: Why do I have to install monotone, Java, jsp, learn about .po files and html, etc.? Why can't I just do a translation and email it to you?</b>
+
+<p>
+<b>Answer: Several reasons:</b>
+
+<ul>
+<li>
+ We don't have anybody who has time to accept manual contributions and submit them to our source control system on your behalf. Even if we did, it doesn't scale.
+
+<li>
+ Maybe you are thinking translation is a one-step process. It isn't. You can't do it all at once. You will make mistakes. You need to test it and tweak it to make it look right <i>before</i> you submit it. Developers will update or add to the English text, thus requiring a translation update.
+
+<li>
+ Having translators use a source control system directly provides authentication and accountablility - we know who is doing what, and we can track changes, and revert them if necessary.
+
+
+<li>
+ .po files are not difficult. If you don't want to work directly with them, we recommend 'poedit'.
+
+<li>
+ HTML files are not difficult. Just ignore the html stuff and translate the text.
+
+<li>
+ Installing and using monotone is not that difficult. Several of the translators and other contributors to I2P are non-programmers, and they use monotone regularly. Monotone is simply a source control system, it is not about "coding".
+
+<li>
+ Our items to translate are not "documents". They are html files and po files, with a specific format and character encoding (UTF-8) that must be maintained, and not corrupted by email programs or other methods of transfer.
+
+<li>
+ We looked at 'pootle' as a front-end for translators. It didn't work well, needed an administrator, and a pootle-based process would suffer from a number of the above flaws.
+</ul>
+
+<b>In summary:</b>
+
+Yes, we know it is somewhat of a hurdle to get started. It's really the only possible way we can do it. Give it a try, it really isn't that hard.
+
+<h2>More Information</h2>
+The #i2p-dev channel on IRC, or the <a href="http://zzz.i2p/forums/14">translation forum on zzz.i2p</a>.
+
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/newtranslators_fr.html b/www.i2p2/pages/newtranslators_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..0692242e59e1d712f3b421a302bcb165fd5adb32
--- /dev/null
+++ b/www.i2p2/pages/newtranslators_fr.html
@@ -0,0 +1,200 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Guide du traducteur débutant{% endblock %}
+{% block content %}
+Traduction de mars 2011. <a href="newtranslators.html">Version anglaise actuelle</a><br />
+Voici le petit guide de démarrage rapide.
+
+<h2>Comment traduire le site Internet</h2>
+
+<ol>
+<li>
+Préparation
+ <ol>
+ <li>
+ Venez sur le canal #i2p-dev de l'IRC pour discuter.
+ Annoncez votre langue -
+ Pour vous assurer que d'autre collaborateurs ne travaillent pas sur les mêmes fichiers que vous, merci de mettre Ã
+ jour le statut de l'état de traduction sur le <a href="http://ugha.i2p/i2pTranslation">wiki</a> d'ugha.i2p.
+ <li>
+ Suivez les instructions du <a href="newdevelopers_fr.html">Guide de démarrage du développeur</a>, pour l'installation
+ monotone, pour extraire la branche i2p.www, et générer vos propres clés monotone. Il n'est pas nécessaire de signer
+ l'accord de licence.
+ </ol>
+
+<li>
+Créez les fichiers:
+ Si le fichier pour votre langue n'existe pas encore, copiez celui d'une autre langue sur foo_xx.bar pour votre
+ langue (les fichiers en anglais sont les plus à jour).
+ Puis ajoutez (<i>'mtn add' fichier_xx</i>) le fichier.
+ Ajoutez aussi le fichier _layout_xx.html s'il n'existe pas encore.
+ Ajoutez un fichier image du drapeau pour le menu (Ã copier depuis le dossier routeur
+ i2p.i2p/installer/resources/icons/flags).
+
+<li>
+Modifiez les fichiers:
+ Modifiez les fichiers _layout_xx.html et _menu.html, et les autres fichiers.
+ Modifiez les fichiers avec tout éditeur de texte en vous assurant de ne pas utiliser l'éventuel mode HTML qui
+ changerait tout le formatage.
+<li>
+Peuplez votre dépôt:
+ <i>mtn pull</i>, <i>mtn up[date]</i>, traduisez, puis injectez/signez vos modifications dans votre dépôt:
+ "<i>mtn ci -k votrenom@mail.i2p fichier1 fichier2 ...</i>".
+ Pour finir, synchronisez avec <i>"mtn sync mtn.i2p2.de -k votrenom-transport@mail.i2p i2p.www"</i> votre dépôt avec
+ celui du serveur cible.
+<li>
+Répétez l'opération, autant de fois que nécessaire. N'attendez pas que tout soit parfait.
+<br />
+
+ Si vous comptez travailler à la fois sur le serveur web et la console vous pouvez utiliser la syntaxe suivante pour
+ définir les variables par défaut pour les deux branches:
+<code>
+ ~/Documents/I2P/i2p.www$ mtn pull 192.168.x.y:8998 <b>i2p.www i2p.i2p</b> --set-default</code>
+
+ <center>Exemple en mode anonyme, avec le routeur I2P situé sur autre machine du LAN.</center>
+
+
+</li>
+
+</ol>
+
+<h2>Comment traduire la console du routeur</h2>
+
+<ol>
+<li>
+Préparation
+ <ol>
+ <li>
+ Venez discuter #i2p-dev.
+ Annoncez votre langue -
+ Pour vous assurer que d'autre collaborateurs ne travaillent pas sur les mêmes fichiers que vous, merci de mettre Ã
+ jour le statut de l'état de traduction sur le <a href="http://ugha.i2p/i2pTranslation">wiki</a> d'ugha.i2p.
+ <li>
+ Suivez les instructions du <a href="newdevelopers.html">Guide de démarrage du développeur</a>, pour l'installation
+ monotone, des outils gettext, pour vérifier la branche i2p.i2p, et générer vos propres clés monotone.
+
+ <li>
+ Générez votre clé gpg et signez l'accord de licence:
+ copiez une section du fichier http://www.i2p-projekt.de/license-agreements.html dans un fichier mon_accord
+ en dehors du dépôt, signez avec <i>gpg --clearsign mon_accord</i> et modifiez le fichier license-agreements.html (en
+ ajoutant votre nom en haut, et la copie du contenu du fichier mon_accord.asc généré par la signature en bas),
+ en suivant la méthode indiquée plus haut dans la partie "traduction du site".
+ </ol>
+
+<li>
+Avant de commencer la traduction de la console, il serait bien, pour vous faire la main, de nous aider à traduire
+quelques pages du site, au moins la page d'accueil de votre langue si elle n'existe pas encore.
+
+<li>
+Que traduire:
+ Il y a environ 15 fichiers concernés dans la branche i2p.i2p:
+
+ <ol>
+ <li>
+ installer/resources/readme/readme_xx.html
+ <li>
+ installer/resources/initialNews/initialNews_xx.xml
+ <li>
+ apps/routerconsole/locale/messages_xx.po
+ <li>
+ installer/resources/proxy/*_xx.ht (environ 9 fichiers)
+ <li>
+ apps/routerconsole/jsp/help_xx.jsp
+ <li>
+ installer/resources/eepsite.help/help/index_xx.html
+ <li>
+ apps/i2ptunnel/locale/messages_xx.po
+ <li>
+ apps/i2psnark/locale/messages_xx.po
+ <li>
+ apps/susidns/locale/messages_xx.po
+ <li>
+ apps/susimail/locale/messages_xx.po
+ </ol>
+
+ Où xx est votre code de langue, comme fr/de/ch/zh/...
+
+ Il se peut que des fichiers n'existent pas pour votre langue. Dans ce cas, créez-les en en copiant et renommant
+ un d'une langue que vous connaissez. Ceux en anglais sont plus à jour et valent à être pris comme référence.
+
+<li>
+Créez les fichiers:
+ Suivez les instructions correspondantes de la partie "Traduction du site".
+ Après la création d'un fichier .po, modifiez les en-têtes*, puis exécutez <i>LG2=fr ant distclean poupdate</i>.
+ (* poedit le fait tout seul si vous avez mis vos coordonnées dans Édition/Préférences/Personnalise)
+
+<li>
+Commencez le boulot:
+ Modifiez les fichiers avec tout éditeur de texte en vous assurant de ne pas utiliser l'éventuel mode HTML qui
+ changerait tout le formatage.
+ Pour travailler sur les fichiers .po efficacement, vous aurez intérêt à utiliser
+ <a href="http://www.poedit.net/download.php">POEdit</a>.
+
+<li>
+Publiez le travail:
+ <i>mtn pull</i>, <i>mtn up</i>, puis envoyez votre travail dans votre dépôt avec
+ <i>mtn ci -k mon_nom@mail.i2p fichier1 fichier2 ...</i>. Ensuite,
+ <i>mtn sync mtn.i2p2.de -k mon_nom-transport@mail.i2p i2p.i2p</i> pour envoyer vos modifications au serveur cible.
+
+<li>
+Répétez l'opération, autant de fois que nécessaire. N'attendez pas que tout soit parfait.
+
+</ol>
+
+Comme vous voyez, c'est simple.
+Si vous avez des questions sur le sens des termes dans la console, demandez sur #i2p-dev.
+
+
+
+<h2>FAQ</h2>
+
+<b>Q: Pourquoi faut-il installer monotone, Java, jsp, en savor sur les fichiers .po et .html, etc...?
+Pourquoi ne puis-je pas simplement faire la traduction et vous l'envoyer par courriel?</b>
+
+<p>
+<b>R: il y a à ceci plusieurs raisons:</b>
+
+<ul>
+<li>
+ Nous n'avons personne qui aurait le temps d'accepter des contributions manuelles et les soumettre de votre part
+ à notre système de gestion des versions.
+<li>
+ Vous pensez peut-être que la traduction est un processus à une seule étape. ce n'est pas le cas.
+ Tout ne peut être réalisé en une seule fois. Vous ferez des erreurs. vous aurez besoin de faire des tests et de
+ fignoler <i>avant</i> de soumettre. Les développeurs modifient ou ajoutent du texte en anglais, nécessitant une mise Ã
+ jour de traduction.
+<li>
+ L'utilisation d'un système de gestion des version par les traducteurs fournit directement authentification et
+ responsabilisation: nous savons qui fait quoi, nous pouvons suivre les modifications et revenir en arrière si
+ nécessaire.
+<li>
+ Les fichiers .po ne sont pas une difficulté. si vous ne voulez pas les modifier directement, nous vous suggérons
+ l'utilisation de 'poedit'.
+
+<li>
+ Même remarque pour les fichiers HTML. Laissez de côté la quincaillerie html (les balises), et traduisez le texte.
+
+<li>
+ L'installation de monotone n'est pas vraiment difficile. Plusieurs, des traducteurs et autres contributeurs ne sont
+ pas des programmeurs, et ils utilisent monotone régulièrement. Monotone est un simple système de contrôle des
+ versions, rien à voir avec la programmation.
+
+<li>
+ Les éléments à traduire ne sont pas des "documents". Ce sont des fichiers html et po, avec un format spécial et un
+ encodage de caractères (UTF-8) qui doit être conservé et protégé de la corruption introduite par les programmes de
+ messagerie ou les autres méthodes de transfert.
+<li>
+ Nous avons envisagé d'utiliser 'pootle' comme logiciel pour les traducteurs. Il ne marche pas très bien, nécessite un
+administrateur, et un processus fondé sur "pootle' souffrirait des défauts indiqués plus haut.
+</ul>
+
+<b>En résumé:</b>
+
+Oui, nous savons qu'il est quelque peu sportif de commencer. C'est vraiment la seule façon que nous pouvons proposer.
+Essayez-vous-y, ça n'est pas vraiment si difficile.
+
+<h2>Plus de détails</h2>
+Sur le canal #i2p-dev d'IRC, ou le <a href="http://zzz.i2p/forums/14">forum de traduction</a> de zzz.i2p.
+
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/not_found.html b/www.i2p2/pages/not_found.html
deleted file mode 100644
index a6c2a3fdc47441ca8055124ec9c365a74ad13a98..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/not_found.html
+++ /dev/null
@@ -1,5 +0,0 @@
-{% extends "_layout.html" %}
-{% block title %}Not found{% endblock %}
-{% block content %}
-Yep... the resource, you were searching for, is named differently, doesn't exist or was removed.
-{% endblock %}
diff --git a/www.i2p2/pages/not_found_de.html b/www.i2p2/pages/not_found_de.html
deleted file mode 100644
index 42fa6929a0d7411142cd92de70c4764767070ae3..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/not_found_de.html
+++ /dev/null
@@ -1,5 +0,0 @@
-{% extends "_layout_de.html" %}
-{% block title %}Nicht gefunden{% endblock %}
-{% block content %}
-Yep... die Information nach der du suchst, nennt sich anders, existiert nicht oder wurde entfernt.
-{% endblock %}
diff --git a/www.i2p2/pages/not_found_zh.html b/www.i2p2/pages/not_found_zh.html
deleted file mode 100644
index 95b6698280d7e91f9ad4f80dd7cbd27c456dd1f4..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/not_found_zh.html
+++ /dev/null
@@ -1,7 +0,0 @@
-{% extends "_layout_zh.html" %}
-{% block title %}
-未找到
-{% endblock %}
-{% block content %}
-您æœç´¢çš„页é¢æˆ–资æºçš„å称ä¸æ£ç¡®æˆ–ä¸å˜åœ¨æˆ–å·²è¢«åˆ é™¤ã€‚
-{% endblock %}
\ No newline at end of file
diff --git a/www.i2p2/pages/ntcp.html b/www.i2p2/pages/ntcp.html
index c21f999797f66d8f0ebd78bb5600822519c9cdde..54008d933e7fabf6acb35095c7e9887bfb579aa1 100644
--- a/www.i2p2/pages/ntcp.html
+++ b/www.i2p2/pages/ntcp.html
@@ -2,668 +2,433 @@
{% block title %}NTCP{% endblock %}
{% block content %}
-<h1>NTCP (NIO-based TCP)</h1>
+Updated August 2010 for release 0.8
+
+<h2>NTCP (NIO-based TCP)</h2>
<p>
-NTCP was introduced in I2P 0.6.1.22.
-It is a Java NIO-based transport, enabled by default for outbound
-connections only. Those who configure their NAT/firewall to allow
-inbound connections and specify the external host and port
-(dyndns/etc is okay) on /config.jsp can receive inbound connections.
-NTCP is NIO based, so it doesn't suffer from the 1 thread per connection issues of the old TCP transport.
+NTCP
+is one of two <a href="transport.html">transports</a> currently implemented in I2P.
+The other is <a href="udp.html">SSU</a>.
+NTCP
+is a Java NIO-based transport
+introduced in I2P release 0.6.1.22.
+Java NIO (new I/O) does not suffer from the 1 thread per connection issues of the old TCP transport.
</p><p>
-As of 0.6.1.29, NTCP uses the IP/Port
+By default,
+NTCP uses the IP/Port
auto-detected by SSU. When enabled on config.jsp,
-SSU will notify/restart NTCP when the external address changes.
+SSU will notify/restart NTCP when the external address changes
+or when the firewall status changes.
Now you can enable inbound TCP without a static IP or dyndns service.
</p><p>
The NTCP code within I2P is relatively lightweight (1/4 the size of the SSU code)
-because it uses the underlying Java TCP transport.
+because it uses the underlying Java TCP transport for reliable delivery.
</p>
-<h2>Transport Bids and Transport Comparison</h2>
-
-<p>
-I2P supports multiple transports simultaneously.
-A particular transport for an outbound connection is selected with "bids".
-Each transport bids for the connection and the relative value of these bids
-assigns the priority.
-Transports may reply with different bids, depending on whether there is
-already an established connection to the peer.
-</p><p>
-To compare the performance of UDP and NTCP,
-you can adjust the value of i2np.udp.preferred in configadvanced.jsp
-(introduced in I2P 0.6.1.29).
-Possible settings are
-"false" (default), "true", and "always".
-Default setting results in same behavior as before
-(NTCP is preferred unless it isn't established and UDP is established).
-</p><p>
+<h2>NTCP Protocol Specification</h2>
-The table below shows the new bid values. A lower bid is a higher priority.
+<h3>Standard Message Format</h3>
<p>
-<table border=1>
-<tr>
-<td><td colspan=3>i2np.udp.preferred setting
-<tr>
-<td>Transport<td>false<td>true<td>always
-<tr>
-<td>NTCP Established<td>25<td>25<td>25
-<tr>
-<td>UDP Established<td>50<td>15<td>15
-<tr>
-<td>NTCP Not established<td>70<td>70<td>70
-<tr>
-<td>UDP Not established<td>1000<td>65<td>20
-</table>
-
-
-
-<h2>NTCP Transport Protocol</h2>
-
-
+ After establishment,
+ the NTCP transport sends individual I2NP messages, with a simple checksum.
+ The unencrypted message is encoded as follows:
<pre>
- * Coordinate the connection to a single peer.
- *
- * The NTCP transport sends individual I2NP messages AES/256/CBC encrypted with
- * a simple checksum. The unencrypted message is encoded as follows:
* +-------+-------+--//--+---//----+-------+-------+-------+-------+
- * | sizeof(data) | data | padding | adler checksum of sz+data+pad |
+ * | sizeof(data) | data | padding | Adler checksum of sz+data+pad |
* +-------+-------+--//--+---//----+-------+-------+-------+-------+
- * That message is then encrypted with the DH/2048 negotiated session key
- * (station to station authenticated per the EstablishState class) using the
- * last 16 bytes of the previous encrypted message as the IV.
- *
- * One special case is a metadata message where the sizeof(data) is 0. In
- * that case, the unencrypted message is encoded as:
+</pre>
+ The data is then AES/256/CBC encrypted. The session key for the encryption
+ is negotiated during establishment (using Diffie-Hellman 2048 bit).
+ The establishment between two routers is implemented in the EstablishState class
+ and detailed below.
+ The IV for AES/256/CBC encryption is the last 16 bytes of the previous encrypted message.
+</p>
+
+<p>
+0-15 bytes of padding are required to bring the total message length
+(including the six size and checksum bytes) to a multiple of 16.
+The maximum message size is currently 16 KB.
+Therefore the maximum data size is currently 16 KB - 6, or 16378 bytes.
+The minimum data size is 1.
+</p>
+
+<h3>Time Sync Message Format</h3>
+<p>
+ One special case is a metadata message where the sizeof(data) is 0. In
+ that case, the unencrypted message is encoded as:
+<pre>
* +-------+-------+-------+-------+-------+-------+-------+-------+
* | 0 | timestamp in seconds | uninterpreted
* +-------+-------+-------+-------+-------+-------+-------+-------+
- * uninterpreted | adler checksum of sz+data+pad |
+ * uninterpreted | Adler checksum of bytes 0-11 |
* +-------+-------+-------+-------+-------+-------+-------+-------+
- *
- *
</pre>
+Total length: 16 bytes. The time sync message is sent at approximately 15 minute intervals.
+The message is encrypted just as standard messages are.
+
+
+<h3>Checksums</h3>
+The standard and time sync messages use the Adler-32 checksum
+as defined in the <a href="http://tools.ietf.org/html/rfc1950">ZLIB Specification</a>.
+
-In the establish state, the following communication happens.
-There is a 2048-bit Diffie Hellman exchange.
-For more information see the <a href="how_cryptography.html#tcp">cryptography page</a>.
+<h3>Establishment Sequence</h3>
+In the establish state, there is a 4-phase message sequence to exchange DH keys and signatures.
+In the first two messages there is a 2048-bit Diffie Hellman exchange.
+Then, DSA signatures of the critical data are exchanged to confirm the connection.
<pre>
* Alice contacts Bob
* =========================================================
- * X+(H(X) xor Bob.identHash)----------------------------->
- * <----------------------------------------Y+E(H(X+Y)+tsB, sk, Y[239:255])
- * E(#+Alice.identity+tsA+padding+S(X+Y+Bob.identHash+tsA+tsB+padding), sk, hX_xor_Bob.identHash[16:31])--->
- * <----------------------E(S(X+Y+Alice.identHash+tsA+tsB)+padding, sk, prev)
+ * X+(H(X) xor Bob.identHash)----------------------------->
+ * <----------------------------------------Y+E(H(X+Y)+tsB+padding, sk, Y[239:255])
+ * E(sz+Alice.identity+tsA+padding+S(X+Y+Bob.identHash+tsA+tsB), sk, hX_xor_Bob.identHash[16:31])--->
+ * <----------------------E(S(X+Y+Alice.identHash+tsA+tsB)+padding, sk, prev)
+
</pre>
-Alternately, when Bob receives a connection, it could be a
-check connection (perhaps prompted by Bob asking for someone
-to verify his listener).
-It does not appear that 'check connection' is used.
-However, for the record, check connections are formatted as follows:
+
<pre>
- * a check info connection will receive 256 bytes containing:
- * - 32 bytes of uninterpreted, ignored data
- * - 1 byte size
- * - that many bytes making up the local router's IP address (as reached by the remote side)
- * - 2 byte port number that the local router was reached on
- * - 4 byte i2p network time as known by the remote side (seconds since the epoch)
- * - uninterpreted padding data, up to byte 223
- * - xor of the local router's identity hash and the SHA256 of bytes 32 through bytes 223
+ Legend:
+ X, Y: 256 byte DH public keys
+ H(): 32 byte SHA256 Hash
+ E(data, session key, IV): AES256 Encrypt
+ S(): 40 byte DSA Signature
+ tsA, tsB: timestamps (4 bytes, seconds since epoch)
+ sk: 32 byte Session key
+ sz: 2 byte size of Alice identity to follow
</pre>
-
-<h2>NTCP vs. SSU Discussion, March 2007</h2>
-<h3>NTCP questions</h3>
-(adapted from an IRC discussion between zzz and cervantes)
-<br />
-Why is NTCP preferred over SSU, doesn't NTCP have higher overhead and latency?
-It has better reliability.
-<br />
-Doesn't streaming lib over NTCP suffer from classic TCP-over-TCP issues?
-What if we had a really simple UDP transport for streaming-lib-originated traffic?
-I think SSU was meant to be the so-called really simple UDP transport - but it just proved too unreliable.
-
-<h3>"NTCP Considered Harmful" Analysis by zzz</h3>
-Posted to new Syndie, 2007-03-25.
-This was posted to stimulate discussion, don't take it too seriously.
+<h4 id="DH">DH Key Exchange</h4>
<p>
-Summary: NTCP has higher latency and overhead than SSU, and is more likely to
-collapse when used with the streaming lib. However, traffic is routed with a
-preference for NTCP over SSU and this is currently hardcoded.
+The initial 2048-bit DH key exchange
+uses the same shared prime (p) and generator (g) as that used for I2P's
+<a href="how_cryptography.html#elgamal">ElGamal encryption</a>.
</p>
-<h4>Discussion</h4>
<p>
-We currently have two transports, NTCP and SSU. As currently implemented, NTCP
-has lower "bids" than SSU so it is preferred, except for the case where there
-is an established SSU connection but no established NTCP connection for a peer.
-</p><p>
-
-SSU is similar to NTCP in that it implements acknowledgments, timeouts, and
-retransmissions. However SSU is I2P code with tight constraints on the
-timeouts and available statistics on round trip times, retransmissions, etc.
-NTCP is based on Java NIO TCP, which is a black box and presumably implements
-RFC standards, including very long maximum timeouts.
-</p><p>
-
-The majority of traffic within I2P is streaming-lib originated (HTTP, IRC,
-Bittorrent) which is our implementation of TCP. As the lower-level transport is
-generally NTCP due to the lower bids, the system is subject to the well-known
-and dreaded problem of TCP-over-TCP
-http://sites.inka.de/~W1011/devel/tcp-tcp.html , where both the higher and
-lower layers of TCP are doing retransmissions at once, leading to collapse.
-</p><p>
-
-Unlike in the PPP over SSH scenario described in the link above, we have
-several hops for the lower layer, each covered by a NTCP link. So each NTCP
-latency is generally much less than the higher-layer streaming lib latency.
-This lessens the chance of collapse.
-</p><p>
-
-Also, the probabilities of collapse are lessened when the lower-layer TCP is
-tightly constrained with low timeouts and number of retransmissions compared to
-the higher layer.
-</p><p>
-
-The .28 release increased the maximum streaming lib timeout from 10 sec to 45
-sec which greatly improved things. The SSU max timeout is 3 sec. The NTCP max
-timeout is presumably at least 60 sec, which is the RFC recommendation. There
-is no way to change NTCP parameters or monitor performance. Collapse of the
-NTCP layer is [editor: text lost]. Perhaps an external tool like tcpdump would help.
-</p><p>
-
-However, running .28, the i2psnark reported upstream does not generally stay at
-a high level. It often goes down to 3-4 KBps before climbing back up. This is a
-signal that there are still collapses.
-</p><p>
-
-SSU is also more efficient. NTCP has higher overhead and probably higher round
-trip times. when using NTCP the ratio of (tunnel output) / (i2psnark data
-output) is at least 3.5 : 1. Running an experiment where the code was modified
-to prefer SSU (the config option i2np.udp.alwaysPreferred has no effect in the
-current code), the ratio reduced to about 3 : 1, indicating better efficiency.
-</p><p>
-
-As reported by streaming lib stats, things were much improved - lifetime window
-size up from 6.3 to 7.5, RTT down from 11.5s to 10s, sends per ack down from
-1.11 to 1.07.
-</p><p>
-
-That this was quite effective was surprising, given that we were only changing
-the transport for the first of 3 to 5 total hops the outbound messages would
-take.
-</p><p>
-
-The effect on outbound i2psnark speeds wasn't clear due to normal variations.
-Also for the experiment, inbound NTCP was disabled. The effect on inbound
-speeds on i2psnark was not clear.
+The DH key exchange consists of a number of steps, displayed below.
+The mapping between these steps and the messages sent between I2P routers,
+is marked in bold.
+ <ol>
+ <li>Alice generates a secret 226-bit integer x.
+ She then calculates X = g^x mod p.
+ </li>
+ <li>Alice sends X to Bob <b>(Message 1)</b>.</li>
+ <li>Bob generates a secret 226-bit integer y.
+ He then calculates Y = g^y mod p.</li>
+ <li>Bob sends Y to Alice.<b>(Message 2)</b></li>
+ <li>Alice can now compute sessionKey = Y^x mod p.</li>
+ <li>Bob can now compute sessionKey = X^y mod p.</li>
+ <li>Both Alice and Bob now have a shared key sessionKey = g^(x*y) mod p.</li>
+ </ol>
+The sessionKey is then used to exchange identities in <b>Message 3</b> and <b>Message 4</b>.
</p>
-<h4>Proposals</h4>
-
-<ul>
-<li>
-1A)
-This is easy -
-We should flip the bid priorities so that SSU is preferred for all traffic, if
-we can do this without causing all sorts of other trouble. This will fix the
-i2np.udp.alwaysPreferred configuration option so that it works (either as true
-or false).
-
-<li>
-1B)
-Alternative to 1A), not so easy -
-If we can mark traffic without adversely affecting our anonymity goals, we
-should identify streaming-lib generated traffic and have SSU generate a low bid
-for that traffic. This tag will have to go with the message through each hop
-so that the forwarding routers also honor the SSU preference.
-
-
-<li>
-2)
-Bounding SSU even further (reducing maximum retransmissions from the current
-10) is probably wise to reduce the chance of collapse.
-
-<li>
-3)
-We need further study on the benefits vs. harm of a semi-reliable protocol
-underneath the streaming lib. Are retransmissions over a single hop beneficial
-and a big win or are they worse than useless?
-We could do a new SUU (secure unreliable UDP) but probably not worth it. We
-could perhaps add a no-ack-required message type in SSU if we don't want any
-retransmissions at all of streaming-lib traffic. Are tightly bounded
-retransmissions desirable?
-
-<li>
-4)
-The priority sending code in .28 is only for NTCP. So far my testing hasn't
-shown much use for SSU priority as the messages don't queue up long enough for
-priorities to do any good. But more testing needed.
-
-<li>
-5)
-The new streaming lib max timeout of 45s is probably still too low.
-The TCP RFC says 60s. It probably shouldn't be shorter than the underlying NTCP max timeout (presumably 60s).
-</ul>
-
-<h3>Response by jrandom</h3>
-Posted to new Syndie, 2007-03-27
-<p>
-On the whole, I'm open to experimenting with this, though remember why NTCP is
-there in the first place - SSU failed in a congestion collapse. NTCP "just
-works", and while 2-10% retransmission rates can be handled in normal
-single-hop networks, that gives us a 40% retransmission rate with 2 hop
-tunnels. If you loop in some of the measured SSU retransmission rates we saw
-back before NTCP was implemented (10-30+%), that gives us an 83% retransmission
-rate. Perhaps those rates were caused by the low 10 second timeout, but
-increasing that much would bite us (remember, multiply by 5 and you've got half
-the journey).
-</p><p>
-
-Unlike TCP, we have no feedback from the tunnel to know whether the message
-made it - there are no tunnel level acks. We do have end to end ACKs, but only
-on a small number of messages (whenever we distribute new session tags) - out
-of the 1,553,591 client messages my router sent, we only attempted to ACK
-145,207 of them. The others may have failed silently or succeeded perfectly.
-</p><p>
-
-I'm not convinced by the TCP-over-TCP argument for us, especially split across
-the various paths we transfer down. Measurements on I2P can convince me
-otherwise, of course.
-</p><p>
-
-<i>
-The NTCP max timeout is presumably at least 60 sec, which is the RFC
-recommendation. There is no way to change NTCP parameters or monitor
-performance.
-</i>
-</p><p>
-
-
-True, but net connections only get up to that level when something really bad
-is going on - the retransmission timeout on TCP is often on the order of tens
-or hundreds of milliseconds. As foofighter points out, they've got 20+ years
-experience and bugfixing in their TCP stacks, plus a billion dollar industry
-optimizing hardware and software to perform well according to whatever it is
-they do.
-</p><p>
-
-<i>
-NTCP has higher overhead and probably higher round trip times. when using NTCP
-the ratio of (tunnel output) / (i2psnark data output) is at least 3.5 : 1.
-Running an experiment where the code was modified to prefer SSU (the config
-option i2np.udp.alwaysPreferred has no effect in the current code), the ratio
-reduced to about 3 : 1, indicating better efficiency.
-</i>
-</p><p>
-
-
-This is very interesting data, though more as a matter of router congestion
-than bandwidth efficiency - you'd have to compare 3.5*$n*$NTCPRetransmissionPct
-./. 3.0*$n*$SSURetransmissionPct. This data point suggests there's something in
-the router that leads to excess local queuing of messages already being
-transferred.
-</p><p>
-
-<i>
-lifetime window size up from 6.3 to 7.5, RTT down from 11.5s to 10s, sends per
-ACK down from 1.11 to 1.07.
-</i>
-
-</p><p>
-
-Remember that the sends-per-ACK is only a sample not a full count (as we don't
-try to ACK every send). Its not a random sample either, but instead samples
-more heavily periods of inactivity or the initiation of a burst of activity -
-sustained load won't require many ACKs.
-</p><p>
-
-Window sizes in that range are still woefully low to get the real benefit of
-AIMD, and still too low to transmit a single 32KB BT chunk (increasing the
-floor to 10 or 12 would cover that).
-</p><p>
-
-Still, the wsize stat looks promising - over how long was that maintained?
-</p><p>
-Actually, for testing purposes, you may want to look at
-StreamSinkClient/StreamSinkServer or even TestSwarm in
-apps/ministreaming/java/src/net/i2p/client/streaming/ - StreamSinkClient is a
-CLI app that sends a selected file to a selected destination and
-StreamSinkServer creates a destination and writes out any data sent to it
-(displaying size and transfer time). TestSwarm combines the two - flooding
-random data to whomever it connects to. That should give you the tools to
-measure sustained throughput capacity over the streaming lib, as opposed to BT
-choke/send.
-</p><p>
+<h4>Message 1 (Session Request)</h4>
+This is the DH request.
+Alice already has Bob's
+<a href="common_structures_spec.html#struct_RouterIdentity">Router Identity</a>,
+IP address, and port, as contained in his
+<a href="common_structures_spec.html#struct_RouterInfo">Router Info</a>,
+which was published to the
+<a href="how_networkdatabase.html">network database</a>.
+Alice sends Bob:
+<pre>
+ * X+(H(X) xor Bob.identHash)----------------------------->
-<i>
-1A)
+ Size: 288 bytes
+</pre>
+Contents:
+<pre>
+ +----+----+----+----+----+----+----+----+
+ | X, as calculated from DH |
+ + +
+ | |
+ ~ . . . ~
+ | |
+ +----+----+----+----+----+----+----+----+
+ | |
+ + +
+ | HXxorHI |
+ + +
+ | |
+ + +
+ | |
+ +----+----+----+----+----+----+----+----+
+
+ X: 256 byte X from Diffie Hellman
+
+ HXxorHI: SHA256 Hash(X) xored with SHA256 Hash(Bob's <a href="common_structures_spec.html#struct_RouterIdentity">Router Identity</a>)
+ (32 bytes)
-This is easy -
-We should flip the bid priorities so that SSU is preferred for all traffic, if
-we can do this without causing all sorts of other trouble. This will fix the
-i2np.udp.alwaysPreferred configuration option so that it works (either as true
-or false).
-</i>
-</p><p>
+</pre>
+<p><b>Notes:</b>
+<ul><li>
+Bob verifies HXxorHI using his own router hash. If it does not verify,
+Alice has contacted the wrong router, and Bob drops the connection.
+</li></ul>
-Honoring i2np.udp.alwaysPreferred is a good idea in any case - please feel free
-to commit that change. Lets gather a bit more data though before switching the
-preferences, as NTCP was added to deal with an SSU-created congestion collapse.
-</p><p>
-<i>
-1B)
-Alternative to 1A), not so easy -
-If we can mark traffic without adversely affecting our anonymity goals, we
-should identify streaming-lib generated traffic
-and have SSU generate a low bid for that traffic. This tag will have to go with
-the message through each hop
-so that the forwarding routers also honor the SSU preference.
-</i>
-</p><p>
+<h4>Message 2 (Session Created)</h4>
+This is the DH reply. Bob sends Alice:
+<pre>
+ * <----------------------------------------Y+E(H(X+Y)+tsB+padding, sk, Y[239:255])
+ Size: 304 bytes
+</pre>
+Unencrypted Contents:
+<pre>
+ +----+----+----+----+----+----+----+----+
+ | Y as calculated from DH |
+ + +
+ | |
+ ~ . . . ~
+ | |
+ +----+----+----+----+----+----+----+----+
+ | |
+ + +
+ | HXY |
+ + +
+ | |
+ + +
+ | |
+ +----+----+----+----+----+----+----+----+
+ | tsB | padding |
+ +----+----+----+----+ +
+ | |
+ +----+----+----+----+----+----+----+----+
+
+ Y: 256 byte Y from Diffie Hellman
+
+ HXY: SHA256 Hash(X concatenated with Y)
+ (32 bytes)
+
+ tsB: 4 byte timestamp (seconds since the epoch)
+
+ padding: 12 bytes random data
-In practice, there are three types of traffic - tunnel building/testing, netDb
-query/response, and streaming lib traffic. The network has been designed to
-make differentiating those three very hard.
+</pre>
-</p><p>
-<i>
-2)
-Bounding SSU even further (reducing maximum retransmissions from the current
-10) is probably wise to reduce the chance of collapse.
-</i>
-</p><p>
+Encrypted Contents:
+<pre>
+ +----+----+----+----+----+----+----+----+
+ | Y as calculated from DH |
+ + +
+ | |
+ ~ . . . ~
+ | |
+ +----+----+----+----+----+----+----+----+
+ | |
+ + +
+ | encrypted data |
+ + +
+ | |
+ + +
+ | |
+ + +
+ | |
+ + +
+ | |
+ +----+----+----+----+----+----+----+----+
+
+ Y: 256 byte Y from Diffie Hellman
+
+ encrypted data: 48 bytes <a href="how_cryptography.html#AES">AES encrypted</a> using the DH session key and
+ the last 16 bytes of Y as the IV
+</pre>
-At 10 retransmissions, we're up shit creek already, I agree. One, maybe two
-retransmissions is reasonable, from a transport layer, but if the other side is
-too congested to ACK in time (even with the implemented SACK/NACK capability),
-there's not much we can do.
-</p><p>
-In my view, to really address the core issue we need to address why the router
-gets so congested to ACK in time (which, from what I've found, is due to CPU
-contention). Maybe we can juggle some things in the router's processing to make
-the transmission of an already existing tunnel higher CPU priority than
-decrypting a new tunnel request? Though we've got to be careful to avoid
-starvation.
-</p><p>
+<p><b>Notes:</b>
+<ul><li>
+Alice may drop the connection if the clock skew with Bob is too high as calculated using tsB.
+</li></ul>
+</p>
-<i>
-3)
-We need further study on the benefits vs. harm of a semi-reliable protocol
-underneath the streaming lib. Are retransmissions over a single hop beneficial
-and a big win or are they worse than useless?
-We could do a new SUU (secure unreliable UDP) but probably not worth it. We
-could perhaps add a no-ACK-required message type in SSU if we don't want any
-retransmissions at all of streaming-lib traffic. Are tightly bounded
-retransmissions desirable?
-</i>
-</p><p>
+<h4>Message 3 (Session Confirm A)</h4>
+This contains Alice's router identity, and a DSA signature of the critical data. Alice sends Bob:
+<pre>
+ * E(sz+Alice.identity+tsA+padding+S(X+Y+Bob.identHash+tsA+tsB), sk, hX_xor_Bob.identHash[16:31])--->
-Worth looking into - what if we just disabled SSU's retransmissions? It'd
-probably lead to much higher streaming lib resend rates, but maybe not.
-</p><p>
+ Size: 448 bytes (typ. for 387 byte identity)
+</pre>
+Unencrypted Contents:
+<pre>
+ +----+----+----+----+----+----+----+----+
+ | sz | Alice's Router Identity |
+ +----+----+ +
+ | |
+ ~ . . . ~
+ | |
+ + +----+----+----+
+ | | tsA
+ +----+----+----+----+----+----+----+----+
+ | padding |
+ +----+ +
+ | |
+ +----+----+----+----+----+----+----+----+
+ | |
+ + +
+ | signature |
+ + +
+ | |
+ + +
+ | |
+ + +
+ | |
+ +----+----+----+----+----+----+----+----+
+
+ sz: 2 byte size of Alice's router identity to follow (should always be 387)
+
+ ident: Alice's 387 byte <a href="common_structures_spec.html#struct_RouterIdentity">Router Identity</a>
+
+ tsA: 4 byte timestamp (seconds since the epoch)
+
+ padding: 15 bytes random data
+
+ signature: the 40 byte <a href="common_structures_spec.html#type_Signature">DSA signature</a> of the following concatenated data:
+ X, Y, Bob's <a href="common_structures_spec.html#struct_RouterIdentity">Router Identity</a>, tsA, tsB.
+ Alice signs it with the <a href="common_structures_spec.html#type_SigningPrivateKey">private signing key</a> associated with the <a href="common_structures_spec.html#type_SigningPublicKey">public signing key</a> in her <a href="common_structures_spec.html#struct_RouterIdentity">Router Identity</a>
-<i>
-4)
-The priority sending code in .28 is only for NTCP. So far my testing hasn't
-shown much use for SSU priority as the messages don't queue up long enough for
-priorities to do any good. But more testing needed.
-</i>
+</pre>
-</p><p>
+Encrypted Contents:
+<pre>
+ +----+----+----+----+----+----+----+----+
+ | |
+ + +
+ | encrypted data |
+ ~ . . . ~
+ | |
+ +----+----+----+----+----+----+----+----+
-There's UDPTransport.PRIORITY_LIMITS and UDPTransport.PRIORITY_WEIGHT (honored
-by TimedWeightedPriorityMessageQueue), but currently the weights are almost all
-equal, so there's no effect. That could be adjusted, of course (but as you
-mention, if there's no queuing, it doesn't matter).
-</p><p>
+ encrypted data: 448 bytes <a href="how_cryptography.html#AES">AES encrypted</a> using the DH session key and
+ the last 16 bytes of HXxorHI (i.e., the last 16 bytes of message #1) as the IV
-<i>
-5)
-The new streaming lib max timeout of 45s is probably still too low. The TCP RFC
-says 60s. It probably shouldn't be shorter than the underlying NTCP max timeout
-(presumably 60s).
-</i>
-</p><p>
+</pre>
-That 45s is the max retransmission timeout of the streaming lib though, not the
-stream timeout. TCP in practice has retransmission timeouts orders of magnitude
-less, though yes, can get to 60s on links running through exposed wires or
-satellite transmissions ;) If we increase the streaming lib retransmission
-timeout to e.g. 75 seconds, we could go get a beer before a web page loads
-(especially assuming less than a 98% reliable transport). That's one reason we
-prefer NTCP.
+<p><b>Notes:</b>
+<ul><li>
+Bob verifies the signature, and on failure, drops the connection.
+</li><li>
+Bob may drop the connection if the clock skew with Alice is too high as calculated using tsA.
+</li></ul>
</p>
-<h3>Response by zzz</h3>
-Posted to new Syndie, 2007-03-31
-<p>
-<i>
-At 10 retransmissions, we're up shit creek already, I agree. One, maybe two
-retransmissions is reasonable, from a transport layer, but if the other side is
-too congested to ACK in time (even with the implemented SACK/NACK capability),
-there's not much we can do.
-<br>
-In my view, to really address the core issue we need to address why the
-router gets so congested to ACK in time (which, from what I've found, is due to
-CPU contention). Maybe we can juggle some things in the router's processing to
-make the transmission of an already existing tunnel higher CPU priority than
-decrypting a new tunnel request? Though we've got to be careful to avoid
-starvation.
-</i>
-</p><p>
+<h4>Message 4 (Session Confirm B)</h4>
+This is a DSA signature of the critical data. Bob sends Alice:
+<pre>
+ * <----------------------E(S(X+Y+Alice.identHash+tsA+tsB)+padding, sk, prev)
-One of my main stats-gathering techniques is turning on
-net.i2p.client.streaming.ConnectionPacketHandler=DEBUG and watching the RTT
-times and window sizes as they go by. To overgeneralize for a moment, it's
-common to see 3 types of connections: ~4s RTT, ~10s RTT, and ~30s RTT. Trying
-to knock down the 30s RTT connections is the goal. If CPU contention is the
-cause then maybe some juggling will do it.
-</p><p>
+ Size: 48 bytes
+</pre>
+Unencrypted Contents:
+<pre>
+ +----+----+----+----+----+----+----+----+
+ | |
+ + +
+ | signature |
+ + +
+ | |
+ + +
+ | |
+ + +
+ | |
+ +----+----+----+----+----+----+----+----+
+ | padding |
+ +----+----+----+----+----+----+----+----+
+
+
+ signature: the 40 byte <a href="common_structures_spec.html#type_Signature">DSA signature</a> of the following concatenated data:
+ X, Y, Alice's <a href="common_structures_spec.html#struct_RouterIdentity">Router Identity</a>, tsA, tsB.
+ Bob signs it with the <a href="common_structures_spec.html#type_SigningPrivateKey">private signing key</a> associated with the <a href="common_structures_spec.html#type_SigningPublicKey">public signing key</a> in his <a href="common_structures_spec.html#struct_RouterIdentity">Router Identity</a>
+
+ padding: 8 bytes random data
-Reducing the SSU max retrans from 10 is really just a stab in the dark as we
-don't have good data on whether we are collapsing, having TCP-over-TCP issues,
-or what, so more data is needed.
-</p><p>
+</pre>
-<i>
-Worth looking into - what if we just disabled SSU's retransmissions? It'd
-probably lead to much higher streaming lib resend rates, but maybe not.
-</i>
-</p><p>
-What I don't understand, if you could elaborate, are the benefits of SSU
-retransmissions for non-streaming-lib traffic. Do we need tunnel messages (for
-example) to use a semi-reliable transport or can they use an unreliable or
-kinda-sorta-reliable transport (1 or 2 retransmissions max, for example)? In
-other words, why semi-reliability?
-</p><p>
+Encrypted Contents:
+<pre>
+ +----+----+----+----+----+----+----+----+
+ | |
+ + +
+ | encrypted data |
+ ~ . . . ~
+ | |
+ +----+----+----+----+----+----+----+----+
-<i>
-(but as you mention, if there's no queuing, it doesn't matter).
-</i>
-</p><p>
+ encrypted data: 48 bytes <a href="how_cryptography.html#AES">AES encrypted</a> using the DH session key and
+ the last 16 bytes of the encrypted contents of message #2 as the IV
-I implemented priority sending for UDP but it kicked in about 100,000 times
-less often than the code on the NTCP side. Maybe that's a clue for further
-investigation or a hint - I don't understand why it would back up that much
-more often on NTCP, but maybe that's a hint on why NTCP performs worse.
+</pre>
+<p><b>Notes:</b>
+<ul><li>
+Alice verifies the signature, and on failure, drops the connection.
+</li></ul>
</p>
-<h3>Question answered by jrandom</h3>
-Posted to new Syndie, 2007-03-31
-<p>
-measured SSU retransmission rates we saw back before NTCP was implemented
-(10-30+%)
-</p><p>
-Can the router itself measure this? If so, could a transport be selected based
-on measured performance? (i.e. if an SSU connection to a peer is dropping an
-unreasonable number of messages, prefer NTCP when sending to that peer)
-</p><p>
-
-Yeah, it currently uses that stat right now as a poor-man's MTU detection (if
-the retransmission rate is high, it uses the small packet size, but if its low,
-it uses the large packet size). We tried a few things when first introducing
-NTCP (and when first moving away from the original TCP transport) that would
-prefer SSU but fail that transport for a peer easily, causing it to fall back
-on NTCP. However, there's certainly more that could be done in that regard,
-though it gets complicated quickly (how/when to adjust/reset the bids, whether
-to share these preferences across multiple peers or not, whether to share it
-across multiple sessions with the same peer (and for how long), etc).
-
-
-<h3>Response by foofighter</h3>
-Posted to new Syndie, 2007-03-26
+<h4>After Establishment</h4>
<p>
+The connection is established, and standard or time sync messages may be exchanged.
+All subsequent messages are AES encrypted using the negotiated DH session key.
+Alice will use the last 16 bytes of the encrypted contents of message #3 as the next IV.
+Bob will use the last 16 bytes of the encrypted contents of message #4 as the next IV.
+</p>
-If I've understood things right, the primary reason in favor of TCP (in
-general, both the old and new variety) was that you needn't worry about coding
-a good TCP stack. Which ain't impossibly hard to get right... just that
-existing TCP stacks have a 20 year lead.
-</p><p>
-AFAIK, there hasn't been much deep theory behind the preference of TCP versus
-UDP, except the following considerations:
+<h3>Check Connection Message</h3>
+Alternately, when Bob receives a connection, it could be a
+check connection (perhaps prompted by Bob asking for someone
+to verify his listener).
+Check Connection is not currently used.
+However, for the record, check connections are formatted as follows.
+ A check info connection will receive 256 bytes containing:
<ul>
-<li>
- A TCP-only network is very dependent on reachable peers (those who can forward
-incoming connections through their NAT)
-<li>
- Still even if reachable peers are rare, having them be high capacity somewhat
-alleviates the topological scarcity issues
-<li>
- UDP allows for "NAT hole punching" which lets people be "kind of
-pseudo-reachable" (with the help of introducers) who could otherwise only
-connect out
-<li>
- The "old" TCP transport implementation required lots of threads, which was a
-performance killer, while the "new" TCP transport does well with few threads
-<li>
- Routers of set A crap out when saturated with UDP. Routers of set B crap out
-when saturated with TCP.
-<li>
- It "feels" (as in, there are some indications but no scientific data or
-quality statistics) that A is more widely deployed than B
-<li>
- Some networks carry non-DNS UDP datagrams with an outright shitty quality,
-while still somewhat bothering to carry TCP streams.
+ <li> 32 bytes of uninterpreted, ignored data
+ <li> 1 byte size
+ <li> that many bytes making up the local router's IP address (as reached by the remote side)
+ <li> 2 byte port number that the local router was reached on
+ <li> 4 byte i2p network time as known by the remote side (seconds since the epoch)
+ <li> uninterpreted padding data, up to byte 223
+ <li> xor of the local router's identity hash and the SHA256 of bytes 32 through bytes 223
</ul>
-</p><p>
-
-
-On that background, a small diversity of transports (as many as needed, but not
-more) appears sensible in either case. Which should be the main transport,
-depends on their performance-wise. I've seen nasty stuff on my line when I
-tried to use its full capacity with UDP. Packet losses on the level of 35%.
-</p><p>
-
-We could definitely try playing with UDP versus TCP priorities, but I'd urge
-caution in that. I would urge that they not be changed too radically all at
-once, or it might break things.
-
-</p>
-
-<h3>Response by zzz</h3>
-Posted to new Syndie, 2007-03-27
-<p>
-<i>
-AFAIK, there hasn't been much deep theory behind the preference of TCP versus
-UDP, except the following considerations:
-</i>
-
-</p><p>
-
-These are all valid issues. However you are considering the two protocols in
-isolation, whether than thinking about what transport protocol is best for a
-particular higher-level protocol (i.e. streaming lib or not).
-</p><p>
-
-What I'm saying is you have to take the streaming lib into consideration.
-
-So either shift the preferences for everybody or treat streaming lib traffic
-differently.
-
-That's what my proposal 1B) is talking about - have a different preference for
-streaming-lib traffic than for non streaming-lib traffic (for example tunnel
-build messages).
-</p><p>
-
-<i>
-
-On that background, a small diversity of transports (as many as needed, but
-not more) appears sensible in either case. Which should be the main transport,
-depends on their performance-wise. I've seen nasty stuff on my line when I
-tried to use its full capacity with UDP. Packet losses on the level of 35%.
-
-</i>
-</p><p>
-
-Agreed. The new .28 may have made things better for packet loss over UDP, or
-maybe not.
-
-One important point - the transport code does remember failures of a transport.
-So if UDP is the preferred transport, it will try it first, but if it fails for
-a particular destination, the next attempt for that destination it will try
-NTCP rather than trying UDP again.
-</p><p>
-
-<i>
-We could definitely try playing with UDP versus TCP priorities, but I'd urge
-caution in that. I would urge that they not be changed too radically all at
-once, or it might break things.
-</i>
-</p><p>
-
-We have four tuning knobs - the four bid values (SSU and NTCP, for
-already-connected and not-already-connected).
-We could make SSU be preferred over NTCP only if both are connected, for
-example, but try NTCP first if neither transport is connected.
-</p><p>
+</pre>
-The other way to do it gradually is only shifting the streaming lib traffic
-(the 1B proposal) however that could be hard and may have anonymity
-implications, I don't know. Or maybe shift the traffic only for the first
-outbound hop (i.e. don't propagate the flag to the next router), which gives
-you only partial benefit but might be more anonymous and easier.
+<h2>Discussion</h2>
+Now on the <a href="ntcp_discussion.html">NTCP Discussion Page</a>.
+
+<h2><a name="future">Future Work</a></h2>
+<ul><li>
+The maximum message size should be increased to approximately 32 KB.
+</li><li>
+A set of fixed packet sizes may be appropriate to further hide the data
+fragmentation to external adversaries, but the tunnel, garlic, and end to
+end padding should be sufficient for most needs until then.
+However, there is currently no provision for padding beyond the next 16-byte boundary,
+to create a limited number of message sizes.
+</li><li>
+Memory utilization (including that of the kernel) for NTCP should be compared to that for SSU.
+</li><li>
+Can the establishment messages be randomly padded somehow, to frustrate
+identification of I2P traffic based on initial packet sizes?
+</li><li>
+Review and possibly disable 'check connection'
+</li></ul>
</p>
-<h3>Results of the Discussion</h3>
-... and other related changes in the same timeframe (2007):
-<ul>
-<li>
-Significant tuning of the streaming lib parameters,
-greatly increasing outbound performance, was implemented in 0.6.1.28
-<li>
-Priority sending for NTCP was implemented in 0.6.1.28
-<li>
-Priority sending for SSU was implemented by zzz but was never checked in
-<li>
-The advanced transport bid control
-i2np.udp.preferred was implemented in 0.6.1.29.
-<li>
-Pushback for NTCP was implemented in 0.6.1.30, disabled in 0.6.1.31 due to anonymity concerns,
-and re-enabled with improvements to address those concerns in 0.6.1.32.
-<li>
-None of zzz's proposals 1-5 have been implemented.
-</ul>
-
{% endblock %}
diff --git a/www.i2p2/pages/ntcp_discussion.html b/www.i2p2/pages/ntcp_discussion.html
new file mode 100644
index 0000000000000000000000000000000000000000..ce013d3f6737328973b045531fe787a98e9fb76f
--- /dev/null
+++ b/www.i2p2/pages/ntcp_discussion.html
@@ -0,0 +1,559 @@
+{% extends "_layout.html" %}
+{% block title %}NTCP Discussion{% endblock %}
+{% block content %}
+
+Following is a discussion about NTCP that took place in March 2007.
+It has not been updated to reflect current implementation.
+For the current NTCP specification see <a href="ntcp.html">the main NTCP page</a>.
+
+<h2>NTCP vs. SSU Discussion, March 2007</h2>
+<h3>NTCP questions</h3>
+(adapted from an IRC discussion between zzz and cervantes)
+<br />
+Why is NTCP preferred over SSU, doesn't NTCP have higher overhead and latency?
+It has better reliability.
+<br />
+Doesn't streaming lib over NTCP suffer from classic TCP-over-TCP issues?
+What if we had a really simple UDP transport for streaming-lib-originated traffic?
+I think SSU was meant to be the so-called really simple UDP transport - but it just proved too unreliable.
+
+<h3>"NTCP Considered Harmful" Analysis by zzz</h3>
+Posted to new Syndie, 2007-03-25.
+This was posted to stimulate discussion, don't take it too seriously.
+<p>
+Summary: NTCP has higher latency and overhead than SSU, and is more likely to
+collapse when used with the streaming lib. However, traffic is routed with a
+preference for NTCP over SSU and this is currently hardcoded.
+</p>
+
+<h4>Discussion</h4>
+<p>
+We currently have two transports, NTCP and SSU. As currently implemented, NTCP
+has lower "bids" than SSU so it is preferred, except for the case where there
+is an established SSU connection but no established NTCP connection for a peer.
+</p><p>
+
+SSU is similar to NTCP in that it implements acknowledgments, timeouts, and
+retransmissions. However SSU is I2P code with tight constraints on the
+timeouts and available statistics on round trip times, retransmissions, etc.
+NTCP is based on Java NIO TCP, which is a black box and presumably implements
+RFC standards, including very long maximum timeouts.
+</p><p>
+
+The majority of traffic within I2P is streaming-lib originated (HTTP, IRC,
+Bittorrent) which is our implementation of TCP. As the lower-level transport is
+generally NTCP due to the lower bids, the system is subject to the well-known
+and dreaded problem of TCP-over-TCP
+http://sites.inka.de/~W1011/devel/tcp-tcp.html , where both the higher and
+lower layers of TCP are doing retransmissions at once, leading to collapse.
+</p><p>
+
+Unlike in the PPP over SSH scenario described in the link above, we have
+several hops for the lower layer, each covered by a NTCP link. So each NTCP
+latency is generally much less than the higher-layer streaming lib latency.
+This lessens the chance of collapse.
+</p><p>
+
+Also, the probabilities of collapse are lessened when the lower-layer TCP is
+tightly constrained with low timeouts and number of retransmissions compared to
+the higher layer.
+</p><p>
+
+The .28 release increased the maximum streaming lib timeout from 10 sec to 45
+sec which greatly improved things. The SSU max timeout is 3 sec. The NTCP max
+timeout is presumably at least 60 sec, which is the RFC recommendation. There
+is no way to change NTCP parameters or monitor performance. Collapse of the
+NTCP layer is [editor: text lost]. Perhaps an external tool like tcpdump would help.
+</p><p>
+
+However, running .28, the i2psnark reported upstream does not generally stay at
+a high level. It often goes down to 3-4 KBps before climbing back up. This is a
+signal that there are still collapses.
+</p><p>
+
+SSU is also more efficient. NTCP has higher overhead and probably higher round
+trip times. when using NTCP the ratio of (tunnel output) / (i2psnark data
+output) is at least 3.5 : 1. Running an experiment where the code was modified
+to prefer SSU (the config option i2np.udp.alwaysPreferred has no effect in the
+current code), the ratio reduced to about 3 : 1, indicating better efficiency.
+</p><p>
+
+As reported by streaming lib stats, things were much improved - lifetime window
+size up from 6.3 to 7.5, RTT down from 11.5s to 10s, sends per ack down from
+1.11 to 1.07.
+</p><p>
+
+That this was quite effective was surprising, given that we were only changing
+the transport for the first of 3 to 5 total hops the outbound messages would
+take.
+</p><p>
+
+The effect on outbound i2psnark speeds wasn't clear due to normal variations.
+Also for the experiment, inbound NTCP was disabled. The effect on inbound
+speeds on i2psnark was not clear.
+</p>
+<h4>Proposals</h4>
+
+<ul>
+<li>
+1A)
+This is easy -
+We should flip the bid priorities so that SSU is preferred for all traffic, if
+we can do this without causing all sorts of other trouble. This will fix the
+i2np.udp.alwaysPreferred configuration option so that it works (either as true
+or false).
+
+<li>
+1B)
+Alternative to 1A), not so easy -
+If we can mark traffic without adversely affecting our anonymity goals, we
+should identify streaming-lib generated traffic and have SSU generate a low bid
+for that traffic. This tag will have to go with the message through each hop
+so that the forwarding routers also honor the SSU preference.
+
+
+<li>
+2)
+Bounding SSU even further (reducing maximum retransmissions from the current
+10) is probably wise to reduce the chance of collapse.
+
+<li>
+3)
+We need further study on the benefits vs. harm of a semi-reliable protocol
+underneath the streaming lib. Are retransmissions over a single hop beneficial
+and a big win or are they worse than useless?
+We could do a new SUU (secure unreliable UDP) but probably not worth it. We
+could perhaps add a no-ack-required message type in SSU if we don't want any
+retransmissions at all of streaming-lib traffic. Are tightly bounded
+retransmissions desirable?
+
+<li>
+4)
+The priority sending code in .28 is only for NTCP. So far my testing hasn't
+shown much use for SSU priority as the messages don't queue up long enough for
+priorities to do any good. But more testing needed.
+
+<li>
+5)
+The new streaming lib max timeout of 45s is probably still too low.
+The TCP RFC says 60s. It probably shouldn't be shorter than the underlying NTCP max timeout (presumably 60s).
+</ul>
+
+<h3>Response by jrandom</h3>
+Posted to new Syndie, 2007-03-27
+<p>
+On the whole, I'm open to experimenting with this, though remember why NTCP is
+there in the first place - SSU failed in a congestion collapse. NTCP "just
+works", and while 2-10% retransmission rates can be handled in normal
+single-hop networks, that gives us a 40% retransmission rate with 2 hop
+tunnels. If you loop in some of the measured SSU retransmission rates we saw
+back before NTCP was implemented (10-30+%), that gives us an 83% retransmission
+rate. Perhaps those rates were caused by the low 10 second timeout, but
+increasing that much would bite us (remember, multiply by 5 and you've got half
+the journey).
+</p><p>
+
+Unlike TCP, we have no feedback from the tunnel to know whether the message
+made it - there are no tunnel level acks. We do have end to end ACKs, but only
+on a small number of messages (whenever we distribute new session tags) - out
+of the 1,553,591 client messages my router sent, we only attempted to ACK
+145,207 of them. The others may have failed silently or succeeded perfectly.
+</p><p>
+
+I'm not convinced by the TCP-over-TCP argument for us, especially split across
+the various paths we transfer down. Measurements on I2P can convince me
+otherwise, of course.
+</p><p>
+
+<i>
+The NTCP max timeout is presumably at least 60 sec, which is the RFC
+recommendation. There is no way to change NTCP parameters or monitor
+performance.
+</i>
+</p><p>
+
+
+True, but net connections only get up to that level when something really bad
+is going on - the retransmission timeout on TCP is often on the order of tens
+or hundreds of milliseconds. As foofighter points out, they've got 20+ years
+experience and bugfixing in their TCP stacks, plus a billion dollar industry
+optimizing hardware and software to perform well according to whatever it is
+they do.
+</p><p>
+
+<i>
+NTCP has higher overhead and probably higher round trip times. when using NTCP
+the ratio of (tunnel output) / (i2psnark data output) is at least 3.5 : 1.
+Running an experiment where the code was modified to prefer SSU (the config
+option i2np.udp.alwaysPreferred has no effect in the current code), the ratio
+reduced to about 3 : 1, indicating better efficiency.
+</i>
+</p><p>
+
+
+This is very interesting data, though more as a matter of router congestion
+than bandwidth efficiency - you'd have to compare 3.5*$n*$NTCPRetransmissionPct
+./. 3.0*$n*$SSURetransmissionPct. This data point suggests there's something in
+the router that leads to excess local queuing of messages already being
+transferred.
+</p><p>
+
+<i>
+lifetime window size up from 6.3 to 7.5, RTT down from 11.5s to 10s, sends per
+ACK down from 1.11 to 1.07.
+</i>
+
+</p><p>
+
+Remember that the sends-per-ACK is only a sample not a full count (as we don't
+try to ACK every send). Its not a random sample either, but instead samples
+more heavily periods of inactivity or the initiation of a burst of activity -
+sustained load won't require many ACKs.
+</p><p>
+
+Window sizes in that range are still woefully low to get the real benefit of
+AIMD, and still too low to transmit a single 32KB BT chunk (increasing the
+floor to 10 or 12 would cover that).
+</p><p>
+
+Still, the wsize stat looks promising - over how long was that maintained?
+</p><p>
+
+Actually, for testing purposes, you may want to look at
+StreamSinkClient/StreamSinkServer or even TestSwarm in
+apps/ministreaming/java/src/net/i2p/client/streaming/ - StreamSinkClient is a
+CLI app that sends a selected file to a selected destination and
+StreamSinkServer creates a destination and writes out any data sent to it
+(displaying size and transfer time). TestSwarm combines the two - flooding
+random data to whomever it connects to. That should give you the tools to
+measure sustained throughput capacity over the streaming lib, as opposed to BT
+choke/send.
+</p><p>
+
+<i>
+1A)
+
+This is easy -
+We should flip the bid priorities so that SSU is preferred for all traffic, if
+we can do this without causing all sorts of other trouble. This will fix the
+i2np.udp.alwaysPreferred configuration option so that it works (either as true
+or false).
+</i>
+</p><p>
+
+
+Honoring i2np.udp.alwaysPreferred is a good idea in any case - please feel free
+to commit that change. Lets gather a bit more data though before switching the
+preferences, as NTCP was added to deal with an SSU-created congestion collapse.
+</p><p>
+
+<i>
+1B)
+Alternative to 1A), not so easy -
+If we can mark traffic without adversely affecting our anonymity goals, we
+should identify streaming-lib generated traffic
+and have SSU generate a low bid for that traffic. This tag will have to go with
+the message through each hop
+so that the forwarding routers also honor the SSU preference.
+</i>
+</p><p>
+
+
+In practice, there are three types of traffic - tunnel building/testing, netDb
+query/response, and streaming lib traffic. The network has been designed to
+make differentiating those three very hard.
+
+</p><p>
+
+<i>
+2)
+Bounding SSU even further (reducing maximum retransmissions from the current
+10) is probably wise to reduce the chance of collapse.
+</i>
+</p><p>
+
+
+At 10 retransmissions, we're up shit creek already, I agree. One, maybe two
+retransmissions is reasonable, from a transport layer, but if the other side is
+too congested to ACK in time (even with the implemented SACK/NACK capability),
+there's not much we can do.
+</p><p>
+
+In my view, to really address the core issue we need to address why the router
+gets so congested to ACK in time (which, from what I've found, is due to CPU
+contention). Maybe we can juggle some things in the router's processing to make
+the transmission of an already existing tunnel higher CPU priority than
+decrypting a new tunnel request? Though we've got to be careful to avoid
+starvation.
+</p><p>
+
+<i>
+3)
+We need further study on the benefits vs. harm of a semi-reliable protocol
+underneath the streaming lib. Are retransmissions over a single hop beneficial
+and a big win or are they worse than useless?
+We could do a new SUU (secure unreliable UDP) but probably not worth it. We
+could perhaps add a no-ACK-required message type in SSU if we don't want any
+retransmissions at all of streaming-lib traffic. Are tightly bounded
+retransmissions desirable?
+</i>
+
+</p><p>
+
+Worth looking into - what if we just disabled SSU's retransmissions? It'd
+probably lead to much higher streaming lib resend rates, but maybe not.
+</p><p>
+
+<i>
+4)
+The priority sending code in .28 is only for NTCP. So far my testing hasn't
+shown much use for SSU priority as the messages don't queue up long enough for
+priorities to do any good. But more testing needed.
+</i>
+
+</p><p>
+
+There's UDPTransport.PRIORITY_LIMITS and UDPTransport.PRIORITY_WEIGHT (honored
+by TimedWeightedPriorityMessageQueue), but currently the weights are almost all
+equal, so there's no effect. That could be adjusted, of course (but as you
+mention, if there's no queuing, it doesn't matter).
+</p><p>
+
+<i>
+5)
+The new streaming lib max timeout of 45s is probably still too low. The TCP RFC
+says 60s. It probably shouldn't be shorter than the underlying NTCP max timeout
+(presumably 60s).
+</i>
+</p><p>
+
+
+That 45s is the max retransmission timeout of the streaming lib though, not the
+stream timeout. TCP in practice has retransmission timeouts orders of magnitude
+less, though yes, can get to 60s on links running through exposed wires or
+satellite transmissions ;) If we increase the streaming lib retransmission
+timeout to e.g. 75 seconds, we could go get a beer before a web page loads
+(especially assuming less than a 98% reliable transport). That's one reason we
+prefer NTCP.
+</p>
+
+
+<h3>Response by zzz</h3>
+Posted to new Syndie, 2007-03-31
+<p>
+
+<i>
+At 10 retransmissions, we're up shit creek already, I agree. One, maybe two
+retransmissions is reasonable, from a transport layer, but if the other side is
+too congested to ACK in time (even with the implemented SACK/NACK capability),
+there's not much we can do.
+<br>
+In my view, to really address the core issue we need to address why the
+router gets so congested to ACK in time (which, from what I've found, is due to
+CPU contention). Maybe we can juggle some things in the router's processing to
+make the transmission of an already existing tunnel higher CPU priority than
+decrypting a new tunnel request? Though we've got to be careful to avoid
+starvation.
+</i>
+</p><p>
+
+One of my main stats-gathering techniques is turning on
+net.i2p.client.streaming.ConnectionPacketHandler=DEBUG and watching the RTT
+times and window sizes as they go by. To overgeneralize for a moment, it's
+common to see 3 types of connections: ~4s RTT, ~10s RTT, and ~30s RTT. Trying
+to knock down the 30s RTT connections is the goal. If CPU contention is the
+cause then maybe some juggling will do it.
+</p><p>
+
+Reducing the SSU max retrans from 10 is really just a stab in the dark as we
+don't have good data on whether we are collapsing, having TCP-over-TCP issues,
+or what, so more data is needed.
+</p><p>
+
+<i>
+Worth looking into - what if we just disabled SSU's retransmissions? It'd
+probably lead to much higher streaming lib resend rates, but maybe not.
+</i>
+</p><p>
+
+What I don't understand, if you could elaborate, are the benefits of SSU
+retransmissions for non-streaming-lib traffic. Do we need tunnel messages (for
+example) to use a semi-reliable transport or can they use an unreliable or
+kinda-sorta-reliable transport (1 or 2 retransmissions max, for example)? In
+other words, why semi-reliability?
+</p><p>
+
+<i>
+(but as you mention, if there's no queuing, it doesn't matter).
+</i>
+</p><p>
+
+I implemented priority sending for UDP but it kicked in about 100,000 times
+less often than the code on the NTCP side. Maybe that's a clue for further
+investigation or a hint - I don't understand why it would back up that much
+more often on NTCP, but maybe that's a hint on why NTCP performs worse.
+
+</p>
+
+<h3>Question answered by jrandom</h3>
+Posted to new Syndie, 2007-03-31
+<p>
+measured SSU retransmission rates we saw back before NTCP was implemented
+(10-30+%)
+</p><p>
+
+Can the router itself measure this? If so, could a transport be selected based
+on measured performance? (i.e. if an SSU connection to a peer is dropping an
+unreasonable number of messages, prefer NTCP when sending to that peer)
+</p><p>
+
+
+
+Yeah, it currently uses that stat right now as a poor-man's MTU detection (if
+the retransmission rate is high, it uses the small packet size, but if its low,
+it uses the large packet size). We tried a few things when first introducing
+NTCP (and when first moving away from the original TCP transport) that would
+prefer SSU but fail that transport for a peer easily, causing it to fall back
+on NTCP. However, there's certainly more that could be done in that regard,
+though it gets complicated quickly (how/when to adjust/reset the bids, whether
+to share these preferences across multiple peers or not, whether to share it
+across multiple sessions with the same peer (and for how long), etc).
+
+
+<h3>Response by foofighter</h3>
+Posted to new Syndie, 2007-03-26
+<p>
+
+If I've understood things right, the primary reason in favor of TCP (in
+general, both the old and new variety) was that you needn't worry about coding
+a good TCP stack. Which ain't impossibly hard to get right... just that
+existing TCP stacks have a 20 year lead.
+</p><p>
+
+AFAIK, there hasn't been much deep theory behind the preference of TCP versus
+UDP, except the following considerations:
+
+<ul>
+<li>
+ A TCP-only network is very dependent on reachable peers (those who can forward
+incoming connections through their NAT)
+<li>
+ Still even if reachable peers are rare, having them be high capacity somewhat
+alleviates the topological scarcity issues
+<li>
+ UDP allows for "NAT hole punching" which lets people be "kind of
+pseudo-reachable" (with the help of introducers) who could otherwise only
+connect out
+<li>
+ The "old" TCP transport implementation required lots of threads, which was a
+performance killer, while the "new" TCP transport does well with few threads
+<li>
+ Routers of set A crap out when saturated with UDP. Routers of set B crap out
+when saturated with TCP.
+<li>
+ It "feels" (as in, there are some indications but no scientific data or
+quality statistics) that A is more widely deployed than B
+<li>
+ Some networks carry non-DNS UDP datagrams with an outright shitty quality,
+while still somewhat bothering to carry TCP streams.
+</ul>
+</p><p>
+
+
+On that background, a small diversity of transports (as many as needed, but not
+more) appears sensible in either case. Which should be the main transport,
+depends on their performance-wise. I've seen nasty stuff on my line when I
+tried to use its full capacity with UDP. Packet losses on the level of 35%.
+</p><p>
+
+We could definitely try playing with UDP versus TCP priorities, but I'd urge
+caution in that. I would urge that they not be changed too radically all at
+once, or it might break things.
+
+</p>
+
+<h3>Response by zzz</h3>
+Posted to new Syndie, 2007-03-27
+<p>
+<i>
+AFAIK, there hasn't been much deep theory behind the preference of TCP versus
+UDP, except the following considerations:
+</i>
+
+</p><p>
+
+These are all valid issues. However you are considering the two protocols in
+isolation, whether than thinking about what transport protocol is best for a
+particular higher-level protocol (i.e. streaming lib or not).
+</p><p>
+
+What I'm saying is you have to take the streaming lib into consideration.
+
+So either shift the preferences for everybody or treat streaming lib traffic
+differently.
+
+That's what my proposal 1B) is talking about - have a different preference for
+streaming-lib traffic than for non streaming-lib traffic (for example tunnel
+build messages).
+</p><p>
+
+<i>
+
+On that background, a small diversity of transports (as many as needed, but
+not more) appears sensible in either case. Which should be the main transport,
+depends on their performance-wise. I've seen nasty stuff on my line when I
+tried to use its full capacity with UDP. Packet losses on the level of 35%.
+
+</i>
+</p><p>
+
+Agreed. The new .28 may have made things better for packet loss over UDP, or
+maybe not.
+
+One important point - the transport code does remember failures of a transport.
+So if UDP is the preferred transport, it will try it first, but if it fails for
+a particular destination, the next attempt for that destination it will try
+NTCP rather than trying UDP again.
+</p><p>
+
+<i>
+We could definitely try playing with UDP versus TCP priorities, but I'd urge
+caution in that. I would urge that they not be changed too radically all at
+once, or it might break things.
+</i>
+</p><p>
+
+We have four tuning knobs - the four bid values (SSU and NTCP, for
+already-connected and not-already-connected).
+We could make SSU be preferred over NTCP only if both are connected, for
+example, but try NTCP first if neither transport is connected.
+</p><p>
+
+The other way to do it gradually is only shifting the streaming lib traffic
+(the 1B proposal) however that could be hard and may have anonymity
+implications, I don't know. Or maybe shift the traffic only for the first
+outbound hop (i.e. don't propagate the flag to the next router), which gives
+you only partial benefit but might be more anonymous and easier.
+</p>
+
+<h3>Results of the Discussion</h3>
+... and other related changes in the same timeframe (2007):
+<ul>
+<li>
+Significant tuning of the streaming lib parameters,
+greatly increasing outbound performance, was implemented in 0.6.1.28
+<li>
+Priority sending for NTCP was implemented in 0.6.1.28
+<li>
+Priority sending for SSU was implemented by zzz but was never checked in
+<li>
+The advanced transport bid control
+i2np.udp.preferred was implemented in 0.6.1.29.
+<li>
+Pushback for NTCP was implemented in 0.6.1.30, disabled in 0.6.1.31 due to anonymity concerns,
+and re-enabled with improvements to address those concerns in 0.6.1.32.
+<li>
+None of zzz's proposals 1-5 have been implemented.
+</ul>
+
+{% endblock %}
diff --git a/www.i2p2/pages/othernetworks.html b/www.i2p2/pages/othernetworks.html
new file mode 100644
index 0000000000000000000000000000000000000000..4c52e554f7ebf21f21ad9eac39790487d5b4f12a
--- /dev/null
+++ b/www.i2p2/pages/othernetworks.html
@@ -0,0 +1,230 @@
+{% extends "_layout.html" %}
+{% block title %}I2P Compared to Other Anonymous Networks{% endblock %}
+{% block content %}
+
+<p>The following networks are discussed on this page.
+</p>
+<ul>
+<li>Morphmix and Tarzan</li>
+<li>Mixminion / Mixmaster</li>
+<li>JAP</li>
+<li>MUTE / AntsP2P</li>
+<li>Haystack</li>
+</ul>
+
+<p>Most of the following sections are fairly old, and may not be accurate.
+For discussions of Tor and Freenet, see the
+<a href="how_networkcomparisons.html">main network comparisons page</a>.
+You may contribute an analysis by entering a
+<a href="http://trac.i2p2.de/report/1">new ticket on trac.i2p2.de</a>.
+</p>
+
+
+<h2>Morphmix and Tarzan</h2>
+<i><a href="http://www.tik.ee.ethz.ch/~morphmix/">[Morphmix]</a>
+ <a href="http://www.pdos.lcs.mit.edu/tarzan/">[Tarzan]</a></i>
+
+<p>Morphmix and Tarzan are both fully distributed, peer to peer networks of
+anonymizing proxies, allowing people to tunnel out through the low latency
+mix network. Morphmix includes some very interesting collusion detection
+algorithms and Sybil defenses, while Tarzan makes use of the scarcity of IP
+addresses to accomplish the same. The two primary differences between
+these systems and I2P are related to I2P's <a href="how_threatmodel">threat model</a>
+and their out-proxy design (as opposed to providing both sender and receiver
+anonymity). There is source code available to both systems, but we are not aware
+of their use outside of academic environments.</p>
+
+<!--
+Table needs correction, disabled for now.
+
+Comments from arma on 2010-09-14 in #nottor:
+You say "maybe" under the tarzan column, because tarzan says "we hope to get this level of protection, but it is an open research question how one would get it"
+then i2p says "no, all solved, we solve that one" in its column. which either means you've got a brilliant new design but have failed to articulate it or publish about it, or you are misleading people.
+this table has been around, and misleading people and frustrating me, for something like 8 or 10 years now.
+the fundamental problem is that for the projects that exist, you put down their current levels of protection in the table (fine), but for i2p you put down your desired level of protection (not fine)
+End of comments
+
+<p>Stealing quite directly from the Tarzan paper, the following includes a quick
+comparison of Tarzan, Crowds, Onion Routing (OR), and I2P:</p>
+
+<table>
+ <tr>
+ <td style="width: 19%;"></td>
+ <td style="width: 27%;" colspan="4">Bad first relay/router</td>
+ <td style="width: 27%;" colspan="4">Bad intermediate relay/router</td>
+ <td style="width: 27%;" colspan="4">Bad last relay/router</td>
+ </tr>
+ <tr>
+ <td>Information exposed</td>
+ <td><b>OR</b></td>
+ <td><b>Crowds</b></td>
+ <td><b>Tarzan</b></td>
+ <td><b>I2P</b></td>
+
+ <td><b>OR</b></td>
+ <td><b>Crowds</b></td>
+ <td><b>Tarzan</b></td>
+ <td><b>I2P</b></td>
+
+ <td><b>OR</b></td>
+ <td><b>Crowds</b></td>
+ <td><b>Tarzan</b></td>
+ <td><b>I2P</b></td>
+ </tr>
+ <tr>
+ <td>Sender activity</td>
+ <td>Yes</td>
+ <td>Maybe</td>
+ <td>Maybe</td>
+ <td><b>No</b></td>
+
+ <td>No</td>
+ <td>No</td>
+ <td>Maybe</td>
+ <td><b>No</b></td>
+
+ <td>No</td>
+ <td>No</td>
+ <td>No</td>
+ <td><b>No</b></td>
+ </tr>
+ <tr>
+ <td>Recipient activity</td>
+ <td>No</td>
+ <td>Yes</td>
+ <td>No</td>
+ <td><b>No</b></td>
+
+ <td>No</td>
+ <td>Yes</td>
+ <td>No</td>
+ <td><b>No</b></td>
+
+ <td>Yes</td>
+ <td>Yes</td>
+ <td>Yes</td>
+ <td><b>No</b></td>
+ </tr>
+ <tr>
+ <td>Sender content</td>
+ <td>No</td>
+ <td>Maybe</td>
+ <td>No</td>
+ <td><b>No</b></td>
+
+ <td>No</td>
+ <td>No</td>
+ <td>No</td>
+ <td><b>No</b></td>
+
+ <td>No</td>
+ <td>No</td>
+ <td>No</td>
+ <td><b>No</b></td>
+ </tr>
+ <tr>
+ <td>Recipient content</td>
+ <td>No</td>
+ <td>Yes</td>
+ <td>No</td>
+ <td><b>No</b></td>
+
+ <td>No</td>
+ <td>Yes</td>
+ <td>No</td>
+ <td><b>No</b></td>
+
+ <td>Yes</td>
+ <td>Yes</td>
+ <td>Yes</td>
+ <td><b>No</b></td>
+ </tr>
+</table>
+-->
+
+<h2>Mixminion / Mixmaster</h2>
+<i><a href="http://mixminion.net/">[Mixminion]</a>
+ <a href="http://mixmaster.sourceforge.net/">[Mixmaster]</a></i>
+
+<p>Mixminion and Mixmaster are networks to support anonymous email against a very
+powerful adversary.
+High-latency messaging applications running on top of I2P
+(for example
+<a href="http://syndie.i2p2.de/">Syndie</a> or
+I2PBote)
+may perhaps prove adequate to meet the threat
+model of those adversaries, while running in parallel along side the needs of low latency users, to provide
+a significantly larger anonymity set.
+High-latency support within the I2P router itself may or may not be added in a distant future release.
+It is too early to say if I2P will meet the needs of users requiring extreme protection for email.
+</p>
+As with Tor and Onion Routing,
+both Mixminion and Mixmaster take the directory based approach as well.</p>
+
+
+
+<h2>JAP</h2>
+<i><a href="http://anon.inf.tu-dresden.de/index_en.html">[JAP]</a></i>
+
+<p>JAP (Java Anonymous Proxy) is a network of mix cascades for anonymizing web requests,
+and as such it has a few centralized nodes (participants in the cascade) that blend
+and mix requests from clients through the sequence of nodes (the cascade) before
+proxying out onto the web. The scope, threat model, and security is substantially
+different from I2P, but for those who don't require significant anonymity but still
+are not satisfied with an Anonymizer-like service, JAP is worth reviewing. One
+caution to note is that anyone under the jurisdiction of the German courts may want
+to take care, as the German Federal Bureau of Criminal Investigation (FBCI) has
+successfully mounted an
+<a href="http://www.datenschutzzentrum.de/material/themen/presse/anonip3_e.htm">attack</a>
+on the network. Even though the method of this attack was later found to be illegal
+in the German courts, the fact that the data was successfully collected is the
+concern. Courts change their minds based upon circumstance, and this is evidence that
+if a government body or intelligence agency wanted to, they could gather the data, even
+if it may be found inadmissible in some courts later)</p>
+
+<h2>MUTE / AntsP2P</h2>
+<i><a href="http://mute-net.sourceforge.net/">[MUTE]</a>
+ <a href="http://www.myjavaserver.com/~gwren/home.jsp?page=custom&xmlName=ants">[AntsP2P]</a></i>
+
+<p>Both of these systems work through the same basic
+<a href="http://citeseer.ist.psu.edu/57701.html">antnet</a> routing, providing some degree of
+anonymity based on the threat model of providing plausible deniability against a simple
+non-colluding adversary. With the antnet routing, they first either do a random walk or a
+broadcast search to find some peer with the data or identity desired, and then use a feedback
+algorithm to optimize that found path. This works well for applications that merely want to know
+what other people around them have to offer - "How are y'all doing" vs. "Hey Alice, how are you" -
+you basically get a local cluster of nodes that can share files with and maintain some degree of
+anonymity (though you don't have much control over who is in that group of peers).</p>
+
+<p>However, the algorithm does not scale well at all - if the application wants to speak with a
+particular peer it ends up doing a broadcast search or random walk (though if they are lucky enough
+for that to succeed, the antnet routing should optimize that found connection). This means that
+while these networks can work great at small scales, they are not suitable for large networks where
+someone wants to get in touch with another specific peer. That does not mean that there is no
+value in these systems, just that their applicability is limited to situations where their
+particular issues can be addressed.</p>
+
+<h2>Haystack</h2>
+<p>
+This was a closed-source network targeted at Iranian users.
+Tor did a
+<a href="http://blog.torproject.org/blog/ten-things-look-circumvention-tool">good writeup on what to look for in a circumvention tool</a>.
+Suffice it to say that being closed source and publicly targeting a specific country are not good ideas.
+I2P is, of course, open source. However, that source, and our
+<a href="how.html">technical documentation</a>, need much more review.
+</p>
+
+<h2>Paid VPN Services</h2>
+<p>
+You may contribute an analysis by entering a
+<a href="http://trac.i2p2.de/report/1">new ticket on trac.i2p2.de</a>.
+</p>
+
+<h2>Others</h2>
+<p>
+You may contribute an analysis by entering a
+<a href="http://trac.i2p2.de/report/1">new ticket on trac.i2p2.de</a>.
+</p>
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/package-client.html b/www.i2p2/pages/package-client.html
deleted file mode 100644
index 68f83275db9e2dd94d7ecf85150e2166a89d67aa..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/package-client.html
+++ /dev/null
@@ -1,37 +0,0 @@
-{% extends "_layout.html" %}
-{% block title %}Client Package{% endblock %}
-{% block content %}
-<p>Implements the base I2P SDK for developing applications that communicate
-through I2P.</p>
-
-<p>When a client application wants to communicate over I2P, the first thing it
-needs to do is get a {@link net.i2p.client.I2PClient} from the
-{@link net.i2p.client.I2PClientFactory}. If it does not already have a {@link
-net.i2p.data.Destination}, it must generate one with the {@link
-net.i2p.client.I2PClient#createDestination} before proceeding. Once it has
-one, it then creates an {@link net.i2p.client.I2PSession} which serves as the
-bridge to the I2P network, allowing it to send messages (via
-{@link net.i2p.client.I2PSession#sendMessage}) and receive messages (via
-{@link net.i2p.client.I2PSession#receiveMessage}). In addition, the client
-receives asynchronous notification of network activity by providing an implementation
-of {@link net.i2p.client.I2PSessionListener}. </p>
-
-<p>A simple example of how these base client classes can be used is the
-{@link net.i2p.client.ATalk} application. It isn't really useful, but it is
-heavily documented code.</p>
-
-<p>This client package provides the basic necessity for communicating over I2P,
-but there are three other subpackages that are helpful. Specifically:<ul>
-<li>{@link net.i2p.client.datagram} - for applications that want their messages
- to be both authenticated and repliable</li>
-<li>{@link net.i2p.client.naming} - for applications that want to resolve
- readable names into {@link net.i2p.data.Destination}s</li>
-<li>{@link net.i2p.client.streaming} - for applications that want to use
- a streaming API to provide reliable in order message delivery (<b>note</b>:
- the streaming library is packaged separate from the main SDK - in the
- mstreaming.jar and streaming.jar)</li>
-</ul></p>
-
-<p>The {@link net.i2p.client.I2PSession} implementation itself communicates with
-the I2P router by the I2CP (the client protocol).</p>
-{% endblock %}
diff --git a/www.i2p2/pages/package-client_de.html b/www.i2p2/pages/package-client_de.html
deleted file mode 100644
index c17b2a2adc024464e14cc0532cd8178057d7387c..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/package-client_de.html
+++ /dev/null
@@ -1,39 +0,0 @@
-{% extends "_layout_de.html" %}
-{% block title %}Klient Packet{% endblock %}
-{% block content %}
-<p>Implementiert das Basis I2P SDK zum Entwickeln von Anwendungen, die
-über I2P kommunizieren.</p>
-
-<p>Sobald eine Klientanwendung über I2P kommunizieren will, braucht
-sie zuerst ein {@link net.i2p.client.I2PClient} von der
-{@link net.i2p.client.I2PClientFactory}. Falls es nicht schon eine
-{@link net.i2p.data.Destination} hat, muss es mit dem
-{@link net.i2p.client.I2PClient#createDestination} eine erstellen bevor
-sie weiter machen kann. Sobald es eine hat erstellt sie eine
-{@link net.i2p.client.I2PSession} die als Brücke ins I2P Netzwerk
-arbeitet. Dieses erlaubt das Senden von Nachrichten (via
-{@link net.i2p.client.I2PSession#sendMessage}) und das Empfangen von Nachrichten
-(via {@link net.i2p.client.I2PSession#receiveMessage}). Zusätzlich
-erhält der Klient asynchrone Informationen zur Netzaktivität
-aus der Implementation des {@link net.i2p.client.I2PSessionListener}. </p>
-
-<p>Ein einfaches Beispiel zur Nutzung dieser Basisklassen kann in der
-{@link net.i2p.client.ATalk} Anwendung gefunden werden. Sie ist nicht
-wirklich nützlich, ist aber ein sehr stark dokumentierter Quelltext.</p>
-
-<p>Dieses Klient Packet hält die Basis Anforderungen zur Kommunikation
-mit I2P bereit, hinzu kommen drei weitere, hilfreiche Unterpackete.
-Diese sind:<ul>
-<li>{@link net.i2p.client.datagram} - für Anwendungen, die ihre Nachrichten
- sowohl authentifiziert als auch beantwortbar brauchen</li>
-<li>{@link net.i2p.client.naming} - für Anwendungen, die lesbare Namen
- in {@link net.i2p.data.Destination}s auflösen wollen</li>
-<li>{@link net.i2p.client.streaming} - für Anwendungen, die eine
- Streaming API nutzen, um die Reihenfolge der Nachrichten sicherstellen
- zu können (<b>Hinweis</b>: die Streaming Bibliothek ist seperat
- vom Haupt SDK vorgehalten - in den mstreaming.jar und streaming.jar)</li>
-</ul></p>
-
-<p>Die {@link net.i2p.client.I2PSession} Implementation alleine kommuniziert
-mit dem I2P Router mittels des I2CP (das Klientenprotokoll).</p>
-{% endblock %}
diff --git a/www.i2p2/pages/package-datagram.html b/www.i2p2/pages/package-datagram.html
deleted file mode 100644
index 6f06a5e9a655937db9cce6e6d8f32b22cd7c09a0..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/package-datagram.html
+++ /dev/null
@@ -1,17 +0,0 @@
-{% extends "_layout.html" %}
-{% block title %}Datagram Package{% endblock %}
-{% block content %}
-<p>Provides a standard way for reading and writing messages transferred over I2P
-so that the recipient has an authenticated mechanism to reply to it. This is
-necessary because the base I2P message sent through {@link net.i2p.client.I2PSession#sendMessage}
-has no "from" address, and simply providing a raw "from" address would be
-insecure as it could be spoofed. An application that needs to know for certain
-who sent a message to them should use the {@link net.i2p.client.datagram.I2PDatagramDissector}
-to parse the raw message received from the {@link net.i2p.client.I2PSession}, and
-in turn, use the {@link net.i2p.client.datagram.I2PDatagramMaker} to build a
-message that can be parsed. </p>
-
-<p>The datagram format implemented here includes
-the sender's {@link net.i2p.data.Destination}, the payload, and a hash of the
-payload (signed by the sender's {@link net.i2p.data.SigningPrivateKey}).</p>
-{% endblock %}
diff --git a/www.i2p2/pages/package-datagram_de.html b/www.i2p2/pages/package-datagram_de.html
deleted file mode 100644
index da0e07d4a6a5aa36ba4eeae9be97cdb162cc81af..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/package-datagram_de.html
+++ /dev/null
@@ -1,20 +0,0 @@
-{% extends "_layout_de.html" %}
-{% block title %}Datagram Package{% endblock %}
-{% block content %}
-<p>Hält einen Standardweg zum Lesen und Schreiben von über I2P
-transportierten Nachrichten bereit, damit der Empfänger einen
-authentifizierten Mechanismus zum Beantworten derselben hat. Dieses
-ist notwendig, da die Standard I2P Nachrichten, die über
-{@link net.i2p.client.I2PSession#sendMessage} gesendet werden, keine
-"von" Adresse haben. Und das hinzufügen einer Klartext "von" Adresse
-ist unsicher, da dieses manipuliert werden kann. Eine Anwendung, die
-sicher wissen muss, von wem eine Nachricht stammt, sollte die
-{@link net.i2p.client.datagram.I2PDatagramDissector} nutzen um die von
-{@link net.i2p.client.I2PSession} empfangenen Klartext Nachricht zu
-bearbeiten und mit der Ausgabe die {@link net.i2p.client.datagram.I2PDatagramMaker}
-nutzen zum bauen einer Nachricht, die geparst werden kann. </p>
-
-<p>Das hier implementierte Datagramm Format inkludiert die {@link net.i2p.data.Destination}
-des Senders, die Nutzdaten und einen Hash der Nutzdaten (signiert mit dem
-{@link net.i2p.data.SigningPrivateKey} des Senders).</p>
-{% endblock %}
diff --git a/www.i2p2/pages/package-naming.html b/www.i2p2/pages/package-naming.html
deleted file mode 100644
index 94b5b1295ba0186314cf542a9cdd4001e8245a08..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/package-naming.html
+++ /dev/null
@@ -1,9 +0,0 @@
-{% extends "_layout.html" %}
-{% block title %}Naming Package{% endblock %}
-{% block content %}
-<p>Provides a standard way for querying the local naming service to resolve a
-name into a {@link net.i2p.data.Destination} (without the complexity of JNDI).
-The default implementation is a simple hosts.txt driven system, though that can
-be overridden by specifying the "i2p.naming.impl" environment property to point
-at the requested classname.</p>
-{% endblock %}
diff --git a/www.i2p2/pages/package-naming_de.html b/www.i2p2/pages/package-naming_de.html
deleted file mode 100644
index f3ec23fed622efe32ba341d0e0cde07db7f8b693..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/package-naming_de.html
+++ /dev/null
@@ -1,10 +0,0 @@
-{% extends "_layout_de.html" %}
-{% block title %}Namensgebung der Packete{% endblock %}
-{% block content %}
-<p>Hält einen Standardweg zum Abfragen des lokalen Namensgebungsservices
-bereit, um einen Namen in eine {@link net.i2p.data.Destination} aufzulöen
-(ohne die Komplexität von JNDI).
-Die Standardimplementation ist ein einfaches System aus einer hosts.txt Datei,
-wobei dieses übergangen werden kann, in dem man die Umgebungsvariable
-"i2p.naming.impl" auf den entsprechenden Klassennamen setzt.</p>
-{% endblock %}
diff --git a/www.i2p2/pages/package-streaming.html b/www.i2p2/pages/package-streaming.html
deleted file mode 100644
index b3ed59a82e074eb38db6010b776e8b68fe7927ab..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/package-streaming.html
+++ /dev/null
@@ -1,26 +0,0 @@
-{% extends "_layout.html" %}
-{% block title %}Streaming Package{% endblock %}
-{% block content %}
-<p>Implements a TCP-like (reliable, authenticated, in order) set of sockets for
-communicating over the IP-like (unreliable, unauthenticated, unordered) I2P
-messages.</p>
-
-<p>When an application wants to use streams, it must fetch an {@link
-net.i2p.client.streaming.I2PSocketManager} from the {@link
-net.i2p.client.streaming.I2PSocketManagerFactory}, which in turn builds its own
-{@link net.i2p.client.I2PSession} internally. All communication over that
-{@link net.i2p.client.I2PSession} is handled by the {@link
-net.i2p.client.streaming.I2PSocketManager}, as it imposes its own formatting on
-the raw messages sent and received. If an application wants to receive streams
-from other clients on the network, it should access the blocking {@link
-net.i2p.client.streaming.I2PServerSocket#accept} method, which will provide an
-{@link net.i2p.client.streaming.I2PSocket} when a new one is available. If an
-application wants to create a new stream to a peer, it should do so with the
-appropriate {@link net.i2p.client.streaming.I2PSocketManager#connect} call.</p>
-
-<p>There is a simple pair of demo applications available as well - {@link
-net.i2p.client.streaming.StreamSinkServer} listens to a destination and dumps
-the data from all sockets it accepts to individual files, while {@link
-net.i2p.client.streaming.StreamSinkClient} connects to a particular destination
-and sends a specific amount of random data then disconnects.</p>
-{% endblock %}
diff --git a/www.i2p2/pages/package-streaming_de.html b/www.i2p2/pages/package-streaming_de.html
deleted file mode 100644
index e90b799099eb5564b09fc7b926029509ab78d8c1..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/package-streaming_de.html
+++ /dev/null
@@ -1,30 +0,0 @@
-{% extends "_layout_de.html" %}
-{% block title %}Streaming Packet{% endblock %}
-{% block content %}
-<p>Implementiert einen TCP-ähnliche (zuverlässlich, authentifiziert,
-in Reihenfolge) Satz an Sockets zum Kommunizieren über die IP-ähnlichen
-(unzuverlässlich, unauthentifiziert, unsortiert) I2P Nachrichten.</p>
-
-<p>Falls eine Anwendugn Streams nutzen möchte, muss es einen
-{@link net.i2p.client.streaming.I2PSocketManager} von der{@link
-net.i2p.client.streaming.I2PSocketManagerFactory} anfordern, welche
-als Antwort intern eine eigene {@link net.i2p.client.I2PSession} aufbaut.
-Jede Kommunikation über diese {@link net.i2p.client.I2PSession}
-wird vom {@link net.i2p.client.streaming.I2PSocketManager} verwaltet,
-da dieser eine eigene Art an Formatierung der gesendeten und empfangenen
-RAW Nachrichten beinhaltet. Falls eine Anwendung Streams von anderen
-Klienten aus dem Netzwerk empfangen will, sollte es die blockierenden
-{@link net.i2p.client.streaming.I2PServerSocket#accept} Methoden nutzen,
-welche einen {@link net.i2p.client.streaming.I2PSocket} zur Verfügung
-stellen sobald ein neuer Socket verfügbar ist. Falls eine Anwendung
-einen neuen Stream zu einem Knoten erstellen will, sollte sie dieses mit dem
-passendem {@link net.i2p.client.streaming.I2PSocketManager#connect} Aufruf
-erledigen.</p>
-
-<p>Es exisitieren auch hier einige einfache Demoanwendungen - {@link
-net.i2p.client.streaming.StreamSinkServer} lauscht zu einer Destination
-und schreibt die Daten aller Sockets, die es akzeptiert, in individuelle
-Dateien, während {@link net.i2p.client.streaming.StreamSinkClient}
-zu einer bestimmten Destination verbindet und eine bestimmte Anzahl an
-Zufallsdaten sendet und sich dann disconnected.</p>
-{% endblock %}
diff --git a/www.i2p2/pages/package-tcp.html b/www.i2p2/pages/package-tcp.html
deleted file mode 100644
index 4ed5abda84bc6602050b021232f85a3984f1c397..0000000000000000000000000000000000000000
--- a/www.i2p2/pages/package-tcp.html
+++ /dev/null
@@ -1,143 +0,0 @@
-{% extends "_layout.html" %}
-{% block title %}Old TCP Package{% endblock %}
-{% block content %}
-<p>Implements the transport for communicating with other routers via TCP/IP.</p>
-
-<h1>Connection protocol</h1>
-
-<p>The protocol used to establish the connection between the peers is
-implemented in the {@link net.i2p.router.transport.tcp.ConnectionBuilder}
-for "Alice", the initiator, and in
-{@link net.i2p.router.transport.tcp.ConnectionHandler} for "Bob", the
-receiving peer. <i>(+ implies concatenation)</i></p>
-
-<h2>Common case:</h2>
-<p><b>1) </b> <i>Alice to Bob</i>: <br />
- <code>#bytesFollowing + #versions + v1 [+ v2 [etc]] + tag? + tagData + properties</code></p>
-<p><b>2) </b> <i>Bob to Alice</i>: <br />
- <code>#bytesFollowing + versionOk + #bytesIP + IP + tagOk? + nonce + properties</code></p>
-
-<ul>
-<li><code>#bytesFollowing</code> is a 2 byte unsigned integer specifying how many
- bytes there are (after the current pair) in the line sent. 0xFFFF is reserved</li>
-<li><code>#versions</code> is a 1 byte unsigned integer specifying how many
- acceptable 1 byte version numbers follow (preferred value first).</li>
-<li><code>v1</code> (etc) is a 1 byte unsigned integer specifying a protocol
- version. The value 0x0 is not allowed.</li>
-<li><code>tag?</code> is a 1 byte value specifying whether a tag follows - 0x0 means
- no tag follows, 0x1 means a 32 byte tag follows.</li>
-<li><code>tagData</code> is a 32 byte tag, if necessary</li>
-<li><code>properties</code> is a name=value mapping, formatted as the other I2P
- mappings (via {@link net.i2p.data.DataHelper#readProperties})</li>
-<li><code>versionOk</code> is a 1 byte value specifying the protocol version
- that is agreed upon, or 0x0 if no compatible protocol versions are available.</li>
-<li><code>#bytesIP</code> is a 2 byte unsigned integer specifying how many bytes
- following make up the IP address</li>
-<li><code>IP</code> is made up of <code>#bytesIP</code> bytes formatting the
- peer who established the connection's IP address as a string (e.g. "192.168.1.1")</li>
-<li><code>tagOk?</code> is a 1 byte value specifying whether the tag provided
- is available for use - 0x0 means no, 0x1 means yes.</li>
-<li><code>nonce</code> is a 4 byte random value</li>
-</ul>
-
-<p>Whether or not the <code>tagData</code> is specified by Alice and is accepted
-by Bob determines which of the scenarios below are used. In addition, the IP
-address provided by Bob gives Alice the opportunity to fire up a socket listener
-on that interface and include it in her list of reachable addresses. The
-<code>properties</code> mappings are left for future expansion.</p>
-
-<h2>Connection establishment with a valid tag:</h2>
-<p>With a valid <code>tag</code> and <code>nonce</code> received, both Alice and
-Bob load up the previously negotiated <code>sessionKey</code> and set the
-<code>iv</code> to the first 16 bytes of <code>H(tag + nonce)</code>. The
-remainder of the communication is AES256 encrypted per
-{@link net.i2p.crypto.AESInputStream} and {@link net.i2p.crypto.AESOutputStream}</p>
-
-<p><b>3) </b> <i>Alice to Bob</i>: <br />
- <code>H(nonce)</code></p>
-<p><b>4) </b> <i>Bob to Alice</i>: <br />
- <code>H(tag)</code></p>
-<p><b>5) </b> If the hashes are not correct, disconnect immediately and do not
- consume the tag</p>
-<p><b>6) </b> <i>Alice to Bob</i>: <br />
- <code>routerInfo + currentTime + H(routerInfo + currentTime + nonce + tag)</code></p>
-<p><b>7) </b> Bob should now verify that he can establish a connection to her through one of the
- routerAddresses specified in her RouterInfo. The testing process is described below.</p>
-<p><b>8) </b> <i>Bob to Alice</i>: <br />
- <code>routerInfo + status + properties + H(routerInfo + status + properties + nonce + tag)</code></p>
-<p><b>9) </b> If the <code>status</code> is okay, both Alice and Bob consume the
- <code>tagData</code>, updating the next tag to be <code>H(E(nonce + tag, sessionKey))</code>
- (with nonce+tag padded with 12 bytes of 0x0 at the end).
- Otherwise, both sides disconnect and do not consume the tag. In addition, on error the
- <code>properties</code> mapping has a more detailed reason under the key "MESSAGE".</p>
-
-<ul>
-<li><code>H(x)</code> is the SHA256 hash of x, formatted per {@link net.i2p.data.Hash#writeBytes}.</li>
-<li><code>routerInfo</code> is the serialization of the local router's info
- per {@link net.i2p.data.RouterInfo#writeBytes}.</li>
-<li><code>currentTime</code> is what the local router thinks the current network time
- is, formatted per {@link net.i2p.data.DataHelper#writeDate}.</li>
-<li><code>status</code> is a 1 byte value:<ul>
- <li><b>0x0</b> means OK</li>
- <li><b>0x1</b> means Alice was not reachable</li>
- <li><b>0x2</b> means the clock was skewed (Bob's current time may be available
- in the properties mapping under "SKEW", formatted as "yyyyMMddhhmmssSSS",
- per {@link java.text.SimpleDateFormat}).</li>
- <li><b>0x3</b> means the signature is invalid (only used by steps 9 and 11 below)</li>
- <li>Other values are currently undefined (yet fatal) errors</li>
- </ul></li>
-</ul>
-
-<h2>Connection establishment without a valid tag:</h2>
-
-<p><b>3) </b> <i>Alice to Bob</i> <br />
- X</p>
-<p><b>4) </b> <i>Bob to Alice</i> <br />
- Y</p>
-<p><b>5) </b> Both sides complete the Diffie-Hellman exchange, setting the
- <code>sessionKey</code> to the first 32 bytes of the result (e.g. (X^y mod p)),
- <code>iv</code> to the next 16 bytes, and the <code>nextTag</code> to the 32
- bytes after that. The rest of the data is AES256 encrypted with those settings per
- {@link net.i2p.crypto.AESInputStream} and {@link net.i2p.crypto.AESOutputStream}</p>
-<p><b>6) </b> <i>Alice to Bob</i> <br />
- <code>H(nonce)</code></p>
-<p><b>7) </b> <i>Bob to Alice</i> <br />
- <code>H(nextTag)</code></p>
-<p><b>8) </b> If they disagree, disconnect immediately and do not persist the tags or keys</p>
-<p><b>9) </b> <i>Alice to Bob</i> <br />
- <code>routerInfo + currentTime
- + S(routerInfo + currentTime + nonce + nextTag, routerIdent.signingKey)</code></p>
-<p><b>10) </b> Bob should now verify that he can establish a connection to her through one of the
- routerAddresses specified in her RouterInfo. The testing process is described below.</p>
-<p><b>11) </b> <i>Bob to Alice</i> <br />
- <code>routerInfo + status + properties
- + S(routerInfo + status + properties + nonce + nextTag, routerIdent.signingKey)</code></p>
-<p><b>12) </b> If the signature matches on both sides and <code>status</code> is okay, both sides
- save the <code>sessionKey</code> negotiated as well as the <code>nextTag</code>.
- Otherwise, the keys and tags are discarded and both sides drop the connection.</p>
-
-<ul>
-<li><code>X</code> is a 256 byte unsigned integer in 2s complement, representing
- </code>g^x mod p</code> (where <code>g</code> and <code>p</code> are defined
- in {@link net.i2p.crypto.CryptoConstants} and x is a randomly chosen value</li>
-<li><code>Y</code> is a 256 byte unsigned integer in 2s complement, representing
- </code>g^y mod p</code> (where <code>g</code> and <code>p</code> are defined
- in {@link net.i2p.crypto.CryptoConstants} and y is a randomly chosen value</li>
-<li><code>S(val, key)</code> is the DSA signature of the <code>val</code> using the
- given signing <code>key</code> (in this case, the router's signing keys to provide
- authentication that they are who they say they are). The signature is formatted
- per {@link net.i2p.data.Signature}.</li>
-</ul>
-
-<h2>Peer testing</h2>
-<p>As mentioned in steps 7 and 10 above, Bob should verify that Alice is reachable
-to prevent a restricted route from being formed (he may decide not to do this once
-I2P supports restricted routes)</p>
-
-<p><b>1) </b> <i>Bob to Alice</i> <br />
- <code>0xFFFF + #versions + v1 [+ v2 [etc]] + properties</p>
-<p><b>2) </b> <i>Alice to Bob</i> <br />
- <code>0xFFFF + versionOk + #bytesIP + IP + currentTime + properties</code></p>
-<p><b>3) </b> Both sides close the socket</p>
-
-{% endblock %}
diff --git a/www.i2p2/pages/papers.html b/www.i2p2/pages/papers.html
new file mode 100644
index 0000000000000000000000000000000000000000..fdabb37ed213923338e14fbcaa994abf211d3c75
--- /dev/null
+++ b/www.i2p2/pages/papers.html
@@ -0,0 +1,234 @@
+{% extends "_layout.html" %}
+{% block title %}Papers and Presentations on I2P{% endblock %}
+{% block content %}
+<h1>Papers and Presentations on I2P</h1>
+<p>
+Following are links to papers, presentations, videos, and tutorials about I2P.
+</p><p>
+To request an addition to this page, please send to press ~~~at~~~ i2p2.de.
+</p><p>
+Newest links are at the bottom of the page.
+</p>
+<div class="links">
+<ul>
+
+<li>
+IIP Presentation at CodeCon
+<a href="http://invisibleip.sourceforge.net/iip/resources/codecon_0x90.mp3">MP3 audio</a>
+<a href="http://invisibleip.sourceforge.net/iip/resources/iip_transcript.txt">transcript</a>
+Lance James (0x90), February 2002.
+
+</li><li>
+0x90 Interviewed by DistributedCity
+<a href="http://invisibleip.sourceforge.net/iip/mediaDCInterview1.php">Part 1</a>
+<a href="http://invisibleip.sourceforge.net/iip/mediaDCInterview2.php">Part 2</a>
+July 26, 2002.
+
+</li><li>
+IIP Presentation at ToorCon
+<a href="http://invisibleip.sourceforge.net/iip/resources/toorconspeech.mp3">MP3 audio</a>
+<a href="http://invisibleip.sourceforge.net/iip/resources/toorconspeech/">slides</a>
+Lance James (0x90), September 2002.
+
+</li><li>
+0x90 Interviewed by El Pais
+(original in Spanish)
+<a href="http://invisibleip.sourceforge.net/iip/resources/elpais-iip.txt">English translation</a>
+October 31, 2002.
+
+</li><li>
+<a href="/_static/pdf/i2p_philosophy.pdf">Invisible Internet Project (I2P) Project Overview</a>, jrandom, August 28, 2003.
+
+</li><li>
+<a href="http://www.businessweek.com/magazine/content/03_37/b3849089_mz063.htm">2003 Business Week article referencing invisiblenet</a>
+
+</li><li>
+<a href="http://www.netzwelt.de/news/75371-i2p-das-anonyme-netz-im.html">Netzwelt.de article about being anonymous in the Internet</a>
+(German)
+November 2007.
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=TsfdzfGZyu0">To Be or I2P</a>
+(Youtube Video)
+An introduction into anonymous communication with I2P.
+<a href="http://events.ccc.de/congress/2007/Fahrplan/attachments/1017_24c3-i2p.pdf">To Be or I2P (PDF presentation)</a>,
+Jens Kubieziel, 24C3 Berlin, December 28, 2007.
+
+</li><li>
+<a href="http://www.gulli.com/news/i2p-an-anonymous-network-2009-03-09/">zzz interviewed by gulli.com</a>
+March 2009
+<a href="http://www.gulli.com/news/i2p-anonymes-netzwerk-im-2009-03-09/">German translation</a>
+<a href="http://translated.by/you/i2p-an-anonymous-network-interrogated/into-ru/">Russian translation</a>
+
+</li><li>
+<a href="http://marge.informatik.tu-chemnitz.de/archiv/CLT2009/V4-Sa1200-Security-Lars_Schimmer.mp4">Video of I2P talk at Chemnitz Linux Tag</a>,
+Lars Schimmer,
+March 14-15, 2009
+
+</li><li>
+<a href="/_static/pdf/I2P-PET-CON-2009.1.pdf">Peer Profiling and Selection in the I2P Anonymous Network</a> -
+zzz and Lars Schimmer,
+presented at
+<a href="http://www.pet-con.org/index.php/PET_Convention_2009.1">PET-CON 2009.1</a>,
+Dresden, Germany, March 24-25, 2009.
+Also available in the
+<a href="http://freehaven.net/~karsten/volatile/petcon-proceedings-2009.1.pdf">Proceedings</a>
+page 59.
+
+</li><li>
+Anonymity Techniques - Usability Tests of Major Anonymity Networks
+- Jens Schomburg,
+Presented at
+<a href="http://www.pet-con.org/index.php/PET_Convention_2009.1">PET-CON 2009.1</a>,
+Dresden, Germany, March 24-25, 2009.
+Available in the
+<a href="http://freehaven.net/~karsten/volatile/petcon-proceedings-2009.1.pdf">Proceedings</a>
+page 49.
+Extended 20-page version also may be available.
+
+</li><li>
+L'émergence au sein d'internet de communautés virtuelles et anonymes, Freenet et i2p
+- Laurie Delmer -
+Université catholique de Louvain
+Département des sciences politiques et sociales
+(Catholic University of Leuven -
+Department of Political and Social Science -
+The rise in internet virtual and anonymous communities, Freenet and I2P)
+Master's Thesis, 2009.
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=5J3nh1DoRMw">I2P Windows Tutorial</a>
+(Youtube Video)
+This guide will show you how to install I2P in Windows XP.
+By <a href="http://telecomix.org/">Telecomix</a>
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=QeRN2G9VW5E">I2P Debian Tutorial</a>
+(Youtube Video)
+This will guide you through how to install I2P on a Debian Linux System.
+By <a href="http://telecomix.org/">Telecomix</a>
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=2ylW85vc7SA">How to set up anonymous site in I2P</a>
+(Youtube Video)
+How to set up an anonymous web site in I2P.
+By <a href="http://telecomix.org/">Telecomix</a>
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=d8mvGZqVgE4">I2P Tutorial Mac OS X</a>
+(Youtube Video)
+A tutorial on how to run i2p on Mac OS X and how to connect to irc.telecomix.i2p.
+By <a href="http://telecomix.org/">Telecomix</a>
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=5jv7tVVJdTQ">Felix Atari explains the basic principles of I2P</a>
+(Youtube Video)
+Agent Felix Atari of the Telecomix Crypto Munitions Bureau.
+By <a href="http://telecomix.org/">Telecomix</a>
+
+</li><li>
+HOPE New York July 17, 2010 - Brief overview of I2P by zzz, at the end of Adrian Hong's talk
+"Hackers for Human Rights".
+<a href="http://c2047862.cdn.cloudfiles.rackspacecloud.com/tnhc21.mp3">MP3 audio</a>
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=WyN_QK-_3GA">How to get onto I2P, the anonymous P2P Darknet (Windows Install)</a>
+(Youtube Video)
+This tutorial shows how to install and configure software needed to access I2P.
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=q4owyd_CaGc">How to connect to I2P</a>
+(Youtube Video)
+How to install I2P on Ubuntu.
+
+</li><li>
+<a href="http://www.irongeek.com/i.php?page=videos/i2p-darknet-software-in-linux">Installing the I2P darknet software in Linux</a>
+(Video)
+Adrian Crenshaw.
+January 2011
+
+</li><li>
+<a href="http://www.irongeek.com/i.php?page=security/darknets-i2p-identifying-hidden-servers">Darknets - I2P Identifying Hidden Servers</a>
+Adrian Crenshaw.
+Presented at Black Hat DC,
+January 18-19 2011
+<a href="http://translated.by/you/darknets-and-hidden-servers-identifying-the-true-ip-network-identity-of-i2p-service-hosts/into-ru/">Russian translation</a>
+
+</li><li>
+<a href="http://www.irongeek.com/i.php?page=videos/shmoocon-firetalks-2011">Into the I2P Darknet: Welcome to Cipherspace</a>
+Adrian Crenshaw. Schmoocon Firetalk, January 2011
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=TexNr_5J5AU">Using techhnology to advance liberty</a>
+(Youtube Video)
+Eric Johnson.
+<a href="http://agora.io/etienne">Agora I/O Unconference</a>, March 27, 2011.
+I2P covered from 10:00 to 20:00 in the video.
+
+</li><li>
+<a href="http://patras.fosscomm.gr/talks/BSoD_Pub.pdf">The Bright side of darknets</a>, FOSSCOMM Patras May 2011
+
+
+</li><li>
+Privacy-Implications of Performance-Based Peer Selection by Onion-Routers: A Real-World Case Study using I2P,
+Michael Hermann.
+Master's Thesis, TU-Munich, March 28, 2011.
+<a href="http://grothoff.org/christian/i2p.pdf">Privacy-Implications of Performance-Based Peer Selection by Onion-Routers: A Real-World Case Study using I2P</a>,
+Michael Hermann, Christian Grothoff.
+Presented at PET Symposium, Waterloo Canada, July 27, 2011.
+<a href="http://grothoff.org/christian/teaching/2011/2194/i2p.odp">presentation slides (odp)</a>
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=bI_1qlcwfE0">Common Darknet Weaknesses</a>
+(Youtube Video)
+Adrian Crenshaw, <a href="http://aide.marshall.edu/">AIDE</a>, July 11-15, 2011.
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=NV90TRs_pGE">Short garlic routing animation</a>
+(Youtube Video)
+Adrian Crenshaw.
+
+</li><li>
+<a href="http://www.irongeek.com/i.php?page=security/i2p-tor-workshop-notes">I2P / Tor Workshop Notes</a>
+Adrian Crenshaw. DEF CON 19, Las Vegas, August 6, 2011.
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=xxKXkbohRZM">Cipherspaces/Darknets: An Overview Of Attack Strategies -
+DEF CON Live version (Youtube Video)</a>,
+<a href="http://www.youtube.com/watch?v=xFxJ6Dc5ass">"Studio" version (Youtube Video)</a>,
+<a href="http://www.irongeek.com/downloads/Adrian-Crenshaw-darknet-weaknesses.pptx">Slides (ppt)</a>
+Adrian Crenshaw. DEF CON 19, Las Vegas, August 7, 2011.
+
+</li><li>
+<a href="http://www.isdpodcast.com/podcasts/infosec-daily-podcast-episode-454.mp3">zzz interviewed on the InfoSec Daily Podcast Ep. 454 (mp3)</a>
+August 18, 2011
+
+</li><li>
+<a href="http://hal.inria.fr/inria-00632259/en/">Monitoring the I2P Network</a>,
+Juan Pablo Timpanaro, Isabelle Chrisment, Olivier Festor,
+INRIA Nancy-Grand Est, France,
+LORIA - ESIAL, Henri Poincare University, Nancy 1, France.
+October 2011.
+
+</li><li>
+<a href="http://0x375.org/">Modern cipherspace ecosystems</a>, 0x375 0x06 4/11/2011
+
+</li><li>
+<a href="http://userpage.fu-berlin.de/~semu/docs/2011_seminar_ehlert_i2p.pdf">I2P Usability vs. Tor Usability A Bandwidth and Latency Comparison</a>
+Mathias Ehlert,
+Humboldt University of Berlin,
+November 2011.
+<a href="http://translated.by/you/i2p-usability-vs-tor-usability-a-bandwidth-and-latency-comparison/into-ru/">Russian translation</a>
+
+</li><li>
+<a href="http://how-to.linuxcareer.com/i2p-anonymity-for-the-masses">I2P - Anonymity for the Masses</a>,
+Jonathan Cox,
+November 11, 2011.
+
+</li><li>
+<a href="http://www.isdpodcast.com/podcasts/infosec-daily-podcast-episode-596.mp3">zzz and Lance James interviewed on the InfoSec Daily Podcast Ep. 596 (mp3)</a>
+February 16, 2012
+
+</li>
+</ul></div>
+{% endblock %}
diff --git a/www.i2p2/pages/papers_fr.html b/www.i2p2/pages/papers_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..5afbb06aa90a7d01ce635106124cbbb61dcafea8
--- /dev/null
+++ b/www.i2p2/pages/papers_fr.html
@@ -0,0 +1,218 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Publications et présentations sur I2P{% endblock %}
+{% block content %}
+Copie de juillet 2011. <a href="papers.html">Version anglaise actuelle</a>
+<h1>Publications et présentations sur I2P</h1>
+<p>
+Pour toute demande d'adjonction à cette page, merci d'envoyer un message à press ~~~at~~~ i2p2.de.
+</p>
+<div class="links">
+<ul>
+
+<li>
+IIP Presentation at CodeCon
+<a href="http://invisibleip.sourceforge.net/iip/resources/codecon_0x90.mp3">MP3 audio</a>
+<a href="http://invisibleip.sourceforge.net/iip/resources/iip_transcript.txt">transcript</a>
+Lance James (0x90), February 2002.
+
+</li><li>
+0x90 Interviewed by DistributedCity
+<a href="http://invisibleip.sourceforge.net/iip/mediaDCInterview1.php">Part 1</a>
+<a href="http://invisibleip.sourceforge.net/iip/mediaDCInterview2.php">Part 2</a>
+July 26, 2002.
+
+</li><li>
+IIP Presentation at ToorCon
+<a href="http://invisibleip.sourceforge.net/iip/resources/toorconspeech.mp3">MP3 audio</a>
+<a href="http://invisibleip.sourceforge.net/iip/resources/toorconspeech/">slides</a>
+Lance James (0x90), September 2002.
+
+</li><li>
+0x90 Interviewed by El Pais
+(original in Spanish)
+<a href="http://invisibleip.sourceforge.net/iip/resources/elpais-iip.txt">English translation</a>
+October 31, 2002.
+
+<a href="/_static/pdf/i2p_philosophy.pdf">Invisible Internet Project (I2P) Project Overview</a>, jrandom, August 28, 2003.
+
+</li><li>
+<a href="http://www.businessweek.com/magazine/content/03_37/b3849089_mz063.htm">2003 Business Week article referencing invisiblenet</a>
+
+</li><li>
+<a href="http://www.netzwelt.de/news/75371-i2p-das-anonyme-netz-im.html">Netzwelt.de article about being anonymous in the Internet</a>
+(German)
+November 2007.
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=TsfdzfGZyu0">To Be or I2P</a>
+(Youtube Video)
+An introduction into anonymous communication with I2P.
+<a href="http://events.ccc.de/congress/2007/Fahrplan/attachments/1017_24c3-i2p.pdf">To Be or I2P (PDF presentation)</a>,
+Jens Kubieziel, 24C3 Berlin, December 28, 2007.
+
+</li><li>
+<a href="http://www.gulli.com/news/i2p-an-anonymous-network-2009-03-09/">zzz interviewed by gulli.com</a>
+March 2009
+<a href="http://www.gulli.com/news/i2p-anonymes-netzwerk-im-2009-03-09/">German translation</a>
+<a href="http://translated.by/you/i2p-an-anonymous-network-interrogated/into-ru/">Russian translation</a>
+
+</li><li>
+<a href="http://marge.informatik.tu-chemnitz.de/archiv/CLT2009/V4-Sa1200-Security-Lars_Schimmer.mp4">Video of I2P talk at Chemnitz Linux Tag</a>,
+Lars Schimmer,
+March 14-15, 2009
+
+</li><li>
+<a href="/_static/pdf/I2P-PET-CON-2009.1.pdf">Peer Profiling and Selection in the I2P Anonymous Network</a> -
+zzz and Lars Schimmer,
+presented at
+<a href="http://www.pet-con.org/index.php/PET_Convention_2009.1">PET-CON 2009.1</a>,
+Dresden, Germany, March 24-25, 2009.
+Also available in the
+<a href="http://freehaven.net/~karsten/volatile/petcon-proceedings-2009.1.pdf">Proceedings</a>
+page 59.
+
+</li><li>
+Anonymity Techniques - Usability Tests of Major Anonymity Networks
+- Jens Schomburg,
+Presented at
+<a href="http://www.pet-con.org/index.php/PET_Convention_2009.1">PET-CON 2009.1</a>,
+Dresden, Germany, March 24-25, 2009.
+Available in the
+<a href="http://freehaven.net/~karsten/volatile/petcon-proceedings-2009.1.pdf">Proceedings</a>
+page 49.
+Extended 20-page version also may be available.
+
+</li><li>
+L'émergence au sein d'internet de communautés virtuelles et anonymes, Freenet et i2p
+- Laurie Delmer -
+Université catholique de Louvain
+Département des sciences politiques et sociales
+(Catholic University of Leuven -
+Department of Political and Social Science -
+The rise in internet virtual and anonymous communities, Freenet and I2P)
+Master's Thesis, 2009.
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=5J3nh1DoRMw">I2P Windows Tutorial</a>
+(Youtube Video)
+This guide will show you how to install I2P in Windows XP.
+By <a href="http://telecomix.org/">Telecomix</a>
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=QeRN2G9VW5E">I2P Debian Tutorial</a>
+(Youtube Video)
+This will guide you through how to install I2P on a Debian Linux System.
+By <a href="http://telecomix.org/">Telecomix</a>
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=2ylW85vc7SA">How to set up anonymous site in I2P</a>
+(Youtube Video)
+How to set up an anonymous web site in I2P.
+By <a href="http://telecomix.org/">Telecomix</a>
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=d8mvGZqVgE4">I2P Tutorial Mac OS X</a>
+(Youtube Video)
+A tutorial on how to run i2p on Mac OS X and how to connect to irc.telecomix.i2p.
+By <a href="http://telecomix.org/">Telecomix</a>
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=5jv7tVVJdTQ">Felix Atari explains the basic principles of I2P</a>
+(Youtube Video)
+Agent Felix Atari of the Telecomix Crypto Munitions Bureau.
+By <a href="http://telecomix.org/">Telecomix</a>
+
+</li><li>
+HOPE New York July 17, 2010 - Brief overview of I2P by zzz, at the end of Adrian Hong's talk
+"Hackers for Human Rights".
+<a href="http://c2047862.cdn.cloudfiles.rackspacecloud.com/tnhc21.mp3">MP3 audio</a>
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=WyN_QK-_3GA">How to get onto I2P, the anonymous P2P Darknet (Windows Install)</a>
+(Youtube Video)
+This tutorial shows how to install and configure software needed to access I2P.
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=q4owyd_CaGc">How to connect to I2P</a>
+(Youtube Video)
+How to install I2P on Ubuntu.
+
+</li><li>
+<a href="http://www.irongeek.com/i.php?page=videos/i2p-darknet-software-in-linux">Installing the I2P darknet software in Linux</a>
+(Video)
+Adrian Crenshaw.
+January 2011
+
+</li><li>
+<a href="http://www.irongeek.com/i.php?page=security/darknets-i2p-identifying-hidden-servers">Darknets - I2P Identifying Hidden Servers</a>
+Adrian Crenshaw.
+Presented at Black Hat DC,
+January 18-19 2011
+<a href="http://translated.by/you/darknets-and-hidden-servers-identifying-the-true-ip-network-identity-of-i2p-service-hosts/into-ru/">Russian translation</a>
+
+</li><li>
+<a href="http://www.irongeek.com/i.php?page=videos/shmoocon-firetalks-2011">Into the I2P Darknet: Welcome to Cipherspace</a>
+Adrian Crenshaw. Schmoocon Firetalk, January 2011
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=TexNr_5J5AU">Using techhnology to advance liberty</a>
+(Youtube Video)
+Eric Johnson.
+<a href="http://agora.io/etienne">Agora I/O Unconference</a>, March 27, 2011.
+I2P covered from 10:00 to 20:00 in the video.
+
+</li><li>
+Privacy-Implications of Performance-Based Peer Selection by Onion-Routers: A Real-World Case Study using I2P,
+Michael Hermann.
+Master's Thesis, TU-Munich, March 28, 2011.
+<a href="http://grothoff.org/christian/i2p.pdf">Privacy-Implications of Performance-Based Peer Selection by Onion-Routers: A Real-World Case Study using I2P</a>,
+Michael Hermann, Christian Grothoff.
+Presented at PET Symposium, Waterloo Canada, July 27, 2011.
+<a href="http://grothoff.org/christian/teaching/2011/2194/i2p.odp">presentation slides (odp)</a>
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=bI_1qlcwfE0">Common Darknet Weaknesses</a>
+(Youtube Video)
+Adrian Crenshaw, <a href="http://aide.marshall.edu/">AIDE</a>, July 11-15, 2011.
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=NV90TRs_pGE">Short garlic routing animation</a>
+(Youtube Video)
+Adrian Crenshaw.
+
+</li><li>
+<a href="http://www.irongeek.com/i.php?page=security/i2p-tor-workshop-notes">I2P / Tor Workshop Notes</a>
+Adrian Crenshaw. DEF CON 19, Las Vegas, August 6, 2011.
+
+</li><li>
+<a href="http://www.youtube.com/watch?v=xxKXkbohRZM">Cipherspaces/Darknets: An Overview Of Attack Strategies -
+DEF CON Live version (Youtube Video)</a>,
+<a href="http://www.youtube.com/watch?v=xFxJ6Dc5ass">"Studio" version (Youtube Video)</a>,
+<a href="http://www.irongeek.com/downloads/Adrian-Crenshaw-darknet-weaknesses.pptx">Slides (ppt)</a>
+Adrian Crenshaw. DEF CON 19, Las Vegas, August 7, 2011.
+
+</li><li><a href="http://www.isdpodcast.com/podpress_trac/web/2719/0/infosec-daily-podcast-episode-454.mp3">zzz interviewed on the InfoSec Daily Podcast (mp3)</a>
+(August 18, 2011)
+
+</li><li>
+<a href="http://hal.inria.fr/inria-00632259/en/">Monitoring the I2P Network</a>,
+Juan Pablo Timpanaro, Isabelle Chrisment, Olivier Festor,
+INRIA Nancy-Grand Est, France,
+LORIA - ESIAL, Henri Poincare University, Nancy 1, France.
+October 2011.
+
+</li><li>
+<a href="http://userpage.fu-berlin.de/~semu/docs/2011_seminar_ehlert_i2p.pdf">I2P Usability vs. Tor Usability A Bandwidth and Latency Comparison</a>
+Mathias Ehlert,
+Humboldt University of Berlin,
+November 2011.
+
+</li><li>
+<a href="http://how-to.linuxcareer.com/i2p-anonymity-for-the-masses">I2P - Anonymity for the Masses</a>,
+Jonathan Cox,
+November 11, 2011.
+
+</li>
+<li><a href="http://www.isdpodcast.com/podpress_trac/web/3516/0/infosec-daily-podcast-episode-596.mp3">zzz and Lance James interviewed on the InfoSec Daily Podcast (mp3)</a> (February 16, 2012)</li>
+</ul></div>
+{% endblock %}
diff --git a/www.i2p2/pages/performance-history.html b/www.i2p2/pages/performance-history.html
new file mode 100644
index 0000000000000000000000000000000000000000..a65fe726f07033a418be1da60c2a81d2a834ce9d
--- /dev/null
+++ b/www.i2p2/pages/performance-history.html
@@ -0,0 +1,118 @@
+{% extends "_layout.html" %}
+{% block title %}Performance History{% endblock %}
+{% block content %}
+<p>Notable performance improvements have been made using the techniques below.
+There is more to do, see the <a href="performance.html">Performance</a> page
+for current issues and thoughts.</p>
+
+<h2>Native math <b>[implemented]</b></h2>
+<p>When I last profiled the I2P code, the vast majority of time was spent within
+one function: java.math.BigInteger's
+<a href="http://java.sun.com/j2se/1.4.2/docs/api/java/math/BigInteger.html#modPow(java.math.BigInteger,%20java.math.BigInteger)">modPow</a>.
+Rather than try to tune this method, we'll call out to
+<a href="http://www.swox.com/gmp/">GNU MP</a> - an insanely fast math library
+(with tuned assembler for many architectures). (<i>Editor: see
+<a href="jbigi">NativeBigInteger for faster public key cryptography</a></i>)</p>
+<p>ugha and duck are working on the C/JNI glue code, and the existing java code
+is already deployed with hooks for that whenever its ready. Preliminary results
+look fantastic - running the router with the native GMP modPow is providing over
+a 800% speedup in encryption performance, and the load was cut in half. This
+was just on one user's machine, and things are nowhere near ready for packaging
+and deployment, yet.</p>
+
+<h2>Garlic wrapping a "reply" LeaseSet <b>[implemented but needs tuning]</b></h2>
+<p>This algorithm tweak will only be relevant for applications that want their
+peers to reply to them (though that includes everything that uses I2PTunnel or
+mihi's ministreaming lib):</p>
+<p>Previously, when Alice sent Bob a message, when Bob replied he had to do a
+lookup in the network database - sending out a few requests to get Alice's
+current LeaseSet. If he already has Alice's current LeaseSet, he can instead
+just send his reply immediately - this is (part of) why it typically takes a
+little longer talking to someone the first time you connect, but subsequent
+communication is faster. Currently - for all clients - we wrap
+the sender's current LeaseSet in the garlic that is delivered to the recipient,
+so that when they go to reply, they'll <i>always</i> have the LeaseSet locally
+stored - completely removing any need for a network database lookup on replies.
+This trades off a large portion of the sender's bandwidth for that faster reply.
+If we didn't do this very often,
+overall network bandwidth usage would decrease, since the recipient doesn't
+have to do the network database lookup.</p>
+<p>
+For unpublished LeaseSets such as "shared clients", this is the only way to
+get the LeaseSet to Bob. Unfortunately this bundling every time adds
+almost 100% overhead to a high-bandwidth connection, and much more to
+a connection with smaller messages.
+</p><p>
+Changes scheduled for release 0.6.2 will bundle the LeaseSet only when
+necessary, at the beginning of a connection or when the LeaseSet changes.
+This will substantially reduce the total overhead of I2P messaging.
+</p>
+
+<h2>More efficient TCP rejection <b>[implemented]</b></h2>
+<p>At the moment, all TCP connections do all of their peer validation after
+going through the full (expensive) Diffie-Hellman handshaking to negotiate a
+private session key. This means that if someone's clock is really wrong, or
+their NAT/firewall/etc is improperly configured (or they're just running an
+incompatible version of the router), they're going to consistently (though not
+constantly, thanks to the shitlist) cause a futile expensive cryptographic
+operation on all the peers they know about. While we will want to keep some
+verification/validation within the encryption boundary, we'll want to update the
+protocol to do some of it first, so that we can reject them cleanly
+without wasting much CPU or other resources.</p>
+
+<h2>Adjust the tunnel testing <b>[implemented]</b></h2>
+<p>Rather than going with the fairly random scheme we have now, we should use a
+more context aware algorithm for testing tunnels. e.g. if we already know its
+passing valid data correctly, there's no need to test it, while if we haven't
+seen any data through it recently, perhaps its worthwhile to throw some data its
+way. This will reduce the tunnel contention due to excess messages, as well as
+improve the speed at which we detect - and address - failing tunnels.</p>
+
+<h2>Persistent Tunnel / Lease Selection</h2>
+<p>Outbound tunnel selection implemented in 0.6.1.30, inbound lease selection
+implemented in release 0.6.2.</p>
+<p>Selecting tunnels and leases at random for every message creates a large
+incidence of out-of-order delivery, which prevents the streaming lib from
+increasing its window size as much as it could. By persisting with the
+same selections for a given connection, the transfer rate is much faster.
+</p>
+
+<h2>Compress some data structures <b>[implemented]</b></h2>
+<p>The I2NP messages and the data they contain is already defined in a fairly
+compact structure, though one attribute of the RouterInfo structure is not -
+"options" is a plain ASCII name = value mapping. Right now, we're filling it
+with those published statistics - around 3300 bytes per peer. Trivial to
+implement GZip compression would nearly cut that to 1/3 its size, and when you
+consider how often RouterInfo structures are passed across the network, that's
+significant savings - every time a router asks another router for a networkDb
+entry that the peer doesn't have, it sends back 3-10 RouterInfo of them.</p>
+
+<h2>Update the ministreaming protocol</h2> [replaced by full streaming protocol]
+<p>Currently mihi's ministreaming library has a fairly simple stream negotiation
+protocol - Alice sends Bob a SYN message, Bob replies with an ACK message, then
+Alice and Bob send each other some data, until one of them sends the other a
+CLOSE message. For long lasting connections (to an IRC server, for instance),
+that overhead is negligible, but for simple one-off request/response situations
+(an HTTP request/reply, for instance), that's more than twice as many messages as
+necessary. If, however, Alice piggybacked her first payload in with the SYN
+message, and Bob piggybacked his first reply with the ACK - and perhaps also
+included the CLOSE flag - transient streams such as HTTP requests could be
+reduced to a pair of messages, instead of the SYN+ACK+request+response+CLOSE.</p>
+
+<h2>Implement full streaming protocol</h2> [<a href="streaming.html">implemented</a>]
+<p>The ministreaming protocol takes advantage of a poor design decision in the
+I2P client protocol (I2CP) - the exposure of "mode=GUARANTEED", allowing what
+would otherwise be an unreliable, best-effort, message based protocol to be used
+for reliable, blocking operation (under the covers, its still all unreliable and
+message based, with the router providing delivery guarantees by garlic wrapping
+an "ACK" message in with the payload, so once the data gets to the target, the
+ACK message is forwarded back to us [through tunnels, of course]).</p>
+<p>As I've
+<a href="http://dev.i2p.net/pipermail/i2p/2004-March/000167.html">said</a>, having
+I2PTunnel (and the ministreaming lib) go this route was the best thing that
+could be done, but more efficient mechanisms are available. When we rip out the
+"mode=GUARANTEED" functionality, we're essentially leaving ourselves with an
+I2CP that looks like an anonymous IP layer, and as such, we'll be able to
+implement the streaming library to take advantage of the design experiences of
+the TCP layer - selective ACKs, congestion detection, nagle, etc.</p>
+{% endblock %}
diff --git a/www.i2p2/pages/performance.html b/www.i2p2/pages/performance.html
index 9a541e4c6087df1ee4535e44175de0525f2bc67e..c104206e1bdd09e1ee36d512966b9c750ed9599c 100644
--- a/www.i2p2/pages/performance.html
+++ b/www.i2p2/pages/performance.html
@@ -1,6 +1,8 @@
{% extends "_layout.html" %}
{% block title %}Performance{% endblock %}
{% block content %}
+Updated August 2010, current as of router version 0.8
+
<p>Probably one of the most frequent things people ask is "how fast is I2P?",
and no one seems to like the answer - "it depends". After trying out I2P, the
next thing they ask is "will it get faster?", and the answer to that is a most
@@ -11,50 +13,8 @@ related, and others still are protocol related. However, all of those
dimensions affect the latency, throughput, and perceived performance of the
network, as they reduce contention for scarce resources. This list is of course
not comprehensive, but it does cover the major ones that are seen.</p>
-
-<h2>Native math <b>[implemented]</b></h2>
-<p>When I last profiled the I2P code, the vast majority of time was spent within
-one function: java.math.BigInteger's
-<a href="http://java.sun.com/j2se/1.4.2/docs/api/java/math/BigInteger.html#modPow(java.math.BigInteger,%20java.math.BigInteger)">modPow</a>.
-Rather than try to tune this method, we'll call out to
-<a href="http://www.swox.com/gmp/">GNU MP</a> - an insanely fast math library
-(with tuned assembler for many architectures). (<i>Editor: see
-<a href="jbigi">NativeBigInteger for faster public key cryptography</a></i>)</p>
-<p>ugha and duck are working on the C/JNI glue code, and the existing java code
-is already deployed with hooks for that whenever its ready. Preliminary results
-look fantastic - running the router with the native GMP modPow is providing over
-a 800% speedup in encryption performance, and the load was cut in half. This
-was just on one user's machine, and things are nowhere near ready for packaging
-and deployment, yet.</p>
-
-<h2>Garlic wrapping a "reply" LeaseSet <b>[implemented but needs tuning]</b></h2>
-<p>This algorithm tweak will only be relevant for applications that want their
-peers to reply to them (though that includes everything that uses I2PTunnel or
-mihi's ministreaming lib):</p>
-<p>Previously, when Alice sent Bob a message, when Bob replied he had to do a
-lookup in the network database - sending out a few requests to get Alice's
-current LeaseSet. If he already has Alice's current LeaseSet, he can instead
-just send his reply immediately - this is (part of) why it typically takes a
-little longer talking to someone the first time you connect, but subsequent
-communication is faster. Currently - for all clients - we wrap
-the sender's current LeaseSet in the garlic that is delivered to the recipient,
-so that when they go to reply, they'll <i>always</i> have the LeaseSet locally
-stored - completely removing any need for a network database lookup on replies.
-This trades off a large portion of the sender's bandwidth for that faster reply.
-If we didn't do this very often,
-overall network bandwidth usage would decrease, since the recipient doesn't
-have to do the network database lookup.</p>
-<p>
-For unpublished LeaseSets such as "shared clients", this is the only way to
-get the LeaseSet to Bob. Unfortunately this bundling every time adds
-almost 100% overhead to a high-bandwidth connection, and much more to
-a connection with smaller messages.
-</p><p>
-Changes scheduled for release 0.6.2 will bundle the LeaseSet only when
-necessary, at the beginning of a connection or when the LeaseSet changes.
-This will substantially reduce the total overhead of I2P messaging.
-</p>
-
+<p>For past performance improvements see the <a href="performance-history.html">
+Performance History</a>.
<h2>Better peer profiling and selection</h2>
<p>Probably one of the most important parts of getting faster performance will
@@ -75,7 +35,7 @@ gave us a reference to someone we had never heard of). We can also do some
tuning on what we actually send - how many peers we bounce back (or even if we
bounce back a reply), as well as how many concurrent searches we perform.</p>
-<h2>Longer SessionTag lifetime</h2>
+<h2>Session Tag Tuning and Improvements</h2>
<p>The way the <a href="how_elgamalaes">ElGamal/AES+SessionTag</a> algorithm
works is by managing a set of random one-time-use 32 byte arrays, and expiring
them if they aren't used quickly enough. If we expire them too soon, we're
@@ -86,6 +46,33 @@ tags, even more encryption failures may occur prior to detection). With some
more active detection and feedback driven algorithms, we can safely and more
efficiently tune the lifetime of the tags, replacing the ElGamal encryption with
a trivial AES operation.</p>
+<p>
+Additional ideas for improving Session Tag delivery are described on the
+<a href="how_elgamalaes.html#future">ElGamal/AES+SessionTag page</a>.
+</p>
+
+
+<h2 id="prng">Migrate sessionTag to synchronized PRNG</h2>
+<p>Right now, our <a href="how_elgamalaes.html">ElGamal/AES+SessionTag</a>
+algorithm works by tagging each encrypted message with a unique random
+32 byte nonce (a "session tag"), identifying that message as being encrypted
+with the associated AES session's key. This prevents peers from distinguishing
+messages that are part of the same session, since each message has a completely
+new random tag. To accomplish this, every few messages bundle a whole
+new set of session tags within the encrypted message itself, transparently
+delivering a way to identify future messages. We then have to keep track
+of what messages are successfully delivered so that we know what tags
+we may use.</p>
+<p>This works fine and is fairly robust, however it is inefficient in terms
+of bandwidth usage, as it requires the delivery of these tags ahead of
+time (and not all tags may be necessary, or some may be wasted, due to
+their expiration). On average though, predelivering the session tag costs
+32 bytes per message (the size of a tag). As Taral suggested though, that
+size can be avoided by replacing the delivery of the tags with a synchronized
+PRNG - when a new session is established (through an ElGamal encrypted
+block), both sides seed a PRNG for use and generate the session tags on
+demand (with the recipient precalculating the next few possible values
+to handle out of order delivery).</p>
<h2>Longer lasting tunnels</h2>
<p>The current default tunnel duration of 10 minutes is fairly arbitrary, though
@@ -96,13 +83,12 @@ network and CPU load (due to expensive tunnel creation messages).</p>
<p>
This appears to be an easy fix for high load on the big-bandwidth routers, but
we should not resort to it until we've tuned the tunnel building algorithms further.
-However, the 10 minute tunnel lifetime is hardcoded in a few places,
-so the code needs to be cleaned up before we could change the duration.
+However, the 10 minute tunnel lifetime is hardcoded in quite a few places,
+so substantial effort would be required to change the duration.
+Also, it would be difficult to maintain backward compatibility with such a change.
</p><p>
-A new tunnel build algorithm was introduced in release 0.6.1.32 and it has greatly
-reduced the number of tunnel builds. Together with better detection of
-unreachable peers and other peer selection strategies implemented in release 0.6.1.33,
-the situation is much improved, and there are no current plans to extend tunnel lifetime.
+Currently, since the network average tunnel build success rate is fairly high,
+there are no current plans to extend tunnel lifetime.
</p>
@@ -119,62 +105,20 @@ doesn't pass our test within 60 seconds "dead"?</p>
as tunable parameters to allow for more appropriate tradeoffs between
bandwidth, latency, and CPU usage.</p>
-<h2>More efficient TCP rejection <b>[implemented]</b></h2>
-<p>At the moment, all TCP connections do all of their peer validation after
-going through the full (expensive) Diffie-Hellman handshaking to negotiate a
-private session key. This means that if someone's clock is really wrong, or
-their NAT/firewall/etc is improperly configured (or they're just running an
-incompatible version of the router), they're going to consistently (though not
-constantly, thanks to the shitlist) cause a futile expensive cryptographic
-operation on all the peers they know about. While we will want to keep some
-verification/validation within the encryption boundary, we'll want to update the
-protocol to do some of it first, so that we can reject them cleanly
-without wasting much CPU or other resources.</p>
-
-<h2>Adjust the tunnel testing <b>[implemented]</b></h2>
-<p>Rather than going with the fairly random scheme we have now, we should use a
-more context aware algorithm for testing tunnels. e.g. if we already know its
-passing valid data correctly, there's no need to test it, while if we haven't
-seen any data through it recently, perhaps its worthwhile to throw some data its
-way. This will reduce the tunnel contention due to excess messages, as well as
-improve the speed at which we detect - and address - failing tunnels.</p>
-
-<h2>Compress some data structures <b>[implemented]</b></h2>
-<p>The I2NP messages and the data they contain is already defined in a fairly
-compact structure, though one attribute of the RouterInfo structure is not -
-"options" is a plain ASCII name = value mapping. Right now, we're filling it
-with those published statistics - around 3300 bytes per peer. Trivial to
-implement GZip compression would nearly cut that to 1/3 its size, and when you
-consider how often RouterInfo structures are passed across the network, that's
-significant savings - every time a router asks another router for a networkDb
-entry that the peer doesn't have, it sends back 3-10 RouterInfo of them.</p>
-
-<h2>Update the ministreaming protocol</h2> [replaced by full streaming protocol]
-<p>Currently mihi's ministreaming library has a fairly simple stream negotiation
-protocol - Alice sends Bob a SYN message, Bob replies with an ACK message, then
-Alice and Bob send each other some data, until one of them sends the other a
-CLOSE message. For long lasting connections (to an IRC server, for instance),
-that overhead is negligible, but for simple one-off request/response situations
-(an HTTP request/reply, for instance), that's more than twice as many messages as
-necessary. If, however, Alice piggybacked her first payload in with the SYN
-message, and Bob piggybacked his first reply with the ACK - and perhaps also
-included the CLOSE flag - transient streams such as HTTP requests could be
-reduced to a pair of messages, instead of the SYN+ACK+request+response+CLOSE.</p>
-
-<h2>Implement full streaming protocol</h2> [<a href="streaming.html">implemented</a>]
-<p>The ministreaming protocol takes advantage of a poor design decision in the
-I2P client protocol (I2CP) - the exposure of "mode=GUARANTEED", allowing what
-would otherwise be an unreliable, best-effort, message based protocol to be used
-for reliable, blocking operation (under the covers, its still all unreliable and
-message based, with the router providing delivery guarantees by garlic wrapping
-an "ACK" message in with the payload, so once the data gets to the target, the
-ACK message is forwarded back to us [through tunnels, of course]).</p>
-<p>As I've
-<a href="http://dev.i2p.net/pipermail/i2p/2004-March/000167.html">said</a>, having
-I2PTunnel (and the ministreaming lib) go this route was the best thing that
-could be done, but more efficient mechanisms are available. When we rip out the
-"mode=GUARANTEED" functionality, we're essentially leaving ourselves with an
-I2CP that looks like an anonymous IP layer, and as such, we'll be able to
-implement the streaming library to take advantage of the design experiences of
-the TCP layer - selective ACKs, congestion detection, nagle, etc.</p>
+<h2>Full streaming protocol improvements</h2>
+<ul>
+<li>Perhaps re-enable the interactive stream profile (the
+ current implementation only uses the bulk stream profile).</li>
+<li>Client level bandwidth limiting (in either or both directions on a stream,
+ or possibly shared across multiple streams). This would be in addition to
+ the router's overall bandwidth limiting, of course.</li>
+<li>Access control lists (only allowing streams to or from certain other known
+ destinations).</li>
+<li>Web controls and monitoring the health of the various streams, as well
+ as the ability to explicitly close or throttle them.</li>
+</ul>
+<p>
+Additional ideas for improving the streaming library are described on the
+<a href="streaming.html#future">streaming library page</a>.
+</p>
{% endblock %}
diff --git a/www.i2p2/pages/plugin_spec.html b/www.i2p2/pages/plugin_spec.html
index ee99a32287ba7a580b51d28cd28bac2a69c06d18..06690b666a83e2a6644c85046462d655d4c60d34 100644
--- a/www.i2p2/pages/plugin_spec.html
+++ b/www.i2p2/pages/plugin_spec.html
@@ -2,11 +2,11 @@
{% block title %}I2P Plugin Specification{% endblock %}
{% block content %}
<h2>
-Specification Version 0.16
-2010-07-26
+Specification Version 0.18
+2012-03-15
</h2>
<p>
-Page last updated July 2010, current as of router version 0.8.
+Page last updated March 2012, current as of router version 0.8.13-13
<h3>Overview</h3>
<p>
This document specifies
@@ -42,7 +42,7 @@ The standard directory structure will let users install the following types of a
</ul>
<p>
-A plugin installs all its files in ~/.i2p/plugins/name/ (%APPDIR%\I2P\name on Windows). The installer will prevent
+A plugin installs all its files in ~/.i2p/plugins/name/ (%APPDIR%\I2P\plugins\name\ on Windows). The installer will prevent
installation anywhere else, although the plugin can access libraries elsewhere when running.
<p>
@@ -74,7 +74,7 @@ foo.xpi2p is a sud file containing the following:
*name (will be installed in this directory name)
For native plugins, you may want separate names in different packages -
foo-windows and foo-linux, for example
- *key (172 B64 chars ending with '=')
+ *key (<a href="how_cryptography.html#DSA">DSA public key</a> as 172 B64 chars ending with '=')
*signer (yourname@mail.i2p recommended)
*version (must be in a format VersionComparator can parse, e.g. 1.2.3-4)
@@ -117,16 +117,17 @@ foo.xpi2p is a sud file containing the following:
min-i2p-version
max-i2p-version
min-java-version
- min-jetty-version
- max-jetty-version
+ min-jetty-version (supported as of 0.8.13, use 6 for Jetty 6 webapps)
+ max-jetty-version (supported as of 0.8.13, use 5.99999 for Jetty 5 webapps)
required-platform-OS (unimplemented - perhaps will be displayed only, not verified)
other-requirements (unimplemented e.g. python x.y - not verified by the installer, just displayed to the user)
dont-start-at-install=true
Default false.
+ Won't start the plugin when it is installed or updated. On initial installation, sets the plugin as so the user must manually start it. An update will not change the user's preference to start it if they choose to do so.
router-restart-required=true
Default false.
- dont-start-at-install must be true for this to take effect.
- This does not restart the router, it just informs the user that a restart is required.
+ This does not restart the router or the plugin on an update, it just informs the user that a restart is required.
+ It has no effect on initial plugin installation.
update-only=true
Default false.
If true, will fail if an installation does not exist.
@@ -195,7 +196,7 @@ foo.xpi2p is a sud file containing the following:
That probably goes for starting a client that is already started too.
New property clientApp.0.uninstallargs=foo bar uninstall baz
If present, the class will be called with these args just before deleting $PLUGIN
- All stop tasks are called with zero delay
+ All uninstall tasks are called with zero delay
New property clientApp.0.classpath=$I2P/lib/foo.bar,$PLUGIN/lib/bar.jar
The plugin runner will do variable substitution in the args and stopargs lines as follows:
$I2P => i2p base installation dir;
@@ -205,52 +206,36 @@ foo.xpi2p is a sud file containing the following:
</pre>
-<h3>Plugin installer tasks
-</h3>
+<h3>Plugin installer tasks</h3>
+This lists what happens when a plugin is installed by I2P.
<ul>
-<li>
- download .xpi2p
-<li>
- verify sud sig against stored keys, or else:
- - extract, get pubkey from properties, then verify, then store key
-<li>
- verify zip integrity
-<li>
- extract plugin.config file
-<li>
- verify min/max/version/etc
-<li>
- check that webapps don't duplicate those in $I2P
-<li>
- stop existing plugin
-<li>
- verify install dir doesn't exist if update=false, or ask
-<li>
- verify install dir does exist if update=true, or ask
-<li>
- unzip into appDir/plugins/name/
-<li>
- add to plugins.config
+ <li>The .xpi2p file is downloaded.</li>
+ <li>The .sud signature is verified against stored keys.
+ If there is no matching key, the .sud is extracted, the key is loaded from the properties, then verified and stored.</li>
+ <li>Verify the integrity of the zip file.</li>
+ <li>Extract the plugin.config file.</li>
+ <li>Verify the I2P version, to make sure the plugin will work.</li>
+ <li>Check that webapps don't duplicate the existing $I2P applications.</li>
+ <li>Stop the existing plugin (if present).</li>
+ <li>Verify that the install directory does not exist yet if update=false, or ask to overwrite.</li>
+ <li>Verify that the install directory does exist if update=true, or ask to create.</li>
+ <li>Unzip the plugin in to appDir/plugins/name/</li>
+ <li>Add the plugin to plugins.config</li>
</ul>
<h3>
Plugin starter tasks
</h3>
-
- Check plugins.config for which to start.
- For each one:
+This lists what happens when plugins are started.
+First, plugins.config is checked to see which plugins need to be started.
+For each plugin:
<ul>
-<li>
- check clients.config, load and start each item (add configured jars to classpath)
-<li>
- check console/webapp and console/webapp.config, load and start (add configured jars to classpath)
-<li>
- add console/locale/foo.jar to translate classpath if present
-<li>
- add console/theme to theme search path if present
-<li>
- add summary bar link
+ <li>Check clients.config, and load and start each item (add the configured jars to the classpath).</li>
+ <li>Check console/webapp and console/webapp.config. Load and start required items (add the configured jars to the classpath).</li>
+ <li>Add console/locale/foo.jar to the translation classpath if present.</li>
+ <li>Add console/theme to the theme search path if present.</li>
+ <li>Add the summary bar link.</li>
</ul>
<h3>
@@ -342,7 +327,7 @@ Pack200 unpacking is supported on routers 0.7.11-5 or higher, which is essential
support plugins at all.
<li>
- Plugins should not attempt to write anywhere in $I2P as it may be readonly, and that isn't good policy anyway
+ Plugins should not attempt to write anywhere in $I2P as it may be readonly, and that isn't good policy anyway.
<li>
Plugins may write to $CONFIG but keeping files in $PLUGIN only is recommended.
All files in $PLUGIN will be deleted at uninstall.
@@ -352,18 +337,18 @@ If the user may want to save data after uninstallation, the uninstallargs hook
could ask.
<li>
- $CWD may be anywhere; do not assume it is in a particular place, do not attempt to read or write files relative to $CWD
+ $CWD may be anywhere; do not assume it is in a particular place, do not attempt to read or write files relative to $CWD.
<li>
- Java programs should find out where they are with the directory getters in I2PAppContext
+ Java programs should find out where they are with the directory getters in I2PAppContext.
<li>
Plugin directory is I2PAppContext.getGlobalContext().getAppDir().getAbsolutePath() + "/plugins/" + appname,
or put a $PLUGIN argument in the args line in clients.config.
There is no reliable way to find the i2p install or config or plugin directory without using the
context API in i2p.jar.
<li>
- See <a href="http://zzz.i2p/topics/16"> Howto</a> for info on generating signing keys and generating/verifying keys and sud files
+ See <a href="http://zzz.i2p/topics/16">Howto</a> for info on generating signing keys and generating/verifying keys and sud files
<li>
- All config files must be UTF-8
+ All config files must be UTF-8.
<li>
To run in a separate JVM, use ShellCommand with java -cp foo:bar:baz my.main.class arg1 arg2 arg3.
Of course, it will be a lot harder to stop the plugin then...
@@ -392,9 +377,9 @@ access to router classes.
<li>
Since each version must be higher than the one before, you could enhance your build
script to add a build number to the end of the version.
-This helps for testing. Most of zzz's plugins have that feature, check build.xml for an example.
+This helps for testing. Most of zzz's plugins have that feature, check build.xml for an example.
<li>
-Plugins must never call System.exit()
+Plugins must never call System.exit().
<li>
Please respect licenses by meeting license requirements for any software you bundle.
diff --git a/www.i2p2/pages/plugin_spec_de.html b/www.i2p2/pages/plugin_spec_de.html
new file mode 100644
index 0000000000000000000000000000000000000000..3eb5fc2b24023d036fc3ffa3907e140b9b42d28b
--- /dev/null
+++ b/www.i2p2/pages/plugin_spec_de.html
@@ -0,0 +1,477 @@
+{% extends "_layout.html" %}
+{% block title %}Technische Beschreibung I2P-Zusatzprogramme{% endblock %}
+{% block content %}
+<h2>
+Technische Beschreibung, Version 0.16
+26.7.2010
+</h2>
+<p>
+Diese Seite wurde zuletzt im August 2010 aktualisiert und bezieht sich auf die Routerversion (I2P-Version) 0.8.
+<h3>Übersicht</h3>
+<p>
+Dieses Dokument beschreibt das XPI2P-Dateiformat (in Anlehnung an die XPI-Dateien von Firefox, aber mit einer einfachen
+Beschreibungsdatei namens plugin.config statt der XML-Datei install.rdf).
+Dieses Dateiformat kommt sowohl bei der Erstinstallation als auch beim Aktualisieren von Zusatzprogrammen zum
+Einsatz.
+<p>
+Des weiteren wird in diesem Dokument erklärt, wie der I2P-Router Zusatzprogramme installiert, sowie Richtlinien für
+die Entwicklung neuer Zusatzprogramme aufgeführt.
+<p>
+Die Grundstruktur des XPI2P-Formats ist dieselbe wie bei der Datei i2pupdate.sud (der Routeraktualisierungsdatei);
+Benutzer können aber Zusatzprogramme auch dann installieren, wenn dem Router der Signierschlüssel noch nicht bekannt
+ist.
+<p>
+Die hier beschriebene Verzeichnisstruktur (innerhalb der XPI2P-Datei) erlaubt es, folgende Arten von Zusatzprogrammen
+zu installieren:
+<ul>
+<li>
+ Webanwendungen
+<li>
+ Neue Eepsites mit cgi-bin und Webanwendungen
+<li>
+ Konsolengestaltungen
+<li>
+ Konsolenübersetzungen
+<li>
+ Java-Programme
+<li>
+ Java-Programme, die in einer eigenen JVM laufen
+<li>
+ Beliebiges Shellskripte oder Programme
+</ul>
+
+<p>
+Zusatzprogramme installieren alle ihre Dateien in ~/.i2p/plugins/Name/ (%APPDIR%\I2P\plugins\Name\ unter Windows).
+Der Router verwehrt Installationen in andere Verzeichnisse; es ist Zusatzprogramm jedoch nach dem Start möglich,
+auf Bibliotheken in anderen Verzeichnissen zuzugreifen.
+
+<p>
+Dies ist lediglich eine Maßnahme, um die Installation, Deinstallation und Aktualisierung zu vereinfachen
+und Konflikte zwischen Zusatzprogrammen zu verhindern.
+
+<p>
+Wenn jedoch ein Zusatzprogramm einmal läuft, ist praktisch keine Abschottung oder Absicherung zwischen
+Zusatzprogrammen und dem Router gegeben. Zusatzprogramme laufen in derselben JVM und mit den gleichen Rechten wie
+der Router; sie haben vollen Zugriff auf das Dateisystem, den Router, alle Rechte zur Programmausführung usw.
+
+<h3>Details</h3>
+<p>
+Beispiel.xpi2p ist eine SUD-Datei mit folgendem Inhalt:
+<pre>
+ Ein Standard-SUD-Vorspann (<i>Header</i>), der den Zip-Daten vorangeht und folgenden Inhalt hat:
+ 40 Byte: <a href="how_cryptography.html#DSA">DSA-Signatur</a>
+ 16 Byte: Zusatzprogrammversion in UTF-8, wenn nötig mit Nullen aufgefüllt
+
+ Eine Zip-Datei mit folgendem Inhalt:
+
+ plugin.config (PFLICHTDATEI) :
+ (Standard-I2P-Konfigurationsdatei in UTF-8, die Zeilen im Format Parameter=Wert enthält; Kommentare beginnen mit #)
+ Enthält die folgenden Einträge:
+
+ (* = Pflichteintrag)
+ In einer Aktualisierungsdatei müssen die ersten drei Einträge denen in der Installionsdatei entsprechen.
+
+ *name: Name des Programms und gleichzeitig das Installationsverzeichnis
+ Bei betriebssystemabhängigen Zusatzprogrammen werden entsprechende Namenszusätze empfohlen,
+ z.B. beispiel-windows und beispiel-linux
+ *key: <a href="how_cryptography.html#DSA">Öffentlicher DSA-Schlüssel</a> (172 B64-Zeichen mit einem '=' am Ende)
+ *signer: Signierer (Empfehlung: deinname@mail.i2p)
+
+ *version: Programmversion. Muss in einem Format, das der VersionComparator versteht, angegeben werden, z.B. 1.2.3-4)
+ - Höchstens 16 Byte (muss der Version im SUD-Vorspann entsprechen)
+ - Erlaubte Trennzeichen sind '.', '-' und '_'
+ - In Aktualisierungsdateien muss die Version höher als die der bereits installierten Version sein
+
+
+ Folgende Einträge werden, falls vorhanden, auf der Seite configclients.jsp angezeigt:
+
+ - date: Java-Zeit als long-Zahl
+ - author: Autor; Empfehlung: deinname@mail.i2p
+ - websiteURL: Adresse der Zusatzprogrammwebseite (http://beispiel.i2p/)
+ - updateURL: Die Adresse der Aktualisierungsdatei (http://beispiel.i2p/beispiel.xpi2p)
+ Die Bytes 41-56 von dieser URL werden zur Prüfung auf neue Versionen ausgelesen
+ ( Sollte beim Laden der URL die installierte Versionsnummer z.B. in der Form ?currentVersion=1.2.3?... mitgesendet werden?
+ Nein, wenn die derzeitige Versionsnummer in der URL enthalten sein soll,
+ kann der Programmierer sie selber in der Konfigurationsdatei in die URL einbauen.
+ Bei einem Versionswechsel muss daran gedacht werden, auch die URL zu ändern)
+ description: Programmbeschreibung
+ description_xx: Programmebschreibung in der Sprache mit dem Kürzel xx
+ license: Die Lizenz, unter der das Zusatzprogramm vertrieben wird
+ disableStop=true
+ Voreinstellung ist „false“.
+ Der Wert „true“ bewirkt, dass der Stoppknopf nicht angezeigt wird.
+ Diese Einstellung ist zu wählen, wenn keine Webanwendungen und keine
+ anderen Programme mit Stoppargumenten enthalten sind
+
+ Folgende Einträge steuern die Darstellung eines Links im Übersichtskasten in der Routerkonsole (oben links):
+
+ consoleLinkName: Dieser Name erscheint im Übersichtskasten
+ consoleLinkName_xx: Name in der Sprache mit dem Kürzel xx
+ consoleLinkURL: Die URL, z.B. /appname/index.jsp
+ consoleLinkTooltip: Hilfeeinblendung über dem Konsolenlink (Seit I2P 0.7.12-6)
+ consoleLinkTooltip_xx: Hilfeeinblendung in der Sprache xx (Seit I2P 0.7.12-6)
+
+
+ Folgende Einstellungen beziehen sich auf die Installation:
+
+ type: Die Art des Zusatzprogramms oder Zusatzmoduls (Anwendung, Konsolengestaltung, Sprache, Webanwendung usw.). Dieser Parameter ist nicht implementiert und ist wahrscheinlich überflüssig.
+ min-i2p-version
+ max-i2p-version
+ min-java-version
+ min-jetty-version
+ max-jetty-version
+ required-platform-OS: Benötigtes Betriebssystem. Nicht implementiert; wird evtl. in einer späteren I2P-Version angezeigt, aber nicht überprüft.
+ other-requirements: Andere Installationsvoraussetzungen (nicht implementiert; wird evtl. in einer späteren I2P-Version angezeigt, aber nicht überpfüft)
+ dont-start-at-install: Bei false wird das Zusatzprogramm nach der Installation automatisch gestartet, bei true nicht. False ist die Standardeinstellung.
+ router-restart-required: Bei false erscheint nach der Installation eine Meldung, die darüber informiert, dass ein Routerneustart notwendig ist (der Router wird aber nicht automatisch neu gestartet). Bei true erscheint die Meldung nicht. Standardeinstellung ist false.
+ update-only: Bei true bricht der Installationsvorgang ab, wenn nicht bereits eine Installation vorhanden ist. Standardeinstellung ist false.
+ install-only: Bei true bricht der Installationsvorgang ab, wenn bereits eine Installation vorhanden ist. Standardeinstellung ist false.
+ min-installed-version: Mindestens installierte Version, wenn es sich um eine Aktualisierung handelt
+ max-installed-version: Höchstens installierte Version, wenn es sich um eine Aktualisierung handelt
+ depends=plugin1,plugin2,plugin3: Die Zusatzprogramme plugin1, plugin2 und plugin3 werden von diesem Zusatzprogramm vorausgesetzt. Diese Einstellung wurde von Sponge vorgeschlagen und ist nicht implementiert (evtl. schwierig)
+ depends-version=0.3.4,,5.6.7: Mindestversionen der vorausgesetzten Zusatzprogramme. Nicht implementiert.
+
+ Die folgende Einstellung wird von Übersetzungs-Zusatzmodulen verwendet, ist aber noch nicht implementiert:
+ langs=xx,yy,Klingon,...: Gibt die bereitgestellten Sprachen an (xx und yy sind die Landeskürzel)
+
+ Die folgenden Verzeichnisse sind optional, es muss aber mindestens eines angegeben sein, damit das Zusatzprogramm etwas bewirkt.
+
+ console/
+ locale/
+ Jar-Dateien mit neuen Resource-Bundles, die Übersetzungen f¨r mit der I2P-Grundinstallation mitgelieferte Anwendungen enthalten.
+ Resource-Bundles für das Zusatzprogramm selber gehören in console/webapp/beispiel.war oder lib/beispiel.jar.
+
+ themes/
+ Neue Gestaltungen für die Routerkonsole,
+ jede in einem eigenen Unterverzeichnis
+
+ webapps/
+ (Bitte wichtige Bemerkungen zu Webanwendungen unten beachten)
+ War-Dateien
+ Die War-Dateien werden nach erfolgter Installation gestartet, sofern dies nicht in webapps.config deaktiviert ist.
+ Der Name der War-Datei muss nicht dem Zusatzprogrammnamen entsprechen.
+ Die Namen der in der I2P-Grundinstallation enthaltenen War-Dateien sind aber nicht erlaubt.
+
+ webapps.config
+ Diese Datei ist im selben Format wie die webapps.config des Routers.
+ Darüberhinaus können hier zusätzliche Jar-Dateien in $PLUGIN/lib/ oder $I2P/lib dem Webanwendungs-Klassenpfad hinzugefügt werden. Beispiel: webapps.warname.classpath=$PLUGIN/lib/beispiel.jar,$I2P/lib/irgendetwas.jar
+ Hinweis: Derzeit werden die Einträge in der Klassenpfadzeile nur geladen, wenn <warname> dem Namen des Zusatzprogramms entspricht.
+ Hinweis: Vor der Version 0.7.12-9 erwartete der Router plugin.warname.startOnLoad statt webapps.warname.startOnLoad.
+ Wird die Kompatibilität mit äteren Routerversionen gewünscht, wird empfohlen beide Zeilen anzugeben (wenn der automatische Start deaktiviert werden soll).
+
+ eepsite/
+ (Bitte wichtige Bemerkungen zu Eepsites unten beachten)
+ cgi-bin/
+ docroot/
+ logs/
+ webapps/
+ jetty.xml
+ Der Installationscode muss hier Variablen ersetzen, um den Pfad zu setzen.
+ Der Ort und Name dieser Datei spielt keine Rolle, er muss nur in der clients.config gesetzt sein.
+ Evtl. ist es bequemer, ein Verzeichnis höher zu gehen (so macht es das Zusatzprogramm zzzot).
+
+ lib/
+ Hier können Jar-Dateien abgelegt werden und in einem Klassenpfad in console/webapps.config und/oder
+ clients.config angegeben werden.
+
+ clients.config (Diese Datei ist im selben Format wie die clients.config des Routers)
+ Die hier angegebenen Anwendungen werden gestartet, wenn das Zusatzprogramm startet.
+ Die Numerierung ist bei 0 zu beginnen (clientApp.0) und jeweils um 1 zu erhöhen.
+ Neue Einstellung clientApp.0.stopargs=beispiel xxx stop yyy
+ Diese Einstellung bewirkt, falls vorhanden, dass die Klasse mit den angegebenen Argumenten aufgerufen wird,
+ um die Anwendung zu beenden.
+ Alle Stoppaufrufe erfolgen ohne Verzögerung.
+ Bemerkung: Der Router kann nicht feststellen, ob eine Anwendung gerade läft.
+ Alle Anwendungen müssen daher damit rechnen, gestoppt zu werden, auch wenn die Anwendung gar nicht läft.
+ Selbiges gilt für Anwendungen, die bereits gestartet sind.
+ Neue Einstellung clientApp.0.uninstallargs=beispiel xxx uninstall yyy
+ Diese Einstellung bewirkt, falls vorhanden, dass die Klasse mit den angegebenen Argumenten unmittelbar
+ vor dem Löschen von $PLUGIN aufgerufen wird.
+ Alle Stoppaufrufe werden ohne Verzögerung durchgeführt.
+ Neue Einstellung clientApp.0.classpath=$I2P/lib/beispiel.xxx,$PLUGIN/lib/yyy.jar
+ Der Router ersetzt Variablen in den args- und stopargs-Zeilen wie folgt:
+ $I2P => I2P-Installations-Grundverzeichnis;
+ $CONFIG => I2P-Konfigurationsverzeichnis (meist ~/.i2p)
+ $PLUGIN => Das Installationsverzeichnis des Zusatzprogramms (meist ~/.i2p/plugins/<zusatzprogverzeichnis>)
+ (Bitte wichtige Anmerkungen bzgl. der Ausführung von Shellskripten und externen Programmen weiter unten beachten)
+</pre>
+
+
+<h3>Ablauf der Installation eines Zusatzprogrammes
+</h3>
+<ul>
+
+<li>
+ Herunterladen der xpi2p-Datei
+<li>
+ Prüfen der SUD-Signatur anhand der gespeicherten Schlüssel, oder falls kein Schlüssel vorhanden:<br/>
+ - auspacken, öff. Schlüssel aus der Konfiguration lesen, überprüfen und Schlüssel speichern
+<li>
+ Prüfen, ob die ZIP-Datei unversehrt ist
+<li>
+ Die Datei plugin.config auspacken
+<li>
+ Mindest- und Höchstversion usw. überprüfen
+<li>
+ Prüfung, ob eine der Webanwendungen mit einer in $I2P namensgleich ist
+<li>
+ Vorhandenes Zusatzprogramm stoppen
+<li>
+ Wenn update=false ist: Prüfung, ob das Installationsverzeichnis bereits existiert; wenn ja, Benutzer fragen
+<li>
+ Wenn update=true ist: Prüfung, ob das Installationsverzeichnis bereits existiert; wenn nein, Benutzer fragen
+<li>
+ In <tt>appDir/plugins/name/</tt> auspacken
+<li>
+ Zu plugins.config hinzufügen
+</ul>
+
+<h3>
+Ablauf des Startens eines Zusatzprogrammes
+</h3>
+ Anhand plugins.config wird festgestellt, welche gestartet werden müssen.
+ Dann geschieht jeweils folgendes:
+<ul>
+<li>
+ Die Einträge der clients.config (des Zusatzprogramms) werden geladen und gestartet (Jar-Dateien werden in den Klassenpfad aufgenommen)
+<li>
+ Die Einträge in console/webapp and console/webapp.config werden geladen und gestartet (Jar-Dateien werden in den Klassenpfad aufgenommen)
+<li>
+ Falls vorhanden, wird console/locale/xxxxx.jar in den Übersetzungs-Klassenpfad aufgenommen
+<li>
+ Falls vorhanden, wird console/theme in den Suchpfad für Konsolengestaltungen aufgenommen
+<li>
+ Im Übersichtskasten (oben links in der Konsole) wird ein entspr. Link hinzugefügt
+</ul>
+
+<h3>
+Bemerkungen zu Konsolen-Webanwendungen
+</h3>
+<p>
+Bei Konsolen-Webanwendungen mit Hintergrundverarbeitung wird angeraten, einen ServletContextListener zu implementieren
+(siehe Seedless oder I2P-Bote als Beispiele) oder destroy() im Servlet zu überschreiben,
+so dass die Anwendung richtig beendet werden kann.
+Seit der Routerversion 0.7.12-3 werden Konsolen-Webanwendungen immer gestoppt, bevor sie
+neu gestartet werden. Man braucht sich daher als Programmierer über mehrfach laufende Anwendungen keine Gedanken machen,
+wenn man den obigen Rat beherzigt.
+Außerdem werden seit der Routerversion 0.7.12-3 Konsolen-Webanwendungen vor dem Beenden des Routers gestoppt.
+<p>
+Jar-Bibliotheken nicht in die Webanwendung aufnehmen, sondern im Verzeichnis lib/ ablegen und in webapps.config den Klassenpfad entsprechend setzen.
+Vorteil: Es kann eine Installations- und eine Aktualisierungsdatei bereitgestellt werden; die Aktualisierungsdatei kommt ohne die Jar-Bibliotheken aus.
+<p>
+Keine Java- oder JSP-Dateien einbinden, sonst kompiliert sie Jetty bei der Installation neu.
+<p>
+Derzeit müssen Webanwendungen den gleichen Namen wie das Zusatzprogramm (d.h. das gesamte Paket) haben, wenn Dateien im Verzeichnis $PLUGIN in den Klassenpfad sollen.
+Zum Beispiel muss eine Webanwendung im Zusatzprogramm xyz den Dateinamen xyz.war haben.
+
+
+<h3>
+Bemerkungen zu Eepsites
+</h3>
+<p>
+Es ist noch nicht geklärt, wie ein Zusatzprogramm in einer bestehenden Eepsite installiert werden soll.
+Der Router kann nicht ohne weiteres auf die Eepsite zugreifen, die Eepsite könnte gerade angehalten sein
+und es könnten auch mehrere vorhanden sein.
+Besser ist es, eine eigene Jetty- und I2PTunnel-Instanz zu starten und dadurch eine ganz neue Eepsite zu schaffen.
+<p>
+Der Router könnte zwar einen neuen I2PTunnel starten (ählich wie es die I2PTunnel-Kommandozeilenanwendung tut),
+dieser würde aber nicht in der I2PTunnel-Weboberfläche auftauchen, da es sich um eine andere Instanz handelt.
+Das stört aber nicht weiter, denn man kann dann I2PTunnel und Jetty zusammen starten und beenden.
+<p>
+Es ist also unwahrscheinlich, dass der Router irgendwann die Fähigkeit, eine Zusatz-Eepsite mit einer existierenden zu verbinden, erhält.
+Es wird dazu geraten, einen neuen I2PTunnel mitsamt Jetty aus der clients.config zu starten.
+Die besten Beispiele dafür sind die Zusatzprogramme zzzot und Pebble,
+verfügbar auf <a href="http://stats.i2p/i2p/plugins/">der Zusatzprogrammseite von zzz</a> (<i>englisch</i>).
+<p>
+F: Wie erreicht man, dass Pfade in jetty.xml ersetzt werden?
+A: Siehe die Zusatzprogramme zzzot und Pebble als Beispiel.
+
+<h3>
+Bemerkungen zum Starten und Stoppen von Anwendungen
+</h3>
+<p>
+Der Router kann nicht feststellen, ob eine Anwendung, die mittels clients.config gestartet wurde, gerade läft.
+Der Programmierer eines Zusatzprogramms muss daher darauf achten, dass mehrfache Start- oder Stoppaufrufe den Programmablauf nicht stören, sofern dies irgend möglich ist.
+Erreicht werden kann dies z.B. mit einer statischen Zustandstabelle, PID-Dateien ((PID = Prozessnummer) o.ä.
+Logausgaben oder Fehlermeldungen bei mehrfachen Start- oder Stoppaufrufen sollten vermieden werden.
+Gleiches gilt für Stoppaufrufe ohne vorherigen Startaufruf.
+Seit der Routerversion 0.7.12-3 werden Konsolen-Webanwendungen vor dem Beenden des Routers gestoppt,
+d.h. es werden alle Anwendungen, die in clients.config einen stopargs-Eintrag haben, beendet -
+egal ob sie gestartet wurden.
+
+
+<h3>
+Bemerkungen zu Shellskripten und externen Programmen
+</h3>
+<p>
+Zum Ausführen von Shellskripten und externen Programmen sei auf <a href="http://zzz.i2p/topics/141">zzz.i2p</a> (<i>englisch</i>) verwiesen.
+<p>
+Damit ein Skript sowohl unter Windows als auch Linux läft, empfiehlt es sich,
+eine kleine Java-Klasse, die den Betriebssystemtyp überprüft und die BAT- bzw. SH-Datei mittels ShellCommand ausführt, zu schreiben.
+<p>
+Externe Programme werden vom Router bei dessen Beendigung nicht gestoppt, und beim nächsten Routerstart
+wird eine zweite Instanz gestartet. Um das zu verhindern, kann man das Programm von einer
+Java-Klasse oder einem Shellskript ausführen lassen, die Prozessnummer (PID) in einer Datei speichern und
+beim nächsten Start überprüfen.
+
+
+<h3>
+Weitere Richtlinien für Zusatzprogramme
+</h3>
+<ul>
+<li>
+Zum Erzeugen von XPI2P-Dateien siehe den MTN-Zweig i2p.scripts oder eines der Beispiele auf der Zusatzprogrammseite von zzz.
+<li>
+Das Komprimieren von Jar- und War-Dateien mit Pack200 ist sehr empfehlenswert. Zusatzprogramme werden dadurch im allgemeinen
+60-65% kleiner.
+Die Zusatzprogramme auf der Seite von zzz können hier als Beispiele dienen.
+Das Dekomprimieren von Pack200-Dateien wird seit der Routerversion 0.7.11-5 unterstützt, d.h. praktisch alle Router,
+die Zusatzprogramme unterstützen, kommen damit klar.
+
+<li>
+Zusatzprogramme sollten nicht im Verzeichnisbaum $I2P schreiben, da Schreibrechte nicht unbedingt vorhanden sind und dies
+ohnehin grundsätzlich vermieden werden sollte.
+<li>
+Zusatzprogramme dürfen in $CONFIG schreiben; es wird aber empfohlen, alle Daten in $PLUGIN abzulegen.
+Alle Dateien in $PLUGIN werden bei der Deinstallation gelöscht.
+Dateien in anderen Verzeichnissen werden bei der Deinstallation nur dann gelöscht, wenn das Zusatzprogramm mit einem
+uninstallargs-Eintrag in clients.config selber dafür sorgt.
+Ggf. kann das uninstallargs-Programm den Benutzer fragen, ob die Daten erhalten bleiben sollen.
+
+<li>
+$CWD (das Arbeitsverzeichnis) kann überall sein. Es ist also falsch, von einem bestimmten Arbeitsverzeichnis auszugehen
+oder Dateien relativ zu $CWD zu lesen oder zu schreiben.
+<li>
+Um in Java-Programmen die verschiedenen Verzeichnisse ermitteln zu können, gibt es die get...Dir-Methoden in I2PAppContext.
+<li>
+Das Zusatzprogrammverzeichnis erhält man mit <tt>I2PAppContext.getGlobalContext().getAppDir().getAbsolutePath() + "/plugins/" + appname</tt>,
+oder indem man $PLUGIN als Argument in the args-Zeile in clients.config angibt.
+Das I2P-Installationsverzeichnis, das Konfigurationsverzeichnis und das Zusatzprogrammverzeichnis lassen sich einzig über
+die Kontext-Klassen in i2p.jar verlässlich ermitteln.
+<li>
+Zum Erzeugen von Signierschlüsseln, zum Überprüfen von Signaturen und zum Erzeugen von SUD-Dateien siehe <a href="http://zzz.i2p/topics/16">hier</a>.
+<li>
+Alle Konfigurationsdateien müssen in UTF-8 kodiert sein.
+<li>
+Um ein Programm in einer separaten JVM (Virtuelle Java-Maschine) laufen zu lassen, ruft man
+<tt>ShellCommand</tt> mit <tt>java -cp xxx:yyy:zzz abc.beispiel.class arg1 arg2 arg3</tt> auf.
+Das Beenden des Programms wird dadurch schwieriger; es empfiehlt sich hier wieder, die Prozessnummer in einer Datei
+zu speichern.
+<li>
+Als Alternative zum stopargs-Parameter in clients.config gibt es für Java-Programme die Möglichkeit,
+mittels I2PAppContext.addShutdownTask() bei der Routerbeendigung Aufräumarbeiten verrichten zu lassen und
+externe Programme zu beenden.
+Bei der Aktualisierung eines Zusatzprogrammes wird dieses aber dann nicht beendet, weshalb stopargs vorzuziehen ist.
+Alle Ausführungsstränge (<i>Threads</i>) sollten im Daemon-Modus laufen.
+<li>
+Es ist darauf zu achten, keine Klassenbezeichner zu wählen, die mit den Klassen- und Paketnamen in der Grundinstallation
+kollidieren. Außerdem sollte in der Grundinstallation vorhandene Funktionalität nicht neu implementiert werden,
+sondern die jeweilige(n) Klasse(n) vererbt werden.
+<li>
+Vorsicht mit Klassenpfaden in der wrapper.config, diese werden in alten Versionen anders behandelt. Siehe den Abschnitt über
+Klassenpfade weiter unten.
+<li>
+Gleiche Signierschlüssel mit abweichenden Namen werden abgewiesen, ebenso wie gleiche Namen für
+unterschiedliche Schlüssel und abweichende Schlüssel / Namen in Aktualisierungspaketen.
+Deshalb Signierschlüssel sicher verwahren und sie nur einmal erzeugen.
+<li>
+Plugin.config nicht zur Laufzeit ver&auuml;ndern, da sie beim Aktualisieren überschrieben wird.
+Besser ist es, Laufzeitdaten in einer anderen Konfigurationsdatei im gleichen Verzeichnis zu speichern.
+<li>
+In der Regel ist es nicht notwendig, dass Zusatzprogramme auf $I2P/lib/router.jar zugreifen.
+In einer späteren Version wird der Router evtl. den Klassenpfad für Zusatzprogramme einschränken und den Zugriff auf Routerklassen verhindern.
+Deshalb sollte möglichst nicht auf Routerklassen zugegriffen werden.
+<li>
+Wie erwähnt muss jede Version höher als die vorherige sein. Zu diesem Zweck kann man im Kompilierskript eine fortlaufende Nummer an die Versionsbezeichnung anhängen.
+Das Testen wird dadurch erleichtert. Die meisten Zusatzprogramme von zzz verfahren so; als Beispiel kann man sich an der jeweiligen build.xml orientieren.
+<li>
+Zusatzprogramme dürfen unter keinen Umständen System.exit() aufrufen.
+<li>
+Wenn Fremdsoftware eingebunden wird, bitte die Lizenzbedingungen einhalten.
+
+</ul>
+
+<h3>
+Klassenpfade
+</h3>
+
+Die folgenden Jar-Dateien in $I2P/lib sind bei allen I2P-Installationen im Standard-Klassenpfad vorhanden, egal wann I2P ursprünglich installiert wurde:
+<p>
+ i2p.jar, router.jar, jbigi.jar, sam.jar, mstreaming.jar, streaming.jar, i2ptunnel.jar,
+ org.mortbay.jetty.jar, javax.servlet.jar, jasper-compiler.jar, jasper-runtime.jar,
+ commons-logging.jar, commons-el.jar, wrapper.jar, systray.jar, systray4j.jar
+<p>
+
+Alles, was nicht in der obigen Liste aufgeführt ist, kann nicht allgemein als vorhanden vorausgesetzt werden, auch wenn es im eigenen Klassenpfad vorhanden ist.
+Wenn eine Jar-Datei, die oben nicht aufgeführt ist, benötigt wird, fügt man $I2P/lib/beispiel.jar in den Klassenpfad in der
+clients.config oder webapps.config des Zusatzprogramms ein.
+<p>
+Anfangs waren Klassenpfadeinträge in der clients.config in der ganzen JVM (der virtuellen Java-Maschine) verfügbar.
+Seit der Version 0.7.13-3 ist der Klassenpfad in der clients.config nur in dem entsprechenden Ausführungsstrang (<i>Thread</i>)
+verfügbar, wie es auch ursprünglich beabsichtigt war. Dies wird mittels eines speziellen Klassenladers erreicht.
+Zu Details siehe auch den Abschnitt über JVM-Abstürze weiter unten und <a href="http://zzz.i2p/topics/633">diesen Diskussionsstrang auf zzz.i2p</a>.
+Es ist daher für jede Anwendung der volle Klassenpfad anzugeben.
+
+
+<h3>
+Bemerkungen zu Java-Versionen
+</h3>
+Die meisten Benutzer lassen I2P zwar unter Java 1.6 (auch unter dem Namen Java 6 bekannt),
+I2P unterstützt aber auch Java 1.5 (Java 5).
+Wenn keine 1.6-spezifische Funktionalität benötigt wird, sollten Zusatzprogramme
+so geschrieben werden, dass sie auch unter 1.5 laufen.
+<p>
+Wenn ein Zusatzprogramm <b>nicht auf 1.6 beschränkt sein soll</b>,
+<ul>
+<li>
+müssen alle Java- und JSP-Dateien mit der Einstellung <tt>source="1.5" target="1.5"</tt> kompiliert werden, und
+<li>
+alle eingebundenen Jar-Bibliotheken müssen ebenfalls für 1.5 kompiliert sein.
+<li>
+Wenn Pack200 eingesetzt wird, führen 1.6-Klassen in Jar-Dateien dazu, dass Pack200 das neuere 1.6-Packformat
+verwendet und die Installation des Zusatzprogramms unter Java 1.5 mit der irreführenden Meldung „Zusatzprogramm ist korrupt“
+scheitert.
+</ul>
+
+<p>
+Wenn ein Zusatzprogramm <b>1.6 erfordert</b>,
+<ul>
+<li>
+Sollte darauf auf der Seite, von der das Programm bezogen werden kann, hingewiesen werden, und
+<li>
+Die Einstellung <tt>min-java-version=1.6</tt> in der plugin.config gesetzt werden.
+<li>
+Wenn Pack200 eingesetzt wird, schlägt die Installation des Zusatzprogramms unter Java 1.5 mit der
+irreführenden Meldung „Zusatzprogramm ist korrupt“ fehl.
+</ul>
+
+
+<h3>
+JVM-Abstürze beim Aktualisieren
+</h3>
+Bemerkung: Dies müsste inzwischen alles behoben sein.
+<p>
+Die JVM (virtuelle Java-Maschine) stürzt gelegentlich ab, wenn in einem Zusatzprogramm enthaltene Jar-Dateien
+aktualisiert werden und das Zusatzprogramm seit dem Start von I2P gestartet wurde (auch wenn es danach wieder
+beendet wurde).
+Dies ist möglicherweise durch den neuen Klassenlader in 0.7.13-3 behoben worden, könnte aber auch weiterhin
+bestehen und muss noch genauer untersucht werden.
+<p>
+Am sichersten ist es, wenn man im Zusatzprogramm die Jar-Datei in der War-Datei ausliefert (im Falle einer Webanwendung)
+oder nach der Aktualisierung für einen Neustart sorgt, oder die Jar-Dateien des Zusatzprogramms gar nicht
+aktualisiert.
+<p>
+Aufgrund der Funktionsweise von Klassenladern in Webanwendungen sind externe Jar-Dateien <b>vermutlich</b> ungefährlich,
+wenn der Klassenpfad in der webapps.config angegeben wird.
+Um darüber eine sichere Aussage treffen zu können, sind aber weitere Tests nötig.
+Es wird davon abgeraten, den Klassenpfad mit einer Pseudoanwendung in clients.config anzugeben, wenn er nur für eine
+Webanwendung benötigt wird; webapps.config ist in dem Fall der geeignete Ort.
+<p>
+Am problematischsten sind Anwendungen mit Jar-Dateien, die im Klassenpfad in der clients.config angegeben werden. Offenbar
+verursacht das die meisten Abstürze.
+
+<p>
+Bei der Erstinstallation tritt keines dieser Probleme auf, es ist also nicht nötig, nach der Erstinstallation eines Zusatzprogramms
+einen Neustart zu veranlassen.
+
+{% endblock %}
diff --git a/www.i2p2/pages/plugin_spec_fr.html b/www.i2p2/pages/plugin_spec_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..800d9b58eadc4e19035eb583060562b47d623628
--- /dev/null
+++ b/www.i2p2/pages/plugin_spec_fr.html
@@ -0,0 +1,455 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Spécification des greffons I2P{% endblock %}
+{% block content %}
+Traduction de mai 2011. <a href="plugin_spec.html">Version anglaise actuelle</a>
+<h2>
+Spécification Version 0.16
+2010-07-26
+</h2>
+<p>
+Mise à jour de juillet 2010 pour le routeur version 0.8.
+<h3>Aperçu</h3>
+<p>
+Ce document spécifie un format de fichier .xpi2p (comme le .xpi de Firefox), mais avec un simple fichier de description
+plugin.config au lieu du fichier XML install.rdf. Ce fichier est utilisé pour l'installation initiale et pour les mises
+Ã jour.
+<p>
+De plus, ce document présente un aperçu résumé de l'installation des greffons par le routeur, et les stratégies et les
+grandes lignes de travail pour les développeurs.
+<p>
+Le format de base du fichier .xpi2p est le même que celui du fichier i2pupdate.sud (utilisé pour les mises à jour du
+routeur), mais le programme d'installation laisse faire l'utilisateur même si la clé de signature n'est pas encore
+connue.
+<p>
+La structure standard des répertoires permet l'installation des types de greffons suivants :
+<ul>
+<li>
+ applications web de console (webapps)
+<li>
+ nouvel eepsite avec cgi-bin, webapps
+<li>
+ thèmes de console
+<li>
+ traductions de console
+<li>
+ programmes Java
+<li>
+ programmes Java dans une JVM séparée
+<li>
+ Tout script shell ou programme
+</ul>
+
+<p>
+Un greffon installe tous ses fichiers dans ~/.i2p/plugins/nom/ (%APPDIR%\I2P\plugins\nom\ sur Windows). Le programme
+d'installation empêche l'installation ailleurs, bien que le greffon puisse accéder pour son fonctionnement à des
+bibliothèques situées en dehors de cette arborescence.
+
+<p>
+Ceci doit seulement être considéré comme un moyen pour faciliter l'installation, la désinstallation, et les mises Ã
+jour, ainsi que pour minimiser les conflits entre greffons.
+
+<p>
+Cependant, il n'y a pas de modèle de sécurité imposé lorsque le greffon est en cours d'exécution. Les greffons tournent
+dans la même JVM et avec les même privilèges que le routeur : ils ont l'accès total au système de fichiers, au routeur,
+à l'exécution de programmes etc…
+<h3>Détails</h3>
+<p>
+foo.xpi2p est un fichier sud contenant les données suivantes :
+<pre>
+En-tête standard .sud au début du fichier zip, contenant :
+ La <a href="how_cryptography.html#DSA">signature DSA</a> Ã 40 octets
+ La version du greffon sur 16 octets en UTF-8, complétée par des zéros en fin si nécessaire
+
+Le fichier Zip contenant :
+
+ (REQUIS) un fichier plugin.config :
+ (fichier standard de configuration I2P, en UTF-8, contenant des lignes clé=valeur, les commentaires commençant par #)
+ Contenant les propriétés suivantes :
+
+ (* = requis)
+ Les trois premières doivent être identiques à celles du greffon installé s'il s'agit d'une mise à jour.
+
+ *name (le greffon sera installé dans ce dossier)
+ Pour les greffons spécifiques à un SE donné, vous pouvez séparer les noms pour des paquets différents, par exemple truc-windows et truc-linux.
+ *key (<a href="how_cryptography.html#DSA">clé publique DSA</a> sous forme Base64 de 172 caractères finissant '=')
+ *signer (votrenom@mail.i2p recommendé)
+
+ *version (dans un format compatible avec VersionComparator, p.e. 1.2.3-4)
+ 16 octets maximum (doit correspondre à la version du sud)
+ Les séparateurs acceptés sont '.', '-', et '_'
+ Pour une mise à jour de greffon, doit être supérieure à celle actuellement installée.
+
+
+ configclients.jsp affichera les éléments suivants s'ils sont présents :
+
+ date (temps Java - entier long)
+ author (votrenom@mail.i2p recommendé)
+ websiteURL (http://truc.i2p/)
+ updateURL (http://truc.i2p/truc.xpi2p)
+ Le vérificateur de mises à jour contrôle les octets 41 à 56 à cette URL pour déterminer si une nouvelle version est disponible
+ (Le vérificateur va-t-il télécharger avec ?currentVersion=1.2.3?… Non. Si le développeur que l'URL contienne la version actuelle, il doit le préciser dans le fichier de configuration, et penser à le modifier à chaque nouvelle version)
+ description
+ description_xx (pour la langue xx)
+ license
+ disableStop=true
+ Par défault, false.
+ À true, le bouton "Arrêt" n'est pas affiché. À utiliser s'il n'y pas de client ni de
+ webapp avec des arguments d'arrêt.
+
+ Les éléments suivants servent à l'affichage d'un lien dans le panneau de contrôle de la console:
+
+ consoleLinkName (nom affiché dans le panneau de contrôle)
+ consoleLinkName_xx (pour la langue xx)
+ consoleLinkURL (/appname/index.jsp)
+ consoleLinkTooltip (supporté depuis la version 0.7.12-6)
+ consoleLinkTooltip_xx (idem, pour la langue xx)
+
+
+ Les éléments suivants concernent l'installeur du greffon :
+
+ type (app/theme/locale/webapp/...) (non implémenté, probablement inutile)
+ min-i2p-version
+ max-i2p-version
+ min-java-version
+ min-jetty-version
+ max-jetty-version
+ required-platform-OS (non implémenté - sera peut-être seulement affiché, pas vérifié)
+ other-requirements (non implémenté p.e. python x.y - non vérifié par l'installeur, uniquement
+ affiché)
+ dont-start-at-install=true
+ false par défaut.
+ router-restart-required=true
+ false par défaut.
+ dont-start-at-install doit être positionné à true pour être actif.
+ Ceci ne redémarre pas le routeur, indique seulement la nécessité de redémarrer.
+ update-only=true
+ false par défaut.
+ À true, un échec se produira si le greffon n'est pas déjà installé.
+ install-only=true
+ false par défaut.
+ À true, si le greffon est déjà installé, l'installation échouera.
+ min-installed-version (version minimale requise pour la mise à jour)
+ max-installed-version (version maximale requise pour la mise à jour)
+ depends=plugin1,plugin2,plugin3 (non implémenté - trop difficile? proposé par sponge)
+ depends-version=0.3.4,,5.6.7 (non implémenté)
+
+ Les éléments suivants sont pour les greffons de traduction :
+ langs=xx,yy,Klingon,... (non implémenté) (yy est le drapeau du pays)
+
+ Tous les dossiers et fichiers suivants sont optionnels , mais il faut mettre quelque-chose, ou il ne se
+ passera rien :
+
+ console/
+ locale/
+ Seulement des jars contenant de nouvelles ressources (traductions) pour les
+ applications de l'install de base I2P.
+ Les paquets de ce greffon vont dans console/webapp/truc.war ou lib/truc.jar
+
+ themes/
+ Nouveaux thèmes pour la console
+ Copier chaque thème dans un sous dossier.
+
+ webapps/
+ (voir plus bas les remarques importantes sur les applications web)
+ .wars
+ Ils seront lancés à l'installation sauf si désactivés dans webapps.config
+ Le nom du .war ne doit pas nécessairement être le même que celui du greffon.
+ Ne pas utiliser plusieurs fois le même nom de .war dans l'installation de base.
+
+ webapps.config
+ Même format que le webapps.config du routeur
+ Sert aussi à indiquer des .jars supplémentaires dans $PLUGIN/lib/ ou $I2P/lib pour le
+ classpath de la webapp, avec
+ webapps.warname.classpath=$PLUGIN/lib/foo.jar,$I2P/lib/bar.jar
+ NOTE : actuellement, la ligne classpath n'est chargée que si le nom du war est le même
+ que celui du greffon.
+ NOTE : avant sa version 0.7.12-9, le routeur cherchait plugin.warname.startOnLoad au
+ lieu de webapps.warname.startOnLoad. Pour la compatibilité avec les versions
+ antérieures, si un greffon doit désactiver un war, il doit comporter les deux lignes.
+
+ eepsite/
+ (Voir plus bas les remarques importantes sur les eepsites)
+ cgi-bin/
+ docroot/
+ logs/
+ webapps/
+ jetty.xml
+ L'installeur devra y substituer la variable pour définir le chemin
+ L'emplacement et le nom de ce fichier ne sont pas vraiment importants, tant qu'ils sont
+ définis dans clients.config - il peut être plus pratique d'être un niveau au dessus
+ dans l'arborescence (comme le fait le greffon zzzot)
+
+ lib/
+ Pour tous les jars. Les indiquer dans une ligne classpath de console/webapps.config et/ou clients.config
+
+ clients.config (même format que le clients.config du routeur)
+ Éléments lancés quand un greffon est démarré
+ Commence à client #0, en numérotation consécutive
+ New property clientApp.0.stopargs=truc machin stop bidule
+ Si présente, la classe sera appelée avec ces arguments pour arrêter le client
+ Toutes les tâches d'arrêt sont appelées avec un délais nul
+ Note: Le routeur ne peut pas dire si les clients tournent ou pas. Chacun doit pouvoir gérer une demande d'arrêt d'une application qui ne tourne pas sans faire d'histoires.
+ Idem pour le lancement d'un client déjà démarré.
+ New property clientApp.0.uninstallargs=truc machin uninstall bidule
+ Si présente, la classe sera appelée avec ces arguments juste avant la suppression de $PLUGIN
+ Toutes les tâches de désinstallation sont appelées avec un délais nul
+ New property clientApp.0.classpath=$I2P/lib/truc.muche,$PLUGIN/lib/bidule.jar
+ L'exécutable du greffon devra faire une substitution de variable dans les lignes des
+ les arguments et les stopargs de la façon suivante :
+ $I2P => dossier d'installation de base d'I2P;
+ $CONFIG => dossier de configuration d'i2p (habituellement ~/.i2p)
+ $PLUGIN => le dossier d'installation du greffon (habituellement ~/.i2p/plugins/appname)
+ (Voir les remarques importantes sur les scripts d'exécution shell ou les programmes externes)
+</pre>
+
+
+<h3>Tâches d'installation du greffon</h3>
+Séquence d'installation.
+<ul>
+
+ <li>Téléchargement du fichier .xpi2p.</li>
+ <li>Vérification de la signature du .sud par rapport au clés connues. En l'absence de correspondance, le .sud est
+ extrait, la clé est chargée à partir des propriétés, vérifiée et enregistrée.</li>
+ <li>Vérification de l'intégrité du fichier zip.</li>
+ <li>Extraction du fichier plugin.config.</li>
+ <li>Vérification de la version d'I2P, pour assurer que le greffon peut fonctionner.</li>
+ <li>Vérification qu'il ne s'agit pas d'un doublon d'une des application $I2P.</li>
+ <li>Arrêt de l'éventuel greffon existant.</li>
+ <li>Contrôle de l'inexistence du dossier d'installation si update=false, ou demande d'écrasement.</li>
+ <li>Vérification de l'existence du dossier d'installation update=true, ou demande de création.</li>
+ <li>Décompression du greffon dans appDir/plugins/name/</li>
+ <li>Ajout d'une référence au greffon dans plugins.config</li>
+</ul>
+
+<h3>
+Tâches du lanceur du greffon</h3>
+Séquence de lancement du greffon.
+tout d'abord, le fichier plugins.config est vérifié pour trouver quels greffons doivent être lancés.
+Pour chacun :
+<ul>
+ <li>Vérification de clients.config, chargement et lancement de chacun (ajout des jars configurés au classpath).</li>
+ <li>Vérification de console/webapp et console/webapp.config. chargement et lancement des éléments requis
+ (ajout des jars configurés au classpath).</li>
+ <li>Ajout de console/locale/truc.muche au classpath de traduction, si présent.</li>
+ <li>Ajout de console/theme au chemin de recherche de thèmes, si présent.</li>
+ <li>Ajout du lien au panneau de contrôle.</li>
+</ul>
+
+<h3>
+Remarques sur les applications web de console</h3>
+<p>
+Ces applications avec des tâches de fond doivent mettre en œuvre un ServletContextListener
+(voir les exemples de seedless ou i2pbote), ou écraser le destroy() dans le servlet, pour qu'elles puissent être
+arrêtées.
+À partir de la version 0.7.12-3 du routeur, les applications web de console sont toujours arrêtées avant d'être
+redémarrées pour que le développeur n'ait pas à se soucier des instances multiples, si jamais il y en a.
+À partir de cette même version, les webapps sont arrêtées lorsque le routeur est arrêté.
+<p>
+Ne fournissez pas de bibliothèques jars dans les webapps ; placez-les dans lib/ avec un classpath dans webapps.config.
+Vous pourrez ainsi faire des installations et des mises à jours séparées, où ces dernières ne contiendront pas de
+bibliothèques.
+<p>
+N'incluez pas de fichiers .java ou de .jsp ; sinon, jetty les recompilera à l'installation.
+<p>
+Pour l'instant, une webapp qui a besoin d'ajouter un des fichiers classpath dans $PLUGIN doivent avoir le même nom que
+que le greffon. Par exemple, la webapp du greffon 'truc' doit s'appeler truc.war.
+
+
+<h3>
+Remarques sur les eepsite
+</h3>
+<p>
+La façon d'ajouter un greffon à un site eep n'est pas très claire. Le routeur n'a aucune jonction au site eep, l'état
+démarré ou arrêté de celui-ci lui est inconnu, et il peut y en avoir plusieurs. Le mieux est de lancer vos propres
+instances Jetty et I2PTunnel pour un nouvel eepsite.
+<p>
+ Il peut instancier un nouvel I2PTunnel (comme comme le fait la ligne de commande i2ptunnel), mais bien sûr il ne sera
+pas visible dans le GUI i2ptunnel, qui est une instance différente. Ça n'est pas un problème. Vous pouvez ensuite
+arrêter et démarrer i2ptunnel et Jetty ensemble.
+<p>
+Ne comptez donc pas sur le routeur pour fusionner ça avec un site eep préexistant. Ça ne fonctionnera sûrement pas.
+Démarrez un nouvel I2PTunnel et un nouveau Jetty depuis le fichier clients.config. Les meilleurs exemples sont ceux des
+greffons zzzot et pebble, disponibles sur <a href="http://stats.i2p/i2p/plugins/">page greffons de zzz</a>.
+<p>
+Comment réaliser une substitution de path dans jetty.xml? Voir les exemples de zzzot et pebble.
+
+
+<h3>
+Remarques sur l'arrêt/démarrage du client
+</h3>
+<p>
+Le routeur ne dispose d'aucun moyen de contrôle de l'état des clients démarrés via clients.config. L'auteur du greffon
+doit gérer de multiples arrêts/démarrages, de façon fiable si possible, en gardant une table de trace d'état, ou avec
+les PID, etc… Évitez de tracer et de gérer les exceptions lors des multiples arrêts/démarrages, comme pour les
+demandes d'arrêt sans démarrage préalable. Depuis la v0.7.12-3, les greffons sont arrêtés avec le routeurs, ce qui veut
+dire que tous les clients avec des stopargs dans clients.config seront appelés, qu'il aient ou non été préalablement
+démarrés.
+
+
+<h3>
+Remarques sur les scripts Shell et les programmes externes
+</h3>
+<p>
+Pour exécuter des scripts shell ou d'autres programmes externes, voir <a href="http://zzz.i2p/topics/141">zzz.i2p</a>
+<p>
+Pour fonctionner sur Windows et Linux, écrivez une petite classe Java qui vérifie le type de SE, puis exécutez
+ShellCommand sur un .bat ou un .sh que vous fournissez vous-même.
+<p>
+Quand le routeur s'arrête, il n'arrête pas les programmes externes, et à contrario, une seconde copie sera lancée au
+démarrage du routeur. Pour empêcher ça, vous pourriez écrire une classe wrapper ou un script shell qui ferait le
+classique enregistrement du PID dans un fichier de PID, et le vérifier au démarrage.
+
+
+
+
+<h3>
+Autres conseils pour les greffons
+</h3>
+<ul>
+<li>
+Pour développer facilement, voir un générateur de fichier xpi2p, dans monotone à la branche i2p.scripts, ou les échantillons d'exemples de greffons sur la page de zzz<li>
+Pack200 est fortement recommandé pour les jars et les wars des greffons, cela réduit leur taille d'environ 60 à 65%.
+Voir exemple sur la page de zzz.
+La décompression Pack200 est supportée depuis le routeur version 0.7.11-5, c'est à dire quasiment tous les routeurs qui
+supportent les greffons.
+
+<li>
+ Les greffons ne doivent pas tenter d'écrire dans le dossier $I2P car il est potentiellement en lecture seule, et
+qu'en tous les cas ça n'est pas une bonne pratique.
+<li>
+ Les greffons peuvent écrire dans le dossier $CONFIG, mais seul le stockage de fichiers dans $PLUGIN est
+recommandé. Tous les fichiers de $PLUGIN sont supprimés à la désinstallation. Les fichiers situés ailleurs ne sont
+pas supprimés, à moins que le greffon ne le spécifie explicitement par les 'uninstallargs' d'exécution d'un client
+indiqués dans le fichier clients.config. Si l'utilisateur veut sauvegarder des données à la désinstallation, il
+peut le faire avec les branchements des 'uninstallargs'.
+<li>
+ Le dossier $CWD peut se trouver n'importe où ; ne considérez pas qu'il se trouve à un endroit particulier,
+n'essayez pas de lire ou écrire des fichiers dans le chemin relatif $CWD.
+<li>
+ Le programmes Java doivent pouvoir déterminer où ils se trouvent avec les 'getters' de I2PAppContext.
+<li>
+ Le dossier des greffons est I2PAppContext.getGlobalContext().getAppDir().getAbsolutePath() + "/plugins/" + nom de
+l'application, ou indiquez un argument $PLUGIN dans la ligne args du fichier clients.config. Il n'y a pas de moyen
+fiable pour trouver les dossiers d'installation d'i2p, de configuration ou de greffons sans utiliser l'API de contexte
+d'i2p.jar.
+<li>
+ Voir <a href="http://zzz.i2p/topics/16">Comment faire</a> pour générer les clés de signature et les clés de
+génération/vérification, et les fichiers .sud.
+<li>
+ Tous les fichiers de configuration doivent être encodés en UTF-8.
+<li>
+ Pour l'exécution dans une JVM séparée, utilisez ShellCommand avec java -cp truc:muche:bidule ma.pricipale.classe arg1 arg2 arg3.
+Évidement, il sera alors bien plus difficile d'arrêter le greffon…
+Mais cela reste possible en jouant avec les fichiers PID.
+<li>
+ En tant qu'alternative aux stopargs dans clients.config, un client Java peut enregistrer un lien d'arrêt avec
+I2PAppContext.addShutdownTask(). Mais ça n'arrêtera pas le greffon lors d'une mise à jour, donc les stopargs restent
+préférables. De plus, définissez en mode service toutes les tâches créées.
+<li>
+ N'incluez pas de classes dupliquant celles de l'installation standard. Améliorez les classes si nécessaire.
+<li>
+ Faites attention aux définitions des divers classpath dans wrapper.config entre les installations anciennes et
+nouvelles - voir la section 'classpath' plus bas.
+<li>
+ Les clients rejetterons les clés dupliquées avec des noms de clé différents, des noms de clés dupliqués avec des clés
+différentes, et des clés ou noms de clés différents dans les paquets de mises à jour. Sauvegardez vos clés de façon
+maniaque et paranoïaque. Ne les générez qu'une seule fois.
+<li>
+ Ne modifiez pas le fiichier plugin.config à l'exécution car il sera écrasé lors d'une mise à jour. Utilisez un fichier
+de configuration différent dans le dossier pour enregistrer la configuration d'exécution.
+<li>
+ En général, les greffons n'ont pas besoin d'accéder à $I2P/lib/router.jar. N'accédez pas aux classes du routeur, Ã
+moins que vous ne fassiez quelque-chose de particulier. Dans l'avenir, le routeur pourrait implémenter un classpath
+réservé pour les greffons, qui empêcherait l'accès à ses propres classes.
+<li>
+Comme chaque numéro de version doit être supérieur à celui de le version précédente, vous pouvez améliorer vos scripts
+de développement en ajoutant un numéro de développement à la fin du numéro de version. C'est pratique pour les tests.
+La plupart des greffons de zzz utilisent cette méthode : regardez build.xml à titre d'exemple.
+<li>
+Les greffons ne doivent jamais invoquer System.exit().
+<li>
+Merci de respecter les licences en vous conformant aux exigences de licences pour tout logiciel que vous fournissez.
+</ul>
+
+<h3>
+Classpaths
+</h3>
+
+Vous pouvez considérer que les jars suivants dans $I2P/lib sont dans le classpath standard pour toutes les
+installations dI2P, quel que soit l'âge de l'installation d'origine :
+<p>
+ i2p.jar, router.jar, jbigi.jar, sam.jar, mstreaming.jar, streaming.jar, i2ptunnel.jar,
+ org.mortbay.jetty.jar, javax.servlet.jar, jasper-compiler.jar, jasper-runtime.jar,
+ commons-logging.jar, commons-el.jar, wrapper.jar, systray.jar, systray4j.jar
+<p>
+
+ Rien de non listé ci-dessus ne devrait se trouver dans le classpath de personne, même si l'avez dans le classpath de
+VOTRE version d'i2p. Si vous avez besoin d'un jar non listé ci-dessus, ajoutez $I2P/lib/truc.jar au classpath indiqué
+dans les fichiers clients.config ou webapps.config de votre greffon.
+<p>
+Précédemment, une entrée classpath indiquée dans clients.config était ajoutée au classpath de la JVM. Cependant ceci Ã
+été corrigé depuis la version 0.7.13-3 en utilisant les chargeurs de classes, et maintenant, conformément à ce qui
+était prévu dès l'origine, le classpath indiqué dans clients.config ne concerne que la tâche spécifique.
+Voir la section sur le plantage de la JVM plus bas, et <a href="http://zzz.i2p/topics/633">cette page sur zzz.i2p</a>
+pour plus de détails. En conséquence, indiquez le classpath intégral requis pour chaque client.
+
+
+<h3>
+Notes sur les versions de Java
+</h3>
+Bien que la plupart des utilisateurs d'I2P utilisent une JVM 1.6 (6.0), nous prenons en charge la version 1.5 (5.0) et
+les plus récentes.
+À moins que vous n'ayez besoin de fonctionnalités de la v1.6, vous devriez créer vos greffons avec la v1.5 pour
+garantir le fonctionnement à ceux qui l'utilisent.
+<p>
+Si votre greffon <b>n'a pas besoin de la 1.6</b> :
+<ul>
+<li>
+Assurez-vous que tous les fichiers java et jsp sont compilés avec source="1.5" target="1.5".
+<li>
+Assurez-vous aussi que toutes les bibliothèques jars fournies sont pour la v1.5 ou plus ancienne.
+<li>
+Si vous utilisez pack200, toute classe 1.6 dans un jar fera que pack200 créera un paquet au format 1.6 pack format, et
+l'installation du greffon échouera sur un système en v1.5 en générant le message erroné suivant : "Le greffon est
+corrompu".
+</ul>
+
+<p>
+Si votre greffon <b>nécessite la v1.6</b>:
+<ul>
+<li>
+Précisez-le expressément sur votre page de téléchargement.
+<li>
+Ajoutez min-java-version=1.6 dans votre ficher plugin.config
+<li>
+Si vous utilisez pack200, l'installation du greffon sur un système en v1.5 échouera et retournera un message erroné "Le
+greffon est corrompu".
+</ul>
+
+
+<h3>
+La JVM se plante en mise à jour
+</h3>
+Note - tout devrait être résolu à l'heure actuelle.
+<p>
+La JVM a tendance à planter lors de mises à jour des jars d'un greffon si celui-ci était en cours d'exécution quand i2p
+a été lancé (même si le greffon a été arrêté après). Ça pourrait avoir été corrigé par l'utilisation du chargeur de
+classes dans la version 0.7.13-3, mais peut-être pas.
+À tester ultérieurement.
+<p>
+Le plus sûr est de concevoir votre greffon avec le jar dans le war (pour une application web), ou d'exiger un
+redémarrage après la mise à jour, ou ne pas mettre à jour les jar de votre greffon.
+<p>
+De part le fonctionnement des class loaders dans une webapp, il _pourrait_ être sûr d'avoir des jars externes si vous
+indiquez le classpath dans le fichier webapps.config. Plus de tests sont nécessaires pour vérifier ce point. N'indiquez
+pas le classpath avec un client factice dans le fichier clients.config s'il n'est nécessaire que pour une webapp -
+utilisez plutôt webapps.config.
+<p>
+Le moins sûr, et apparemment source de la plupart des plantages, sont les clients avec les jars du greffon indiqués
+dans le classpath du fichier clients.config.
+
+<p>
+Rien de tout ceci ne devrait poser de problèmes sur une installation initiale - vous ne devriez même jamais avoir Ã
+demander un redémarrage pour une installation initiale d'un greffon.
+
+{% endblock %}
diff --git a/www.i2p2/pages/plugins.html b/www.i2p2/pages/plugins.html
index fbd1d9a00134a079eaf51d51c759925bb05f7fbc..d0fb900c46523ef86fe411ca533ef1e2c3195475 100644
--- a/www.i2p2/pages/plugins.html
+++ b/www.i2p2/pages/plugins.html
@@ -3,118 +3,107 @@
{% block content %}
<h2>I2P Plugins</h2>
-Page last updated July 2010, current as of router version 0.8.
+Page last updated June 2012, current as of router version 0.9.
<h3>General Information</h3>
+<p>
I2P includes a plugin architecture
to support easy development and installation of additional software.
+</p>
<p>
-There are now plugins available that support distributed email, blogs, IRC clients, distributed file storage, and more.
+There are now plugins available that support distributed email, blogs, IRC
+clients, distributed file storage, wikis, and more.
+</p>
<p>
Benefits to i2p users and app developers:
+</p>
+
<ul>
-<li>
- Easy distribution of applications
-<li>
- Allows innovation and use of additional libraries without worrying about increasing the size of i2pupdate.sud
-<li>
- Support large or special-purpose applications that would never be bundled with the I2P installation
-<li>
- Cryptographically signed and verified applications
-<li>
- Automatic updates of applications, just like for the router
-<li>
- Separate initial install and update packages, if desired, for smaller update downloads
-<li>
- One-click installation of applications. No more asking users to modify wrapper.config or clients.config
-<li>
- Isolate applications from the base $I2P installation
-<li>
- Automatic compatibility checking for i2p version, java version, and previous installed application version
-<li>
- Automatic link addition in console
-<li>
- Automatic startup of application, including modifying classpath, no restart required
-<li>
- Automatic integration and startup of webapps into console Jetty instance
-<li>
- Facilitate creation of 'app stores'
-<li>
- One-click uninstall
-<li>
- Language and theme packs for the console
-<li>
- Bring detailed application information to the router console
-<li>
- Non-java applications also supported
+<li>Easy distribution of applications</li>
+<li>Allows innovation and use of additional libraries without worrying about
+increasing the size of <code>i2pupdate.sud</code></li>
+<li>Support large or special-purpose applications that would never be bundled
+with the I2P installation</li>
+<li>Cryptographically signed and verified applications</li>
+<li>Automatic updates of applications, just like for the router</li>
+<li>Separate initial install and update packages, if desired, for smaller update downloads</li>
+<li>One-click installation of applications. No more asking users to modify
+<code>wrapper.config</code> or <code>clients.config</code></li>
+<li>Isolate applications from the base <code>$I2P</code> installation</li>
+<li>Automatic compatibility checking for I2P version, Java version, Jetty
+version, and previous installed application version</li>
+<li>Automatic link addition in console</li>
+<li>Automatic startup of application, including modifying classpath, without requiring a restart</li>
+<li>Automatic integration and startup of webapps into console Jetty instance</li>
+<li>Facilitate creation of 'app stores' like the one at <a
+ href="http://plugins.i2p">plugins.i2p</a></li>
+<li> One-click uninstall</li>
+<li> Language and theme packs for the console </li>
+<li> Bring detailed application information to the router console </li>
+<li> Non-java applications also supported </li>
</ul>
<h4>Required I2P version</h4>
-0.7.12
+<p> 0.7.12 or newer. </p>
<h4>Installation</h4>
-To install and start a plugin, copy the .xpi2p install link to the form at the bottom of
-<a href="http://127.0.0.1:7657/configclients.jsp#plugin">configclients.jsp in your router console</a>
-and click "install plugin".
-After a plugin is installed and started, a link to the plugin will usually appear at the top of your summary bar.
-
-<p>
-To update a plugin to the latest version, just click the
-update button on
+<p> To install and start a plugin, copy the <code>.xpi2p</code> install link to
+the form at the bottom of <a
+ href="http://127.0.0.1:7657/configclients.jsp#plugin">configclients.jsp in
+ your router console</a> and click the "install plugin" button. After a
+plugin is installed and started, a link to the plugin will usually appear at
+the top of your summary bar. </p>
+
+<p> To update a plugin to the latest version, just click the update button on
<a href="http://127.0.0.1:7657/configclients.jsp#plugin">configclients.jsp</a>.
-There is also a button to check if the plugin has a more recent version.
-There is not yet any automatic checking or updating mechanism.
-
-
+There is also a button to check if the plugin has a more recent version, as
+well as a button to check for updates for all plugins. Plugins will be checked
+for updates automatically when updating to a new I2P release (not including dev
+builds).</p>
<h3>Development</h3>
-See the latest
-<a href="plugin_spec.html">plugin specification</a>
-and the
-<a href="http://zzz.i2p/forums/16">plugin forum</a> on zzz.i2p.
-<p>
-See also the sources for plugins developed by various people.
-Some plugins were developed specifically as examples.
-<p>
-<b>Developers wanted!</b>
-Plugins are a great way to learn more about I2P or easily add some feature.
+<p> See the latest <a href="plugin_spec">plugin specification</a> and the <a
+ href="http://zzz.i2p/forums/16">plugin forum</a> on zzz.i2p. </p> <p> See
+also the sources for plugins developed by various people. Some plugins, such
+as <a href="http://plugins.i2p/plugins/snowman">snowman</a>, were developed
+specifically as examples. </p>
+
+<p> <b>Developers wanted!</b> Plugins are a great way to learn more about I2P
+or easily add some feature. </p>
<h3>Getting Started</h3>
-To create a plugin from an existing binary package you will need to get
-makeplugin.sh from
-<a href="http://stats.i2p/cgi-bin/viewmtn/branch/head/browse/i2p.scripts/plugin/makeplugin.sh">the i2p.scripts branch in monotone</a>.
+<p> To create a plugin from an existing binary package you will need to get
+makeplugin.sh from <a
+ href="http://trac.i2p2.de/browser/plugin/makeplugin.sh?rev=776519571fda0689ef09c42f66e7398f30432e87">the
+ i2p.scripts branch in monotone</a>. </p>
<h3>Known Issues</h3>
-Note that the router's plugin architecture does <b>NOT</b> provide any additional security isolation or sandboxing of plugins.
+<p> Note that the router's plugin architecture does <b>NOT</b> currently
+provide any additional security isolation or sandboxing of plugins.</p>
<ul>
-<li>
-Updates of a plugin with included jars (not wars) won't be recognized if the plugin was already run, as
-it requires class loader trickery to flush the class cache;
-a full router restart is required.
-<li>
-Automatic updates (and check-for-updates) unimplemented.
-<li>
-Stop button displayed even if there is nothing to stop.
-<li>
-Plugins running in a separate JVM create a logs/ directory in $CWD.
-<li>
-No initial keys except for jrandom and zzz (using same keys as for router update),
-so the first key seen for a signer is automatically accepted - there is no signing key authority.
-<li>
-When deleting a plugin, the directory is not always deleted, especially on Windows.
-<li>
-Installing a plugin requiring Java 1.6 on a Java 1.5 machine will result in a "plugin is corrupt"
-message if pack200 is used.
-<li>
-Theme and translation plugins are untested.
-<li>
-Disabling autostart doesn't always work
+<li>Updates of a plugin with included jars (not wars) won't be recognized if
+the plugin was already run, as it requires class loader trickery to flush the
+class cache; a full router restart is required.</li>
+<li> The stop button may be displayed even if there is nothing to stop.</li>
+<li> Plugins running in a separate JVM create a <code>logs/</code> directory in
+<code>$CWD</code>.</li>
+<li>No initial keys are present, except for those of jrandom and zzz (using the
+same keys as for router update), so the first key seen for a signer is
+automatically accepted—there is no signing key authority. </li>
+<li> When deleting a plugin, the directory is not always deleted, especially on
+Windows. </li>
+<li> Installing a plugin requiring Java 1.6 on a Java 1.5 machine will result
+in a "plugin is corrupt" message if pack200 compression of the plugin file is
+used. </li>
+<li> Theme and translation plugins are untested. </li>
+<li> Disabling autostart doesn't always work. </li>
</ul>
+<!-- vim: set noai ff=unix nosi ft=html tw=79 et sw=4 ts=4 spell spelllang=en: -->
{% endblock %}
diff --git a/www.i2p2/pages/plugins_de.html b/www.i2p2/pages/plugins_de.html
new file mode 100644
index 0000000000000000000000000000000000000000..ce97ead6573dbc04da2209c208ade182083c5a4e
--- /dev/null
+++ b/www.i2p2/pages/plugins_de.html
@@ -0,0 +1,110 @@
+{% extends "_layout.html" %}
+{% block title %}Plugins{% endblock %}
+{% block content %}
+<h2>I2P-Zusatzprogramme</h2>
+
+Diese Seite wurde zuletzt im August 2010 aktualisiert und bezieht sich auf die Routerversion (I2P-Version) 0.8.
+
+<h3>Allgemeines</h3>
+I2P ist auf Zusatzprogramme (<i>Plugins</i>) vorbereitet und sorgt dadurch nicht nur für eine unkomplizierte Installation zusätzlicher I2P-Anwendungen, sondern erleichtert auch dem Programmierer die Arbeit.
+
+<p>
+Es gibt mittlerweile Zusatzprogramme zum dezentralen Mailverkehr und für Blogs, IRC-Klienten, verteilte Datenspeicherung und mehr.
+<p>
+Die Vorteile für I2P-Nutzer und Anwendungsprogrammierer sind:
+<ul>
+<li>
+ Einfache Verteilung von Anwendungen
+<li>
+ Macht die Entwicklung neuer Funktionalität und das Einbinden neuer Bibliotheken möglich, ohne dass sich die Größe der i2pupdate.sud erhöht
+<li>
+ Einfacher Zugang zu großen oder spezialisierten Anwendungen, die keine Chance auf Aufnahme in das I2P-Basispaket haben
+<li>
+ Kryptographisch signierte und überprüfte Anwendungen
+<li>
+ Die automatische Aktualisierung von Anwendungen - genau wie beim I2P-Router.
+<li>
+ Bei Bedarf ein separates Erstinstallations- und Aktualisierungspaket, um die Größe der zu ladenden Aktualisierungspakete klein zu halten
+<li>
+ Ein-Klick-Installation von Anwendungen. Der Benutzer muss nicht mehr die Dateien wrapper.config und clients.config manuell bearbeiten.
+<li>
+ Trennung von Anwendungsverzeichnissen und dem Installationszerzeichnis $I2P
+<li>
+ Automatische Prüfung der I2P-Version, Java-Version und bestehender Anwendungsversion
+<li>
+ Automatisches Hinzufügen eines Links zu der Anwendung in der Routerkonsole.
+<li>
+ Automatischer Start von Anwendungen und automatische Anpassung des Java-Klassenpfads, ohne Neustart von I2P
+<li>
+ Automatisches Hinzufügen und Start von Webanwendungen in der Jetty-Instanz der Routerkonsole
+<li>
+ Erleichtert den Aufbau von Programmsammlungen („App Store“)
+<li>
+ Ein-Klick-Deinstallation
+<li>
+ Sprach- und Gestaltungspakete für die Konsole
+<li>
+ Detaillierte Informationen über Anwendungen in der Routerkonsole
+<li>
+ Auch Nicht-Java-Anwendungen werden unterstützt
+</ul>
+
+
+<h4>Benötigte I2P-version</h4>
+0.7.12 oder höher
+
+<h4>Installation</h4>
+Um ein Zusatzprogramm zu installieren und zu starten, muss der Installationslink (Endung .xpi2p) kopiert und unten auf der Seite <a href="http://127.0.0.1:7657/configclients.jsp#plugin">configclients.jsp in der Routerkonsole</a> eingefügt werden. Dann ist auf „Zusatzprogramm installieren“ zu klicken.<br/>
+Nachdem ein Zusatzprogramm installiert und gestartet ist, erscheint in den meisten Fällen ein entsprechender Link im Übersichtskasten in der Routerkonsole (oben links).
+<p>
+Um ein Zusatzprogramm auf die neueste Version zu bringen, klickt man einfach auf den Knopf „Aktualisieren“ auf der Seite
+<a href="http://127.0.0.1:7657/configclients.jsp#plugin">configclients.jsp</a>.
+Dort gibt es auch einen Knopf zum prüfen auf neue Versionen.<br/>
+Automatisch geprüft und aktualisiert wird derzeit noch nicht.
+
+
+
+
+<h3>Entwicklung neuer Zusatzprogramme</h3>
+Bitte die aktuelle
+<a href="plugin_spec_de.html">technische Beschreibung Zusatzprogramme</a>
+ und das
+<a href="http://zzz.i2p/forums/16">Forum Zusatzprogramme</a> (englisch) auf zzz.i2p konsultieren.
+<p>
+Weiterhin wird ein Blick in die Quelltext bereits bestehender Zusatzprogramme empfohlen.
+Manche Zusatzprogramme wurden speziell als Beispielprogramme geschrieben.
+<p>
+<b>Programmierer gesucht!</b>
+Zusatzprogramme eignen sich gut, um sich besser mit I2P vertraut zu machen oder neue Funktionalitäten zu realisieren.
+
+<h3>Einstieg</h3>
+Um aus einer bestehenden Anwendung ein Zusatzprogramm zu erstellen, ist das Skript makeplugin.sh aus dem
+<a href="http://stats.i2p/cgi-bin/viewmtn/branch/head/browse/i2p.scripts/plugin/makeplugin.sh">Zweig i2p.scripts in Monotone</a> nötig.
+
+
+<h3>Bekannte Probleme</h3>
+Beachte: Im Router laufende Zusatzprogramme unterliegen <b>KEINEN</b> weiteren Sicherheitsmechanismen - sie sind weder untereinander noch vom Router abgeschirmt.
+
+<ul>
+<li>
+Aktualisierungen eines Zusatzprogramms auf neue Versionen werden nicht erkannt, wenn das Zusatzprogramm Jar-Dateien (keine War-Dateien) enthält und es bereits läft.
+In dem Fall ist ein Neustart des Routers nötig, weil der Klassencache geleert werden muss und das im laufenden Betrieb nur mit Tricksereien geht.
+<li>
+Die automatische Aktualisierung und Prüfung auf neue Versionen ist nicht implementiert.
+<li>
+Der Stoppknopf wird auch dann angezeigt, wenn es gar nichts zu stoppen gibt.
+<li>
+Zusatzprogramme, die in einer eigenen JVM laufen, legen ein Verzeichnis namens logs in $CWD (also dem Arbeitsverzeichnis) an.
+<li>
+Im Urzustand sind als einzige Signaturschlüssel die von jrandom und zzz enthalten (dieselben Schlüssel wie die für die Routeraktualisierung). Neue Signierer werden automatisch hinzugefüt und der neue Signaturschlüssel automatisch akzeptiert - es gibt keine zentrale Signaturschlüsselverwaltung.
+<li>
+Beim Löschen eines Zusatzprogrammes wird das Verzeichnis nicht immer gelöscht, vor allem unter Windows.
+<li>
+Wird ein Zusatzprogramm, das mit Pack200 komprimiert ist und Java 1.6 benötigt, unter Java 1.5 installiert, so erscheint die Fehlermeldung „Zusatzprogramm ist korrupt.“
+<li>
+Gestaltungs- und Übersetzungszusatzmodule sind ungetestet.
+<li>
+Das automatische Starten lässt sich nicht immer deaktivieren.
+</ul>
+
+{% endblock %}
diff --git a/www.i2p2/pages/plugins_fr.html b/www.i2p2/pages/plugins_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..bb93fdfe3bed8c0eac799667c2966f5d59944102
--- /dev/null
+++ b/www.i2p2/pages/plugins_fr.html
@@ -0,0 +1,121 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Greffons d'extention{% endblock %}
+{% block content %}
+Traduction d'avril 2011. <a href="plugins.html">Version anglaise actuelle</a>
+<h2>Extensions pour I2P</h2>
+
+Mise à jour de juillet 2010 pour le routeur version 0.8.
+
+<h3>Informations générales</h3>
+I2P inclut une architecture de greffons qui facilite la prise en charge du développement et de l'installation de
+logiciel supplémentaire.
+<p>
+Il existe actuellement des greffons pour la messagerie décentralisée, des blogs, clients IRC, stockage de fichiers
+décentralisé, etc…
+
+<p>
+Avantages pour les utilisateurs d'I2P et les développeurs d'applications :
+<ul>
+<li>
+ Distribution facile des applications.
+<li>
+ Ouverture à l'innovation et à l'utilisation de bibliothèques supplémentaires sans conséquences sur la taille
+d'i2pupdate.sud.
+<li>
+ Support d'applications volumineuses ou à usage spécial/faible audience qui ne seraient sinon jamais distribuées
+avec I2P.
+<li>
+ Applications signées numériquement et vérifiées.
+<li>
+ Mise à jour automatique des applications, comme pour le routeur.
+<li>
+ Séparation de l'installation initiale et des paquets de mises à jour, si voulu, pour diminuer la taille des
+téléchargements de mises à jour.
+<li>
+ Installation des applications en un clic. Les utilisateurs n'ont plus besoin de modifier les fichiers
+wrapper.config et clients.config.
+<li>
+ Isolation des applications du répertoire d'installation de base d'I2P.
+<li>
+ Vérification automatique de compatibilité avec les versions courantes d'I2P, de Java version, et de la version
+précédente du greffon.
+<li>
+ Ajout automatique d'un lien dans la console.
+<li>
+ Démarrage automatique de l'application, y compris la modification du classpath, pas de redémarrage requis.
+<li>
+ Intégration automatique et démarrage des webapps dans l'instance Jetty de la console.
+<li>
+ Facilite la création de magasins d'applications.
+<li>
+ Désinstallation en un clic.
+<li>
+ Packs de langage et de thèmes pour la console.
+<li>
+ Intégration d'informations détaillées sur l'application dans la console
+<li>
+ Applications Non-java également supportées.
+</ul>
+
+
+<h4>Version d'I2P requise</h4>
+0.7.12
+
+<h4>Installation</h4>
+Pour installer et demarrer un greffon, copiez le lien .xpi2p d'installation dans prévu à cet effet en bas de page de
+<a href="http://127.0.0.1:7657/configclients.jsp#plugin">configuration des clients</a> de la console du routeur puis cliquez
+sur le bouton "Installer le greffon". Une fois le greffon installé et démarré, un lien vers l'application est
+généralement affiché en haut du cadre de supervision.
+<p>
+Pour mettre à jour un greffon à la dernière version, cliquez simplement sur le bouton prévu dans
+<a href="http://127.0.0.1:7657/configclients.jsp#plugin">configclients.jsp</a>. Il y a aussi un bouton de simple
+vérification de la disponibilité d'une version plus récente. Il n'y a pas de mécanisme de vérification et installation
+automatique.
+
+<h3>Développement</h3>
+Voir la dernière
+<a href="plugin_spec_fr.html">spécification des greffons</a> ici et le <a href="http://zzz.i2p/forums/16">forum des
+plugins</a> sur zzz.i2p.
+<p>
+Consultez aussi les sources des greffons déjà publiés par différents développeurs. Certains d'entre eux sont conçus
+spécialement en tant qu'exemples.
+<p>
+<b>Par ici les développeurs ! On a besoin de vous !</b> Les greffons la voie royale de la connaissance approfondie
+d'I2P et pour l'ajout de fonctionnalités.
+
+<h3>Par où commencer ?</h3>
+Pour créer un greffon à partir d'un paquet binaire, vous devez obtenir le script makeplugin.sh à partir de
+<a href="http://trac.i2p2.de/browser/plugin/makeplugin.sh?rev=776519571fda0689ef09c42f66e7398f30432e87">
+la branche i2p.scripts dans monotone</a>.
+
+
+<h3>Problèmes connus</h3>
+Notez que l'architecture de greffons du routeur <b>NE</b> fournit <b>AUCUNE</b> isolation de sécurité ou de bac à sable.
+
+<ul>
+<li>
+Les mises à jour de greffons incluant des fichiers .jar (pas les .war) ne sont pas reconnues quand le greffon est en
+cours d'exécution, car faut bluffer le chargeur de classes pour purger le cache de classes ; le redémarrage complet du
+routeur est nécessaire.
+<li>
+Les mises à jour automatiques (et les vérifications de mises à jour) ne sont pas implémentées actuellement.
+<li>
+Le bouton "Arrêt" est affiché même s'il n'y à rien à arrêter.
+<li>
+Les greffons s'exécutant dans une JVM différente créent un dossier logs/ dans le dossier défini par la variable $CWD.
+<li>
+Il n'y a pas de clés initiales, sauf pour jrandom et zzz (même clés que celles utilisées pour les mises à jour du
+routeur), et donc la première clé vue pour un nouveau signataire est acceptée automatiquement - il n'y a pas d'autorité
+de certification des clés de signature.
+<li>
+Lorqu'on supprime un greffon, le dossier d'installation n'est pas toujours supprimé, particulièrement sous Windows.
+<li>
+L'installation d'un greffon nécessitant Java 1.6 sur une installation de Java 1.5 produit un message "Greffon
+corrompu" s'il utilise la compression pack200.
+<li>
+Les greffons de thème et de traduction ne sont pas testés.
+<li>
+La désactivation du démarrage automatique ne fonctionne pas toujours.
+</ul>
+
+{% endblock %}
diff --git a/www.i2p2/pages/ports.html b/www.i2p2/pages/ports.html
new file mode 100644
index 0000000000000000000000000000000000000000..557746d08881155b965a6a48f02f0b72577dcbbb
--- /dev/null
+++ b/www.i2p2/pages/ports.html
@@ -0,0 +1,66 @@
+{% extends "_layout.html" %}
+{% block title %}Ports Used by I2P{% endblock %}
+{% block content %}
+
+<p>
+These are the ports used or reserved by I2P, including those for known plugins,
+common alternates,
+and some typical related applications.
+<p>
+Updated May 2012, current for router version 0.9.
+<p>
+Note that many of these are not enabled by default.
+There is more information in <a href="faq.html#ports">the FAQ</a>.
+See also the documentation for individual plugins.
+Plugin authors please add any ports you use here.
+For new plugins, we recommend using the next available port
+in the 766x range.
+
+<table>
+<tr><th>Port</th><th>Usage</th></tr>
+<tr><td>123</td><td>SNTP</td></tr>
+<tr><td>1900</td><td>UPnP SSDP UDP multicast listener</td>
+<tr><td>2827</td><td>BOB Bridge</td></tr>
+<tr><td>3456</td><td>Tahoe-LAFS-Controller Plugin</td></tr>
+<tr><td>3458</td><td>Tahoe-LAFS-Controller Plugin</td></tr>
+<tr><td>3459</td><td>Tahoe-LAFS-Controller Plugin</td></tr>
+<tr><td>4444</td><td>HTTP Proxy</td></tr>
+<tr><td>4445</td><td>HTTPS Proxy</td></tr>
+<tr><td>4691</td><td>Monotone Server (reserve)</td></tr>
+<tr><td>6667</td><td>IRC Proxy (alt)</td></tr>
+<tr><td>6668</td><td>IRC Proxy</td></tr>
+<tr><td>6669</td><td>IRC Proxy (alt)</td></tr>
+<tr><td>7650</td><td>I2PControl Plugin</td></tr>
+<tr><td>7651</td><td>UPnP (alt - retries going down)</td></tr>
+<tr><td>7652</td><td>UPnP HTTP TCP event listener</td></tr>
+<tr><td>7653</td><td>UPnP SSDP UDP search response listener</td></tr>
+<tr><td>7654</td><td>I2CP</td></tr>
+<tr><td>7655</td><td>SAM Bridge (UDP)</td></tr>
+<tr><td>7656</td><td>SAM Bridge (TCP)</td></tr>
+<tr><td>7657</td><td>Router Console</td></tr>
+<tr><td>7658</td><td>Eepsite</td></tr>
+<tr><td>7659</td><td>SMTP Proxy</td></tr>
+<tr><td>7660</td><td>POP Proxy</td></tr>
+<tr><td>7661</td><td>Pebble Plugin</td></tr>
+<tr><td>7662</td><td>Zzzot Plugin</td></tr>
+<tr><td>7663</td><td>?? Plugin ??</td></tr>
+<tr><td>7664</td><td>JAMWiki Plugin</td></tr>
+<tr><td></td><td><i>recommended spot for new plugins/applications</i></td></tr>
+<tr><td>8118</td><td>Privoxy (reserve)</td></tr>
+<tr><td>8123</td><td>Tor Polipo (reserve)</td></tr>
+<tr><td>8887</td><td>Old default network port</td></tr>
+<tr><td>8997</td><td>Monotone Proxy (alt)</td></tr>
+<tr><td>8998</td><td>Monotone Proxy</td></tr>
+<tr><td>8999</td><td>Monotone Proxy (alt)</td></tr>
+<tr><td>9050</td><td>Tor SOCKS Proxy (reserve)</td></tr>
+<tr><td>9051-9053</td><td>SOCKS Proxy (typ)</td></tr>
+<tr><td>9111-30777</td><td>Network (random)</td></tr>
+<tr><td>31000</td><td>Wrapper</td></tr>
+<tr><td>31001-31999</td><td>Wrapper (alt - retries going up)</td>
+<tr><td>32000</td><td>Wrapper</td></tr>
+<tr><td>65534</td><td>Neodatis Plugin</td></tr>
+
+
+</table>
+
+{% endblock %}
diff --git a/www.i2p2/pages/protocols.html b/www.i2p2/pages/protocols.html
index 06690bc03a8f14bd51036ac6ab9f877398a82883..7c382c8918c31bb11c41e8998e00714b3f1464a2 100644
--- a/www.i2p2/pages/protocols.html
+++ b/www.i2p2/pages/protocols.html
@@ -4,89 +4,102 @@
<p>
Here is the protocol stack for I2P.
+See also the <a href="how.html">Index to Technical Documentation</a>.
+Updated August 2010, current for router version 0.8.
<p>
-<table border=1>
-<tr>
-<td>Standard Apps
-<td>Jetty, Apache, Monotone, CVS, browsers
-<td>
-
-<tr>
-<td>Other I2P Apps
-<td align="center">Syndie, EepGet
-<td>
-
-<tr>
-<td>SAM/BOB Apps
-<td>
-<td align="center">IMule, i2p-bt, i2prufus, Robert
-
-<tr>
-<td>Proxy Apps
-<td align="center">HTTP Client/Server, IRC Client, SOCKS
-<td>Streamr
-
-<tr>
-<td>Interface Apps
-<td align="center"><a href="i2ptunnel.html">I2PTunnel</a>
-<td align="center"><a href="sam.html">SAM</a>
-/
-<a href="samv2.html">SAMv2</a>
-/
-<a href="samv3.html">SAMv3</a>
-(*), BOB
-
-<tr>
-<td>Java Apps
-<td align="center">i2psnark, Syndie, i2phex
-<td>
-
-<tr>
-<td>End-to-End Transport
-<td align="center"><a href="streaming.html">Streaming Lib</a>
-<td align="center"><a href="datagrams.html">Datagrams</a>
-
-<tr>
-<td>Client Protocol
-<td align="center" colspan=2><a href="i2cp.html">I2CP</a>
-
-<tr>
-<td>Network Protocol
-<td align="center" colspan=2><a href="i2np.html">I2NP</a>
-
-<tr>
-<td>Garlic Encryption
-<td align="center" colspan=2><a href="how_elgamalaes">ElGamal/AES+SessionTag</a>
-
-<tr>
-<td>Tunnel Messages
-<td align="center" colspan=2><a href="tunnel-alt.html#tunnel.preprocessing">Tunnel Messages</a>
-
-<tr>
-<td>Tunnel Message Encryption
-<td align="center" colspan=2><a href="techintro.html#op.crypto">AES256/CBC</a>
-
-<tr>
-<td>Transport
-<td align="center"><a href="ntcp.html">NTCP</a>
-<td align="center"><a href="udp.html">SSU</a>
-
-<tr>
-<td>Transport Encryption
-<td align="center" colspan=2><a href="techintro.html#op.crypto">AES256/CBC</a>
-
-<tr>
-<td>
-<td align="center">Java NIO TCP
-<td align="center" rowspan=2>UDP
+<p>
+Each of the layers in the stack provides extra capabilities.
+The capabilities are listed below, starting at the bottom of the protocol stack.
+ <ul>
+ <li>
+ <b>Internet Layer:</b>
+ <br />
+ IP: Internet Protocol, allow addressing hosts on the regular internet and routing packets across the internet using best-effort delivery.
+ </li>
+ <li>
+ <b>Transport Layer:</b>
+ <br />
+ TCP: Transmission Control Protocol, allow reliable, in-order delivery of packets across the internet.
+ <br />
+ UDP: User Datagram Protocol, allow unreliable, out-of-order delivery of packets across the internet.
+ </li>
+ <li>
+ <b>I2P Transport Layer:</b> provide encrypted connections between 2 I2P routers. These are not anonymous yet, this is strictly a hop-to-hop connection.
+ Two protocols are implemented to provide these capabilities. NTCP builds on top of TCP, while SSU uses UDP.
+ <br />
+ <a href="ntcp.html">NTCP</a>: NIO-based TCP
+ <br />
+ <a href="udp.html">SSU</a>: Secure Semi-reliable UDP
+ </li>
+ <li>
+ <b>I2P Tunnel Layer:</b> provide full encrypted tunnel connections.
+ <br />
+ <a href="tunnel_message_spec.html">Tunnel messages</a>: tunnel messages are large messages containing encrypted I2NP (see below) messages and encrypted instructions for their delivery.
+ The encryption is layered. The first hop will decrypt the tunnel message and read a part. Another part can still be encrypted (with another key),
+ so it will be forwarded.
+ <br />
+ <a href="i2np.html">I2NP messages</a>: I2P Network Protocol messages are used to pass messages through multiple routers. These I2NP messages are combined in tunnel messages.
+ </li>
+ <li>
+ <b>I2P Garlic Layer:</b> provide encrypted and anonymous end-to-end I2P message delivery.
+ <br />
+ <a href="i2np.html">I2NP messages</a>: I2P Network Protocol messages are wrapped in each other and used to ensure encryption between two tunnels and are passed along from source to destination, keeping both anonymous.
+ </li>
+</ul>
+</p>
-<tr>
-<td>OS
-<td align="center">TCP
+<p>
+The following layers are strictly speaking no longer part of the I2P Protocol stack, they are not part of the core 'I2P router' functionality.
+However, each of these layers adds additional functionality, to allow applications simple and convenient I2P usage.
+<ul>
+ <li>
+ <b>I2P Client Layer:</b> allow any client to use I2P functionality, without requiring the direct use of the router API.
+ <br />
+ <a href="i2cp.html">I2CP</a>: I2P Client Protocol, allows secure and asynchronous messaging over I2P by communicating messages over the I2CP TCP socket.
+ </li>
+ <li>
+ <b>I2P End-to-end Transport Layer:</b> allow TCP- or UDP-like functionality on top of I2P.
+ <br />
+ <a href="streaming.html">Streaming Library</a>: an implementation of TCP-like streams over I2P. This allows easier porting of existing applications to I2P.
+ <br />
+ <a href="datagrams.html">Datagram Library</a>: an implementation of UDP-like messages over I2P. This allows easier porting of existing applications to I2P.
+ </li>
+ <li>
+ <b>I2P Application Interface Layer:</b> additional (optional) libraries allowing easier implementations on top of I2P.
+ <br />
+ <a href="i2ptunnel.html">I2PTunnel</a>
+ <br />
+ <a href="sam.html">SAM</a>/<a href="samv2.html">SAMv2</a>/<a href="samv3.html">SAMv3</a>(*),
+ <a href="bob.html">BOB</a>
+ </li>
+ <li>
+ <b>I2P Application Proxy Layer:</b> proxy systems.
+ <br />
+ HTTP Client/Server, IRC Client, <a href="socks.html">SOCKS</a>, Streamr
+ </li>
+ </ul>
+</p>
+<p>
+Finally, what could be considered the <b>'I2P application layer'</b>, is a large number of applications on top of I2P.
+We can order this based on the I2P stack layer they use.
+<ul>
+ <li><b>Streaming/datagram applications</b>: i2psnark, Syndie, i2phex...</li>
+ <li><b>SAM/BOB applications</b>: IMule, i2p-bt, i2prufus, Robert...</li>
+ <li><b>Other I2P applications</b>: Syndie, EepGet, <a href="plugins.html">plugins...</a></li>
+ <li><b>Regular applications</b>: Jetty, Apache, Monotone, CVS, browsers, e-mail...</li>
+</ul>
+</p>
+
+ <div class="box" style="text-align:center;">
+ <img src="_static/images/protocol_stack.png" alt="I2P Network stack" title="I2P Network stack" />
+ <br /><br />
+ Figure 1: The layers in the I2P Network stack.
+ </div>
+<br/>
-</table>
<p>
* Note: SAM/SAMv2 can use both the streaming lib and datagrams.
+</p>
{% endblock %}
diff --git a/www.i2p2/pages/protocols_de.html b/www.i2p2/pages/protocols_de.html
index f029e80fc90d758b537192bb1ec0324dd62bd39b..0621899cc665f2758e78079c5e9bd20eeacd3a8d 100644
--- a/www.i2p2/pages/protocols_de.html
+++ b/www.i2p2/pages/protocols_de.html
@@ -1,7 +1,7 @@
{% extends "_layout_de.html" %}
{% block title %}Protokoll Schichten{% endblock %}
{% block content %}
-
+<p>Die Webseite wird gerade überholt und dieses Dokument kann alte Informationen enthalten</p>
<p>
hier ist der Aufbau der Protokollschichten für I2P.
<p>
diff --git a/www.i2p2/pages/protocols_fr.html b/www.i2p2/pages/protocols_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..3ff1862054a0a5c19c50b11752006e047e262cc6
--- /dev/null
+++ b/www.i2p2/pages/protocols_fr.html
@@ -0,0 +1,118 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Protocol Stack{% endblock %}
+{% block content %}
+Traduction d'avril 2011. <a href="how_protocols.html">Version anglaise actuelle</a><br /><br />
+<p>
+Présentation de la pile de protocole d'I2P.
+Voir aussi l'<a href="how_fr.html">index de la documentation technique</a>.
+Mise à jour d'août 2010, valide pour la version 0.8 du routeur
+<p>
+
+<p>
+Chacune des couches de la pile apporte des fonctionnalités supplémentaires.
+Celles-ci sont énumérées ci-dessous, à partir du bas de la pile.
+ <ul>
+ <li>
+ <b>Couche internet :</b>
+ <br />
+ IP : Internet Protocol, permet l'adressage des hôtes de l'Internet classique et le routage des paquets "au
+mieux" (best effort delivery).
+ </li>
+ <li>
+ <b>Couche transport :</b>
+ <br />
+ TCP : Transmission Control Protocol, permet une livraison fiable et ordonnée des paquets sur l'internet.
+ <br />
+ UDP : User Datagram Protocol, permet la livraison non fiable et non ordonnée des paquets sur l'internet.
+ </li>
+ <li>
+ <b>Couche de transport I2P :</b> fournit les connexions cryptées entre deux routeurs I2P. Elles ne sont pas
+encore anonymes à ce niveau, car il s'agit strictement des connexions de saut à saut. Deux protocoles sont implémentés
+pour apporter ces possibilités. NTCP positionné sur TCP, et SSU sur UDP.
+ <br />
+ <a href="ntcp.html">NTCP</a> : TCP basé sur les NIO Java
+ <br />
+ <a href="udp.html">SSU</a>: UDP Sécurisé Semi-fiable (Secure Semi-reliable UDP)
+ </li>
+ <li>
+ <b>Couche tunnels I2P :</b> fournit les connexions de tunnels totalement cryptées.
+ <br />
+ <a href="tunnel_message_spec.html">Messages de tunnels</a> : les messages de tunnels sont de gros messages
+contenant des messages I2NP cryptés (voir ci-dessous) et les instructions cryptées nécessaires à leur livraison. Le
+cryptage est à plusieurs niveaux. Le premier saut décrypte le message de tunnel et en lit une partie. Une autre partie
+peut encore être cryptée (avec une autre clé), et elle sera alors transférée.
+ <br />
+ <a href="i2np.html">Messages I2NP</a> : les messages I2P Network Protocol sont utilisés pour passer des
+messages au travers de routeurs multiples. Ces messages sont regroupés en messages de tunnels.
+ </li>
+ <li>
+ <b>Couche I2P en tête d'ail (garlic) :</b> elle fournit la livraison des messages I2P cryptés et anonymes de
+bout en bout.
+ <br />
+ <a href="i2np.html">Messages I2NP</a> : les messages I2P Network Protocol sont empaquetés les uns dans les
+autres et utilisé pour assurer le cryptage entre deux tunnels. Ils sont transmis de la source à la destination en
+préservant l'anonymat de chacune.
+ </li>
+</ul>
+</p>
+
+<p>
+Les couches suivantes ne font plus à strictement parler partie de la pile de protocoles I2P. Elle ne font pas partie du
+cœur des fonctionnalités du routeur I2P. Cependant, chacune d'elles apporte ses fonctionnalités supplémentaires, pour
+l'usage simple et pratique des applications.
+<ul>
+ <li>
+ <b>Couche client I2P :</b> permet à n'importe quel client d'utiliser les fonctionnalités d'I2P, sans nécessité
+d'utilisation directe de l'API du routeur.
+ <br />
+ <a href="i2cp.html">I2CP</a> : I2P Client Protocol, permet de passer des messages sécurisés et asynchrones sur
+I2P en communicant à travers le connecteur TCP I2CP.
+ </li>
+ <li>
+ <b>Couche de transport de bout en bout I2P :</b> permet un fonctionnement à la façon de TCP ou UDP sur I2P.
+ <br />
+ <a href="streaming.html">Bibliothèque de flux </a>: implémentation de flux "à la TCP" sur I2P. Elle permet un
+portage plus facile d'applications existantes vers I2P.
+ <br />
+ <a href="datagrams.html">Bibliothèque de datagrammes </a>: implémentation de messages "à la UDP" sur I2P. Elle
+permet un portage plus facile d'applications existantes vers I2P.
+ </li>
+ <li>
+ <b>Couche d'interface applicative :</b> bibliothèques supplémentaires (optionnelles) facilitant les
+implémentations sur I2P.
+ <br />
+ <a href="i2ptunnel.html">I2PTunnel</a>
+ <br />
+ <a href="sam.html">SAM</a>/<a href="samv2.html">SAMv2</a>/<a href="samv3.html">SAMv3</a>(*),
+ <a href="bob.html">BOB</a>
+ </li>
+ <li>
+ <b>Couche de mandataires d'applications I2P :</b> systèmes mandataires (proxy).
+ <br />
+ Client/Serveur HTTP, client IRC, <a href="socks.html">SOCKS</a>, Streamr
+ </li>
+ </ul>
+</p>
+<p>
+Et pour terminer, ce qui pourrait être considéré comme LA <b>'couche application d'I2P'</b>, un grand nombre
+d'applications tournant sur I2P. On peut les ordonner suivant la couche de la pile qu'elles utilisent.
+<ul>
+ <li><b>Applications de flux(Streaming)/datagrammes </b>: i2psnark, Syndie, i2phex…</li>
+ <li><b>Applications SAM/BOB </b>: iMule, i2p-bt, i2prufus, Robert…</li>
+ <li><b>Autres applications I2P </b>: Syndie, EepGet, <a href="plugins_fr.html">greffons…</a></li>
+ <li><b>Applications traditionnelles </b>: Jetty, Apache, Monotone, CVS, navigateurs, e-mail…</li>
+</ul>
+</p>
+
+ <div class="box" style="text-align:center;">
+ <img src="_static/images/protocol_stack_fr.png" alt="Pile réseau I2P" title="Pile réseau I2P" />
+ <br /><br />
+ Figure 1: Les couches de la pile réseau d'I2P.
+ </div>
+<br/>
+
+<p>
+* Note: SAM/SAMv2 peuvent utiliser les bibliothèques de flux et de datagrammes.
+</p>
+
+{% endblock %}
diff --git a/www.i2p2/pages/ratestats.html b/www.i2p2/pages/ratestats.html
new file mode 100644
index 0000000000000000000000000000000000000000..e51b0c01245b76166d8d3592797fb350546a0932
--- /dev/null
+++ b/www.i2p2/pages/ratestats.html
@@ -0,0 +1,522 @@
+{% extends "_layout.html" %}
+{% block title %}RateStat list{% endblock %}
+{% block content %}
+<h1>RateStat list</h1>
+<p>I2P enables the collection of a wide range of rates, the list published here is accurate as of I2P version 0.8.7.</p>
+<p>The list was gathered using the following command in the top directory of the branch i2p.i2p,
+<pre> find . -name '*' -print | xargs --max-args=3 grep -n --color=auto addRateData | awk 'match($0, /addRateData\(\"(.*)\"/, a) {print a[1]}' | awk '!_[$0]++' | sort > rates.txt
+</pre>
+All options aren't needed, but it works.
+</p>
+
+<h2>RateStats</h2>
+<div class="box" style="clear: none;"><pre>
+bwLimiter.inboundDelayedTime
+bwLimiter.outboundDelayedTime
+bwLimiter.pendingInboundRequests
+bwLimiter.pendingOutboundRequests
+bw.receiveBps
+bw.recvRate
+bw.sendBps
+bw.sendRate
+byteCache.memory.
+client.dispatchNoACK
+client.dispatchNoTunnels
+client.dispatchPrepareTime
+client.dispatchSendTime
+client.dispatchTime
+client.distributeTime
+client.leaseSetFailedRemoteTime
+client.leaseSetFoundLocally
+client.leaseSetFoundRemoteTime
+client.receiveMessageSize
+client.requestLeaseSetDropped
+client.requestLeaseSetSuccess
+client.requestLeaseSetTimeout
+client.sendAckTime
+client.sendDropped
+client.sendMessageSize
+client.sendThrottled
+client.timeoutCongestionInbound
+client.timeoutCongestionMessage
+client.timeoutCongestionTunnel
+clock.skew
+crypto.dhCalculateSessionTime
+crypto.DHEmpty
+crypto.dhGeneratePublicTime
+crypto.DHUsed
+crypto.elGamal.decrypt
+crypto.elGamal.encrypt
+crypto.garlic.decryptFail
+crypto.sessionTagsExpired
+crypto.sessionTagsRemaining
+crypto.YKEmpty
+crypto.YKUsed
+i2cp.checkStatusTime
+i2cp.receiveStatusTime
+i2cp.receiveStatusTime.1
+i2cp.receiveStatusTime.2
+i2cp.receiveStatusTime.3
+i2cp.receiveStatusTime.4
+i2cp.receiveStatusTime.5
+i2cp.sendBestEffortStage0
+i2cp.sendBestEffortStage1
+i2cp.sendBestEffortStage2
+i2cp.sendBestEffortStage3
+i2cp.sendBestEffortStage4
+i2cp.sendBestEffortTotalTime
+i2cp.tx.msgCompressed
+i2cp.tx.msgExpanded
+i2np.readTime
+i2np.writeTime
+i2ptunnel.httpCompressed
+i2ptunnel.httpCompressionRatio
+i2ptunnel.httpExpanded
+i2ptunnel.httpNullWorkaround
+i2ptunnel.httpserver.blockingHandleTime
+inNetPool.dropped
+inNetPool.droppedDbLookupResponseMessage
+inNetPool.droppedDeliveryStatusDelay
+inNetPool.droppedTunnelCreateStatusMessage
+inNetPool.duplicate
+jobQueue.droppedJobs
+jobQueue.jobLag
+jobQueue.jobRun
+jobQueue.jobRunnerInactive
+jobQueue.jobRunSlow
+jobQueue.jobWait
+jobQueue.readyJobs
+netDb.ackTime
+netDb.exploreKeySet
+netDb.failedAttemptedPeers
+netDb.failedPeers
+netDb.failedTime
+netDb.floodfillVerifyFail
+netDb.floodfillVerifyOK
+netDb.floodfillVerifyTimeout
+netDb.floodThrottled
+netDb.KBSGetAllTime
+netDb.lookupLeaseSetDeferred
+netDb.lookupsDropped
+netDb.lookupsHandled
+netDb.lookupsMatched
+netDb.lookupsMatchedLeaseSet
+netDb.lookupsMatchedLocalClosest
+netDb.lookupsMatchedLocalNotClosest
+netDb.lookupsMatchedReceivedPublished
+netDb.lookupsMatchedRemoteNotClosest
+netDb.lookupsReceived
+netDb.newFSC
+netDb.replyTimeout
+netDb.republishLeaseSetCount
+netDb.republishQuantity
+netDb.searchCount
+netDb.searchMessageCount
+netDb.searchReplyMessageReceive
+netDb.searchReplyNotValidated
+netDb.searchReplyValidated
+netDb.searchReplyValidationSkipped
+netDb.storeFailedPeers
+netDb.storeFloodNew
+netDb.storeFloodOld
+netDb.storeHandled
+netDb.storeLeaseSetHandled
+netDb.storeLeaseSetSent
+netDb.storeLocalLeaseSetAttempt
+netDb.storeLocalRouterInfoAttempt
+netDb.storePeers
+netDb.storeRecvTime
+netDb.storeRouterInfoHandled
+netDb.storeRouterInfoSent
+netDb.successPeers
+netDb.successTime
+netDb.writeClobber
+netDb.writeOut
+netDb.writePending
+netDb.writeTime
+ntcp.accept
+ntcp.attemptShitlistedPeer
+ntcp.attemptUnreachablePeer
+ntcp.bidRejectedLocalAddress
+ntcp.bidRejectedNoNTCPAddress
+ntcp.closeOnBacklog
+ntcp.connectBlocklisted
+ntcp.connectFailedInvalidPort
+ntcp.connectFailedIOE
+ntcp.connectFailedTimeout
+ntcp.connectFailedTimeoutIOE
+ntcp.connectFailedUnresolved
+ntcp.connectImmediate
+ntcp.connectSuccessful
+ntcp.corruptDecryptedI2NP
+ntcp.corruptI2NPCRC
+ntcp.corruptI2NPIME
+ntcp.corruptI2NPIOE
+ntcp.corruptMetaCRC
+ntcp.corruptSkew
+ntcp.corruptTooLargeI2NP
+ntcp.dontSendOnBacklog
+ntcp.failsafeCloses
+ntcp.failsafeInvalid
+ntcp.failsafeWrites
+ntcp.floodInfoMessageEnqueued
+ntcp.inboundCheckConnection
+ntcp.inboundEstablished
+ntcp.inboundEstablishedDuplicate
+ntcp.infoMessageEnqueued
+ntcp.invalidDH
+ntcp.invalidHXxorBIH
+ntcp.invalidHXY
+ntcp.invalidInboundDFE
+ntcp.invalidInboundIOE
+ntcp.invalidInboundSignature
+ntcp.invalidInboundSize
+ntcp.invalidInboundSkew
+ntcp.invalidOutboundSkew
+ntcp.invalidSignature
+ntcp.liveReadBufs
+ntcp.multipleCloseOnRemove
+ntcp.noBidTooLargeI2NP
+ntcp.outboundEstablishFailed
+ntcp.outboundFailedIOEImmediate
+ntcp.prepBufCache
+ntcp.queuedRecv
+ntcp.read
+ntcp.readEOF
+ntcp.readError
+ntcp.receiveCorruptEstablishment
+ntcp.receiveMeta
+ntcp.receiveSize
+ntcp.receiveTime
+ntcp.registerConnect
+ntcp.sendBacklogTime
+ntcp.sendFinishTime
+ntcp.sendQueueSize
+ntcp.sendTime
+ntcp.throttledReadComplete
+ntcp.throttledWriteComplete
+ntcp.transmitTime
+ntcp.wantsQueuedWrite
+ntcp.write
+ntcp.writeError
+outNetMessage.timeToDiscard
+peer.failedLookupRate
+peer.profileCoalesceTime
+peer.profilePlaceTime
+peer.profileReorgTime
+peer.profileSortTime
+peer.profileThresholdTime
+peer.testOK
+peer.testTimeout
+peer.testTooSlow
+pool.dispatchDataTime
+pool.dispatchGatewayTime
+prng.bufferFillTime
+prng.bufferWaitTime
+prng.reseedCount
+router.activePeers
+router.activeSendPeers
+router.decayingBloomFilter." + _name + ".dups
+router.decayingBloomFilter." + _name + ".log10(falsePos)
+router.decayingBloomFilter." + _name + ".size
+router.decayingHashSet." + _name + ".dups
+router.decayingHashSet." + _name + ".size
+router.duplicateMessageId
+router.fastPeers
+router.highCapacityPeers
+router.invalidMessageTime
+router.memoryUsed
+router.throttleNetDbCause
+router.throttleNetDbDoS
+router.throttleNetDbDoSSend
+router.throttleNetworkCause
+router.throttleTunnelBandwidthExceeded
+router.throttleTunnelBytesAllowed
+router.throttleTunnelBytesUsed
+router.throttleTunnelMaxExceeded
+router.throttleTunnelProbTestSlow
+router.throttleTunnelProbTooFast
+router.throttleTunnelQueueOverload
+send." + _connectionId + ".lifetime
+send." + _connectionId + ".started
+send." + _connectionId + ".totalSent
+sink." + _connectionId + ".lifetime
+stream.chokeSizeBegin
+stream.chokeSizeEnd
+stream.con.initialRTT.in
+stream.con.initialRTT.out
+stream.con.lifetimeBytesReceived
+stream.con.lifetimeBytesSent
+stream.con.lifetimeCongestionSeenAt
+stream.con.lifetimeDupMessagesReceived
+stream.con.lifetimeDupMessagesSent
+stream.con.lifetimeMessagesReceived
+stream.con.lifetimeMessagesSent
+stream.con.lifetimeRTT
+stream.con.lifetimeSendWindowSize
+stream.connectionCreated
+stream.connectionReceived
+stream.con.packetsAckedPerMessageReceived
+stream.con.receiveDuplicateSize
+stream.con.receiveMessageSize
+stream.con.sendDuplicateSize
+stream.con.sendMessageSize
+stream.con.throttledDay
+stream.con.throttledHour
+stream.con.throttledMinute
+stream.con.windowSizeAtCongestion
+stream.fastRetransmit
+streaming.ackSendFailed
+streaming.lifetime
+streaming.nackReceived
+streaming,nackSent
+streaming.nackSent
+streaming.received
+streaming.sent
+streaming.synNoAck
+streaming.transferBalance
+stream.packetReceiveFailure
+stream.receiveActive
+stream.resetReceived
+stream.sendBps
+stream.sendsBeforeAck
+stream.trend
+swarm." + _connectionId + ".lifetime
+swarm." + _connectionId + ".started
+swarm." + _connectionId + ".totalSent
+swarm." + getConnectionId() + ".totalReceived
+transport.bidFailAllTransports
+transport.bidFailNoTransports
+transport.bidFailSelf
+transport.bidFailShitlisted
+transport.expiredOnQueueLifetime
+transport.getBidsJobTime
+transport.noBidsYetNotAllUnreachable
+transport.receiveMessageLarge
+transport.receiveMessageMedium
+transport.receiveMessageSize
+transport.receiveMessageSmall
+transport.receiveMessageTime
+transport.receiveMessageTimeSlow
+transport.sendMessageFailureLifetime
+transport.sendMessageLarge
+transport.sendMessageMedium
+transport.sendMessageSize
+transport.sendMessageSmall
+transport.sendProcessingTime
+transport.shitlistOnUnreachable
+tunnel.acceptLoad
+tunnel.batchCount
+tunnel.batchDelay
+tunnel.batchDelayAmount
+tunnel.batchDelaySent
+tunnel.batchFlushRemaining
+tunnel.batchFragmentation
+tunnel.batchFullFragments
+tunnel.batchMultipleCount
+tunnel.batchSmallFragments
+tunnel.buildClientExpire
+tunnel.buildClientReject
+tunnel.buildClientSuccess
+tunnel.buildExploratoryExpire
+tunnel.buildExploratoryReject
+tunnel.buildExploratorySuccess
+tunnel.buildFailFirstHop
+tunnel.buildReplySlow
+tunnel.buildReplyTooSlow
+tunnel.buildRequestDup
+tunnel.buildRequestTime
+tunnel.buildRequestZeroHopTime
+tunnel.bytesAllocatedAtAccept
+tunnel.concurrentBuilds
+tunnel.concurrentBuildsLagged
+tunnel.corruptBuildReply
+tunnel.corruptMessage
+tunnel.decryptRequestTime
+tunnel.dispatchDataTime
+tunnel.dispatchEndpoint
+tunnel.dispatchGatewayTime
+tunnel.dispatchInbound
+tunnel.dispatchOutboundPeer
+tunnel.dispatchOutboundTime
+tunnel.dispatchOutboundTunnel
+tunnel.dispatchOutboundZeroHopTime
+tunnel.dispatchParticipant
+tunnel.dropConnLimits
+tunnel.dropDangerousClientTunnelMessage
+tunnel.dropLoad
+tunnel.dropLoadBacklog
+tunnel.dropLoadDelay
+tunnel.dropLoadProactive
+tunnel.dropLoadProactiveAbort
+tunnel.duplicateIV
+tunnel.failedCompletelyMessages
+tunnel.failedPartiallyMessages
+tunnel.fragmentedComplete
+tunnel.fragmentedDropped
+tunnel.fullFragments
+tunnel.handleLoadClove
+tunnel.handleRemaining
+tunnel.joinInboundEndpoint
+tunnel.joinInboundEndpointZeroHop
+tunnel.joinInboundGateway
+tunnel.joinOutboundEndpoint
+tunnel.joinOutboundGateway
+tunnel.joinOutboundGatewayZeroHop
+tunnel.joinParticipant
+tunnel.lockedGatewayAdd
+tunnel.lockedGatewayCheck
+tunnel.ownedMessageCount
+tunnel.participatingBandwidth
+tunnel.participatingBandwidthOut
+tunnel.participatingMessageCount
+tunnel.participatingMessageDropped
+tunnel.participatingTunnels
+tunnel.pendingRemaining
+tunnel.receiveRejectionBandwidth
+tunnel.receiveRejectionCritical
+tunnel.receiveRejectionProbabalistic
+tunnel.receiveRejectionTransient
+tunnel.reject.
+tunnel.rejectOverloaded
+tunnel.rejectTimeout
+tunnel.rejectTimeout2
+tunnel.smallFragments
+tunnel.testAborted
+tunnel.testExploratoryFailedCompletelyTime
+tunnel.testExploratoryFailedTime
+tunnel.testFailedCompletelyTime
+tunnel.testFailedTime
+tunnel.testSuccessLength
+tunnel.testSuccessTime
+tunnel.tierAgree
+tunnel.tierExpire
+tunnel.tierReject
+tunnel.writeDelay
+udp.abortACK
+udp.acceptedInboundProbabalistically
+udp.ackFrequency
+udp.activeDelay
+udp.addressTestInsteadOfUpdate
+udp.addressUpdated
+udp.allowConcurrentActive
+udp.alreadyConnected
+udp.blockedRetransmissions
+udp.congestedRTO
+udp.congestionOccurred
+udp.droppedInbound
+udp.droppedInboundProbabalistically
+udp.droppedInvalidEstablish
+udp.droppedInvalidEstablish.inbound
+udp.droppedInvalidEstablish.new
+udp.droppedInvalidEstablish.outbound
+udp.droppedInvalidInboundEstablish
+udp.droppedInvalidReestablish
+udp.droppedInvalidSkew
+udp.droppedInvalidUnknown
+udp.droppedPeer
+udp.dropPeerConsecutiveFailures
+udp.dropPeerDroplist
+udp.establishOverflow
+udp.establishRejected
+udp.fetchRemoteSlow
+udp.handleTime
+udp.ignorePacketFromDroplist
+udp.ignoreRecentDuplicate
+udp.inboundEstablishFailedState
+udp.inboundEstablishTime
+udp.inboundExpired
+udp.inboundLag
+udp.inboundReadTime
+udp.inboundReady
+udp.inboundReceiveProcessTime
+udp.inboundRemaining
+udp.messageQueueSize
+udp.mtuDecrease
+udp.mtuIncrease
+udp.outboundActiveCount
+udp.outboundEstablishFailedState
+udp.outboundEstablishTime
+udp.packetAuthRecvTime
+udp.packetAuthTime
+udp.packetAuthTimeSlow
+udp.packetDequeueTime
+udp.packetNoValidationLifetime
+udp.packetsRetransmitted
+udp.packetValidateMultipleCount
+udp.packetVerifyTime
+udp.packetVerifyTimeSlow
+udp.partialACKReceived
+udp.peerPacketsRetransmitted
+udp.proactiveReestablish
+udp.pushTime
+udp.queueAllowTotalLifetime
+udp.queueDropSize
+udp.queueTime
+udp.receiveACKPeriod
+udp.receiveBps
+udp.receivedACKs
+udp.receivedCompleteFragments
+udp.receivedCompleteTime
+udp.receiveHolePunch
+udp.receiveIntroRelayResponse
+udp.receiveMessagePeriod
+udp.receivePacketSize
+udp.receivePacketSize.dataKnown
+udp.receivePacketSize.dataKnownAck
+udp.receivePacketSize.dataUnknown
+udp.receivePacketSize.dataUnknownAck
+udp.receivePacketSize.relayIntro
+udp.receivePacketSize.relayRequest
+udp.receivePacketSize.relayResponse
+udp.receivePacketSize.sessionConfirmed
+udp.receivePacketSize.sessionCreated
+udp.receivePacketSize.sessionRequest
+udp.receivePacketSize.test
+udp.receivePacketSkew
+udp.receivePiggyback
+udp.receiveRelayIntro
+udp.receiveRelayRequest
+udp.receiveRelayRequestBadTag
+udp.receiveRemaining
+udp.receiveTest
+udp.receiveTestReply
+udp.rejectConcurrentActive
+udp.rejectConcurrentSequence
+udp.sendACKCount
+udp.sendACKPartial
+udp.sendACKRemaining
+udp.sendACKTime
+udp.sendAggressiveFailed
+udp.sendBps
+udp.sendBWThrottleTime
+udp.sendConfirmFragments
+udp.sendConfirmTime
+udp.sendConfirmVolley
+udp.sendCycleTime
+udp.sendCycleTimeSlow
+udp.sendException
+udp.sendFailed
+udp.sendIntroRelayRequest
+udp.sendIntroRelayTimeout
+udp.sendPacketSize
+udp.sendPacketSize.
+udp.sendPiggyback
+udp.sendPiggybackPartial
+udp.sendQueueFailed
+udp.sendQueueSize
+udp.sendQueueTrimmed
+udp.sendRejected
+udp.sendSparse
+udp.sendVolleyTime
+udp.socketSendTime
+udp.statusDifferent
+udp.statusKnownCharlie
+udp.statusOK
+udp.statusReject
+udp.statusUnknown
+udp.timeToActive
+udp.timeToEntrance
+</pre></div>
+
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.7.8.html b/www.i2p2/pages/release-0.7.8.html
index 0fd5c8e540a8cf4b4b2453ce238065e730b6c4f6..764a4957192788eb473ae4e66a388ac93eda9a54 100644
--- a/www.i2p2/pages/release-0.7.8.html
+++ b/www.i2p2/pages/release-0.7.8.html
@@ -27,7 +27,7 @@ Release details:
<p><strong>Network Database</strong></p>
<p>- Partially reintroduce Kademlia to the network database, by having each floodfill store only a portion of the keyspace. Routers will query and store to a floodfill that is closest to the key in question. Floodfills will only flood to peers closest to the key.
-<br />- The limit on number of floodfills will not be raised in this release. Therefore, there will be no immediate change; all floodfills will store the entire keyspace. In future releases, the limit will be raised until most class O routers will be floodfill. After that, each floodfill be be responsible for about 300 netdb entries, independent of network size, thus allowing i2p to scale to many thousands of routers.
+<br />- The limit on number of floodfills will not be raised in this release. Therefore, there will be no immediate change; all floodfills will store the entire keyspace. In future releases, the limit will be raised until most class O routers will be floodfill. After that, each floodfill be responsible for about 300 netdb entries, independent of network size, thus allowing i2p to scale to many thousands of routers.
<br />- The release also fixes a bad bug that was preventing verification of RouterInfo stores.</p>
<p><strong>Router Console Translation Support</strong></p>
diff --git a/www.i2p2/pages/release-0.8.1.html b/www.i2p2/pages/release-0.8.1.html
new file mode 100644
index 0000000000000000000000000000000000000000..4b48e0acbabeb7bc32c6859725cd4131dbadd3db
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.1.html
@@ -0,0 +1,75 @@
+{% extends "_layout.html" %}
+{% block title %}0.8.1 Release{% endblock %}
+{% block content %}
+<p>
+The 0.8.1 release contains the usual collection of bug fixes and performance tweaks.
+There is also a new i2psnark theme and several translation updates.
+Upgrading is recommended.
+</p><p>
+Please help grow the network.
+Give the
+developers feedback on IRC #i2p or <a href="http://forum.i2p2.de/">forum.i2p2.de</a>
+and <a href="http://www.i2p2.de/getinvolved.html">get involved</a>,
+spread the word,
+and <a href="http://www.i2p2.de/donate.html">donate</a>!
+We are still looking for help on new and existing translations.
+Please volunteer on IRC #i2p.
+</p>
+
+<p>Files are available on the <a href="/download.html">download page.</a></p>
+
+<p>
+<b>Release details:</b>
+</p>
+<p>1.6 or higher JDK now required to build from source.
+
+<br />1.5 or higher JRE still OK to run I2P.</p>
+
+<p><strong>Bugfixes</strong></p>
+
+<p>- Fix eepget redirect bugs
+<br />- Fix bug causing GeoIP lookups to stop
+<br />- Don't let alternative naming services look up b32 addresses
+<br />- Try to prevent firewalled routers from running out of introducers
+<br />- Try again to fix i2ptunnel nonce bug</p>
+
+<p><strong>Speedups</strong></p>
+
+<p>- Make streaming flush much faster
+<br />- Use flush in more places
+<br />- Convert several lists to queues
+<br />- Fix crypto YK precalculation
+<br />- Disable unused I2CP acknowledgements in several cases
+<br />- Don't route tunnels through peers 0.7.8 and earlier as they have message corruption bugs</p>
+
+<p><strong>I2PSnark</strong></p>
+
+<p>- Redesign by dr|zed
+<br />- File download priority feature
+<br />- Lots of bug fixes</p>
+
+<p><strong>File Permissions</strong></p>
+
+<p>- All user files created by I2P will now be readable only by the owner (mode 600)</p>
+
+<p><strong>Documentation</strong></p>
+
+<p>- The technical documentation on our website is now current, complete, and accurate. See <a href="http://www.i2p2.de/how">http://www.i2p2.de/how</a> .
+<br />- Javadocs have been updated throughout the source.
+<br />- Full Javadocs are now available at <a href="http://docs.i2p-projekt.de/javadoc/">http://docs.i2p-projekt.de/javadoc/</a> .
+</p>
+
+
+<p>
+<b>
+SHA256 Checksums:
+</b>
+<pre>
+ 881530e079114b6da2c3eba069f7d4eeedf503983d5c50737b6779f7f5d8f76f i2pinstall_0.8.1.exe
+ f16f1e8a59f1af91551f2dfdf3cac88eec7298495c924128a913cf2ec50066de i2psource_0.8.1.tar.bz2
+ 9905212e945af9e1bb2def02abc62496a92b7d2a9f4ef497a0bb9dbf84c1dffe i2pupdate_0.8.1.zip
+ 1253884176e7da4ab8541606196e7802e1fcfb28335a459bc7d69a79e2823eab i2pupdate.su2
+ 63cfb32ebf6adbc3c2ee6364b471f9e57ce680c85c6152dca92a411fadd77694 i2pupdate.sud
+</pre>
+</p>
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.10.html b/www.i2p2/pages/release-0.8.10.html
new file mode 100644
index 0000000000000000000000000000000000000000..82373a0e36aa56999d6cf91cbe2ec05f1b14ca62
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.10.html
@@ -0,0 +1,48 @@
+{% extends "_layout.html" %}
+{% block title %}0.8.10 Release{% endblock %}
+{% block content %}
+
+<p>
+
+Release 0.8.10 includes two changes intended to reduce the number of router-to-router connections,
+and therefore improve tunnel build success rates and general reliability.
+Of course, there's also a few bug fixes and translation updates.</p>
+
+</p>
+
+<p>Files are available on the <a href="/download.html">download page.</a></p>
+
+
+<p><strong>Release Details</strong></p>
+
+
+<p>- Disable tunnel testing as it forces too many router connections
+<br />- Select outbound endpoint - inbound gateway paths that are closer, using an XOR metric, to reduce router connections.</p>
+
+<p><strong>Bug Fixes</strong></p>
+
+<p>- Fix exceptions at shutdown
+<br />- Fix concurrency errors in SSU
+<br />- Fix timeout message on POST</p>
+
+<p><strong>Other</strong></p>
+
+<p>- Increase max tunnels, reduce router info expiration
+<br />- Add gunzip support to eepget to reduce reseed bandwidth
+<br />- Finnish, Italian, Russian, and Swedish translation updates</p>
+
+<b>
+SHA256 Checksums:
+</b>
+<pre>
+
+ 8494640d29b1b7969118169a7ae1c56bc5a07f354ec883734687bf09eef0e35c i2pinstall_0.8.10.exe
+ e5832bb49f46b0b6620e8492e6fc6454de4107b84bca5a4b35461c6b7ac0575e i2psource_0.8.10.tar.bz2
+ 64bcd1fdd478cfda987c1d4906d94b3f20a0555bd4037aefa7a09af4f39a0e99 i2pupdate_0.8.10.zip
+ 5620113f4e19768e15af0a9c8bc670ca443e9983a0d4868997800ee215790c51 i2pupdate.su2
+ 39bfbfebbf77d660081fe1ce282f642fb15ed9cd170901f54a954bc986eadaf5 i2pupdate.sud
+
+
+</pre>
+
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.11.html b/www.i2p2/pages/release-0.8.11.html
new file mode 100644
index 0000000000000000000000000000000000000000..7aa5a25cb38fb736760fd1bb1c6efc50e09efb05
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.11.html
@@ -0,0 +1,65 @@
+{% extends "_layout.html" %}
+{% block title %}0.8.11 Release{% endblock %}
+{% block content %}
+
+<p>
+As you all have noticed, the unprecedented network growth starting October 5th
+has dramatically increased network congestion, especially on evenings (UTC)
+and weekends. The last two releases contained a few changes that we hoped
+would relieve the pressure, but unfortunately these measures have been only
+modest successes. The primary issue is to limit the number of direct router
+to-router connections in the network. This isn't a new problem; we've been
+working on it for several years, with good results. However, the recent
+growth pushed us over the edge once again.
+</p><p>
+Release 0.8.11 includes several more changes to reduce the number of router-to-router
+connections and increase connection and tunnel build capacity. The goal, of course,
+is to improve tunnel build success rates and general reliability. As always, there's
+a few bug fixes and translation updates.
+</p><p>
+We welcome all our new users. Please be patient as we work to improve network
+performance. Debugging congestion problems in a distributed anonymous network
+is a continuing challenge. Please help improve the network
+by restarting your router once the upgrade is downloaded.
+</p>
+
+<p>Files are available on the <a href="/download.html">download page.</a></p>
+
+
+<p><strong>Release Details</strong></p>
+
+<p><strong>Major changes</strong></p>
+
+<p>- Improve peer profile capacity metric to include factors for connection, reachability, country, and router hash, to reduce connection churn
+<br />- Adjust connection limits and timeouts to increase capacity
+<br />- Adjust router info and peer profile expirations to reduce memory usage
+<br />- Rebuild existing tunnels some of the time to reduce connection churn and improve build success
+<br />- Build Executor / Handler thread separation to increase build handling capacity for high-speed routers
+<br />- Bloom Filter optimizations to reduce lock contention for high-speed routers
+<br />- SSU introducer changes</p>
+
+<p><strong>Bug Fixes</strong></p>
+
+<p>- Fix expiration of peer profiles</p>
+
+<p><strong>Other</strong></p>
+
+<p>- Ukrainian translation updates</p>
+
+
+
+<b>
+SHA256 Checksums:
+</b>
+<pre>
+
+ fa3d566874f196e32e1d5987d3dedb956cfa0b2a93a0735e53d6dd9fa2b1769a i2pinstall_0.8.11.exe
+ f7113da64bacea9a560e0f3c31c9fb663fc646d16bb621a9b8f1e97477d0a2d1 i2psource_0.8.11.tar.bz2
+ 835fe7dadd4b8155a83774ea025dc76332660fed2c20799fa21f54b5627bff3d i2pupdate_0.8.11.zip
+ d932c54d275eef0a31418970e0ecae8ea46d25e1110db4b9eab4ba685830e445 i2pupdate.su2
+ ca3e17c3cd29159e8a2a91ccc51bdfbf794ad9ca481f620b29bdd51251c3ab97 i2pupdate.sud
+
+
+</pre>
+
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.12.html b/www.i2p2/pages/release-0.8.12.html
new file mode 100644
index 0000000000000000000000000000000000000000..f97f2cbe0ff8c56df1f54e9cbeee035e884321f7
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.12.html
@@ -0,0 +1,97 @@
+{% extends "_layout.html" %}
+{% block title %}0.8.12 Release{% endblock %}
+{% block content %}
+
+<p>
+The 0.8.12 release fixes several message corruption bugs, some present since 2005.
+It also contains a redesign of the router's congestion control, and continued optimization
+of CPU and memory usage. We are hopeful that these changes will improve network performance.
+Upgrading is recommended.
+</p>
+
+<p>Files are available on the <a href="/download.html">download page.</a></p>
+
+
+<p><strong>Release Details</strong></p>
+
+<p>This release contains several big changes that should help network reliability and performance.</p>
+
+<p>The first two changes are fixes for major UDP packet transmission bugs, described below. The third change
+ is fixes to the decompressor. Fixing these should eliminate a big source of message delivery failures.</p>
+
+<p>Also, the release contains a rewrite of the router's participating traffic congestion control. It should
+ now more accurately measure current participating bandwidth, handle bursts better, drop messages less, and
+ drop the right messages if dropping is required.</p>
+
+<p>Also, the release reduces the amount of processing that routers do for messages they pass down the tunnel.
+ These messages do not need to be completely parsed and validated since the gateway is simply passing them through.
+ This will help performance of all routers but the improvement will probably not be noticeable except on high-traffic routers.</p>
+
+<p>We're optimistic that these changes will help, and of course eliminating sources of message corruption is sure to help.
+ However the extend of the improvement won't be apparent until the majority of the network upgrades.</p>
+
+<p>The release also contains some updates to the router console light theme. You may need to do a shift-reload
+ or control-reload in your browser to force a reload of the CSS.</p>
+
+<p><strong>Major changes</strong></p>
+
+<p>- Instead of fully parsing and validating messages received at the inbound gateway, simply pass them down the tunnel
+<br />- Don't verify I2NP checksums in most cases, as message corruption is caught at other layers
+<br />- Don't recalculate I2NP checksums on messages passed through unchanged
+<br />- Several NTCP pumper optimizations, to hopefully fix NTCP pumper high CPU usage on fast routers
+
+<br />- Rewrite participating tunnel congestion control, to drop less, more accurately measure traffic, and handle bursts better</p>
+
+<p><strong>Wrapper Update</strong></p>
+
+<p>New installs include wrapper version 3.5.13 which fixes a heap corruption with very long log lines.
+ See <a href="http://wrapper.tanukisoftware.com/doc/english/release-notes.html">http://wrapper.tanukisoftware.com/doc/english/release-notes.html</a>
+ for additional information. I2P PPA package users should have received this update in the last week of December.
+ If you do not use our PPA package and would like to update your wrapper manually, follow the instructions at
+ <a href="http://www.i2p2.de/manualwrapper">http://www.i2p2.de/manualwrapper</a> .</p>
+
+<p><strong>Bug Fixes</strong></p>
+
+<p>- Fix major SSU MTU bug introduced in 0.8.9.The router sometimes sent UDP packets that exceeded the maximum
+size that routers would accept on the receive side. This resulted in a lot of dropped packets, tunnel build problems,
+ and connection problems. One thing that contributed to us missing the problem was that 0.8.9 was released in the
+ middle of the huge network expansion in early October, when network performance was already deteriorating rapidly.
+<br />- Fix major SSU fragmentation bug present since 2005. UDP corrupted transmit messages when the message size
+ was an exact multiple of the fragmentation size.
+<br />- Fix major decompression bugs present since 2005 that caused message corruption and data loss at multiple protocol layers.
+<br />- Snark doesn't always delete directories
+<br />- Fix all character case conversion (Turkish four i problem)
+<br />- Whitelist more IRC commands
+<br />- Remove expired reseed cert</p>
+
+<p><strong>Other</strong></p>
+
+<p>- Speed up the inefficient GeoIP lookup
+<br />- Optimize several heavily-used utility functions
+<br />- Don't drop the transport connection when receiving an invalid message, it isn't necessary and could be an attack vector
+<br />- Console light theme update
+
+<br />- Move the complex network configuration stuff to a new console page
+<br />- Add a link to hide the news in the console
+<br />- Allow numerous additional IRC commands through the IRC filter
+<br />- Several other cleanups, optimizations, and object caches added
+<br />- New Estonian translation (thanks ajutine)
+<br />- Spanish, Swedish, Ukrainian translation updates
+</p>
+
+
+
+<b>
+SHA256 Checksums:
+</b>
+<pre>
+
+ 7a05b96c535f565b06aeec3b83fca6245b1159003d4e2da2149374ba0f476847 i2pinstall_0.8.12.exe
+ 019d6018e7093650cf67fd883b0cf0f12aa2f4f0cddc5ef6a08e6147af07f142 i2psource_0.8.12.tar.bz2
+ a9556998b136d47b124749f426d86514e7128094308f03085b889f34bbdf8dc0 i2pupdate_0.8.12.zip
+ bb7be1dc9bdcc9b2db2587988325b4ea7c81e9eeb542ebcb17e0d6de29fc98d3 i2pupdate.su2
+ 491722ef1a641512fc3bbaf825d5d1671b701e32b1298572f2820ab7fbf9851d i2pupdate.sud
+
+</pre>
+
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.13.html b/www.i2p2/pages/release-0.8.13.html
new file mode 100644
index 0000000000000000000000000000000000000000..2c6f4ad6dd33cf9375339982dad48ea7a651076b
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.13.html
@@ -0,0 +1,83 @@
+{% extends "_layout.html" %}
+{% block title %}0.8.13 Release{% endblock %}
+{% block content %}
+
+<p>
+The 0.8.13 release contains several bug fixes and a couple of new features.
+We are pleased that the last release significantly improved performance,
+and the network is running well despite continued rapid growth.
+Upgrading is recommended.
+</p>
+
+<p>Files are available on the <a href="/download.html">download page.</a></p>
+
+
+<p><strong>Release Details</strong></p>
+<p>
+This is likely to be the last release before 0.9, in which we will migrate to Jetty 6,
+and introduce a simplified router console home page. Monitor the news section of
+your the router console in the coming weeks for more information on the next release.
+</p><p>
+Starting with this release, the router will
+check for and install plugin updates shortly upon restarting after a router update.
+To prevent this, add the advanced configuration
+<tt>plugins.autoUpdate=false</tt> before restarting.
+There is also a new update-all button on the client configuration page.
+</p><p>
+Routers in certain countries will now automatically enable hidden mode for increased protection.
+However, hidden mode may have lower performance or reliability, and is still a work in progress.
+To disable hidden mode before restarting, add the advanced configuration
+<tt>router.isHidden=false</tt>.
+To disable hidden mode later, select <i>use all auto-detect methods</i> under <i>IP Configuration</i> on the
+network configuration page.
+For the list of countries see the thread on zzz.i2p.
+The only country on the list that has more than one or two I2P users is China.
+</p>
+
+
+<p><strong>Major changes</strong></p>
+<p>- Check for and download plugin updates upon restarting after a router update.
+<br />- Routers in certain countries will now automatically enable hidden mode for increased protection.
+<br />- New Tunnel Wizard for creating tunnels</p>
+<br />- A SIGHUP to the wrapper will now initiate a graceful shutdown
+
+<p><strong>Bug Fixes</strong></p>
+
+<p>- Increase read timeout in HTTP Proxy
+<br />- Shutdown hooks will now run when router is shutdown externally (i2prouter stop), broken in 0.8.8
+<br />- If an external IP address is specified, bind only to that interface
+<br />- Fail tunnels we created when we can't contact the adjacent hop
+<br />- Prevent races when saving configuration
+<br />- For plugins, check min and max Jetty versions; check all version requirements at startup, not just at install
+<br />- Fix plugin startup when console is not on port 7657
+<br />- Only stop plugins if they are running
+<br />- Fix NPE when no network interfaces are present
+<br />- Fix eepget exit code on failure
+<br />- Improve inbound tunnel building when in hidden mode
+<br />- Publish our router info sooner after startup to facilitate inbound tunnel building
+<br />- Fix Streamr tunnel registration</p>
+
+<p><strong>Other</strong></p>
+
+<p>- Add icons to buttons in SusMail and SusiDNS
+<br />- Move wrapper PID, status, and log files from /tmp to ~/.i2p (Debian packages and new installs only)
+<br />- i2prouter graceful (Debian packages and new installs only)
+<br />- Increase number of floodfills
+<br />- Repack jars in installer to save a little space
+<br />- New translation infrastructure for i2prouter script (not enabled yet)
+<br />- New Czech translation (thanks Waseihou)
+<br />- German, Italian, Polish, Spanish, Swedish, Ukrainian translation updates</p>
+
+
+<b>
+SHA256 Checksums:
+</b>
+<pre>
+ 648a552ee009e9648aba0666c05e2f71e442a714716659a0ca4f60aca87bda50 i2pinstall_0.8.13.exe
+ bdd510cc47b2cd78aa8d994e27694185c1f2deb48b049d61a93a795932ce5712 i2psource_0.8.13.tar.bz2
+ 36683d906ac121fd28ac5600218aec943da154cb0230f274f0e2a7c6cc6fb8a5 i2pupdate_0.8.13.zip
+ 81fa5256250fde2790153b83d2b01b6bc3b5ee7ea1b4d12232ce46f06ae736ef i2pupdate.su2
+ 2eb25974ebfeeeec59d8138e42d5663d97cc24b94f2c6cf77cfe6dc991acf0bb i2pupdate.sud
+</pre>
+
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.2.html b/www.i2p2/pages/release-0.8.2.html
new file mode 100644
index 0000000000000000000000000000000000000000..4c5c68777b8af76f5643e05ca3a49af2e990286f
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.2.html
@@ -0,0 +1,82 @@
+{% extends "_layout.html" %}
+{% block title %}0.8.2 Release{% endblock %}
+{% block content %}
+<p>
+The 0.8.2 release includes extensive bug fixes and theme updates in the router and in i2psnark.
+There are also optimizations to reduce memory usage in i2psnark.
+The HTTP and SOCKS proxies now support local and remote authorization.
+Upgrading is recommended.
+</p><p>
+I2P will be at 27C3 in Berlin the week of December 27th.
+Look for the I2P people there and ask for I2P stickers!
+</p><p>
+Please help grow the network.
+<a href="http://www.i2p2.de/getinvolved.html">Get involved</a>,
+spread the word,
+and <a href="http://www.i2p2.de/donate.html">donate</a>!
+If you find a bug, please enter a report on <a href="http://trac.i2p2.de/report/1">trac</a>.
+We are still looking for help on new and existing translations.
+Please volunteer on IRC #i2p.
+</p>
+
+<p>Files are available on the <a href="/download.html">download page.</a></p>
+
+<p>
+<b>Release details:</b>
+</p>
+
+<p><strong>Bug Fixes</strong></p>
+
+<p>- Improve I2CP and I2PTunnel error propagation and logging for troubleshooting
+<br />- Clean up lots of error messages that weren't really errors
+<br />- Fix transport bug with message retries causing IllegalStateExceptions
+<br />- Fix bug causing UDP to use too much CPU</p>
+
+<p><strong>Console</strong></p>
+
+<p>- Theme updates
+<br />- Home page update
+<br />- Convert GETs to POSTs for security
+<br />- ".jsp" suffixes no longer required in URLs
+<br />- Fix UDP rate display on Peers page
+<br />- Stats page improvements
+<br />- Improve time representation</p>
+
+<p><strong>I2PSnark</strong></p>
+
+<p>- Theme updates, theme selection, new vanilla theme
+<br />- Reduction in memory and thread usage
+<br />- Convert GETs to POSTs for security
+<br />- Files now mode 600
+<br />- Lots of bug fixes</p>
+
+<p><strong>Other</strong></p>
+
+<p>- Support reseeding via SSL
+<br />- Add SOCKS outproxy support
+<br />- Add username/password support for I2CP, HTTP and SOCKS proxies, and outproxies
+<br />- Rework of data structure classes in preparation for more caching
+<br />- Logging subsystem updates; router log now in local time
+<br />- API cleanup by marking more non-API classes package private
+
+<br />- Javadoc updates
+<br />- More work on the Debian build scripts by HungryHobo
+<br />- New advanced option i2p.insecureFiles=true to disable mode 600
+<br />- Save news and addressbook subscription last-fetched times across restarts, so they aren't always fetched right after router start
+<br />- Lots of translation updates</p>
+
+
+
+<p>
+<b>
+SHA256 Checksums:
+</b>
+<pre>
+ 03caab1b746f42a4f2e6ab07cc4efd529e9c37f37793224424a83e7b5aa5ec68 i2pinstall_0.8.2.exe
+ a5f3104e70f84bf81776a2f2940172de6efd06a9ec7a5662e7f01d694b651b98 i2psource_0.8.2.tar.bz2
+ f2b90fe5926d371bcd4a36c6a317d739c9fcb0d548f24ba0b6173f85d45d809b i2pupdate_0.8.2.zip
+ b26ff143088864ec4dff399420f7d42d65cfec55a79915a58d2cddd4309601d9 i2pupdate.su2
+ 5d094c6f1c98b4d463852c288c8a90041165c3fc002414bd2c425bbe204ae865 i2pupdate.sud
+</pre>
+</p>
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.3.html b/www.i2p2/pages/release-0.8.3.html
new file mode 100644
index 0000000000000000000000000000000000000000..147d73ca18bc2d90d551f071b4aa739f0bd2f0f3
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.3.html
@@ -0,0 +1,69 @@
+{% extends "_layout.html" %}
+{% block title %}0.8.3 Release{% endblock %}
+{% block content %}
+<p>
+The 0.8.3 release contains several performance improvements, including reduction of threads and
+memory usage, and faster I2CP (client-router) communication.
+</p><p>
+There is also new SSL router console support,
+a new reseed configuration page including HTTP proxy support for those behind restrictive firewalls,
+a new I2CP configuration section including I2CP-over-SSL support for remote clients,
+a new server connection limits and blacklist configuration section for enhanced DoS protection,
+and a new
+HTTP proxy jump server configuration section so you may easily add alternative jump servers.
+Statistics are now limited by default to reduce memory usage; the full set of statistics may be re-enabled on the
+stats configuration page.
+There are also bug fixes, of course, so
+as usual, upgrading is recommended.
+</p><p>
+Please help grow the network.
+<a href="http://www.i2p2.de/getinvolved.html">Get involved</a>,
+spread the word,
+and <a href="http://www.i2p2.de/donate.html">donate</a>!
+If you find a bug, please enter a report on <a href="http://trac.i2p2.de/report/1">trac</a>.
+We are still looking for help on new and existing translations.
+Please volunteer on IRC #i2p.
+</p>
+
+<p>Files are available on the <a href="/download.html">download page.</a></p>
+
+<p>
+<b>Release details:</b>
+</p>
+
+<p><strong>New Features</strong></p>
+
+<p>* SSL Console
+<br />* SSL I2CP
+<br />* Jump list, blacklist, and connection limits now on i2ptunnel edit forms
+<br />* Smarter update handler that tries multiple sources
+<br />* New reseed configuration page for those behind restrictive firewalls
+<br />* New I2CP configuration form</p>
+
+<p><strong>Resource Reduction</strong></p>
+
+<p>* More efficient I2CP for internal clients
+<br />* Less threads, better thread pooling
+<br />* Adjust thread count based on available memory
+<br />* Change full stats default to false
+<br />* Caching of several data structures
+<br />* Naming lookup support over existing I2CP sessions</p>
+
+<p><strong>Bug Fixes</strong></p>
+
+<p>* Fix i2psnark buttons in Firefox 4.0b and IE
+<br />* Restore library functions required by Syndie</p>
+
+<p>
+<b>
+SHA256 Checksums:
+</b>
+<pre>
+ 91207badb1f6fbcb90398f77eca6a59b3e7ac7aa1d16d5e9d57cd3037aa004c5 i2pinstall_0.8.3.exe
+ 4f57e252af52bf7c1ed1b95e08f41636e8cd1b5095d1643f6bf44e5d6e95ae4d i2psource_0.8.3.tar.bz2
+ 102ab3acfe4f95c1bdd12518788393f533e0c18291dddf8d1938c3d9eb05318c i2pupdate_0.8.3.zip
+ 3f2ad3150687868229c42245f20956c05db11fc67dc790847f97375c84faf5eb i2pupdate.su2
+ 4a2352be546fd9044068074c5edbd6c9ded373dab0f0f77e9df0db8974cbc2d9 i2pupdate.sud
+</pre>
+</p>
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.4.html b/www.i2p2/pages/release-0.8.4.html
new file mode 100644
index 0000000000000000000000000000000000000000..13bd348763956afde4fcb2fe672902157cf9c385
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.4.html
@@ -0,0 +1,58 @@
+{% extends "_layout.html" %}
+{% block title %}0.8.4 Release{% endblock %}
+{% block content %}
+<p>
+The 0.8.4 release contains some performance improvements and important bug fixes.
+Also, i2psnark now supports magnet links.
+as usual, upgrading is recommended.
+</p><p>
+Please help grow the network.
+<a href="http://www.i2p2.de/getinvolved.html">Get involved</a>,
+spread the word,
+and <a href="http://www.i2p2.de/donate.html">donate</a>!
+If you find a bug, please enter a report on <a href="http://trac.i2p2.de/report/1">trac</a>.
+We are still looking for help on new and existing translations.
+Please volunteer on IRC #i2p-dev.
+</p>
+
+<p>Files are available on the <a href="/download.html">download page.</a></p>
+
+<p>
+<b>Release details:</b>
+</p>
+
+<p>* Fix a severe memory leak in router I2CP session management that caused router crashes for people running the Robert bittorrent client
+<br />* Fix a bug from 0.8.2 that filtered cookies in the HTTP Server tunnel, causing authentication problems for some eepsites
+<br />* Several fixes for rare NPEs</p>
+
+<p><strong>I2PSnark</strong></p>
+
+<p>* Magnet and "maggot" link support
+<br />* Peer Exchange
+<br />* Metadata transfer
+<br />* Details page enhancements
+<br />* Bandwidth limiter improvements
+
+<br />* Bug fixes</p>
+
+<p><strong>Other</strong></p>
+
+<p>* More performance improvements
+<br />* Adjustment to peer selection, to hopefully use more of the available network capacity
+<br />* Translation updates
+<br />* Start of a new Arabic translation by 'hamada'</p>
+
+
+<p>
+<b>
+SHA256 Checksums:
+</b>
+<pre>
+ 2b9f82b2c236cedcb6d394557a366ea3e181ca244461375a810709b2f7d4e881 i2pinstall_0.8.4.exe
+ e454880a753963361e43d65da69542c4e8caa62d2646e8ce851b2f95fd9e735c i2psource_0.8.4.tar.bz2
+ 5c6632b5f97e02296ad2d3d5f108b472d6766967a037d96421ad36fa5f2e60a9 i2pupdate_0.8.4.zip
+ 155cd3ca7d174c30367dfa147b11a0c55fb6e85680a0aeda126afcb5e141db42 i2pupdate.su2
+ 465060129520ad115a3823e625def94b8ebafdd28c6ab9b27e125afed70cf851 i2pupdate.sud
+</pre>
+</p>
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.4_fr.html b/www.i2p2/pages/release-0.8.4_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..0417139a65214508fb25f1630f0a038e4bd9c1fc
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.4_fr.html
@@ -0,0 +1,59 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Version 0.8.4{% endblock %}
+{% block content %}
+Traduction de mars 2011. <a href="release-0.8.4.html">Version anglaise actuelle</a>
+<p>
+Cette version 0.8.4 contient quelques améliorations de performance et des corrections de bogues importantes.
+I2psnark supporte maintenant les liens Magnet. Comme d'habitude, la mise à jour est recommandée.
+</p><p>
+Merci de participer à la croissance du réseau.
+<a href="http://www.i2p2.de/getinvolved_fr.html">Engagez-vous</a>,
+passez le mot,
+et <a href="http://www.i2p2.de/donate_fr.html">faites un petit geste</a>!
+Si vous trouvez un bogue, merci d'enregistrer un rapport sur <a href="http://trac.i2p2.de/report/1">trac</a>.
+Nous cherchons toujours de l'aide pour la traduction. Merci de vous signaler sur IRC #i2p-dev.
+</p>
+
+<p>Les fichiers sont disponibles <a href="/download_fr.html">ici.</a></p>
+
+<p>
+<b>Détails de cette version:</b>
+</p>
+
+<p>* Correction d'une fuite de mémoire sévère dans la gestion des sessions I2CP du routeur
+qui provoquait des plantages du routeur pour les utilisateurs du client bittorrent Robert.
+<br />* Correction d'un bogue de la v0.8.2 qui filtrait les cookies dans le tunnel Serveur HTTP,
+ provocant des problèmes d'authentification pour quelques sites eep.
+<br />* Plusieurs corrections pour de rares NPEs</p>
+
+<p><strong>I2PSnark</strong></p>
+
+<p>* Liens Magnet et "maggot" supportés.
+<br />* Échange de pair
+<br />* Transfert de metadata.
+<br />* Améliorations de la page "Détails".
+<br />* Améliorations du limiteur de bande passante.
+
+<br />* Corrections de bogues</p>
+
+<p><strong>Divers</strong></p>
+
+<p>* Plus d'améliorations de performance.
+<br />* Fignolage de sélection de pair, pour utiliser plus de la capacité disponible du réseau.
+<br />* Mises à jour de traductions.
+<br />* Début d'une nouvelle traduction en arabe par 'hamada'</p>
+
+
+<p>
+<b>
+Sommes de contrôle SHA256 :
+</b>
+<pre>
+ 2b9f82b2c236cedcb6d394557a366ea3e181ca244461375a810709b2f7d4e881 i2pinstall_0.8.4.exe
+ e454880a753963361e43d65da69542c4e8caa62d2646e8ce851b2f95fd9e735c i2psource_0.8.4.tar.bz2
+ 5c6632b5f97e02296ad2d3d5f108b472d6766967a037d96421ad36fa5f2e60a9 i2pupdate_0.8.4.zip
+ 155cd3ca7d174c30367dfa147b11a0c55fb6e85680a0aeda126afcb5e141db42 i2pupdate.su2
+ 465060129520ad115a3823e625def94b8ebafdd28c6ab9b27e125afed70cf851 i2pupdate.sud
+</pre>
+</p>
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.5.html b/www.i2p2/pages/release-0.8.5.html
new file mode 100644
index 0000000000000000000000000000000000000000..bcb4bd3c699583a58f1961844093666d7461fc90
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.5.html
@@ -0,0 +1,55 @@
+{% extends "_layout.html" %}
+{% block title %}0.8.5 Release{% endblock %}
+{% block content %}
+<p>
+The 0.8.5 release contains a few bug fixes and performance improvements, and lots of translation updates.
+as usual, upgrading is recommended.
+</p><p>
+Please help grow the network.
+<a href="http://www.i2p2.de/getinvolved.html">Get involved</a>,
+spread the word,
+and <a href="http://www.i2p2.de/donate.html">donate</a>!
+If you find a bug, please enter a report on <a href="http://trac.i2p2.de/report/1">trac</a>.
+We are still looking for help on new and existing translations.
+Please volunteer on IRC #i2p-dev.
+</p>
+
+<p>Files are available on the <a href="/download.html">download page.</a></p>
+
+
+<b>Release details:</b>
+
+
+<p>* Lots of router console HTML fixes
+<br />* i2psnark magnet handling fixes
+<br />* SusiMail Translation support by "duck"
+<br />* Continuing work on the Arabic translation by "hamada"
+
+<br />* Completion of the French translation by "magma"
+<br />* Completion of the Spanish translation by "punkibastardo" and "user"
+<br />* Other translation updates
+<br />* Better support for text-mode browsers
+<br />* Profile display improvements
+<br />* Tunnel build request queue limiting
+<br />* Require nonce to change console language
+<br />* i2psnark improved logging of errors
+<br />* i2psnark improved metainfo handling
+<br />* Use the reseed server as a backup time source
+
+<br />* Change profile file extension from .dat to .txt.gz
+<br />* Change all i2ptunnels to 3 hops for new installs
+<br />* Add all bogons to blocklist for new installs
+<br />* More efficient use of entropy for padding</p>
+
+<b>
+SHA256 Checksums:
+</b>
+<pre>
+ 6ae6b196352e1053c4e7b91edc575330d108ff9abfc2746ea3c3b2e3fd467006 i2pinstall_0.8.5.exe
+ de9fa105c1335d58609689a942d3e6a508ca824fc8b27a34c1c0b09fc7e0167b i2psource_0.8.5.tar.bz2
+ 7e4c1835dfd7aaa42d84cf4646f5858a37efa027f43a26eb98360e3cb4750ac8 i2pupdate_0.8.5.zip
+ efea978f3e4e955b9afa05847dc4ebb83c8df3651adeb717769e32a908bc5f53 i2pupdate.su2
+ 1b6eca94b7938f5c61c26b4482c89919bdfbc7c41aee7735f8f561c01c3a29d3 i2pupdate.sud
+</pre>
+
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.5_fr.html b/www.i2p2/pages/release-0.8.5_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..7860d041c144df003e641cca427df4861998efac
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.5_fr.html
@@ -0,0 +1,54 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Version 0.8.5{% endblock %}
+{% block content %}
+Traduction d'avril 2011. <a href="release-0.8.5.html">Version anglaise actuelle</a>
+<p>
+La version 0.8.5 contient quelques corrections de bogues et améliorations de performances, ainsi que de nombreuses
+mises à jour de traductions. Comme d'habitude, la mise à jour est recommandée.
+</p><p>
+Merci de participer à la croissance du réseau.
+<a href="http://www.i2p2.de/getinvolved_fr.html">Engagez-vous</a>,
+passez le mot,
+et <a href="http://www.i2p2.de/donate_fr.html">faites un petit geste</a>!
+Si vous trouvez un bogue, merci d'enregistrer un rapport sur <a href="http://trac.i2p2.de/report/1">trac</a>.
+Nous cherchons toujours de l'aide pour la traduction. Merci de vous signaler sur IRC #i2p-dev.
+</p>
+
+<p>Les fichiers sont disponibles <a href="/download_fr.html">ici.</a></p>
+
+<b>Détails de cette version:</b>
+
+
+<p>* Nombreuses corrections de la console HTML
+<br />* Correctifs de la gestion des magnet dans i2pSnark
+<br />* Support de la traduction de SusiMail par "duck"
+<br />* Poursuite du travail de traduction en arabe par "hamada"
+
+<br />* Traduction française par "magma" (presque ;) ?) terminée
+<br />* Traduction espagnole par "punkibastardo" and "user" terminée
+<br />* Mises à jour d'autres traductions
+<br />* Meilleur support des navigateurs en mode texte
+<br />* Améliorations de l'affichage de profil
+<br />* Limitation de la file d'attente de demandes de création de tunnels
+<br />* Nonce requis pour le changement de langue de la console
+<br />* Amélioration du report d'erreurs dans i2pSnark
+<br />* Amélioration de la gestion des metainfo dans i2pSnark
+<br />* Utilisation du serveur de réamorçage en tant que source de temps de secours
+
+<br />* Changement de l'extension du fichier profil de .dat en .txt.gz
+<br />* Changement des Tunnels I2P Ã 3 sauts pour les nouvelles installations
+<br />* Ajout de toutes les adresses IP illicites à la liste de blocage pour les nouvelles installations
+<br />* Utilisation plus efficace de l'entropie pour le bourrage (padding)</p>
+
+<b>
+Sommes de contrôle SHA256:
+</b>
+<pre>
+ 6ae6b196352e1053c4e7b91edc575330d108ff9abfc2746ea3c3b2e3fd467006 i2pinstall_0.8.5.exe
+ de9fa105c1335d58609689a942d3e6a508ca824fc8b27a34c1c0b09fc7e0167b i2psource_0.8.5.tar.bz2
+ 7e4c1835dfd7aaa42d84cf4646f5858a37efa027f43a26eb98360e3cb4750ac8 i2pupdate_0.8.5.zip
+ efea978f3e4e955b9afa05847dc4ebb83c8df3651adeb717769e32a908bc5f53 i2pupdate.su2
+ 1b6eca94b7938f5c61c26b4482c89919bdfbc7c41aee7735f8f561c01c3a29d3 i2pupdate.sud
+</pre>
+
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.6.html b/www.i2p2/pages/release-0.8.6.html
new file mode 100644
index 0000000000000000000000000000000000000000..2b7f3dd372f477090776a2ce9b108da38237d2f0
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.6.html
@@ -0,0 +1,47 @@
+{% extends "_layout.html" %}
+{% block title %}0.8.6 Release{% endblock %}
+{% block content %}
+<p>
+The 0.8.6 release contains more peer selection defenses to resist powerful attackers, and
+tweaks to adjust to the recent rapid growth in the network.
+Upgrading is recommended.
+</p><p>
+Please help grow the network.
+<a href="http://www.i2p2.de/getinvolved.html">Get involved</a>,
+spread the word,
+and <a href="http://www.i2p2.de/donate.html">donate</a>!
+If you find a bug, please enter a report on <a href="http://trac.i2p2.de/report/1">trac</a>.
+We are still looking for help on new and existing translations.
+Please volunteer on IRC #i2p-dev.
+</p>
+
+<p>Files are available on the <a href="/download.html">download page.</a></p>
+
+
+<b>Release details:</b>
+
+
+<p>* Strip trailing nulls from malformed UPnP responses from devices
+<br />* Fix a cause of excess tunnel creation
+<br />* Peer organization and selection changes to resist fast tier enumeration and manipulation by attackers
+<br />* Increase floodfill pool and decrease router info expiration time to adjust to recent network growth</p>
+
+
+
+
+
+
+<b>
+SHA256 Checksums:
+</b>
+<pre>
+ 0bd9927d607d2ac9986732b29b1c4b15a0fbb3521b2fa14dded10d5a57333efc i2pinstall_0.8.6.exe
+ d784ab7ccfdf60f7ad71d625cd88c88c9290d3aeecfa419e03a7930e3faa72d0 i2psource_0.8.6.tar.bz2
+ e7153b4635c79b5c2592adb7597e4c4fd8bc38c87fb34925fad6a965f4d83de8 i2pupdate_0.8.6.zip
+ 28af7bc483e6ae91325771ce368ba28cb65ccdafef739336454720578864f326 i2pupdate.su2
+ dcff98e499122b7b6fc4e7dd7fddb1d8a45684460246da5b4eb5eeb3b1ed351f i2pupdate.sud
+
+
+</pre>
+
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.6_fr.html b/www.i2p2/pages/release-0.8.6_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..2c3dde8eed4826edcdfaf4ebe9ecb774ba6f68b8
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.6_fr.html
@@ -0,0 +1,48 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Version 0.8.6{% endblock %}
+{% block content %}
+Traduction de mai 2011. <a href="release-0.8.6.html">Version anglaise actuelle</a>
+<p>
+Cette version 0.8.6 apporte plus de protections pour la sélection des pairs en vue de résister aux attaquants dotés de
+moyens élevés, ainsi que des ajustements pour prendre en compte la récente croissance rapide du réseau.
+La mise à jour est recommandée.
+</p><p>
+Merci de participer à la croissance du réseau.
+<a href="http://www.i2p2.de/getinvolved_fr.html">Engagez-vous</a>,
+passez le mot,
+et <a href="http://www.i2p2.de/donate_fr.html">faites un petit geste</a>!
+Si vous trouvez un bogue, merci d'enregistrer un rapport sur <a href="http://trac.i2p2.de/report/1">trac</a>.
+Nous cherchons toujours de l'aide pour la traduction. Merci de vous signaler sur IRC #i2p-dev.
+</p>
+
+<p>Les fichiers sont disponibles <a href="/download_fr.html">ici.</a></p>
+
+<b>Détails de cette version:</b>
+
+
+<p>* Troncature des blanc de fin des réponses UPnP malformées des appareils
+<br />* Correction du défaut de créations excessives de tunnels
+<br />* Modifications de l'organisation et de la sélection des pairs pour résister à l'énumération et à la manipulation du
+groupe des pairs rapides par les attaquants
+<br />* Augmentation du groupe des diffuseurs et diminution du temps d'expiration de 'router info' pour prendre en compte
+la récente croissance du réseau</p>
+
+
+
+
+
+
+<b>
+Sommes de contrôle SHA256:
+</b>
+<pre>
+ 0bd9927d607d2ac9986732b29b1c4b15a0fbb3521b2fa14dded10d5a57333efc i2pinstall_0.8.6.exe
+ d784ab7ccfdf60f7ad71d625cd88c88c9290d3aeecfa419e03a7930e3faa72d0 i2psource_0.8.6.tar.bz2
+ e7153b4635c79b5c2592adb7597e4c4fd8bc38c87fb34925fad6a965f4d83de8 i2pupdate_0.8.6.zip
+ 28af7bc483e6ae91325771ce368ba28cb65ccdafef739336454720578864f326 i2pupdate.su2
+ dcff98e499122b7b6fc4e7dd7fddb1d8a45684460246da5b4eb5eeb3b1ed351f i2pupdate.sud
+
+
+</pre>
+
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.7.html b/www.i2p2/pages/release-0.8.7.html
new file mode 100644
index 0000000000000000000000000000000000000000..06c6d68af811f62012baa732271b68d11b5e6383
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.7.html
@@ -0,0 +1,105 @@
+{% extends "_layout.html" %}
+{% block title %}0.8.7 Release{% endblock %}
+{% block content %}
+
+<p>I2P release 0.8.7 contains several upgrades to long-neglected components,
+ including the Naming Services, graphing, the native CPU ID and BigInteger
+ libraries, crypto implementations, and the wrapper.</p>
+
+<p>Thanks to new contributor KillYourTV who was instrumental in implementing
+ and testing these upgrades, with additional support from sponge and hottuna.</p>
+
+<p>CPU ID enhancements are by hottuna, generously funded by
+ <a href="http://relakks.com/">http://relakks.com/</a> and <a href="http://ipredator.se/">http://ipredator.se/</a> -
+ thanks to Peter Sunde and Jan-Erik Fiske for their support.</p>
+
+<p>Also, for the first time, we now have an official
+<a href="https://launchpad.net/~i2p-maintainers/+archive/i2p">I2P Personal Package Archive (PPA) on launchpad.net</a>.
+For those of you using Ubuntu, this offers an easy way to install I2P and keep the
+ various components up-to-date. The I2P package offers the option of installing as
+ a service, or it may be started on-demand as usual. This PPA is currently maintained
+ by KillYourTV with support by other members of the development team.
+The <a href="http://www.i2p2.de/debian">Ubuntu/Debian installation instructions</a> are on our website.
+</p>
+
+<p>For those updating over the network, this update is about 4 times the usual size,
+ due to the inclusion of the jbigi updates. Please be patient while downloading the update over the network.
+
+</p><p>
+Please help grow the network.
+<a href="http://www.i2p2.de/getinvolved.html">Get involved</a>,
+spread the word,
+and <a href="http://www.i2p2.de/donate.html">donate</a>!
+If you find a bug, please enter a report on <a href="http://trac.i2p2.de/report/1">trac</a>.
+We are still looking for help on new and existing translations.
+Please volunteer on IRC #i2p-dev.
+</p>
+
+<p>Files are available on the <a href="/download.html">download page.</a></p>
+
+<p><strong>Big changes (upgrades and new installs)</strong></p>
+
+<p>* NamingService upgrades to support new features, including a hosts.txt database that will be enabled in release 0.8.8
+<br />* New form in the HTTP proxy to save new hosts with address helpers to hosts.txt
+<br />* Speedups for SHA-256 and SHA-1 hash computation, most noticeable on GNU JVMs.
+<br />* Upgrade to JRobin 1.5.9 for better-looking performance graphs
+<br />* Persistent graph data across restarts</p>
+
+<p>* JCpuid / JBigI upgraded to libgmp 4.3.2 / 5.0.2 and the libraries are PIC compliant, and contain improved
+ support 64-bit on most architectures. JBigI is a native library which significantly speeds up cryptography operations.</p>
+
+<p> - For those on grsec / ASLR kernels where I2P was crashing due to non-PIC libraries, I2P should now work.
+<br /> - For those on x86 64-bit systems, crypto will be faster (typical result is a 25% improvement),
+ which you may notice in lower CPU usage
+<br /> - For those on ARM or x86 OS X systems, crypto should be much faster, as we did not have jbigi
+ support for these systems before.
+<br /> - For those on most other 32-bit Linux, FreeBSD, or Windows systems, there should be no
+ noticeable change in performance.</p>
+
+<p><strong>Big changes (new installs only)</strong></p>
+
+<p>* The Wrapper was updated to version 3.5.9 and the libraries are now PIC compliant, and support 64-bit on
+ most architectures. For those who did not have a working wrapper before (those on grsec / ASLR kernels, or
+ freebsd, ARM ,or x86 OS X) manual upgrade of your wrapper libraries is possible. Instructions at
+ <a href="http://www.i2p2.de/manualwrapper">http://www.i2p2.de/manualwrapper</a> . For FreeBSD users see
+ <a href="http://www.i2p2.de/faq#compat6x">http://www.i2p2.de/faq#compat6x</a> . Alternative: delete
+ existing installation and install a new. Second alternative for Ubuntu: delete existing install and
+ use PPA. For those who have a working wrapper now, a manual upgrade is NOT recommended.</p>
+
+<p><strong>Packaging news:</strong></p>
+
+<p>* Debian / Ubuntu - Major upgrade of the Debian packaging scripts to comply with packaging rules.
+<br />* PPA - As described above.</p>
+
+<p><strong>Bug Fixes</strong></p>
+
+<p>* The update includes local Jetty patches that were inadvertently omitted from the 0.8.3 and 0.8.5 install packages,
+<br />* A workaround for noncompliant UPnP devices
+<br />* Fix bug preventing Robert from initiating a connection to i2psnark</p>
+
+<p><strong>Other</strong></p>
+
+<p>* More adjustments for recent network growth, including increasing the number of floodfills and lowering the number of router infos stored locally.
+<br />* Exchange version numbers across I2CP, to allow future changes to be backward-compatible
+<br />* Swedish translation, thanks 123hund123, hottuna and digitalmannen
+<br />* Partial Finnish, Italian, Polish, and Vietnamese translations, thanks to the Transifex translation teams
+<br />* Arabic translation updates, thanks hamada
+<br />* Russian translation updates, thanks hiddenz
+<br />* GeoIP update (new installs only)</p>
+
+
+<b>
+SHA256 Checksums:
+</b>
+<pre>
+
+
+ 9f0b1d565e0250cefe3998e1ccabda062d057f794ccb976c147608f005a022c4 i2pinstall_0.8.7.exe
+ 31acef3fcd1a5839edc3b931f108944222c833d218bd427fe89a57b4acd92ece i2psource_0.8.7.tar.bz2
+ 637d9c73fde3c8756dc04a13691a812940169e66445ba3c1c5c46829991bca8f i2pupdate_0.8.7.zip
+ 47363a2284018a24335048a6c14d5e4f5b101f7048cbf23c61b710e2f31778b9 i2pupdate.su2
+ cad2233ec477fb4455ce90283a5d4a18dda17d312a818d6ae1276358cb2f55a5 i2pupdate.sud
+
+</pre>
+
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.7_fr.html b/www.i2p2/pages/release-0.8.7_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..f1d9e712a761a0c36c70251de709db62c9a1727d
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.7_fr.html
@@ -0,0 +1,111 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Version 0.8.7{% endblock %}
+{% block content %}
+Traduction de jullet 2011. <a href="release-0.8.7.html">Version anglaise actuelle</a>
+<p>La version 0.8.7 contient plusieurs mises à jour de composant négligés depuis longtemps,
+ parmis lesquels les services de nommage, le tracé de courbes, les bibliothèques CPU ID natif et BigInteger,
+les implémentations cryptographiques, et le wrapper.</p>
+
+<p>Merci au nouveau contributeur KillYourTV qui a été bien efficace dans l'implémentation et le test de ces mises Ã
+jour, avec l'aide supplémentaire de sponge et hottuna.</p>
+
+<p>Les améliorations de CPU ID sont de hottuna, généreusement financé par
+<a href="http://relakks.com/">http://relakks.com/</a> et <a href="http://ipredator.se/">http://ipredator.se/</a> -
+ Merci à Peter Sunde et Jan-Erik Fiske pour leur soutient.</p>
+
+<p>Pour la première fois, nous disposons d'une Archive Personnelle de Paquets (PPA) officielle
+<a href="https://launchpad.net/~i2p-maintainers/+archive/i2p">I2P sur launchpad.net</a>.
+Ceci apporte à ceux d'entre vous qui utilisent Ubuntu un moyen facile pour installer I2P et de garder à jour ses divers
+composants. Le paquet I2P offre l'option d'installation en tant que service, ou sur demande comme d'habitude.
+Cette PPA est actuellement maintenue par KillYourTV avec l'aide d'autres membres de l'équipe de développement.
+Les <a href="http://www.i2p2.de/debian">instructions d'installation Ubuntu/Debian</a> sont ici-même sur le site officiel.
+</p>
+
+<p>Pour ceux qui mettent à jour via le réseau, cette mise à jour est environ 4 fois plus volumineuse de d'habitude du
+fait de l'inclusion de mises à jour pour jbigi. Merci de votre patience pendant le téléchargement.
+
+</p><p>
+Merci de participer à la croissance du réseau.
+<a href="http://www.i2p2.de/getinvolved_fr.html">Engagez-vous</a>,
+passez le mot,
+et <a href="http://www.i2p2.de/donate_fr.html">faites un petit geste</a>!
+Si vous trouvez un bogue, merci d'enregistrer un rapport sur <a href="http://trac.i2p2.de/report/1">trac</a>.
+Nous cherchons toujours de l'aide pour la traduction. Merci de vous signaler sur IRC #i2p-dev.
+</p>
+
+<p>Les fichiers sont disponibles <a href="/download_fr.html">ici.</a></p>
+
+<p><strong>Modifications majeures (mises à jour et installations initiales)</strong></p>
+
+<p>* Mises à jour du service de nommage en vue de la prise en charge de nouvelles fonctionnalités, dont une base de
+données hosts.txt qui sera activée dans la v0.8.8
+<br />* Nouveau formulaire dans le proxy HTTP destiné à sauvegarder les nouveaux hôtes avec les assistants d'adresse
+dans hosts.txt
+<br />* Accélération des calcul d'empreintes SHA-256 et SHA-1, particulièrement sensible sur les JVMs GNU.
+<br />* Mise à jour en JRobin 1.5.9 pour un look plus sexy des graphiques de performances
+<br />* Données graphiques persistantes après les redémarrages</p>
+
+<p>* Mise à jour de JCpuid / JBigI en libgmp 4.3.2 / 5.0.2 et compatibilité PIC des bibliothèques, et inclusion de
+l'amélioration du support de la plupart des architecture 64-bits. JBigI est une bibliothèque native qui accélère les
+opérations cryptographiques.</p>
+
+<p> - Pour ceux sur des noyaux grsec / ASLR dans lesquels I2P plantait à cause de bibliothèques non-PIC, I2P devrait
+maintenant fonctionner.
+<br /> - Pour ceux sur les systèmes x86 64-bits, la crypto sera plus rapide (amélioration typique de 25%), et vous
+constaterez une plus faible charge CPU.
+<br /> - Pour ceux sur ARM ou systèmes OS X x86, la crypto devrait être plus rapide, car nous n'avions pas de support
+pour jbigi auparavant pour ces systèmes.
+<br /> - Pour ceux sur la plupart des autres Linux 32-bits, FreeBSD, ou Windows, il n'y a pas de changement notable de
+performances.</p>
+
+<p><strong>Changement majeurs (nouvelles installations uniquement)</strong></p>
+
+<p>* Le Wrapper a été mis à jour en version 3.5.9 et les bibliothèques sont dorénavant compatibles PIC,
+et prend en charge les 64-bits sur la plupart des architectures. Pour ceux qui n'avaient pas un wrapper fonctionnel avant
+(noyaux grsec / ASLR, ou freebsd, ARM, ou OS X x86) la mise à jour manuelle des bibliothèques du wrapper est possible:
+instructions sur
+ <a href="http://www.i2p2.de/manualwrapper">http://www.i2p2.de/manualwrapper</a> . Pour FreeBSD, voir
+ <a href="http://www.i2p2.de/faq_fr#compat6x">http://www.i2p2.de/faq_fr#compat6x</a> . Alternative: supprimez
+l'installation courante et installez-en une nouvelle. Seconde alternative pour Ubuntu: supprimez l'installation
+existante et utilisez la PPA. Pour ceux qui ont actuellement un wrapper fonctionnel, la mise à jour manuelle n'est pas
+recommandée.</p>
+
+<p><strong>Nouveautés sur la publication de paquets:</strong></p>
+
+<p>* Debian / Ubuntu - Mise à jour majeure des scripts de packaging Debian pour mise en conformité aux règles de
+packaging.
+<br />* PPA - voir plus haut.</p>
+
+<p><strong>Correctifs de bogues</strong></p>
+
+<p>* La mise à jour inclut des correctifs Jetty locaux qui ont été malencontreusement oubliés dans les v0.8.3 et v0.8.5.
+<br />* Un contournement pour les matériels passerelles non compatibles UPnP
+<br />* Correction du bogue qui permettait à Robert d'initier une connexion à i2psnark</p>
+
+<p><strong>Autre</strong></p>
+
+<p>* Plus d'ajustements à la croissance du réseau, dont accroissement du nombre de diffuseurs (floodfills) et
+diminution du nombre de "router infos" stockées localement.
+<br />* Échange du numéro de version via I2CP, pour permettre la rétro-compatibilité de futurs changements.
+<br />* Traduction suédoise, merci à 123hund123, hottuna et digitalmannen
+<br />* Traductions partielles en finnois, italien, polonais, et vietnamien, grâce à l'équipe de traduction Transifex
+<br />* Mises à jour de l'arabe, merci hamada
+<br />* Mises à jour du russe, merci hiddenz
+<br />* Mises à jour de GeoIP (nouvelles installations uniquement)</p>
+
+
+<b>
+Sommes de contrôle SHA256:
+</b>
+<pre>
+
+
+ 9f0b1d565e0250cefe3998e1ccabda062d057f794ccb976c147608f005a022c4 i2pinstall_0.8.7.exe
+ 31acef3fcd1a5839edc3b931f108944222c833d218bd427fe89a57b4acd92ece i2psource_0.8.7.tar.bz2
+ 637d9c73fde3c8756dc04a13691a812940169e66445ba3c1c5c46829991bca8f i2pupdate_0.8.7.zip
+ 47363a2284018a24335048a6c14d5e4f5b101f7048cbf23c61b710e2f31778b9 i2pupdate.su2
+ cad2233ec477fb4455ce90283a5d4a18dda17d312a818d6ae1276358cb2f55a5 i2pupdate.sud
+
+</pre>
+
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.8.html b/www.i2p2/pages/release-0.8.8.html
new file mode 100644
index 0000000000000000000000000000000000000000..28e0fb795708b7bce9cae7e29e7c16829d44aaa5
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.8.html
@@ -0,0 +1,84 @@
+{% extends "_layout.html" %}
+{% block title %}0.8.8 Release{% endblock %}
+{% block content %}
+
+<p>I2P release 0.8.8 enables the new hosts.txt database to speed hostname lookups
+ and store additional information on hostname entries.
+ It also includes improvements to speed a router's integration on startup.
+ There is new code to detect and react to large clock shifts that should help
+ a router recover after suspend/resume of the computer.
+</p><p>
+ There are new translations for Danish and Ukranian and lots of updates in other languages.
+ Also included are, of course, a large collection of bug fixes, performance improvements,
+ and updates to deal with the continued rapid expansion of the network.
+
+</p><p>
+Please help grow the network.
+<a href="http://www.i2p2.de/getinvolved.html">Get involved</a>,
+spread the word,
+and <a href="http://www.i2p2.de/donate.html">donate</a>!
+If you find a bug, please enter a report on <a href="http://trac.i2p2.de/report/1">trac</a>.
+We are still looking for help on new and existing translations.
+Please volunteer on IRC #i2p-dev.
+</p>
+
+<p>Files are available on the <a href="/download.html">download page.</a></p>
+
+
+<p><strong>Release Details</strong></p>
+
+<p><strong>Major changes</strong></p>
+
+<p>* Enable new hosts.txt database for 10x faster lookups and ability to store additional information about entries. The database is created on upgrade, and populated with entries from the hosts.txt, privatehosts.txt, userhosts.txt files. Do not edit your *hosts.txt files manually after the upgrade; you must use the addressbook interface in the router console to add or delete entries.
+<br />* (New installs only) Wrapper and jbigi support for ARM v5 processors. The support added in 0.8.7 only worked for ARM v7 processors. We now support both.
+<br />* (New installs only) Wrapper and jbigi support for 64 bit x86 and PPC processors for OSX, and PPC for Linux. The support added in 0.8.7 only worked for 32-bit processors on OSX. We now support both.</p>
+
+<p><strong>Bug Fixes</strong></p>
+
+<p>* Fix some Null Pointer Exceptions in the console at startup
+<br />* Fix some problems with wrapper interaction at shutdown
+<br />* Fix several issues with "soft" restart, used when the network configuration changes, or when IP changes in "laptop mode"
+
+<br />* Fix problems with tunnel tests after the tunnel pool is shut down
+<br />* Rename the private key file for a tunnel after deleting the tunnel, so it isn't inadvertently reused when a new tunnel is created
+<br />* Fix several hosts database file bugs, and add improved corruption detection and recovery
+<br />* Fix cases where thread dump wouldn't work
+<br />* Speed up network integration for new routers and routers that had been stopped for a long time
+<br />* Fix a bug which would leave UPnP ports open after shutdown
+<br />* Fix UPnP errors when running on computers with multiple network interfaces
+<br />* Fix some of the character encoding issues in susimail (still has some problems)
+<br />* Change several log errors to warnings</p>
+
+<p><strong>Other</strong></p>
+
+<p>* Lots of improvements in the router shutdown code
+<br />* Improvements in recognizing and reacting to large clock shifts (generally caused by system suspend / resume). There are still issues remaining. Large clock shifts now cause a "soft" restart.
+
+<br />* Increase the number of floodfills again
+<br />* Increase the number of fast peers for those with several local destinations
+<br />* Increase the default news fetch time, which will extend the network upgrade period
+<br />* Add the router version to the update file zip signature to prevent version spoofing
+<br />* Support readonly hosts database files
+<br />* Remove floodfills from the exploration search message, which will help exploration work much better.
+<br />* Increase the netdb exploration speed when starting up, to help new routers integrate more quickly
+<br />* Speed up the enumeration of floodfill routers
+<br />* Several other performance improvements
+<br />* New Danish and Ukrainian translations
+<br />* Translation updates for Chinese, Italian, Polish, Russian, Spanish and Swedish</p>
+
+
+<b>
+SHA256 Checksums:
+</b>
+<pre>
+
+ 32f37cd5045040da2b162b7ffa8eccd096ea2101a963590d5c1d8a7b9be3f4cc i2pinstall_0.8.8.exe
+ 522adf14aeac28281ec469f2f45c9d5ead73dd510784d5ad148aa505784a4394 i2psource_0.8.8.tar.bz2
+ 5c454ca3e63f436df4abbd394e6aa66da280b57179453eb5f90dff33325d9259 i2pupdate_0.8.8.zip
+ 0155e67e86582c25911980d838de299890371e0957686a3463eeed248654a9b4 i2pupdate.su2
+ a1aaadeba38c5ef946f4d041f4bf86d2f69f7ba01cc2c9274549c22241febad9 i2pupdate.sud
+
+
+</pre>
+
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.8.9.html b/www.i2p2/pages/release-0.8.9.html
new file mode 100644
index 0000000000000000000000000000000000000000..be14fac56dce204e63efcc355cb366a6c52ad5b9
--- /dev/null
+++ b/www.i2p2/pages/release-0.8.9.html
@@ -0,0 +1,88 @@
+{% extends "_layout.html" %}
+{% block title %}0.8.9 Release{% endblock %}
+{% block content %}
+
+<p>
+The 0.8.9 release has several performance improvements, and many changes to handle
+the continued rapid growth of the network. It uses a new iterative method for
+Kademlia network database lookups that should be more reliable and efficient.
+There are also several improvements to our SSU (UDP) transport protocol that
+should help reliability and efficiency. We have made several changes to
+improve tunnel build success rates. And, of course, there are lots of bug
+fixes and translation updates.
+</p><p>
+The network has grown quite rapidly in recent weeks, and that's great news,
+but it has caused some instability. We welcome all our new users and we
+ask you to be patient as we make improvements to the software.
+</p><p>
+Please help grow the network.
+<a href="http://www.i2p2.de/getinvolved.html">Get involved</a>,
+spread the word,
+and <a href="http://www.i2p2.de/donate.html">donate</a>!
+If you find a bug, please enter a report on <a href="http://trac.i2p2.de/report/1">trac</a>.
+We are still looking for help on new and existing translations.
+Please volunteer on IRC #i2p-dev.
+</p>
+
+<p>Files are available on the <a href="/download.html">download page.</a></p>
+
+
+<p><strong>Release Details</strong></p>
+
+<p>* Iterative netdb lookup, this had to be fixed as the network growth was making the old method less reliable. Also increase lookup timeouts to improve success rates.
+<br />* Implement a SSU disconnect message so that the other side of a connection finds out when the peer disconnects. This should considerably speed up subsequent reconnection.
+<br />* Major rewrite of the SSU send queue code, for efficiency in high-speed routers
+<br />* Major rewrite of the participating tunnels expiration code, for efficiency in high=speed routers
+<br />* Increase the maximum SSU MTU so messages take less packets
+<br />* New reverse lookup table in the hosts.txt database so that names are displayed again on the neteb leases page.
+<br />* Preliminary support for IRC DCC - not enabled by default
+<br />* (New installs only) Switch to the Maxmind GeoIP database which is up-to-date and has better coverage of some countries.
+<br />* (New installs only) Update to wrapper 3.5.12 to fix file permission problems.</p>
+
+<p><strong>Bug Fixes</strong></p>
+
+<p>* Fix restoration of original tunnel quantity after idle
+<br />* Reduce CPU usage when network is disconnected
+
+<br />* Fix i2psnark "eject" button in certain browsers
+<br />* Fix changing i2psnark tunnel parameters
+<br />* Fix installation issues on some non-English Windows versions
+<br />* Catch some uncaught exceptions from GNU NIO
+<br />* Fix connectivity issues after long suspend times</p>
+
+<p><strong>Other</strong></p>
+
+<p>* Improvements to the data structure caching, and increase some cache sizes, to increase hit rates. Add a country code string cache.
+<br />* Continue work on removing global locks for performance improvements
+<br />* Rewrite of the job queue for efficiency
+<br />* Switch to https reseed by default for security; update the reseed host lists
+
+<br />* Don't bother to gzip small http responses and images
+<br />* Use bigger buffers and gunzipper cache in the http proxy
+<br />* Several changes to improve tunnel build success rates
+<br />* Increase the number of floodfills again
+<br />* Faster router info expiration
+<br />* Remove ancient deprecated ministreaming socket manager
+<br />* Add option for i2psnark files readable by everyone
+<br />* Add option for i2psnark page refresh time
+<br />* Add streaming API for getting and setting I2CP port
+<br />* More aggressive netdb exploration by hidden routers
+<br />* Remove confusing "firewalled and fast" message
+<br />* Translation updates for German, Spanish, Portuguese, Russian, and Swedish</p>
+
+
+<b>
+SHA256 Checksums:
+</b>
+<pre>
+
+ 554d0abe82ca034e1b7479410bab330bba5644ca1ae4117982af670d0f44ee66 i2pinstall_0.8.9.exe
+ c40d503c0ee2e90c75f3d635649490a8e49b60e1da8100db118e2097a133429e i2psource_0.8.9.tar.bz2
+ dba9258b67b3021c40456aae8e6986dc954ec55ab4ea527fd1ef02cfba88d803 i2pupdate_0.8.9.zip
+ 8f04438cd3d17240bebe8afc172ed54a65c3265db8ea4675a8c508d8ba088326 i2pupdate.su2
+ e8754a0490bd3e47bc5017ea66d2bfda6386e9c9c6d50a6d77d2c15c0cab098b i2pupdate.sud
+
+
+</pre>
+
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.9.1.html b/www.i2p2/pages/release-0.9.1.html
new file mode 100644
index 0000000000000000000000000000000000000000..aac6d445a4c8f7669eaa2821c2b38cfa43409fe2
--- /dev/null
+++ b/www.i2p2/pages/release-0.9.1.html
@@ -0,0 +1,85 @@
+{% extends "_layout.html" %}
+{% block title %}0.9.1 Release{% endblock %}
+{% block content %}
+
+<p>
+0.9.1 includes a large number of bug fixes in i2psnark, some streaming lib improvements,
+home page changes, new themes, and translation updates.
+Upgrading is recommended.
+</p>
+
+<p>Files are available on the <a href="/download.html">download page.</a></p>
+
+<p><strong>RELEASE DETAILS</strong></p>
+
+<p><strong>I2PSnark</strong></p>
+
+<p>- Fix several bugs in downloading torrents with skipped files
+<br />- Fix places where rarest-first was not honored
+<br />- Fix handling of encoded magnet links
+<br />- Additional inbound connection limits
+<br />- Immediate closing of connections with handshake errors
+<br />- Blocklist peers with multiple handshake errors
+<br />- Delay "ballooning" files on disk until required, to speed torrent adds
+<br />- Store partial pieces in temp files to greatly reduce memory usage when leeching
+<br />- Remove peers restriction when leeching torrents with large pieces
+<br />- Improve configuration of open and private trackers
+<br />- Prevent configuratino of default trackers as private
+<br />- Improved display and control of torrent file downloads
+<br />- Reduced number of threads
+<br />- Faster startup and shutdown of torrents
+<br />- Allow clearing of message box
+<br />- New light theme
+<br />- Torrent info page updates and cleanups
+<br />- Fix problems with restarted torrents
+<br />- Delay tunnel close at shutdown to ensure trackers are notified
+<br />- Better UI behavior during tunnel startup and shutdown</p>
+
+<p><strong>Bug Fixes</strong></p>
+
+<p>- Prevent shutdown hangs caused by buggy plugins
+<br />- Fix for Raspberry Pi crashing
+<br />- Fix rare job queue hang
+<br />- Fix routing key modifier rarely not updating at midnight
+<br />- Fix excessive padding in some AES-encrypted messages
+<br />- Fix occasional gunzip failures
+<br />- Several fixes to streaming lib to speed recovery after dropped packets and improve retransmit behavior
+<br />- Fix bug that reduced reuse of tunnels</p>
+
+<p><strong>Other</strong></p>
+
+<p>- Ports are now passed through the SOCKS and HTTP proxies to support eepsite virtual hosts. See <a href="http://zzz.i2p/topics/1182">http://zzz.i2p/topics/1182</a> for setup instructions.
+<br />- I2PTunnel configuration changes now take effect immediately. No tunnel restart required.
+<br />- Summary bar iframe removed, refresh is now via Javascript only
+<br />- Reduce netDB flood redundancy
+<br />- Reduce stats publishing frequency
+<br />- Minor router console changes
+<br />- New Hungarian and Greek translations
+<br />- Completed Italian translation
+<br />- Updates to Dutch, Finnish, French, German, Spanish, and Swedish translations
+<br />- Update geoip to Maxmind 2012-07-04
+<br />- Theme updates
+<br />- Theme support for SusiMail and SudiDNS; new dark themes
+<br />- I2PTunnel and SusiDNS now iframed with summary bar
+<br />- Console home page now shows news summary in summary bar
+<br />- Console home page icon updates
+<br />- Console summary bar now configurable
+<br />- Change the HTTP proxy error code from 404 to 500
+<br />- Cleanups for efficiency in netdb and I2CP
+<br />- Increase timeout for internal uses of eepget to improve reliability</p>
+
+<b>
+SHA256 Checksums:
+</b>
+<pre>
+
+ 0727af83988e82f32e0972a9e12c72ac14c3c0da0815c5902193d6b13d356371 i2pinstall_0.9.1_windows.exe
+ 39c19c0df042ad231a14fdf1c20e4927651a2af0f0cf734b46eba0d2b8419314 i2pinstall_0.9.1.jar
+ 8603c928a210ced77b6498bf8ee07cb000be9641adc389b34c3c8a10ac4f0677 i2psource_0.9.1.tar.bz2
+ 136b74435b93aededef5884d39cfbc513f57184b74c8481580bcd5324aa23b1a i2pupdate_0.9.1.zip
+ 4f07fee850d56fada06f0aeabb5bb46c6172bad72411e07bf4f6a8e0d76d8acd i2pupdate.su2
+ c039b423983789d914a1d02d3703b3c1aa36c87165e132419ff39b5d184ef480 i2pupdate.sud
+
+</pre>
+
+{% endblock %}
diff --git a/www.i2p2/pages/release-0.9.html b/www.i2p2/pages/release-0.9.html
new file mode 100644
index 0000000000000000000000000000000000000000..20f3aeb37d34fb748b06a7b2ca52d8852386edf4
--- /dev/null
+++ b/www.i2p2/pages/release-0.9.html
@@ -0,0 +1,113 @@
+{% extends "_layout.html" %}
+{% block title %}0.9 Release{% endblock %}
+{% block content %}
+
+<p>
+The 0.9 release concludes over a year and a half of work on the 0.8.x series,
+in which we greatly improved the performance and security of the router, and the
+scalability of the network.
+</p>
+<p>
+In the 0.9 release we migrate to Jetty 6 for the console and eepsite web server,
+and introduce a simplified router console home page.
+This release is network-compatible with prior releases, however see below for important
+information on compatibility with existing eepsites, plugins, and webapps.
+Upgrading is recommended.
+</p>
+
+<p>Files are available on the <a href="/download.html">download page.</a></p>
+
+<p><strong>Update info</strong></p>
+
+<p> In-network updates and new installs will include Jetty 6, Tomcat, and JSTL.
+ PPA (Ubuntu/Debian) updates will have new dependencies for these packages.</p>
+
+<p> If you have not enabled or modified your eepsite settings, the update should automatically migrate you to Jetty 6.
+If you do not use Jetty for your eepsite, the update will not affect it.
+</p>
+
+<p> If you have more than one Jetty eepsite or you have changed the local port (7658 by default) or otherwise edited jetty.xml,
+ you must manually edit the new jetty configuration files after updating, and then restart. </p>
+
+<p>For those with Jetty-based eepsites, we recommend that you verify that the upgrade
+was successful and the eepsites are operational after the router restarts.
+
+<p> Plugin information:
+<br /> Plugins not listed below should continue to work under Jetty 6.
+<br /> The following plugins require updates for Jetty 6. The router will download and install them a few minutes
+ after upgrading: i2pcontrol, pebble, zzzot
+<br /> The following plugins have been renamed and for Jetty 6. Users must manually remove them and download the new versions
+ after upgrading: neodatis, seedless
+<br /> The following plugin does not work well with Jetty 6, you may wish to remove it and install the unofficial replacement
+ from plugins.i2p after upgrading: i2pbote
+</p>
+
+<p> Other non-standard console and eepsite webapps not packaged by the I2P development team may or may not
+ require modifications.
+</p>
+
+<p><strong>Major changes</strong></p>
+
+<br />- Jetty 6.1.26, Tomcat 6.0.35, JSTL 1.2, supporting Servlet 2.5 and JSP 2.1 standards
+<br />- New simplified console home page.
+ Note that it may be modified or disabled on the new page /confighome .
+<br />- The old .exe installer has been split into Windows (.exe) and non-Windows (.jar) installers
+<br />- Update to wrapper 3.5.14 (Debian packages and new installs only)</p>
+
+<p><strong>Bug Fixes</strong></p>
+
+<p>- Fix use of unacked ElGamal/AES Session Tags, causing permanently "stuck" connections
+<br />- Re-enable verifies of RouterInfo netdb stores
+<br />- Fix removal of context properties
+<br />- Fix handling of plugin installs requiring router restart
+<br />- Fix update key names being forgotten after a save on the config update page
+<br />- Fix i2psnark duplicate torrent messages
+<br />- Fix occasional NPE in the UDP transport</p>
+
+<p><strong>Other</strong></p>
+
+<p>- More refactoring to get rid of static references which will help testing, shutdown, and embedded applications
+<br />- Reseed cleanups and checks
+<br />- Streamlining of tunnel endpoint message processing
+<br />- i2psnark bug fixes
+<br />- i2psnark private tracker support
+<br />- i2psnark tracker configuration form
+<br />- i2psnark message box cleanup
+<br />- i2psnark Javascript refresh
+<br />- i2psnark better error reporting
+<br />- Remove support for i2psnark "run standalone"
+<br />- Remove deprecated i2ptunnel Bean classes from the jar
+<br />- Increase max leaseset size from 6 to 16 for future growth
+<br />- Plugin tweaks
+<br />- Jetty logging moved from wrapper log to I2P log
+<br />- New page for viewing individual graphs for easy resizing and viewing of previous intervals
+<br />- Remove bandwidth from netdb stats
+<br />- Add negative lookup cache to naming service
+<br />- Reduce size of netdb structures
+<br />- HTTP Proxy refactoring to improve parsing of URLs and support IPv6 addresses, improve handling of malformed URLs, improved address helper handling
+<br />- Use per-destination streaming timers
+<br />- Better handling of leaseset/routerinfo overwrite attempts
+<br />- GeoIP update to April 2012 version (Debian packages and new installs only)
+<br />- German, Russian, Spanish, Swedish translation updates
+<br />- Non-default theme updates
+<br />- General code cleanups</p>
+
+
+
+
+<b>
+SHA256 Checksums:
+</b>
+<pre>
+
+ 006a306a2c5a449cce6a19378da5e74b8aa216ba5a9383a4c2cb66dfead2e736 i2pinstall_0.9_windows.exe
+ 6175c50a306cbd6ebe6eba40965408bd3f87f3ecd0f6199d7a927099c21d73c0 i2pinstall_0.9.jar
+ 8a3654a13781a9aacf9db94081e057be73322f88db2931eba4f2cfa467ead429 i2psource_0.9.tar.bz2
+ 234d4c0ad1736b389349c702bfcf70511e72770a414b0afe7e9f5e1f5ebca97d i2pupdate_0.9.zip
+ 78fc1af81b71b5797bf9900b5a98f4513af840b76e801c40b9e4abb5e7e37807 i2pupdate.su2
+ 63ec749a1da0c7913c09cc7bcf552497bebb873024ac42030c8a507c92aec9de i2pupdate.sud
+
+
+</pre>
+
+{% endblock %}
diff --git a/www.i2p2/pages/roadmap.html b/www.i2p2/pages/roadmap.html
index c903ac9d46a65ee0947d717ccbf964fc38c239c8..1b4decfc1c02d9e06050e459be5a129ac5cd4a13 100644
--- a/www.i2p2/pages/roadmap.html
+++ b/www.i2p2/pages/roadmap.html
@@ -2,19 +2,9 @@
{% block title %}Roadmap{% endblock %}
{% block content %}
-<h2 id="0.8">0.8</h2>
-July 2010
+<h2 id="v0.9">0.9</h2>
<ul>
-<li>Further research and improve the <a href="i2np.html">Message Priority System</a></li>
-<li>Reduce <a href="how_peerselection.html">peer profile</a> size, implement better ejection strategy </li>
-<li>Expand and rework the floodfill pool, bring back simplified Kademlia searches and stores for the pool</li>
-<li>Distributed / enhanced i2pupdate distribution, set default to download</li>
-<li>Better better docs and website</li>
-</ul>
-
-<h2 id="0.9">0.9</h2>
-<ul>
-<li>Include some seed data in the distribution so a central reseed location isn't required?
+<li>Include some seed data in the distribution so a central reseed location isn't required?</li>
<li>Reachability Mapping / handle peers partially reachable / enhanced <a href="todo.html#fullRestrictedRoutes">restricted routes</a></li>
<li>Improve help pages and website</li>
<li>More translations</li>
@@ -22,19 +12,19 @@ July 2010
<li>Iterative floodfill lookups</li>
</ul>
-<h2 id="1.0">1.0</h2>
+<h2 id="v1.0">1.0</h2>
<ul>
<li>Full review of anonymity issues and other vulnerabilities</li>
<li>Reduce memory usage, remove debugging overhead, make it run better on slow and embedded machines</li>
<li>Docs</li>
</ul>
-<h2 id="2.0">2.0</h2>
+<h2 id="v2.0">2.0</h2>
<ul>
<li>Full restricted routes</li>
</ul>
-<h2 id="3.0">3.0</h2>
+<h2 id="v3.0">3.0</h2>
<ul>
<li>Tunnel mixing and padding</li>
<li>User defined message delays</li>
diff --git a/www.i2p2/pages/roadmap_de.html b/www.i2p2/pages/roadmap_de.html
index a529fd7363538e43be1643347eedd12bd352bf3a..d35dce3ae50d0ff009ec2110ce66c574a26a430f 100644
--- a/www.i2p2/pages/roadmap_de.html
+++ b/www.i2p2/pages/roadmap_de.html
@@ -2,7 +2,7 @@
{% block title %}Zeitplan{% endblock %}
{% block content %}
-<h2 id="0.8">0.8</h2>
+<h2 id="v0.8">0.8</h2>
July 2010
<ul>
<li>Further research and improve the <a href="i2np.html">Message Priority System</a></li>
@@ -11,9 +11,9 @@ July 2010
<li>Better better docs and website</li>
</ul>
-<h2 id="0.9">0.9</h2>
+<h2 id="v0.9">0.9</h2>
<ul>
-<li>Include some seed data in the distribution so a central reseed location isn't required?
+<li>Include some seed data in the distribution so a central reseed location isn't required?</li>
<li>Reachability Mapping / handle peers partially reachable / enhanced <a href="todo.html#fullRestrictedRoutes">restricted routes</a></li>
<li>Improve help pages and website</li>
<li>More translations</li>
@@ -21,7 +21,7 @@ July 2010
<li>Iterative floodfill lookups</li>
</ul>
-<h2 id="1.0">1.0</h2>
+<h2 id="v1.0">1.0</h2>
<ul>
<li>Volle Überprüfung auf Schwachstellen in der Anonymität und weitere Schwachstellen</li>
<li>Reduzierung des Speicherverbrauchs, entfernen der Debuginformationen, I2P auf langsamen und
@@ -29,12 +29,12 @@ embedded PC besser lauffähig machen</li>
<li>Anleitungen und Dokumente</li>
</ul>
-<h2 id="2.0">2.0</h2>
+<h2 id="v2.0">2.0</h2>
<ul>
<li>Volle beschränkte Routen</li>
</ul>
-<h2 id="3.0">3.0</h2>
+<h2 id="v3.0">3.0</h2>
<ul>
<li>Tunnel mixen und padding</li>
<li>Anwenderdefinierte Verzögerung in den Tunneln</li>
diff --git a/www.i2p2/pages/roadmap_fr.html b/www.i2p2/pages/roadmap_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..b4269dc4734286519579973d1cd56eca7857d781
--- /dev/null
+++ b/www.i2p2/pages/roadmap_fr.html
@@ -0,0 +1,37 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Feuille de route{% endblock %}
+{% block content %}
+Traduction de juillet 2011. <a href="roadmap.html">Version anglaise actuelle</a>
+<h2 id="v0.9">0.9</h2>
+<ul>
+<li>Inclusion de quelques données d'amorçage dans la distribution pour s'émanciper de la zone centralisée de réamorçage
+(et de sa maintenance).</li>
+<li>Cartographie de l'accessibilité / Gestion des pairs partiellement joignables / Amélioration des
+<a href="todo.html#fullRestrictedRoutes">routes réservées</a>.</li>
+<li>Amélioration des pages d'aide et du site Internet.</li>
+<li>Plus de traductions.</li>
+<li>Message de déconnexion SSU.</li>
+<li>Recherche itératives des sources d'inondation.</li>
+</ul>
+
+<h2 id="v1.0">1.0</h2>
+<ul>
+<li>Vérification exhaustive des failles d'anonymisation et autres vulnérabilités.</li>
+<li>Réduction des besoins en mémoire, suppression de la surcharge de débogage, meilleure adaptation aux machines lentes
+et OS embarqués.</li>
+<li>Documentations.</li>
+</ul>
+
+<h2 id="v2.0">2.0</h2>
+<ul>
+<li>Routes entièrement réservées.</li>
+</ul>
+
+<h2 id="v3.0">3.0</h2>
+<ul>
+<li>Mélange et bourrage des tunnels.</li>
+<li>Délais des messages de contrôle définis par l'utilisateur.</li>
+</ul>
+
+<p>Voir aussi la liste <a href="todo">À faire</a> pour des informations détaillées sur ces tâches.</p>
+{% endblock %}
diff --git a/www.i2p2/pages/sam.html b/www.i2p2/pages/sam.html
index ea2af17e3479e945b3eb84c98f7b28e52663efe9..f24d8af8ea3eaca6d81a5c1de2f8ad604744f785 100644
--- a/www.i2p2/pages/sam.html
+++ b/www.i2p2/pages/sam.html
@@ -1,13 +1,20 @@
{% extends "_layout.html" %}
-{% block title %}SAM{% endblock %}
-{% block content %}<p>Specified below is a simple client protocol for interacting with
-I2P based on discussions between human and jrandom.</p>
+{% block title %}SAM V1 Specification{% endblock %}
+{% block content %}
+Updated August 2010 for release 0.8
+<p>Specified below is version 1 of a simple client protocol for interacting with
+I2P.
+Newer alternatives:
+<a href="samv2.html">SAM V2</a>,
+<a href="samv3.html">SAM V3</a>,
+<a href="bob.html">BOB</a>.
+</p>
<pre>----------------------------------------------------------------------
-Simple Anonymous Messaging (SAM)
+Simple Anonymous Messaging (SAM version 1.0) Specification
----------------------------------------------------------------------
Client application talks to SAM bridge, which deals with
-all of the I2P functionality (using the ministreaming
+all of the I2P functionality (using the streaming
lib for virtual streams, or I2CP directly for async messages).
All client<-->SAM bridge communication is unencrypted and
@@ -25,9 +32,9 @@ the key=value pairs can change (e.g. "ONE TWO A=B C=D" or
addition, the protocol is case-sensitive.
Communication can take three distinct forms:
-* Virtual streams
-* Repliable datagrams (messages with a FROM field)
-* Anonymous datagrams (raw anonymous messages)
+* <a href="streaming.html">Virtual streams</a>
+* <a href="datagrams.html#repliable">Repliable datagrams</a> (messages with a FROM field)
+* <a href="datagrams.html#raw">Anonymous datagrams</a> (raw anonymous messages)
----------------------------------------------------------------------
SAM connection handshake
@@ -317,38 +324,41 @@ their meaning:
PEER_NOT_FOUND The peer cannot be found on the network
TIMEOUT Timeout while waiting for an event (e.g. peer answer)
+
----------------------------------------------------------------------
-Tunnel Pool Options
+Tunnel, I2CP, and Streaming Options
----------------------------------------------------------------------
-These options can be passed in as name=value pairs at the end of a
+These options may be passed in as name=value pairs at the end of a
SAM SESSION CREATE line.
- inbound.nickname - Name shows up in I2P router console.
- inbound.quantity - Number of tunnels, default 2.
- inbound.backupQuantity - Number of backup tunnels, default 0.
- inbound.rebuildPeriod - Obsolete - ignored - the router controls rebuilding
- inbound.duration - Tunnels last X ms, default 10*60*1000.
- (change not recommended, will break anonymity
- if it works at all)
- inbound.length - Depth of tunnels, default 2.
- inbound.lengthVariance - If negative, randomly skews from
- (length - variance) to
- (length + variance). If positive, from
- length to (length + var), inclusive.
- Default -1.
- inbound.allowZeroHop - Zero hop allowed? Default "true".
- outbound.* - Same properties as inbound.
- i2p.streaming.connectDelay - If 0, connect ASAP. If positive, wait
- until X ms have passed or output stream
- is flushed or buffer fills. Default 0.
- i2p.streaming.maxWindowSize - Max window size, default 64.
+All sessions may include <a href="i2cp.html#options">I2CP options such as tunnel lengths</a>.
+STREAM sessions may include <a href="streaming.html#options">Streaming lib options</a>.
+See those references for option names and defaults.
+
+
+----------------------------------------------------------------------
+BASE 64 Notes
+----------------------------------------------------------------------
+
+Base 64 encoding must use the I2P standard Base 64 alphabet "A-Z, a-z, 0-9, -, ~".
+
----------------------------------------------------------------------
Client library implementations:
----------------------------------------------------------------------
- C/C++: libSAM: http://www.innographx.com/mpc/libsam/ or i2p/sam/c/
- Python: Python/I2P: http://dev.i2p.net/contrib/apps/sam/python/index.html
- Others: See apps/sam/ in I2P CVS.
+
+Client libraries are available for C, C++, C#, Perl, and Python.
+These are in the apps/sam/ directory in the <a href="download.html">I2P Source Package</a>.
+
+
+----------------------------------------------------------------------
+Default SAM Setup
+----------------------------------------------------------------------
+
+The default SAM port is 7656. SAM is not enabled by default in the I2P Router;
+it must be started manually, or configured to start automatically,
+on the configure clients page in the router console, or in the clients.config file.
+
</pre>
{% endblock %}
diff --git a/www.i2p2/pages/samv2.html b/www.i2p2/pages/samv2.html
index 0dad38702273e091fe0db928f710c476d01b5abf..333da68cf393c6ee4e0272047c930b83cb4a1203 100644
--- a/www.i2p2/pages/samv2.html
+++ b/www.i2p2/pages/samv2.html
@@ -1,21 +1,34 @@
{% extends "_layout.html" %}
-{% block title %}SAM V2{% endblock %}
+{% block title %}SAM V2 Specification{% endblock %}
{% block content %}
+Updated August 2010 for release 0.8
<p>Specified below is a simple client protocol for interacting with I2P.
-<p><b>V2 changes by mkvore.
-SAM V2 is available as of I2P release 0.6.1.31.
-Significant differences marked up by zzz with "***".
-Note that these are changes to the document, not necessarily
-changes to the protocol, but hopefully you get the idea.</b>
-<a href="sam.html">Here is the SAM V1 document</a>.
+</p>
+<p>
+SAM V2 was introduced in I2P release 0.6.1.31.
+Significant differences from SAM V1 are marked with "***".
+Alternatives:
+<a href="sam.html">SAM V1</a>,
+<a href="samv3.html">SAM V3</a>,
+<a href="bob.html">BOB</a>.
+</p>
+
+<p />
+<b>Version 2 Changes</b>
+Compared to version 1, SAM v2 provides a way to manage several sockets
+on the same I2P destination <i>in parallel</i>, i.e. the client does not
+have to wait for data being successfully sent on one socket before sending
+data on another socket. All data transits through the same
+client<-->SAM socket.
+For multiple sockets, see <a href="samv3.html">SAM V3</a>.
</p>
<pre>
----------------------------------------------------------------------
-Simple Anonymous Messaging (SAM version 2.0)
+Simple Anonymous Messaging (SAM version 2.0) Specification
----------------------------------------------------------------------
Client application talks to SAM bridge, which deals with
-all of the I2P functionality (using the ministreaming
+all of the I2P functionality (using the streaming
lib for virtual streams, or I2CP directly for async messages).
All client<-->SAM bridge communication is unencrypted and
@@ -33,9 +46,9 @@ the key=value pairs can change (e.g. "ONE TWO A=B C=D" or
addition, the protocol is case-sensitive.
Communication can take three distinct forms:
-* Virtual streams
-* Repliable datagrams (messages with a FROM field)
-* Anonymous datagrams (raw anonymous messages)
+* <a href="streaming.html">Virtual streams</a>
+* <a href="datagrams.html#repliable">Repliable datagrams</a> (messages with a FROM field)
+* <a href="datagrams.html#raw">Anonymous datagrams</a> (raw anonymous messages)
----------------------------------------------------------------------
SAM connection handshake
@@ -379,38 +392,41 @@ their meaning:
PEER_NOT_FOUND The peer cannot be found on the network
TIMEOUT Timeout while waiting for an event (e.g. peer answer)
+
----------------------------------------------------------------------
-Tunnel Pool Options
+Tunnel, I2CP, and Streaming Options
----------------------------------------------------------------------
-These options can be passed in as name=value pairs at the end of a
+These options may be passed in as name=value pairs at the end of a
SAM SESSION CREATE line.
- inbound.nickname - Name shows up in I2P router console.
- inbound.quantity - Number of tunnels, default 2.
- inbound.backupQuantity - Number of backup tunnels, default 0.
- inbound.rebuildPeriod - Obsolete - ignored - the router controls rebuilding
- inbound.duration - Tunnels last X ms, default 10*60*1000.
- (change not recommended, will break anonymity
- if it works at all)
- inbound.length - Depth of tunnels, default 2.
- inbound.lengthVariance - If negative, randomly skews from
- (length - variance) to
- (length + variance). If positive, from
- length to (length + var), inclusive.
- Default -1.
- inbound.allowZeroHop - Zero hop allowed? Default "true".
- outbound.* - Same properties as inbound.
- i2p.streaming.connectDelay - If 0, connect ASAP. If positive, wait
- until X ms have passed or output stream
- is flushed or buffer fills. Default 0.
- i2p.streaming.maxWindowSize - Max window size, default 64.
+All sessions may include <a href="i2cp.html#options">I2CP options such as tunnel lengths</a>.
+STREAM sessions may include <a href="streaming.html#options">Streaming lib options</a>.
+See those references for option names and defaults.
+
+
+----------------------------------------------------------------------
+BASE 64 Notes
+----------------------------------------------------------------------
+
+Base 64 encoding must use the I2P standard Base 64 alphabet "A-Z, a-z, 0-9, -, ~".
+
----------------------------------------------------------------------
Client library implementations:
----------------------------------------------------------------------
- C/C++: libSAM: http://www.innographx.com/mpc/libsam/ or i2p/sam/c/
- Python: Python/I2P: http://dev.i2p.net/contrib/apps/sam/python/index.html
- Others: See apps/sam/ in I2P CVS.
+Client libraries are available for C, C++, C#, Perl, and Python.
+These are in the apps/sam/ directory in the <a href="download.html">I2P Source Package</a>.
+Some may be older and have not been updated for SAMv2 support.
+
+
+----------------------------------------------------------------------
+Default SAM Setup
+----------------------------------------------------------------------
+
+The default SAM port is 7656. SAM is not enabled by default in the I2P Router;
+it must be started manually, or configured to start automatically,
+on the configure clients page in the router console, or in the clients.config file.
+
</pre>
{% endblock %}
diff --git a/www.i2p2/pages/samv3.html b/www.i2p2/pages/samv3.html
index 05711cddd467f354009b0ec738e432d197398c64..f8477ed96a826f91674c0af55ddfa507b38317ae 100644
--- a/www.i2p2/pages/samv3.html
+++ b/www.i2p2/pages/samv3.html
@@ -1,39 +1,43 @@
{% extends "_layout.html" %}
{% block title %}SAM V3{% endblock %}
{% block content %}
+Updated August 2010 for release 0.8
<p>Specified below is a simple client protocol for interacting with I2P.
-<p><b>V3 by mkvore.
-SAM V3 is available as of I2P release 0.7.3.
-</b>
-<a href="sam.html">Here is the SAM V1 document</a>.
-<a href="samv2.html">Here is the SAM V2 document</a>.
+</p>
+<p>SAM version 3
+was introduced in I2P release 0.7.3.
+Alternatives:
+<a href="sam.html">SAM V1</a>,
+<a href="samv2.html">SAM V2</a>,
+<a href="bob.html">BOB</a>.
</p>
<p />
-<b>Version 3 Goal</b>
-Compared to version 1, SAM v2 provides a way to manage several sockets
+<b>Version 3 Changes</b>
+SAM v2 provided a way to manage several sockets
on the same I2P destination <i>in parallel</i>, i.e. the client does not
have to wait for data being successfully sent on one socket before sending
-data on another socket. But all the data are to transit through the same
-client<-->Sam socket, which is quite complicated to manage for the client.
+data on another socket. But all data transited through the same
+client<-->SAM socket, which was quite complicated to manage for the client.
<p />
-SAM v3 manages sockets in a different way : each <i>I2P socket</i>
-matches a unique client<-->Sam socket, which is much more simple to handle.
+SAM v3 manages sockets in a different way: each <i>I2P socket</i>
+matches a unique client<-->SAM socket, which is much more simple to handle.
+This is similar to <a href="bob.html">BOB</a>.
<br />
-Besides, SAM v3 offers a UDP port for sending datagrams through I2P, and
+SAM v3 also offers a UDP port for sending datagrams through I2P, and
can forward back I2P datagrams to the client's datagram server.
<p />
<b>Version 3 Protocol</b>
<pre>
----------------------------------------------------------------------
-Simple Anonymous Messaging (SAM version 3.0)
+Simple Anonymous Messaging (SAM version 3.0) Specification
----------------------------------------------------------------------
Client application talks to SAM bridge, which deals with
-all of the I2P functionality (using the ministreaming
+all of the I2P functionality (using the streaming
lib for virtual streams, or I2CP directly for async messages).
-All client<-->SAM bridge communication is unencrypted and
+All client<-->SAM bridge communication is unencrypted and
unauthenticated. Access to the SAM
bridge should be protected through firewalls or other means
(perhaps the bridge may have ACLs on what IPs it accepts
@@ -46,14 +50,14 @@ each message must stay in their specific order, the ordering of
the key=value pairs can change (e.g. "ONE TWO A=B C=D" or
"ONE TWO C=D A=B" are both perfectly valid constructions). In
addition, the protocol is case-sensitive.
-In the following, message examples are preceded by "-> " for
-messages sent by the client to the SAM bridge, and by "<- " for
+In the following, message examples are preceded by "-> " for
+messages sent by the client to the SAM bridge, and by "<- " for
messages sent by the SAM bridge to the client.
I2P communications can take three distinct forms:
-* Virtual streams
-* Repliable datagrams (messages with a FROM field)
-* Anonymous datagrams (raw anonymous messages)
+* <a href="streaming.html">Virtual streams</a>
+* <a href="datagrams.html#repliable">Repliable datagrams</a> (messages with a FROM field)
+* <a href="datagrams.html#raw">Anonymous datagrams</a> (raw anonymous messages)
I2P communications are supported by I2P sessions, and each I2P
session is bound to an address (called destination). An I2P session
@@ -68,22 +72,22 @@ No SAM communication can occur until after the client and bridge have
agreed on a protocol version, which is done by the client sending
a HELLO and the bridge sending a HELLO REPLY:
--> HELLO VERSION MIN=$min MAX=$max
+-> HELLO VERSION MIN=$min MAX=$max
and
-<- HELLO REPLY RESULT=OK VERSION=3.0
+<- HELLO REPLY RESULT=OK VERSION=3.0
*** In order to force protocol version 3.0, the values of $min and $max
*** must be "3.0".
If the SAM bridge cannot find a suitable version, it replies with :
-<- HELLO REPLY RESULT=NOVERSION
+<- HELLO REPLY RESULT=NOVERSION
If some error occurred, such as a bad request format, it replies with :
-<- HELLO REPLY RESULT=I2P_ERROR MESSAGE={$message}
+<- HELLO REPLY RESULT=I2P_ERROR MESSAGE={$message}
----------------------------------------------------------------------
@@ -103,7 +107,7 @@ Each session is uniquely associated with :
The session creation message can only use one of these forms (messages
received through other forms are answered with an error message) :
--> SESSION CREATE
+-> SESSION CREATE
STYLE={STREAM,DATAGRAM,RAW}
ID={$nickname}
DESTINATION={$private_destination_key,TRANSIENT}
@@ -129,19 +133,19 @@ After receiving the session create message, the SAM bridge will reply
with a session status message, as follows:
If the creation was successful :
-<- SESSION STATUS RESULT=OK DESTINATION={$private_destination_key}
+<- SESSION STATUS RESULT=OK DESTINATION={$private_destination_key}
If the nickname is already associated with a session :
-<- SESSION STATUS RESULT=DUPLICATED_ID
+<- SESSION STATUS RESULT=DUPLICATED_ID
If the destination is already in use :
-<- SESSION STATUS RESULT=DUPLICATED_DEST
+<- SESSION STATUS RESULT=DUPLICATED_DEST
If the destination is not a valid private destination key :
-<- SESSION STATUS RESULT=INVALID_KEY
+<- SESSION STATUS RESULT=INVALID_KEY
If some other error has occurred :
-<- SESSION STATUS RESULT=I2P_ERROR MESSAGE={$message}
+<- SESSION STATUS RESULT=I2P_ERROR MESSAGE={$message}
If it's not OK, the MESSAGE should contain human-readable information
as to why the session could not be created.
@@ -174,7 +178,7 @@ A client asks for a connection by :
* passing the same HELLO handshake as above
* sending the connection command :
--> STREAM CONNECT
+-> STREAM CONNECT
ID={$nickname}
DESTINATION=$peer_public_base64_key
[SILENCE={true,false}]
@@ -192,7 +196,7 @@ If SILENCE=false, which is the default value, the SAM bridge sends a
last message to its client before forwarding or shutting down the
socket :
-<- STREAM STATUS
+<- STREAM STATUS
RESULT=$result
[MESSAGE=...]
@@ -221,7 +225,7 @@ A client waits for an incoming connection request by :
* passing the same HELLO handshake as above
* sending the accept command :
--> STREAM ACCEPT
+-> STREAM ACCEPT
ID={$nickname}
[SILENCE={true,false}]
@@ -230,7 +234,7 @@ connection request from the I2P network.
The SAM bridge answers with :
-<- STREAM STATUS
+<- STREAM STATUS
RESULT=$result
[MESSAGE=...]
@@ -265,7 +269,7 @@ coming from I2P. For that, the client has to :
* pass the same HELLO handshake as above
* send the forward command :
--> STREAM FORWARD
+-> STREAM FORWARD
ID={$nickname}
PORT={$port}
[HOST={$host}]
@@ -276,7 +280,7 @@ connection requests from the I2P network.
The SAM bridge answers with :
-<- STREAM STATUS
+<- STREAM STATUS
RESULT=$result
[MESSAGE=...]
@@ -293,9 +297,9 @@ of the socket that issued the forward command.
* {$port} is the port number of the socket server to which SAM will
forward connection requests. It is mandatory.
-When a connexion request arrives from I2P, the SAM bridge requests a
-socket connexion from {$host}:{$port}. If it is accepted after no more
-than 3 seconds, SAM will accept the connexion from I2P, and then :
+When a connection request arrives from I2P, the SAM bridge requests a
+socket connection from {$host}:{$port}. If it is accepted after no more
+than 3 seconds, SAM will accept the connection from I2P, and then :
* If SILENCE=true was passed, all data passing through the obtained
current socket is forwarded from and to the connected I2P destination
@@ -352,7 +356,7 @@ command.
When a datagram arrives, the bridge delivers it to the client via the
message :
-<- DATAGRAM RECEIVED
+<- DATAGRAM RECEIVED
DESTINATION=$base64key
SIZE=$numBytes\n[$numBytes of data]
@@ -368,7 +372,7 @@ When creating a datagram session, the client can ask SAM to forward
incoming messages to a specified ip:port. It does so by issuing the
CREATE command with PORT and HOST options :
--> SESSION CREATE
+-> SESSION CREATE
STYLE=DATAGRAM
ID={$nickname}
DESTINATION={$private_destination_key,TRANSIENT}
@@ -407,7 +411,7 @@ datagrams.
When anonymous datagrams are to be written to the socket that created
the session,the bridge delivers it to the client via:
-<- RAW RECEIVED
+<- RAW RECEIVED
SIZE=$numBytes\n[$numBytes of data]
When anonymous datagrams are to be forwarded to some host:port,
@@ -463,7 +467,7 @@ RESULT values
These are the values that can be carried by the RESULT field, with
their meaning:
- OK Operation completed succesfully
+ OK Operation completed successfully
CANT_REACH_PEER The peer exists, but cannot be reached
DUPLICATED_DEST The specified Destination is already in use
I2P_ERROR A generic I2P error (e.g. I2CP disconnection, etc.)
@@ -472,38 +476,44 @@ their meaning:
PEER_NOT_FOUND The peer cannot be found on the network
TIMEOUT Timeout while waiting for an event (e.g. peer answer)
+
----------------------------------------------------------------------
-Tunnel Pool Options
+Tunnel, I2CP, and Streaming Options
----------------------------------------------------------------------
-These options can be passed in as name=value pairs at the end of a
+These options may be passed in as name=value pairs at the end of a
SAM SESSION CREATE line.
- inbound.nickname - Name shows up in I2P router console.
- inbound.quantity - Number of tunnels, default 2.
- inbound.backupQuantity - Number of backup tunnels, default 0.
- inbound.rebuildPeriod - Obsolete - ignored - the router controls rebuilding
- inbound.duration - Tunnels last X ms, default 10*60*1000.
- (change not recommended, will break anonymmity
- if it works at all)
- inbound.length - Depth of tunnels, default 2.
- inbound.lengthVariance - If negative, randomly skews from
- (length - variance) to
- (length + variance). If positive, from
- length to (length + var), inclusive.
- Default -1.
- inbound.allowZeroHop - Zero hop allowed? Default "true".
- outbound.* - Same properties as inbound.
- i2p.streaming.connectDelay - If 0, connect ASAP. If positive, wait
- until X ms have passed or output stream
- is flushed or buffer fills. Default 0.
- i2p.streaming.maxWindowSize - Max window size, default 64.
+All sessions may include <a href="i2cp.html#options">I2CP options such as tunnel lengths</a>.
+STREAM sessions may include <a href="streaming.html#options">Streaming lib options</a>.
+See those references for option names and defaults.
+
+
+----------------------------------------------------------------------
+BASE 64 Notes
+----------------------------------------------------------------------
+
+Base 64 encoding must use the I2P standard Base 64 alphabet "A-Z, a-z, 0-9, -, ~".
+
----------------------------------------------------------------------
Client library implementations:
----------------------------------------------------------------------
- C/C++: libSAM: http://www.innographx.com/mpc/libsam/ or i2p/sam/c/
- Python: Python/I2P: http://dev.i2p.net/contrib/apps/sam/python/index.html
- Others: See apps/sam/ in I2P CVS.
+Client libraries are available for C, C++, C#, Perl, and Python.
+These are in the apps/sam/ directory in the <a href="download.html">I2P Source Package</a>.
+Some may be older and have not been updated for SAMv3 support.
+
+
+----------------------------------------------------------------------
+Default SAM Setup
+----------------------------------------------------------------------
+
+The default SAM port is 7656. SAM is not enabled by default in the I2P Router;
+it must be started manually, or configured to start automatically,
+on the configure clients page in the router console, or in the clients.config file.
+The default SAM UDP port is 7655, listening on 0.0.0.0.
+These may be changed by adding the arguments sam.udp.port=nnnnn and/or
+sam.udp.host=w.x.y.z to the invocation.
+
</pre>
{% endblock %}
diff --git a/www.i2p2/pages/streaming.html b/www.i2p2/pages/streaming.html
index 7d2ba52e423f3685d481fefe84b7297ac43b452f..75f572f73287e7a8cbb002652c7d9198c6df9cac 100644
--- a/www.i2p2/pages/streaming.html
+++ b/www.i2p2/pages/streaming.html
@@ -1,6 +1,7 @@
{% extends "_layout.html" %}
-{% block title %}Streaming Lib{% endblock %}
+{% block title %}Streaming Library{% endblock %}
{% block content %}
+Updated June 2012, current as of router version 0.9.1
<h2>Overview</h2>
<p>
@@ -9,10 +10,12 @@ as it is not a core router function.
In practice, however, it provides a vital function for almost all
existing I2P applications, by providing a TCP-like
streams over I2P, and allowing existing apps to be easily ported to I2P.
+The other end-to-end transport library for client communication is the
+<a href="datagrams.html">datagram library</a>.
</p>
<p>The streaming library is a layer on top of the core
-<a href="i2cp">I2CP</a> that allows reliable, in order, and authenticated streams
+<a href="i2cp.html">I2CP API</a> that allows reliable, in-order, and authenticated streams
of messages to operate across an unreliable, unordered, and unauthenticated
message layer. Just like the TCP to IP relationship, this streaming
functionality has a whole series of tradeoffs and optimizations available, but
@@ -20,23 +23,9 @@ rather than embed that functionality into the base I2P code, it has been factore
off into its own library both to keep the TCP-esque complexities separate and to
allow alternative optimized implementations.</p>
-<h2>History</h2>
<p>
-The streaming library has grown organically for I2P - first mihi implemented the
-"mini streaming library" as part of I2PTunnel, which was limited to a window
-size of 1 message (requiring an ACK before sending the next one), and then it was
-refactored out into a generic streaming interface (mirroring TCP sockets) and the
-full streaming implementation was deployed with a sliding window protocol and
-optimizations to take into account the high bandwidth x delay product. Individual
-streams may adjust the maximum packet size and other options. The default
-message size is selected to fit precisely in two 1K I2NP tunnel messages,
-and is a reasonable tradeoff between the bandwidth costs of
-retransmitting lost messages and the latency of multiple messages.
-</p>
-
-<p>
-In addition, in consideration of the relatively high cost of subsequent messages,
-the streaming library's protocol for scheduling and delivering messages has been optimized to
+In consideration of the relatively high cost of messages,
+the streaming library's protocol for scheduling and delivering those messages has been optimized to
allow individual messages passed to contain as much information as is available.
For instance, a small HTTP transaction proxied through the streaming library can
be completed in a single round trip - the first messages bundle a SYN, FIN, and
@@ -48,239 +37,450 @@ immediately.
</p>
<p>
-On the whole, however, the streaming library bears much resemblance to an
+The streaming library bears much resemblance to an
abstraction of TCP, with its sliding windows, congestion control algorithms
(both slow start and congestion avoidance), and general packet behavior (ACK,
SYN, FIN, RST, rto calculation, etc).
</p>
-
-<h2>Usage</h2>
<p>
-The standard interface to the streaming lib is for the application to set up
-a I2PSocketManagerFactory from the <a href="ministreaming.html">ministreaming lib</a>.
-Only I2PSocketManagerFactory is used here - everything else is from the full streaming lib
-(I2PSocketManagerFull, not I2PSocketManagerImpl, and I2PSocketFull, not I2PSocketImpl).
-The remainder of the ministreaming lib is not normally used - don't be confused.
+The streaming library is
+a robust library
+which is optimized for operation over I2P.
+It has a one-phase setup, and
+it contains a full windowing implementation.
</p>
+
+
+
+<h2 id="api">API</h2>
+
<p>
-For a good example of usage, see the i2psnark code.
+The streaming library API provides a standard socket paradigm to Java applications.
+The lower-level
+<a href="i2cp.html">I2CP</a>
+API is completely hidden, except that applications may pass
+<a href="i2cp.html#options">I2CP parameters</a> through the streaming library,
+to be interpreted by I2CP.
</p>
-
-<h2>Advantages</h2>
-<p>The streaming lib has many advantages over the ministreaming library written by mihi as a part of his
-<a href="i2ptunnel">I2PTunnel</a> application.
-The streaming library is
-a more robust streaming library
-which is further optimized for operation over I2P. The two main issues with
-the ministreaming library are its use of the traditional TCP two phase
-establishment protocol and the current fixed window size of 1.
-The streaming lib fixes both of these issues - it has a one-phase setup, and
-it contains a full windowing implementation.
+<p>
+The standard interface to the streaming lib is for the application to use the
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/streaming/I2PSocketManagerFactory.html">I2PSocketManagerFactory</a>
+to create an
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/streaming/I2PSocketManager.html">I2PSocketManager</a>.
+The application then asks the socket manager for an
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/streaming/I2PSession.html">I2PSession</a>,
+which will cause a connection to the router via
+<a href="i2cp.html">I2CP</a>.
+The application can then setup connections with an
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/streaming/I2PSocket.html">I2PSocket</a>
+or receive connections with an
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/streaming/I2PServerSocket.html">I2PServerSocket</a>.
+</p>
+<p>
+Here are the
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/streaming/package-summary.html">full streaming library Javadocs</a>.
</p>
<p>
-Significant tuning of the streaming lib parameters,
-greatly increasing outbound performance, was implemented in 0.6.1.28.
-Subsequent releases include additional tuning and bug fixes.
+For a good example of usage, see the i2psnark code.
+</p>
+
-<h2>Default Parameters</h2>
-The current default values are listed below.
-Lower case values are streaming lib parameters that can changed on a
+<h3 id="options">Options and Defaults</h3>
+<p>
+The options and current default values are listed below.
+Options are case-sensitive and may be set for the whole router, for a particular client, or for an individual socket on a
per-connection basis.
-These values are tuned for HTTP performance over typical I2P conditions. Other applications such
+Many values are tuned for HTTP performance over typical I2P conditions. Other applications such
as peer-to-peer services are strongly encouraged to
modify as necessary, by setting the options and passing them via the call to
-I2PSocketManagerFactory.createManager(_i2cpHost, _i2cpPort, opts).
+<a href="http://docs.i2p-projekt.de/javadoc/net/i2p/client/streaming/I2PSocketManagerFactory.html">I2PSocketManagerFactory</a>.createManager(_i2cpHost, _i2cpPort, opts).
Time values are in ms.
-<ul>
-<li>MIN_RESEND_DELAY = 2*1000
-<li>MAX_RESEND_DELAY = 45*1000
-<li>i2p.streaming.connectTimeout = 5*60*1000
-<li>i2p.streaming.initialReceiveWindow = 1
-<li>i2p.streaming.initialWindowSize = 12
-<li>MIN_WINDOW_SIZE = 1
-<li>i2p.streaming.maxWindowSize = 128 // as of release 0.6.3 (was 64)
-<li>TREND_COUNT = 3
-<li>i2p.streaming.maxResends = 8
-<li>RTT_DAMPENING = 0.875 // as of release 0.6.5 (was 0.9)
-<li>i2p.streaming.profile = 1 (bulk) (2=interactive not supported)
-<li>MIN_MESSAGE_SIZE = 512 // as of release 0.6.5
-<li>i2p.streaming.maxMessageSize = 1730 // as of release 0.6.5 (was 960)
-<li>INBOUND_BUFFER_SIZE = maxMessageSize * (maxWindowSize + 2)
-<li>i2p.streaming.initialRTT = 10*1000
-<li>INITIAL_TIMEOUT = 1.5 * initialRTT
-<li>i2p.streaming.initialResendDelay = 1000
-<li>i2p.streaming.initialAckDelay = 2000
-<li>i2p.streaming.inactivityTimeout = 90*1000
-<li>i2p.streaming.inactivityAction = 2 (send) (0=noop, 1=disconnect)
-<li>i2p.streaming.congestionAvoidanceGrowthRateFactor = 1
-<li>i2p.streaming.slowStartGrowthRateFactor = 1
-<li>PASSIVE_FLUSH_DELAY = 250 // as of release 0.6.5 (was 500)
-<li>i2p.streaming.answerPings = true // new option as of release 0.7.7
-<li>i2p.streaming.maxConcurrentStreams = -1 // 0 or negative value means unlimited
-<li>i2p.streaming.maxConnsPerMinute = 0 // per peer; 0 means disabled; as of release 0.7.14
-<li>i2p.streaming.maxConnsPerHour = 0 // per peer; 0 means disabled; as of release 0.7.14
-<li>i2p.streaming.maxConnsPerDay = 0 // per peer; 0 means disabled; as of release 0.7.14
-<li>i2p.streaming.maxTotalConnsPerMinute = 0 // all peers; 0 means disabled; as of release 0.7.14
-<li>i2p.streaming.maxTotalConnsPerHour = 0 // all peers; 0 means disabled; as of release 0.7.14
-<li>i2p.streaming.maxTotalConnsPerDay = 0 // all peers; 0 means disabled; as of release 0.7.14
-</ul>
</p>
-
<p>
-The streaming lib uses standard slow-start (exponential window growth) and congestion avoidance (linear window growth)
-phases. However, before the 0.6.1.33 release, window growth was substantially slower than optimal;
-these issues were fixed in release 0.6.1.33.
+Note that higher-layer APIs, such as
+<a href="samv3.html">SAM</a>,
+<a href="bob.html">BOB</a>, and
+<a href="i2ptunnel.html">I2PTunnel</a>,
+may override these defaults with their own defaults.
+Also note that many options only apply to servers listening for incoming connections.
</p>
-<p>
-The maximum message size (also called the MTU / MRU) is negotiated to the lower value supported by
-the two peers. As tunnel messages are padded to 1KB, a poor MTU selection will lead to
-a large amount of overhead.
-The MTU is chosen to fit precisely in an integral number of 1K I2NP tunnel messages,
-including overhead for the typical case.
-The first message in a connection includes a 387 byte (typical) Destination added by the streaming layer,
-and usually a 898 byte (typical) LeaseSet bundled in the Garlic message.
-Therefore, the goal of fitting a complete HTTP request in a single 1KB I2NP message is not realistic.
-However, the selection of the MTU, together with careful implementation of fragmentation
-and batching strategies in the tunnel gateway processor, are important factors in network bandwidth,
-latency, reliability, and efficiency, especially for long-lived connections.
-</p>
-<p>
-The interaction of the routing algorithms with the streaming lib strongly affects performance.
-In particular, random distribution of messages to multiple tunnels in a pool
-leads to a high degree of out-of-order delivery which results in smaller window
-sizes than would otherwise be the case.
-In release 0.6.1.30, the routing of messages to the outbound tunnels was made
-consistent, with pushback when a tunnel was backlogged.
-This had a significant positive impact on bandwidths.
-The pushback code was reverted in release 0.6.1.31 due to anonymity concerns.
-Consistent message routing to inbound tunnels
-was implemented in release 0.6.1.32.
-</p>
+<table>
+<tr><th>Option</th><th>Default</th><th>Notes</th>
+</tr>
+<tr><td>i2cp.accessList</td><td>null</td><td>Comma- or space-separated list of Base64 peer Hashes used for either access list or blacklist
+ As of release 0.7.13.
+</td></tr><tr><td>i2cp.enableAccessList</td><td>false
+</td><td>Use the access list as a whitelist for incoming connections
+ As of release 0.7.13.
+</td></tr><tr><td>i2cp.enableBlackList</td><td>false
+</td><td>Use the access list as a blacklist for incoming connections
+ As of release 0.7.13.
+</td></tr><tr><td>i2p.streaming.answerPings</td><td>true</td><td>Whether to respond to incoming pings
+</td></tr><tr><td>i2p.streaming.bufferSize</td><td>64K</td><td>
+ How much transmit data (in bytes) will be accepted that hasn't been written out yet.
+</td></tr><tr><td>i2p.streaming.congestionAvoidanceGrowthRateFactor</td><td>1
+</td><td>
+ When we're in congestion avoidance, we grow the window size at the rate
+ of 1/(windowSize*factor). In standard TCP, window sizes are in bytes,
+ while in I2P, window sizes are in messages.
+ A higher number means slower growth.
+</td></tr><tr><td>i2p.streaming.connectDelay</td><td>-1
+</td><td>
+ How long to wait after instantiating a new con
+ before actually attempting to connect. If this is
+ <= 0, connect immediately with no initial data. If greater than 0, wait
+ until the output stream is flushed, the buffer fills,
+ or that many milliseconds pass, and include any initial data with the SYN.
+</td></tr><tr><td>i2p.streaming.connectTimeout</td><td>5*60*1000</td><td>
+ How long to block on connect, in milliseconds. Negative means indefinitely. Default is 5 minutes.
+</td></tr><tr><td>i2p.streaming.enforceProtocol</td><td>false</td><td>Whether to listen only for the streaming protocol.
+ Setting to true will prohibit communication with Destinations earlier than release 0.7.1
+ (released March 2009). Set to true if running multiple protocols on this Destination.
+ As of release 0.9.1.
+</td></tr><tr><td>i2p.streaming.inactivityAction</td><td>2 (send) </td><td>(0=noop, 1=disconnect)
+ What to do on an inactivity timeout - do nothing, disconnect, or send a duplicate ack.
+</td></tr><tr><td>i2p.streaming.inactivityTimeout</td><td>90*1000
+</td></tr><tr><td>i2p.streaming.initialAckDelay</td><td>2000
+</td></tr><tr><td>i2p.streaming.initialResendDelay</td><td>1000
+</td><td>
+ The initial value of the resend delay field in the packet header, times 1000.
+ Not fully implemented; see below.
+</td></tr><tr><td>i2p.streaming.initialRTT</td><td>8000 </td><td>(if no <a href="#sharing">sharing data</a> available)
+</td></tr><tr><td>i2p.streaming.initialWindowSize</td><td>6</td><td>(if no <a href="#sharing">sharing data</a> available)
+ In standard TCP, window sizes are in bytes, while in I2P, window sizes are in messages.
+</td></tr><tr><td>i2p.streaming.maxConcurrentStreams</td><td>-1 </td><td>(0 or negative value means unlimited)
+ This is a total limit for incoming and outgoing combined.
+</td></tr><tr><td>i2p.streaming.maxConnsPerMinute</td><td>0 </td><td>Incoming connection limit (per peer; 0 means disabled)
+ As of release 0.7.14.
+</td></tr><tr><td>i2p.streaming.maxConnsPerHour</td><td>0 </td><td>(per peer; 0 means disabled)
+ As of release 0.7.14.
+</td></tr><tr><td>i2p.streaming.maxConnsPerDay</td><td>0 </td><td>(per peer; 0 means disabled)
+ As of release 0.7.14.
+</td></tr><tr><td>i2p.streaming.maxMessageSize</td><td>1730</td><td>The MTU in bytes.
+</td></tr><tr><td>i2p.streaming.maxResends</td><td>8
+</td><td>
+ Maximum number of retransmissions before failure.
+</td></tr><tr><td>i2p.streaming.maxTotalConnsPerMinute</td><td>0 </td><td>Incoming connection limit (all peers; 0 means disabled)
+ As of release 0.7.14.
+</td></tr><tr><td>i2p.streaming.maxTotalConnsPerHour</td><td>0 </td><td>(all peers; 0 means disabled)
+ Use with caution as exceeding this will disable a server for a long time.
+ As of release 0.7.14.
+</td></tr><tr><td>i2p.streaming.maxTotalConnsPerDay</td><td>0 </td><td>(all peers; 0 means disabled)
+ Use with caution as exceeding this will disable a server for a long time.
+ As of release 0.7.14.
+</td></tr><tr><td>i2p.streaming.maxWindowSize</td><td>128
+</td></tr><tr><td>i2p.streaming.profile</td><td>1 (bulk)</td><td>(2=interactive not supported)
+ This doesn't currently do anything, but setting it to a value other than 1 will cause an error.
+</td></tr><tr><td>i2p.streaming.readTimeout</td><td>-1
+</td><td>
+ How long to block on read, in milliseconds. Negative means indefinitely.
+</td></tr><tr><td>i2p.streaming.slowStartGrowthRateFactor</td><td>1
+</td><td>
+ When we're in slow start, we grow the window size at the rate
+ of 1/(factor). In standard TCP, window sizes are in bytes,
+ while in I2P, window sizes are in messages.
+ A higher number means slower growth.
+</td></tr><tr><td>i2p.streaming.writeTimeout</td><td>-1
+</td><td>
+ How long to block on write/flush, in milliseconds. Negative means indefinitely.
+</td></tr>
+</table>
+
-<p>
-Another area for research is the interaction of the streaming lib with the
-NTCP and SSU transport layers.
-See <a href="ntcp.html">the NTCP page</a> for a discussion.
-</p>
-<h2>Packet Format</h2>
+<h2>Protocol Specification</h2>
+<h3>Packet Format</h3>
<p>
-Here is the format of a single packet transferred as part of a streaming connection.
+The format of a single packet in the streaming protocol is:
+<pre>
+
++----+----+----+----+----+----+----+----+
+| send Stream ID | rcv Stream ID |
++----+----+----+----+----+----+----+----+
+| sequence Num | ack Through |
++----+----+----+----+----+----+----+----+
+| nc | NACKs ...
++----+----+----+----+----+----+----+----+
+ | rd | flags | opt size| opt data
++----+----+----+----+----+----+----+----+
+ ... |
++----+----+----+----+----+----+----+----+
+| payload ...
++----+----+----+----//
+
+
+</pre>
+
<table>
<tr><th>Field<th>Length<th>Contents
-<tr><td>sendStreamId <td>4 byte value<td>Random number selected by the connection recipient
-and constant for the life of the connection.
-0 in the SYN message sent by the originator.
-<tr><td>receiveStreamId <td>4 byte value<td>Random number selected by the connection originator
+<tr><td>sendStreamId <td>4 byte <a href="common_structures_spec.html#type_Integer">Integer</a><td>Random number selected by the connection recipient
and constant for the life of the connection.
+0 in the SYN message sent by the originator, and in subsequent messages, until a SYN reply is received,
+containing the peer's stream ID.
-<tr><td>sequenceNum <td>4 byte unsigned integer<td>
+<tr><td>receiveStreamId <td>4 byte <a href="common_structures_spec.html#type_Integer">Integer</a><td>Random number selected by the connection originator
+and constant for the life of the connection. May be 0 if unknown, for example in a RESET packet.
+
+<tr><td>sequenceNum <td>4 byte <a href="common_structures_spec.html#type_Integer">Integer</a><td>
The sequence for this message, starting at 0 in the SYN message,
and incremented by 1 in each message except for plain ACKs and retransmissions.
-If the sequenceNum is 0 and the SYN is not set, this is a plain ACK
+If the sequenceNum is 0 and the SYN flag is not set, this is a plain ACK
packet that should not be ACKed.
-<tr><td>ackThrough <td>4 byte unsigned integer<td>
+<tr><td>ackThrough <td>4 byte <a href="common_structures_spec.html#type_Integer">Integer</a><td>
The highest packet sequence number that was received
on the receiveStreamId. This field is ignored on the initial
connection packet (where receiveStreamId is the unknown id) or
-if FLAG_NO_ACK is set.
+if the NO_ACK flag set.
All packets up to and including this sequence number are ACKed,
EXCEPT for those listed in NACKs below.
-<tr><td>number of NACKs <td>1 byte unsigned integer<td>
+<tr><td>NACK count<td>1 byte <a href="common_structures_spec.html#type_Integer">Integer</a><td>
+The number of 4-byte NACKs in the next field
-<tr><td>that many NACKs <td>n * 4 byte unsigned integers<td>
+<tr><td>NACKs <td>n * 4 byte <a href="common_structures_spec.html#type_Integer">Integers</a><td>
Sequence numbers less than ackThrough that are not yet received.
Two NACKs of a packet is a request for a 'fast retransmit' of that packet.
-<tr><td>resendDelay <td>1 byte unsigned integer<td>
+<tr><td>resendDelay<td>1 byte <a href="common_structures_spec.html#type_Integer">Integer</a><td>
How long is the creator of this packet going to wait before
resending this packet (if it hasn't yet been ACKed). The
value is seconds since the packet was created.
-Ignored on receive. Broken on send before release 0.7.8 (the sender did not divide by 1000,
-and the default is 1000 ms, so the included value was 1000 & 0xff = 0xe8 = 232 seconds.
+Currently ignored on receive.
<tr><td>flags <td>2 byte value<td>
See below.
-<tr><td>option data size <td>2 byte unsigned integer<td>
-See below.
+<tr><td>option size<td>2 byte <a href="common_structures_spec.html#type_Integer">Integer</a><td>
+The number of bytes in the next field
-<tr><td>option data specified by those flags <td>0 or more bytes<td>
-See below.
+<tr><td>option data<td>0 or more bytes<td>
+As specified by the flags. See below.
<tr><td>payload <td>remaining packet size<td>
</table>
+<h3>Flags and Option Data Fields</h3>
<p>The flags field above specifies some metadata about the packet, and in
turn may require certain additional data to be included. The flags are
-as follows (with any data structures specified added to the options area
-in the given order):</p>
+as follows. Any data structures specified must be added to the options area
+in the given order.</p>
+<p>
+Bit order: 15....0 (15 is MSB)
+</p>
<table>
-<tr><th>Bit Number<th>Flag<th>Option Data<th>Function
-<tr><td>0<td>FLAG_SYNCHRONIZE<td>no option data<td>
-Similar to TCP SYN.
-<tr><td>1<td>FLAG_CLOSE<td>no option data<td>
-Similar to TCP FIN. If the response to a SYN fits in a single message, the response
-will contain both FLAG_SYNCHRONIZE and FLAG_CLOSE.
-<tr><td>2<td>FLAG_RESET<td>no option data<td>
+<tr><th>Bit<th>Flag<th>Option Data<th>Function
+<tr><td>0<td>SYNCHRONIZE<td align="center">--<td>
+Similar to TCP SYN. Set in the initial packet and in the first response.
+<tr><td>1<td>CLOSE<td align="center">--<td>
+Similar to TCP FIN. If the response to a SYNCHRONIZE fits in a single message, the response
+will contain both SYNCHRONIZE and CLOSE.
+<tr><td>2<td>RESET<td align="center">--<td>
Abnormal close.
-<tr><td>3<td>FLAG_SIGNATURE_INCLUDED<td>40 bytes<td>net.i2p.data.Signature
-Typically sent only with FLAG_SYNCHRONIZE and FLAG_CLOSE, where it is required.
-If the signature is included, it uses the Destination's DSA key
-to sign the entire header and payload with the space in the options
+<tr><td>3<td>SIGNATURE_INCLUDED<td>40 byte <a href="common_structures_spec.html#type_Signature">DSA Signature</a>
+<td>
+Currently sent only with SYNCHRONIZE and CLOSE, where it is required.
+The signature uses the Destination's <a href="common_structures_spec.html#type_SigningPublicKey">DSA signing keys</a>
+to sign the entire header and payload with the 40-byte space in the option data field
for the signature being set to all zeroes.
-<tr><td>4<td>FLAG_SIGNATURE_REQUESTED<td>no option data<td>
-Unused. Requests every packet in the other direction to have FLAG_SIGNATURE_INCLUDED
-<tr><td>5<td>FLAG_FROM_INCLUDED<td>typ. 387 bytes<td>net.i2p.data.Destination
-Typically sent only with FLAG_SYNCHRONIZE.
-<tr><td>6<td>FLAG_DELAY_REQUESTED<td>2 byte integer<td>
+<tr><td>4<td>SIGNATURE_REQUESTED<td align="center">--<td>
+Unused. Requests every packet in the other direction to have SIGNATURE_INCLUDED
+<tr><td>5<td>FROM_INCLUDED<td>387+ byte <a href="common_structures_spec.html#struct_Destination">Destination</a>
+<td>
+Currently sent only with SYNCHRONIZE, where it is required.
+<tr><td>6<td>DELAY_REQUESTED<td>2 byte <a href="common_structures_spec.html#type_Integer">Integer</a><td>
Optional delay.
How many milliseconds the sender of this packet wants the recipient
to wait before sending any more data.
A value greater than 60000 indicates choking.
-<tr><td>7<td>FLAG_MAX_PACKET_SIZE_INCLUDED<td>2 byte integer<td>
-Sent with FLAG_SYNCHRONIZE or with a retransmission,
-could be optimized to only send with a SYN.
-<tr><td>8<td>FLAG_PROFILE_INTERACTIVE<td>no option data<td>
-Apparently unused or ignored
-<tr><td>9<td>FLAG_ECHO<td>no option data<td>
+<tr><td>7<td>MAX_PACKET_SIZE_INCLUDED<td>2 byte <a href="common_structures_spec.html#type_Integer">Integer</a><td>
+Currently sent with SYNCHRONIZE only.
+Was also sent in retransmitted packets until release 0.9.1.
+<tr><td>8<td>PROFILE_INTERACTIVE<td align="center">--<td>
+Unused or ignored; the interactive profile is unimplemented.
+<tr><td>9<td>ECHO<td align="center">--<td>
Unused except by ping programs
-<tr><td>10<td>FLAG_NO_ACK<td>no option data<td>
-Apparently unused, an ACK is always included.
+<tr><td>10<td>NO_ACK<td align="center">--<td>
This flag simply tells the recipient to ignore the ackThrough field in the header.
+Currently unused, the ackThrough field is always valid.
<tr><td>11-15<td>unused<td><td>
</table>
+<h2>Implementation Details</h2>
+<h3>Setup</h3>
+<p>
+The initiator sends a packet with the SYNCHRONIZE flag set. This packet may contain the initial data as well.
+The peer replies with a packet with the SYNCHRONIZE flag set. This packet may contain the initial response data as well.
+</p>
+<p>
+The initiator may send additional data packets, up to the initial window size, before receiving the SYNCHRONIZE response.
+These packets will also have the send Stream ID field set to 0.
+Recipients must buffer packets received on unknown streams for a short period of time, as they may
+arrive out of order, in advance of the SYNCHRONIZE packet.
+</p>
-<h2>Control Block Sharing</h2>
+<h3>MTU Selection and Negotiation</h3>
<p>
-As of release 0.7.1, the streaming lib supports "TCP" Control Block sharing.
+The maximum message size (also called the MTU / MRU) is negotiated to the lower value supported by
+the two peers. As tunnel messages are padded to 1KB, a poor MTU selection will lead to
+a large amount of overhead.
+The MTU is specified by the option i2p.streaming.maxMessageSize.
+The current default MTU of 1730 was chosen to fit precisely into two 1K I2NP tunnel messages,
+including overhead for the typical case.
+</p>
+<p>
+The first message in a connection includes a 387 byte (typical) Destination added by the streaming layer,
+and usually a 898 byte (typical) LeaseSet, and Session keys, bundled in the Garlic message by the router.
+(The LeaseSet and Session Keys will not be bundled if an ElGamal Session was previously established).
+Therefore, the goal of fitting a complete HTTP request in a single 1KB I2NP message is not always attainable.
+However, the selection of the MTU, together with careful implementation of fragmentation
+and batching strategies in the tunnel gateway processor, are important factors in network bandwidth,
+latency, reliability, and efficiency, especially for long-lived connections.
+</p>
+
+<h3>Data Integrity</h3>
+Data integrity is assured by the gzip CRC-32 checksum implemented in
+<a href="i2cp.html#format">the I2CP layer</a>.
+There is no checksum field in the streaming protocol.
+
+
+<h3>Packet Encapsulation</h3>
+Each packet is sent through I2P as a single message (or as an individual clove in a
+<a href="how_garlicrouting.html">Garlic Message</a>).
+Message encapsulation is implemented in the underlying
+<a href="i2cp.html">I2CP</a>,
+<a href="i2np.html">I2NP</a>, and
+<a href="tunnel_message_spec.html">tunnel message</a> layers.
+There is no packet delimiter mechanism or payload length field in the streaming protocol.
+
+
+<h3>Windowing</h3>
+<p>
+The streaming lib uses standard slow-start (exponential window growth) and congestion avoidance (linear window growth)
+phases, with exponential backoff.
+Windowing and acknowledgments use packet count, not byte count.
+</p>
+
+
+<h3>Close</h3>
+<p>
+Any packet, including one with the SYNCHRONIZE flag set, may have the CLOSE flag sent as well.
+The connection is not closed until the peer responds with the CLOSE flag.
+CLOSE packets may contain data as well.
+</p>
+
+
+<h3 id="sharing">Control Block Sharing</h3>
+<p>
+The streaming lib supports "TCP" Control Block sharing.
This shares two important streaming lib parameters
(window size and round trip time)
across connections to the same remote peer.
This is used for "temporal" sharing at connection open/close time,
-not "ensemble" sharing during a connection (See RFC 2140).
+not "ensemble" sharing during a connection (See
+<a href="http://www.ietf.org/rfc/rfc2140.txt">RFC 2140</a>).
There is a separate share per ConnectionManager (i.e. per local Destination)
so that there is no information leakage to other Destinations on the
same router.
+The share data for a given peer expires after a few minutes.
</p>
-<h2>Future Work and Proposals</h2>
+<h3 id="other">Other Parameters</h3>
+The following parameters are hardcoded, but may be of interest for analysis:
+<ul>
+<li>MIN_RESEND_DELAY = 2*1000 (minimum RTO)
+<li>MAX_RESEND_DELAY = 45*1000 (maximum RTO)
+<li>MIN_WINDOW_SIZE = 1
+<li>TREND_COUNT = 3
+<li>RTT_DAMPENING = 0.875
+<li>MIN_MESSAGE_SIZE = 512 (minimum MTU)
+<li>INBOUND_BUFFER_SIZE = maxMessageSize * (maxWindowSize + 2)
+<li>INITIAL_TIMEOUT = 1.5 * initialRTT
+<li>PASSIVE_FLUSH_DELAY = 250
+<li>Maximum RTT estimate: 60*1000
+</ul>
+</p>
+
+<h3>History</h3>
<p>
+The streaming library has grown organically for I2P - first mihi implemented the
+"mini streaming library" as part of I2PTunnel, which was limited to a window
+size of 1 message (requiring an ACK before sending the next one), and then it was
+refactored out into a generic streaming interface (mirroring TCP sockets) and the
+full streaming implementation was deployed with a sliding window protocol and
+optimizations to take into account the high bandwidth x delay product. Individual
+streams may adjust the maximum packet size and other options. The default
+message size is selected to fit precisely in two 1K I2NP tunnel messages,
+and is a reasonable tradeoff between the bandwidth costs of
+retransmitting lost messages, and the latency and overhead of multiple messages.
+</p>
+
+
+
+
+
+<h2 id="future">Future Work</h2>
+The behavior of the streaming library has a profound impact on
+application-level performance, and as such, is an important
+area for further analysis.
+<ul>
+<li>
+Additional tuning of the streaming lib parameters may be necessary.
+</li>
+<li>
+Another area for research is the interaction of the streaming lib with the
+NTCP and SSU transport layers.
+See <a href="ntcp_discussion.html">the NTCP discussion page</a> for details.
+</li>
+<li>
+The interaction of the routing algorithms with the streaming lib strongly affects performance.
+In particular, random distribution of messages to multiple tunnels in a pool
+leads to a high degree of out-of-order delivery which results in smaller window
+sizes than would otherwise be the case. The router currently routes
+messages for a single from/to destination pair through a consistent set
+of tunnels, until tunnel expiration or delivery failure. The router's
+failure and tunnel selection algorithms should be reviewed for possible
+improvements.
+</li>
+<li>
+The data in the first SYN packet may exceed the receiver's MTU.
+</li>
+<li>
+The DELAY_REQUESTED field could be used more.
+</li>
+<li>
+Duplicate initial SYNCHRONIZE packets on short-lived streams may not be recognized and removed.
+</li>
+<li>
+Don't send the MTU in a retransmission.
+</li>
+<li>
+ Data is sent along unless the outbound window is full.
+ (i.e. no-Nagle or TCP_NODELAY)
+ Probably should have a configuration option for this.
+</li>
+<li>
+zzz has added debug code to the streaming library to log packets in a wireshark-compatible
+(pcap) format; Use this to further analyze performance.
+The format may require enhancement to map more streaming lib parameters to TCP fields.
+</li>
+<li>
There are proposals to replace the streaming lib with standard TCP
(or perhaps a null layer together with raw sockets).
This would unfortunately be incompatible with the streaming lib
but it would be good to compare the performance of the two.
-</p>
+</li>
+</ul>
+
+
+
{% endblock %}
diff --git a/www.i2p2/pages/summerofcode-2011-end.html b/www.i2p2/pages/summerofcode-2011-end.html
new file mode 100644
index 0000000000000000000000000000000000000000..0dc9696c626dc6b4b14e1624fc3ad1c3a13bacd1
--- /dev/null
+++ b/www.i2p2/pages/summerofcode-2011-end.html
@@ -0,0 +1,24 @@
+{% extends "_layout.html" %}
+{% block title %}Ipredator Summer of Code{% endblock %}
+{% block content %}
+
+
+<p>itoopie and I2PControl are launching!</p>
+
+<p>I'm happy to announce that itoopie and I2PControl are available publicly.</p>
+
+<p>itoopie is a graphical interface intended as a compliment to the I2P Router Console.
+The aim of itoopie is to provide an interface that is simpler and has a lower lurning curve than the I2P Router Console.</p>
+
+<p>I2PControl is an I2P plugin providing a JSONRPC interface for the I2P router. The interface supports setting basic settings (bandwidth, ports etc.), reading many stats and is provided over an SSL encrypted HTTP connection.</p>
+
+<p>More information and instructions can be found at <a href="http://itoopie.net">itoopie.net</a>, <a href="http://itoopie.i2p.to">itoopie.i2p.to</a> (via proxy)and <a href="http://itoopie.i2p">itoopie.i2p</a> (anonymously).
+
+This project has been funded by the VPN services <a href="http://relakks.com">Relakks</a> & <a href="http://ipredator.se">Ipredator</a> and was initiated by Jan-Erik Fiske and <a href="http://twitter.com/#!/brokep">Peter Sunde</a>.
+
+<p>Thank you Jan-Erik and Peter,
+<br>// hottuna</p>
+{% endblock %}
+
+
+
diff --git a/www.i2p2/pages/summerofcode-2011.html b/www.i2p2/pages/summerofcode-2011.html
new file mode 100644
index 0000000000000000000000000000000000000000..9f39a577dcfceee6d8482e48566210bd333f9b86
--- /dev/null
+++ b/www.i2p2/pages/summerofcode-2011.html
@@ -0,0 +1,19 @@
+{% extends "_layout.html" %}
+{% block title %}ViaEuropa Summer of Code{% endblock %}
+{% block content %}
+
+
+<p>Ipredator Summer of Code</p>
+
+<p>
+I have been commissioned to contribute code to I2P during the summer of 2011, implementing a control protocol and a client for this protocol (similar to <a href="https://www.torproject.org/projects/vidalia.html">Vidalia</a> for Tor).
+This work was the idea of Jan-Erik Fiske of <a href="http://viaeuropa.se">ViaEuropa</a> and Peter Sunde of <a href="https://flattr.com">flattr</a> and <a href="http://thepiratebay.org/">The Pirate Bay</a> fame and its funding will be generously provided by <a href="https://www.relakks.com/?cid=gb">Relakks</a> and <a href="https://www.ipredator.se/?lang=en">Ipredator</a>.
+</p>
+
+<p>
+Current information can be found on <a href="http://zzz.i2p.to/topics/888">zzz's forum</a> and #i2p-dev on chat.freenode.net
+</p>
+
+<p>Cheers
+<br>// hottuna (or Robert)</p>
+{% endblock %}
diff --git a/www.i2p2/pages/summerofcode-2011_fr.html b/www.i2p2/pages/summerofcode-2011_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..0d0ab5effd8252b1b1d97164dcbf3be7739bcf7b
--- /dev/null
+++ b/www.i2p2/pages/summerofcode-2011_fr.html
@@ -0,0 +1,24 @@
+{% extends "_layout_fr.html" %}
+{% block title %}ViaEuropa Summer of Code{% endblock %}
+{% block content %}
+
+
+<p>Ipredator Summer of Code</p>
+
+<p>
+On m'a chargé de contribuer au code d'I2P pendant cet été 2011, pour élaborer un protocole de contrôle et un client pour
+ce protocole (semblable à <a href="https://www.torproject.org/projects/vidalia.html">Vidalia</a> pour Tor).
+Ce travail est l'idée de Jan-Erik Fiske de <a href="http://viaeuropa.se">ViaEuropa</a>, de Peter Sunde de
+<a href="https://flattr.com">flattr</a>. Gloire à <a href="http://thepiratebay.org/">The Pirate Bay</a> .
+Le financement est généreusement assuré par <a href="https://www.relakks.com/?cid=gb">Relakks</a> et
+<a href="https://www.ipredator.se/?lang=en">Ipredator</a>.
+</p>
+
+<p>
+Les informations actuelles sont disponibles sur le <a href="http://zzz.i2p.to/topics/888">forum de zzz</a> et #i2p-dev
+sur chat.freenode.net
+</p>
+
+<p>Ave I2P, codituri te salutant
+<br>// hottuna (ou Robert)</p>
+{% endblock %}
diff --git a/www.i2p2/pages/supported_applications.html b/www.i2p2/pages/supported_applications.html
new file mode 100644
index 0000000000000000000000000000000000000000..5839354d132bc9c0ed49ecf72d84a9eb3946a667
--- /dev/null
+++ b/www.i2p2/pages/supported_applications.html
@@ -0,0 +1,621 @@
+{% extends "_layout.html" %}
+{% block title %}Supported Applications{% endblock %}
+{% block content %}
+
+<h1 class="title">Supported Applications</h1>
+
+<div id="TOC">
+ <ul>
+ <li><a href="#blogging-and-forums">Blogging, Forums, and Wikis</a></li>
+
+ <li><a href="#decentralized-file-storage">Decentralized File
+ Storage</a></li>
+
+ <li>
+ <a href="#development-tools">Development Tools</a>
+
+ <ul>
+ <li><a href="#version-control">Version control</a></li>
+ </ul>
+ </li>
+
+ <li><a href="#domain-naming">Domain Naming</a></li>
+
+ <li><a href="#email">Email</a></li>
+
+ <li>
+ <a href="#file-sharing">File Sharing</a>
+
+ <ul>
+ <li><a href="#bittorrent-clients">BitTorrent clients</a></li>
+
+ <li><a href="#bittorrent-trackers-and-indexers">BitTorrent trackers
+ and indexers</a></li>
+
+ <li><a href="#ed2k">ED2K</a></li>
+
+ <li><a href="#gnutella">Gnutella</a></li>
+ </ul>
+ </li>
+
+ <li>
+ <a href="#network-administration">Network Administration</a>
+
+ <ul>
+ <li><a href="#general-purpose-socket-utilities">General-purpose
+ socket utilities</a></li>
+
+ <li><a href="#sshscpsftp">SSH/SCP/SFTP</a></li>
+ </ul>
+ </li>
+
+ <li>
+ <a href="#real-time-chat">Real-time Chat</a>
+
+ <ul>
+ <li><a href="#instant-messaging-clients">Instant messaging
+ clients</a></li>
+
+ <li><a href="#irc-clients">IRC clients</a></li>
+
+ <li><a href="#irc-servers">IRC servers</a></li>
+ </ul>
+ </li>
+
+ <li>
+ <a href="#web-browsing">Web Browsing</a>
+
+ <ul>
+ <li><a href="#anonymous-websites">Anonymous websites</a></li>
+
+ <li><a href="#proxy-software">Proxy software</a></li>
+
+ <li><a href="#inproxies">Inproxies</a></li>
+
+ <li><a href="#outproxies">Outproxies</a></li>
+ </ul>
+ </li>
+
+ <li>
+ <a href="#website-hosting">Website Hosting</a>
+
+ <ul>
+ <li><a href="#web-servers">Web servers</a></li>
+ </ul>
+ </li>
+ </ul>
+</div>
+
+<p>This is intended to be a comprehensive listing of applications used with
+I2P. If you know of something that's missing please submit a ticket on
+<a href="http://trac.i2p2.de/report//">Trac</a>, and be sure to select the
+“www†component in the submission form.</p>
+
+<p>Supported applications are tagged with one or more of the following:</p>
+
+<dl>
+ <dt><em>bundled</em></dt>
+
+ <dd>
+ <p><em>Bundled application</em> — I2P ships with a few officially
+ supported applications that let new users take immediate advantage of
+ some of I2P's more useful capabilities.</p>
+ </dd>
+
+ <dt><em>plugin</em></dt>
+
+ <dd>
+ <p><em>Third-party plugin</em> — I2P's plugin system provides convenient
+ deployment of I2P-enabled applications and allows tighter integration
+ with the router. Plugins are [reviewed by the community](<a href=
+ "http://plugins.i2p">http://plugins.i2p</a>) to identify security and
+ anonymity issues.</p>
+ </dd>
+</dl>
+
+<dl>
+ <dt><em>standalone, standalone/mod</em></dt>
+
+ <dd>
+ <p><em>Third-party standalone application</em> — Many standard network
+ applications only require careful setup and configuration to communicate
+ anonymously over I2P. These are tagged with <em>standalone</em>. Some
+ applications, tagged with <em>standalone/mod</em>, require patching to
+ function properly over I2P or to prevent inadvertent disclosure of
+ identifying information such as the user's hostname or external IP
+ address.</p>
+ </dd>
+
+ <dt><em>service</em></dt>
+
+ <dd>
+ <p><em>Third-party essential network service</em> — Services which on
+ the I2P network are analogous to those provided on the public Internet
+ by hosting providers, ISPs, and Google: eepsite indexes and jump
+ services, search engines, email, DNS-style name services, hosting,
+ proxies, etc. These services focus on boosting the usefulness of the
+ network as a whole, and making network content more discoverable.</p>
+ </dd>
+
+ <dt><em>unmaintained</em></dt>
+
+ <dd>
+ <p><em>Unmaintained</em> — This is used to tag plugins, applications,
+ and services which appear to be unmaintained and may be removed from
+ this listing in the future.</p>
+ </dd>
+</dl>
+
+<p><strong>Warning: Using an application, plugin, or service with I2P
+doesn't automatically protect your anonymity. I2P is merely a set of tools
+which can help you mitigate certain <a href="how_threatmodel">identified
+threats to anonymity</a>. We do not and cannot make any guarantees about the
+safety of the applications, plugins, and services listed below. Most
+applications and plugins must be properly configured, and some will need to
+be patched — and even then your anonymity might not be assured. Similarly,
+services could put your anonymity at risk, either by design or through
+carelessness on their part or your own.</strong></p>
+
+<p><strong>If you have doubts about the suitability of an application,
+plugin, or service for use with I2P, you are urged to inquire about privacy
+issues with its maintainers, to search its mailing lists and bug tracker if
+one exists, and consult trusted, knowledgeable members of the I2P
+community.</strong></p>
+
+<p><strong>Take responsibility for your own anonymity and safety — always
+seek expert advice, educate yourself, practice good judgment, be mindful of
+disclosing personally identifying information, and don't take
+shortcuts.</strong></p>
+
+<h3 id="blogging-and-forums"><a href="#TOC">Blogging, Forums, and Wikis</a></h3>
+
+<ul>
+ <!-- let's disable this for now, at least, since it's nearly impossible to
+ find configuration instructions; plus, there certainly isn't a plugin
+ available for this.
+ <li>
+ <p><a href="http://www.blojsom.com/blog/"><strong>Blojsom</strong></a> —
+ Lightweight blogging platform.
+ <sup><em>[plugin, standalone/mod]</em></sup></p>
+ </li>
+ -->
+
+ <li>
+ <p><a href="http://github.com/trevorturk/eldorado/"><strong>El
+ Dorado</strong></a> — Lightweight forum software.
+ <sup><em>[standalone/mod]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://pebble.sourceforge.net/"><strong>Pebble</strong></a>
+ — Another lightweight blogging platform.
+ <sup><em>[plugin, standalone/mod]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://www.phpbb.com/"><strong>phpBB</strong></a> — Most
+ popular open source forum software.
+ <sup><em>[standalone/mod]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://syndie.i2p2.de/"><strong>Syndie</strong></a> —
+ Distributed forums software, originally developed by jrandom.
+ <sup><em>[plugin, standalone, unmaintained]</em></sup></p>
+ </li>
+ <li>
+ <p><a href="http://jamwiki.org"><strong>JAMWiki</strong></a> —
+ A Java-based MediaWiki clone. No external database needed.
+ Plugin available <a href="http://plugins.i2p/plugins/jamwiki">here</a>.
+ <sup><em>[standalone, plugin]</em></sup></p>
+ </li>
+</ul>
+
+<h3 id="decentralized-file-storage"><a href="#TOC">Decentralized File
+Storage</a></h3>
+
+<ul>
+ <li><a href=
+ "http://killyourtv.i2p/tahoe-lafs/"><strong>Tahoe-LAFS-I2P</strong></a> — Port
+ of the <a href="http://tahoe-lafs.org/"><strong>Tahoe-LAFS</strong></a>
+ distributed file system to the I2P network. Controller plugin <a href=
+ "http://stats.i2p/i2p/plugins/">here</a>.
+ <sup><em>[plugin, standalone]</em></sup></li>
+</ul>
+
+<h3 id="development-tools"><a href="#TOC">Development Tools</a></h3>
+
+<h4 id="version-control"><a href="#TOC">Version control</a></h4>
+
+<ul>
+ <li>
+ <p><a href="http://git-scm.com/"><strong>Git</strong></a> — Most popular
+ distributed version control system. <sup><em>[standalone]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://monotone.ca/"><strong>Monotone</strong></a> — Another
+ distributed version control system. Currently <a href=
+ "monotone.html">used in I2P development</a>.
+ <sup><em>[standalone]</em></sup></p>
+ </li>
+</ul>
+
+<h3 id="domain-naming"><a href="#TOC">Domain Naming</a></h3>
+
+<ul>
+ <li><a href="http://127.0.0.1:7657/susidns/"><strong>susidns</strong></a>
+ — Provides management of addressbooks, which are part of a simple,
+ user-controlled <a href="naming.html">I2P naming system</a> somewhat
+ analogous to the Internet's Domain Name System (DNS). Addressbooks map
+ Base64 destinations to short, usually human-readable “domain†names ending
+ with a .i2p suffix which the I2P router's HTTP client can resolve back to
+ Base64 addresses. (<em>Note:</em> While Base64 destinations are globally
+ unique, addressbook “domain†names only resolve to unique destinations
+ locally.) <sup><em>[bundled]</em></sup></li>
+</ul>
+
+<h3 id="email"><a href="#TOC">Email</a></h3>
+
+<ul>
+ <li>
+ <p><a href="http://i2pbote.i2p/"><strong>I2P-Bote</strong></a> —
+ Serverless peer-to-peer email application using a distributed hash table
+ (DHT) for secure mail storage. <sup><em>[plugin]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://hq.postman.i2p/"><strong>Postman's anonymous email
+ service</strong></a> — Provides email service within the I2P network via
+ @mail.i2p addresses, and email gateway service between the I2P network
+ and the public Internet via @i2pmail.org addresses. One of the oldest
+ continuous services on I2P. <sup><em>[service]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href=
+ "http://127.0.0.1:7657/susimail/susimail"><strong>susimail</strong></a>
+ — Simple web browser-based email interface. Configured to use Postman's
+ email service by default. <sup><em>[bundled]</em></sup></p>
+ </li>
+</ul>
+
+<h3 id="file-sharing"><a href="#TOC">File Sharing</a></h3>
+
+<h4 id="bittorrent-clients"><a href="#TOC">BitTorrent clients</a></h4>
+
+<ul>
+ <li>
+ <p><a href=
+ "http://127.0.0.1:7657/i2psnark/"><strong>I2PSnark</strong></a> — I2P's
+ integrated BitTorrent client. <sup><em>[bundled]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href=
+ "http://forum.i2p/viewtopic.php?t=4532"><strong>I2PSnarkXL</strong></a>
+ — Modified version of I2PSnark. <sup><em>[standalone]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://bob.i2p/Robert.html"><strong>Robert</strong></a> — a
+ fork of rufus that uses the Basic Open Bridge (BOB) and has many
+ improvements, including using the latest wxwidgets and python. It also
+ supports use of seedless if installed for trackerless torrents and
+ magnet-link like fetching of torrents within i2p.
+ <sup><em>[standalone]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href=
+ "http://www.transmissionbt.com/"><strong>Transmission</strong></a> —
+ Clean, full-featured cross-platform BitTorrent client with official
+ ports for several GUI toolkits. <sup><em>[standalone/mod]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://www.vuze.com/"><strong>Azureus/Vuze</strong></a> —
+ Had a built-in I2P transport for a while.
+ <sup><em>[standalone, unmaintained]</em></sup></p>
+ </li>
+</ul>
+
+<h4 id="bittorrent-trackers-and-indexers"><a href="#TOC">BitTorrent trackers
+and indexers</a></h4>
+
+<p>For a detailed feature comparison of I2P-enabled trackers/indexers, see
+<a href="http://zzz.i2p/files/trackers.html">here</a>.</p>
+
+<ul>
+ <li>
+ <p><a href=
+ "http://echelon.i2p/tracker/"><strong>Bytemonsoon</strong></a> — The
+ code that powered one of the first major tracker/indexer sites on the
+ Internet. Patched for I2P. <sup><em>[standalone/mod]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href=
+ "http://erdgeist.org/arts/software/opentracker/"><strong>opentracker</strong></a>
+ — Lightweight tracker/indexer. I2P mod available in the i2p.opentracker
+ branch of the <a href="newdevelopers.html">I2P Monotone repository</a>.
+ <sup><em>[standalone/mod]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://stats.i2p/i2p/plugins/"><strong>zzzot</strong></a> —
+ <a href="http://zzz.i2p/">zzz's</a> Java-based open tracker. More info
+ <a href="http://zzz.i2p/topics/598?page=1#p2085">here</a>.
+ <sup><em>[plugin]</em></sup></p>
+ </li>
+</ul>
+
+<h4 id="ed2k"><a href="#TOC">ED2K</a></h4>
+
+<ul>
+ <li><a href=
+ "http://forum.i2p/viewtopic.php?t=2213"><strong>iMule</strong></a> — I2P
+ port of the aMule ED2K client. <sup><em>[standalone]</em></sup></li>
+</ul>
+
+<h4 id="gnutella"><a href="#TOC">Gnutella</a></h4>
+
+<ul>
+ <li>
+ <p><a href=
+ "http://forum.i2p/viewforum.php?f=25"><strong>I2Phex</strong></a> — Port
+ of the <a href="http://www.phex.org/">Phex</a> Gnutella client. Website
+ for plugin version <a href="http://stats.i2p/i2p/plugins/">here</a>.
+ <sup><em>[plugin, standalone]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href=
+ "http://forum.i2p/viewtopic.php?p=9486#9486"><strong>jwebcache</strong></a>
+ — Cache for Gnutella peers on I2P. Website for plugin version <a href=
+ "http://stats.i2p/i2p/plugins/">here</a>.
+ <sup><em>[plugin, standalone]</em></sup></p>
+ </li>
+</ul>
+
+<h3 id="network-administration"><a href="#TOC">Network
+Administration</a></h3>
+
+<h4 id="general-purpose-socket-utilities"><a href="#TOC">General-purpose
+socket utilities</a></h4>
+
+<ul>
+ <li>
+ <p><a href="http://nc110.sourceforge.net/"><strong>netcat</strong></a> —
+ Unix standard tool for socket relaying. Several clones, ports, and forks
+ have appeared over the years. <sup><em>[standalone]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href=
+ "http://www.dest-unreach.org/socat/"><strong>socat</strong></a> — Like
+ netcat but more powerful. <sup><em>[standalone]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://tsocks.sourceforge.net/"><strong>tsocks</strong></a>
+ — Proxy providing simple, transparent SOCKS-ification of network
+ applications. <sup><em>[standalone]</em></sup></p>
+ </li>
+</ul>
+
+<h4 id="sshscpsftp"><a href="#TOC">SSH/SCP/SFTP</a></h4>
+
+<ul>
+ <li>
+ <p><a href="http://www.openssh.com/"><strong>OpenSSH</strong></a> — Most
+ popular implementation of the Secure Shell (SSH) protocol and related
+ tools. <sup><em>[standalone]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href=
+ "http://www.chiark.greenend.org.uk/~sgtatham/putty/"><strong>PuTTY</strong></a>
+ — Open source Secure Shell (SSH) client for Windows.
+ <sup><em>[standalone]</em></sup></p>
+ </li>
+</ul>
+
+<h3 id="real-time-chat"><a href="#TOC">Real-time Chat</a></h3>
+
+<h4 id="instant-messaging-clients"><a href="#TOC">Instant messaging
+clients</a></h4>
+
+<ul>
+ <li><a href="http://forum.i2p/viewtopic.php?t=2474"><strong>I2P
+ Messenger</strong></a> — IM client with multiple incarnations.
+ <sup><em>[standalone]</em></sup></li>
+</ul>
+
+<h4 id="irc-clients"><a href="#TOC">IRC clients</a></h4>
+
+<p>Many IRC clients leak identifying information to servers or other
+clients, so I2P's IRC and SOCKS IRC client tunnels filter certain inbound
+and outbound messages to scrub data such as LAN IP addresses, external IP
+addresses, local hostnames, and the name and version of the IRC client. Two
+message types in particular, DCC and CTCP, can't be sufficiently anonymized
+without changes to the protocols or to IRC client/server code, so they are
+completely blocked, except for CTCP ACTION (the message emitted by the
+<code>/me</code> command) which isn't inherently dangerous.</p>
+
+<p>I2P's IRC filtering may not cover every possible leak — users should also
+check if their client is sending their real name or local username. Packet
+sniffers such as <a href="http://www.wireshark.org/">Wireshark</a> are
+useful here. Eliminating remaining leaks may be as simple as changing the
+client's default configuration. If that doesn't help, inform the I2P
+developers; they may be able to solve it via additional filtering.</p>
+
+<ul>
+ <li>
+ <p><a href="http://jircii.dashnine.org/"><strong>jIRCii</strong></a> —
+ Small Java-based IRC client. Plugin available <a href=
+ "http://stats.i2p/i2p/plugins/">here</a>.
+ <sup><em>[plugin, standalone]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://xchat.org/"><strong>XChat</strong></a> —
+ Cross-platform graphical IRC client.
+ <sup><em>[standalone]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://www.irssi.org/"><strong>irssi</strong></a> — Unixy
+ terminal-based IRC client. <sup><em>[standalone]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://www.weechat.org/"><strong>WeeChat</strong></a> —
+ Another Unixy terminal-based IRC client.
+ <sup><em>[standalone]</em></sup></p>
+ </li>
+</ul>
+
+<h4 id="irc-servers"><a href="#TOC">IRC servers</a></h4>
+
+<ul>
+ <li>
+ <p><a href=
+ "http://ngircd.barton.de/index.php.en"><strong>ngIRCd</strong></a> — IRC
+ server developed from scratch. <sup><em>[standalone/mod]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://www.unrealircd.com/"><strong>UnrealIRCd</strong></a>
+ — Most popular IRC server. <sup><em>[standalone/mod]</em></sup></p>
+ </li>
+</ul>
+
+<h3 id="web-browsing"><a href="#TOC">Web Browsing</a></h3>
+
+<h4 id="anonymous-websites"><a href="#TOC">Anonymous websites</a></h4>
+
+<ul>
+ <li>
+ <p><strong>Eepsites</strong> — Any website hosted anonymously on I2P,
+ reachable through the I2P router's HTTP proxy.
+ <sup><em>[service]</em></sup></p>
+ </li>
+
+ <li>
+ <p><strong>Deepsites</strong> — Distributed anonymous websites hosted
+ using Tahoe-LAFS-I2P, currently only reachable with Tahoe-LAFS-I2P
+ clients or through the Tahoe-LAFS-I2P HTTP proxy.
+ <sup><em>[service]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://i2host.i2p/"><strong>i2host.i2p</strong></a> —
+ Website for <a href="http://sponge.i2p/">sponge's</a> jump service.
+ Source code available. <sup><em>[service]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://i2jump.i2p/"><strong>i2jump.i2p</strong></a> —
+ Another jump service. <sup><em>[service]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://perv.i2p/"><strong>perv.i2p</strong></a> —
+ Dynamically updated eepsite index. <sup><em>[service]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://stats.i2p/"><strong>stats.i2p</strong></a> — Website
+ for <a href="http://zzz.i2p/">zzz's</a> jump service.
+ <sup><em>[service]</em></sup></p>
+ </li>
+</ul>
+
+<h4 id="proxy-software"><a href="#TOC">Proxy software</a></h4>
+
+<ul>
+ <li>
+ <p><a href=
+ "http://www.pps.jussieu.fr/~jch/software/polipo/"><strong>Polipo</strong></a>
+ — SOCKS-enabled caching web proxy with basic filtering capabilities.
+ <sup><em>[standalone]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://www.privoxy.org/"><strong>Privoxy</strong></a> —
+ Privacy-focused non-caching web proxy with advanced filtering
+ capabilities. Excels at removing ads and other junk.
+ <sup><em>[standalone]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://www.squid-cache.org/"><strong>Squid</strong></a> —
+ Venerable caching web proxy. <sup><em>[standalone]</em></sup></p>
+ </li>
+</ul>
+
+<h4 id="inproxies"><a href="#TOC">Inproxies</a></h4>
+
+<p>Gateways allowing users on the public Internet to access eepsites.</p>
+
+<ul>
+ <li><a href="http://i2p.to/"><strong>i2p.to</strong></a> — <a href=
+ "http://tino.i2p/">tino's</a> inproxy on the public Internet.
+ <sup><em>[service]</em></sup></li>
+</ul>
+
+<h4 id="outproxies"><a href="#TOC">Outproxies</a></h4>
+
+<p>Gateways allowing I2P users to access content hosted on the public
+Internet.</p>
+
+<ul>
+ <li><a href="http://false.i2p/"><strong>false.i2p</strong></a> — Publicly
+ advertised outproxy running Squid, located in Germany.
+ <sup><em>[service]</em></sup></li>
+</ul>
+
+<h3 id="website-hosting"><a href="#TOC">Website Hosting</a></h3>
+
+<ul>
+ <li><a href="http://jetty.codehaus.org/jetty/"><strong>Jetty</strong></a>
+ — Lightweight web server and Java servlet container. I2P is tightly
+ integrated with a bundled copy of Jetty which by default is configured to
+ host the <a href="http://127.0.0.1:7658/">user's eepsite</a>. The bundled
+ Jetty also serves the I2P router console and web applications bundled with
+ I2P. <sup><em>[bundled, standalone]</em></sup></li>
+</ul>
+
+<h4 id="web-servers"><a href="#TOC">Web servers</a></h4>
+
+<p>In addition to Jetty, any web server should function over I2P without
+modification so long as it's HTTP-compliant. Some web servers known to
+currently serve content on the I2P network are:</p>
+
+<ul>
+ <li>
+ <p><a href="http://httpd.apache.org/"><strong>Apache HTTP
+ Server</strong></a> — Most popular web server on the public WWW.
+ <sup><em>[standalone]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://tomcat.apache.org/"><strong>Apache
+ Tomcat</strong></a> — Web server and Java servlet container. More
+ features than Jetty. <sup><em>[standalone]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://www.lighttpd.net/"><strong>lighttpd</strong></a> —
+ Fast lightweight web server. <sup><em>[standalone]</em></sup></p>
+ </li>
+
+ <li>
+ <p><a href="http://www.nginx.org/"><strong>nginx</strong></a> —
+ High-performance lightweight web server.
+ <sup><em>[standalone]</em></sup></p>
+ </li>
+</ul>
+<!-- vim: set noai nosi ft=html tw=79 et sw=4 ts=4 spell spelllang=en: -->
+{% endblock %}
diff --git a/www.i2p2/pages/team.html b/www.i2p2/pages/team.html
index 64e8d36c3ad79d0a74ad8ffc140173c02c950376..442e8cba52750cabfb404dbe1aad788dfd31a7c5 100644
--- a/www.i2p2/pages/team.html
+++ b/www.i2p2/pages/team.html
@@ -10,7 +10,7 @@ network.
<table border="0">
<tr>
- <td valign="top" rowspan="15"><b>Admin</b></td>
+ <td valign="top" rowspan="17"><b>Admin</b></td>
<td valign="top"><b>Project Manager</b></td>
<td valign="top">zzz</td>
<td valign="top"><i>point of contact of last resort</i></td>
@@ -27,7 +27,7 @@ network.
</tr>
<tr>
<td valign="top"><b><a href="http://forum.i2p/">Forum</a> admin</b></td>
- <td valign="top">cervantes, smeghead</td>
+ <td valign="top">cervantes</td>
<td valign="top"><i>manage the public user forum</i></td>
</tr>
<tr>
@@ -42,17 +42,22 @@ network.
</tr>
<tr>
<td valign="top"><b>Packager; Linux</b></td>
- <td valign="top">smeghead</td>
- <td valign="top"><i>Linux distribution packager</i></td>
+ <td valign="top">KillYourTV</td>
+ <td valign="top"><i>Linux (Debian/Ubuntu) distribution packager</i></td>
</tr>
<tr>
<td valign="top"><b>Packager; Windows</b></td>
- <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top">KillYourTV</td>
<td valign="top"><i>Windows installer packager</i></td>
</tr>
+<tr>
+ <td valign="top"><b>Release Manager</b></td>
+ <td valign="top">zzz</td>
+ <td valign="top"><i>Builds and signs the releases</i></td>
+</tr>
<tr>
<td valign="top"><b>Reseed admin</b></td>
- <td valign="top" style="color:blue">_sw_rhpsdy</td>
+ <td valign="top">_sw_rhpsdy</td>
<td valign="top"><i>monitors, recruits and maintains reseed list</i></td>
</tr>
<tr>
@@ -62,11 +67,11 @@ network.
</tr>
<tr>
<td valign="top"><b>User Advocate</b></td>
- <td valign="top">dr|z3d</td>
+ <td valign="top" style="color:blue">[vacant]</td>
<td valign="top"><i>gather, prioritize, advocate for user needs</i></td>
</tr>
<tr>
- <td valign="top"><b>Webdesigner</b></td>
+ <td valign="top"><b>Web Designer</b></td>
<td valign="top" style="color:blue">[vacant]</td>
<td valign="top"><i>manage the public project website content design</i></td>
</tr>
@@ -77,9 +82,14 @@ network.
</tr>
<tr>
<td valign="top"><b><a href="http://www.i2p2.i2p/">Website</a> admin</b></td>
- <td valign="top">duck</td>
+ <td valign="top" style="color:blue">[vacant]</td>
<td valign="top"><i>manage the public project website content</i></td>
</tr>
+<tr>
+ <td valign="top"><b>News Admin</b></td>
+ <td valign="top">eche|on</td>
+ <td valign="top"><i>manage router console news feed</i></td>
+</tr>
<tr>
<td valign="top"><b>Director of passion</b></td>
<td valign="top" style="color:blue">[vacant]</td>
@@ -87,18 +97,18 @@ network.
</tr>
<tr><td colspan="4"><hr /></td></tr>
<tr>
- <td valign="top" rowspan="16"><b>Dev</b></td>
+ <td valign="top" rowspan="25"><b>Dev</b></td>
<td valign="top"><b>Core Lead</b></td>
<td valign="top">zzz</td>
<td valign="top"><i>lead dev for the SDK and router</i></td>
</tr>
<tr>
- <td valign="top"><b><a href="http://www.postman.i2p/">I2P mail</a> lead</b></td>
+ <td valign="top"><b><a href="http://hq.postman.i2p/">I2P mail</a> lead</b></td>
<td valign="top">postman</td>
<td valign="top"><i>organize and develop the i2p mail system</i></td>
</tr>
<tr>
- <td valign="top"><b><a href="http://i2host.i2p/">Addressbook</a> lead</b></td>
+ <td valign="top"><b><a href="http://i2host.i2p/">I2Host</a> lead</b></td>
<td valign="top">sponge</td>
<td valign="top"><i>I2Host addressbook application</i></td>
</tr>
@@ -117,39 +127,76 @@ network.
<td valign="top">sponge</td>
<td valign="top"><i>Robert BitTorrent client</i></td>
</tr>
+<tr>
+ <td valign="top"><b><a href="http://forum.i2p2.de/viewforum?f=25">I2Phex</a> lead</b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>I2Phex Gnutella client</i></td>
+</tr>
<tr>
<td valign="top"><b><a href="http://forum.i2p2.de/viewforum?f=21">I2PSnark</a> lead</b></td>
<td valign="top">zzz</td>
<td valign="top"><i>Maintains the integrated Bittorrent client</i></td>
</tr>
+<tr>
+ <td valign="top"><b><a href="http://forum.i2p2.de/viewforum?f=30">iMule</a> lead</b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>eMule client over I2P</i></td>
+</tr>
<tr>
<td valign="top"><b><a href="http://forum.i2p2.de/viewforum?f=29">Syndie</a> lead</b></td>
- <td valign="top">welterde</td>
+ <td valign="top" style="color:blue">[vacant]</td>
<td valign="top"><i>Syndie development</i></td>
</tr>
<tr>
- <td valign="top" rowspan="5"><b>Console Translations</b></td>
+ <td valign="top"><b>Susimail lead</b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>Susimail development</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Console</b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>Router console HTML/CSS design</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>SAM</b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>SAM maintainer</i></td>
+</tr>
+<tr>
+ <td valign="top" rowspan="8"><b>Console Translations</b></td>
<td valign="top">walking</td>
- <td valign="top"><i>Chinese, tagging support</i></td>
+ <td valign="top"><i>Chinese</i></td>
</tr>
<tr>
<td valign="top">monkeybrains</td>
<td valign="top"><i>Dutch</i></td>
</tr>
<tr>
- <td valign="top">neutron</td>
+ <td valign="top" style="color:blue">magma</td>
<td valign="top"><i>French</i></td>
</tr>
<tr>
- <td valign="top">eche|on</td>
+ <td valign="top">eche|on, mixxy</td>
<td valign="top"><i>German</i></td>
</tr>
<tr>
- <td valign="top">rus, 4get</td>
+ <td valign="top">rus, 4get, slow</td>
<td valign="top"><i>Russian</i></td>
</tr>
<tr>
- <td valign="top" rowspan="3"><b>Contributors</b></td>
+ <td valign="top">user</td>
+ <td valign="top"><i>Spanish</i></td>
+</tr>
+<tr>
+ <td valign="top">thelastcode, hamada</td>
+ <td valign="top"><i>Arabic</i></td>
+</tr>
+<tr>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>Other languages</i></td>
+</tr>
+<tr>
+ <td valign="top" rowspan="4"><b>Contributors</b></td>
<td valign="top">cervantes</td>
<td valign="top"><i>fire2pe dev, console enhancements</i></td>
</tr>
@@ -157,13 +204,18 @@ network.
<td valign="top">Mathiasdm</td>
<td valign="top"><i>desktopgui, dijjer port</i></td>
</tr>
+<tr>
+ <td valign="top">KillYourTV</td>
+ <td valign="top"><i>Debian/Ubuntu Packager and PPA maintainer</i></td>
+</tr>
+
<tr style="color:blue">
<td valign="top">[vacant]</td>
<td valign="top"><i>Help needed on many fronts!</i></td>
</tr>
<tr><td colspan="4"><hr /></td></tr>
<tr>
- <td valign="top" rowspan="30" colspan="2"><b>Past contributors</b></td>
+ <td valign="top" rowspan="32" colspan="2"><b>Past contributors</b></td>
<td valign="top">mihi</td>
<td valign="top"><i>I2PTunnel development, ministreaming library</i></td>
</tr>
@@ -283,5 +335,13 @@ network.
<td valign="top">DrWoo</td>
<td valign="top"><i>i2p-bt tracker development</i></td>
</tr>
+<tr>
+ <td valign="top">dr|z3d</td>
+ <td valign="top"><i>Console and website themes</i></td>
+</tr>
+<tr>
+ <td valign="top">and many others ...</td>
+ <td valign="top"><i></i></td>
+</tr>
</table>
{% endblock %}
diff --git a/www.i2p2/pages/team_de.html b/www.i2p2/pages/team_de.html
index 5e2849d807cb6d30038a0c490cf7d9546deff935..c62c75d72207e85505d40edb24e0f428072de13b 100644
--- a/www.i2p2/pages/team_de.html
+++ b/www.i2p2/pages/team_de.html
@@ -3,7 +3,7 @@
{% block content %}
<h1>I2P Project Members</h1>
<p>Wir sind eine kleine Gruppe von Leuten, die über verschiedene
-Kontinente verteilt ist, die an verschiedenen Aspekten des Projektes arbeiten und
+Kontinente verteilt sind, an verschiedenen Aspekten des Projektes arbeiten und
das Design des Netzwerkes diskutieren.
<a href="getinvolved_de.html">Beteilige dich!</a>
</p>
@@ -11,27 +11,27 @@ das Design des Netzwerkes diskutieren.
<table border="0">
<tr>
<td valign="top" rowspan="5"><b>Admin</b></td>
- <td valign="top"><b>Projekt Manager</b></td>
+ <td valign="top"><b>Projektmanager</b></td>
<td valign="top">zzz</td>
<td valign="top"><i>Letzte Entscheidungsinstanz</i></td>
</tr>
<tr>
- <td valign="top"><b>Geldverwalter</b></td>
+ <td valign="top"><b>Schatzmeister</b></td>
<td valign="top">eche|on</td>
<td valign="top"><i>verwaltet Spenden/Accounts/Belohnungen</i></td>
</tr>
<tr>
<td valign="top"><b>Vertreter der Anwender</b></td>
<td valign="top">dr|z3d</td>
- <td valign="top"><i>sammeln, sortieren und vorschlagen der Wünsche der Anwender</i></td>
+ <td valign="top"><i>sammelt und sortiert Wünsche der Anwender</i></td>
</tr>
<tr>
- <td valign="top"><b><a href="http://forum.i2p/">Forum</a> guru</b></td>
+ <td valign="top"><b><a href="http://forum.i2p/">Forum</a>guru</b></td>
<td valign="top">cervantes</td>
- <td valign="top"><i>verwalten des öffentlichen Forums</i></td>
+ <td valign="top"><i>verwaltet das öffentliche Forum</i></td>
</tr>
<tr>
- <td valign="top"><b><a href="http://www.i2p2.i2p/">Webseiten</a> Guru</b></td>
+ <td valign="top"><b><a href="http://www.i2p2.i2p/">Webseiten</a>guru</b></td>
<td valign="top">welterde</td>
<td valign="top"><i>betreibt und verwaltet die öffentliche Projektwebsite</i></td>
</tr>
@@ -43,118 +43,122 @@ das Design des Netzwerkes diskutieren.
<td valign="top"><i>Hauptentwickler für das SDK und den Router</i></td>
</tr>
<tr>
- <td valign="top"><b><a href="http://www.postman.i2p/">I2P mail</a> Kopf</b></td>
+ <td valign="top"><b><a href="http://www.postman.i2p/">I2P mail</a>-Hauptentwickler</b></td>
<td valign="top">postman</td>
- <td valign="top"><i>organisieren und entwicklen des i2p mail Systemes</i></td>
+ <td valign="top"><i>organisiert und entwicklt das I2P-Mail-System</i></td>
</tr>
<tr>
- <td valign="top"><b><a href="http://i2host.i2p/">Adressbuch</a> Kopf</b></td>
+ <td valign="top"><b><a href="http://i2host.i2p/">Adressbuch</a>-Hauptentwickler</b></td>
<td valign="top">sponge</td>
<td valign="top"><i>I2Host Adressbuchanwendung</i></td>
</tr>
<tr>
- <td valign="top"><b><a href="http://forum.i2p2.de/viewforum?f=25">I2Phex</a> Kopf</b></td>
+ <td valign="top"><b><a href="http://forum.i2p2.de/viewforum?f=25">I2Phex</a>-Hauptentwickler</b></td>
<td valign="top">Complication</td>
- <td valign="top"><i>I2Phex (Anpassung von Phex auf I2P)</i></td>
+ <td valign="top"><i>I2Phex (Anpassung von Phex für I2P)</i></td>
</tr>
<tr>
- <td valign="top"><b><a href="http://forum.i2p2.de/viewforum?f=21">I2PSnark</a> Kopf</b></td>
+ <td valign="top"><b><a href="http://forum.i2p2.de/viewforum?f=21">I2PSnark</a>-Hauptentwickler</b></td>
<td valign="top">zzz</td>
- <td valign="top"><i>pflegt den integrierten bittorrent Klienten</i></td>
+ <td valign="top"><i>pflegt den integrierten BitTorrent-Klienten</i></td>
</tr>
<tr>
- <td valign="top"><b><a href="http://forum.i2p2.de/viewforum?f=30">iMule</a> Kopf</b></td>
+ <td valign="top"><b><a href="http://forum.i2p2.de/viewforum?f=30">iMule</a>-Hauptentwikckler</b></td>
<td valign="top">mkvore</td>
- <td valign="top"><i>iMule (amule Anpassung auf I2P)</i></td>
+ <td valign="top"><i>iMule (Portierung von amule für I2P)</i></td>
</tr>
<tr>
- <td valign="top"><b><a href="http://forum.i2p2.de/viewforum?f=29">Syndie</a> Kopf</b></td>
+ <td valign="top"><b><a href="http://forum.i2p2.de/viewforum?f=29">Syndie</a>-Hauptentwickler</b></td>
<td valign="top">welterde</td>
- <td valign="top"><i>Syndie Entwicklung</i></td>
+ <td valign="top"><i>Syndie-Entwicklung</i></td>
</tr>
<tr>
- <td valign="top" rowspan="4"><b>Console Translations</b></td>
+ <td valign="top" rowspan="4"><b>Übersetzungen der Konsole</b></td>
<td valign="top">walking</td>
- <td valign="top"><i>Chinese, tagging support</i></td>
+ <td valign="top"><i>Chinesisch, tagging support</i></td>
</tr>
<tr>
<td valign="top">neutron</td>
- <td valign="top"><i>French</i></td>
+ <td valign="top"><i>Französisch</i></td>
</tr>
<tr>
- <td valign="top">eche|on</td>
+ <td valign="top">eche|on, mixxy</td>
<td valign="top"><i>Deutsch</i></td>
</tr>
<tr>
<td valign="top">rus, 4get</td>
- <td valign="top"><i>Russian</i></td>
+ <td valign="top"><i>Russisch</i></td>
+</tr>
+<tr>
+ <td valign="top">user</td>
+ <td valign="top"><i>Spanisch</i></td>
</tr>
<tr>
<td valign="top" rowspan="3"><b>weitere Personen, die Quelltext gaben</b></td>
<td valign="top">Complication</td>
- <td valign="top"><i>Router Konsole, Support Guru, Syndie</i></td>
+ <td valign="top"><i>Routerkonsole, Supportguru, Syndie</i></td>
</tr>
<tr>
<td valign="top">cervantes</td>
- <td valign="top"><i>fire2pe dev, Konsole Erweiterungen</i></td>
+ <td valign="top"><i>fire2pe dev, Konsolenerweiterungen</i></td>
</tr>
<tr style="color:blue">
<td valign="top">[offene Stelle]</td>
- <td valign="top"><i>Hilfe wird auf vielen Fronten benötigt!</i></td>
+ <td valign="top"><i>Hilfe wird an vielen Fronten benötigt!</i></td>
</tr>
<tr><td colspan="4"><hr /></td></tr>
<tr>
<td valign="top" rowspan="27" colspan="2"><b>Bisherige Entwickler</b></td>
<td valign="top">mihi</td>
- <td valign="top"><i>I2PTunnel Entwicklung, ministreaming Bibliothek</i></td>
+ <td valign="top"><i>I2PTunnel-Entwicklung, ministreaming-Bibliothek</i></td>
</tr>
<tr>
<td valign="top">redzara</td>
- <td valign="top"><i>I2Phex arbeiten</i></td>
+ <td valign="top"><i>I2Phex-Arbeiten</i></td>
</tr>
<tr>
<td valign="top">striker</td>
- <td valign="top"><i>I2Phex arbeiten</i></td>
+ <td valign="top"><i>I2Phex-Arbeiten</i></td>
</tr>
<tr>
<td valign="top">legion</td>
- <td valign="top"><i>I2Phex arbeiten</i></td>
+ <td valign="top"><i>I2Phex-Arbeiten</i></td>
</tr>
<tr>
<td valign="top">Connely</td>
- <td valign="top"><i>Python SAM Bibliothek, Angriff Simulationen</i></td>
+ <td valign="top"><i>Python-SAM-Bibliothek, Angriffssimulationen</i></td>
</tr>
<tr>
<td valign="top">mastiejaner</td>
- <td valign="top"><i>i2pmail Entwicklung</i></td>
+ <td valign="top"><i>i2pmail-Entwicklung</i></td>
</tr>
<tr>
<td valign="top">dust</td>
- <td valign="top"><i>Syndie Hilfe</i></td>
+ <td valign="top"><i>Syndie-Hilfe</i></td>
</tr>
<tr>
<td valign="top">susi23</td>
- <td valign="top"><i>i2p mail,susimail und susidns Anwendungen</i></td>
+ <td valign="top"><i>i2p mail,susimail und susidns</i></td>
</tr>
<tr>
<td valign="top">sirup</td>
- <td valign="top"><i>I2Phex (Anpassung von Phex auf I2P)</i></td>
+ <td valign="top"><i>I2Phex (Anpassung von Phex für I2P)</i></td>
</tr>
<tr>
<td valign="top">Ragnarok</td>
- <td valign="top"><i>Adressbuch,i2p-bt,syndie Klient</i></td>
+ <td valign="top"><i>Adressbuch,i2p-bt,Syndie-Klient</i></td>
</tr>
<tr>
<td valign="top">duck</td>
- <td valign="top"><i>Organisieren und entwickeln der i2p-bt bittorrent Anpassung an I2P</i></td>
+ <td valign="top"><i>Organisieren und Entwickeln der i2p-bt-Anpassung an I2P, Portierung Tahoe-LAFs für I2P</i></td>
</tr>
<tr>
<td valign="top">Ragnarok</td>
- <td valign="top"><i>Adressbuch, i2p-bt, syndie Klient Entwicklung</i></td>
+ <td valign="top"><i>Adressbuch, i2p-bt, Syndie-Klient</i></td>
</tr>
<tr>
<td valign="top">thecrypto</td>
- <td valign="top"><i>Verschlüsselungs und Signierroutinen, I2PIM</i></td>
+ <td valign="top"><i>Verschlüsselungs- und Signierroutinen, I2PIM</i></td>
</tr>
<tr>
<td valign="top">aum</td>
@@ -162,15 +166,15 @@ das Design des Netzwerkes diskutieren.
</tr>
<tr>
<td valign="top">hypercubus</td>
- <td valign="top"><i>Installer, systray, bogobot</i></td>
+ <td valign="top"><i>Installationsprogramm, systray, bogobot</i></td>
</tr>
<tr>
<td valign="top">ugha</td>
- <td valign="top"><i>jbigi Entwicklung, wiki Umzug, Dokumentation aufräumen</i></td>
+ <td valign="top"><i>Etntwicklung von jbigi, wiki-Umzug, Dokumentation aufräumen</i></td>
</tr>
<tr>
<td valign="top">oOo</td>
- <td valign="top"><i>java debugging und Klient Entwicklung von I2PTunnel und der Routerkonsole</i></td>
+ <td valign="top"><i>java debugging und Klient-Entwicklung von I2PTunnel und der Routerkonsole</i></td>
</tr>
<tr>
<td valign="top">BrianR</td>
@@ -178,7 +182,7 @@ das Design des Netzwerkes diskutieren.
</tr>
<tr>
<td valign="top">eco</td>
- <td valign="top"><i>i2psnark arbeiten</i></td>
+ <td valign="top"><i>i2psnark Arbeiten</i></td>
</tr>
<tr>
<td valign="top">shendaras</td>
@@ -186,11 +190,11 @@ das Design des Netzwerkes diskutieren.
</tr>
<tr>
<td valign="top">JAnonymous</td>
- <td valign="top"><i>Dokumentationen. wiki Umzug</i></td>
+ <td valign="top"><i>Dokumentationen. wiki-Umzug</i></td>
</tr>
<tr>
<td valign="top">jar</td>
- <td valign="top"><i>Übersetzungen ins Französisch</i></td>
+ <td valign="top"><i>Übersetzungen ins Französische</i></td>
</tr>
<tr>
<td valign="top">scintilla</td>
@@ -198,7 +202,7 @@ das Design des Netzwerkes diskutieren.
</tr>
<tr>
<td valign="top">smeghead</td>
- <td valign="top"><i>C# SAM Bibliothek, pants, fortuna eingebaut</i></td>
+ <td valign="top"><i>C# SAM Bibliothek, pants, fortuna eingebaut, Portierung Tahoe-LAFs für I2P</i></td>
</tr>
<tr>
<td valign="top">Nightblade</td>
@@ -206,11 +210,15 @@ das Design des Netzwerkes diskutieren.
</tr>
<tr>
<td valign="top">dinoman</td>
- <td valign="top"><i>i2p-bt Tracker Entwicklung</i></td>
+ <td valign="top"><i>i2p-bt Tracker-Entwicklung</i></td>
</tr>
<tr>
<td valign="top">DrWoo</td>
- <td valign="top"><i>i2p-bt Tracker Entwicklung</i></td>
+ <td valign="top"><i>i2p-bt Tracker-Entwicklung</i></td>
+</tr>
+<tr>
+ <td valign="top">und viele andere ...</td>
+ <td valign="top"><i></i></td>
</tr>
</table>
{% endblock %}
diff --git a/www.i2p2/pages/team_fr.html b/www.i2p2/pages/team_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..4aade9a1bbc8d8235092f105c9c5b1b5acab1e2f
--- /dev/null
+++ b/www.i2p2/pages/team_fr.html
@@ -0,0 +1,338 @@
+{% extends "_layout_fr.html" %}
+{% block title %}L'équipe{% endblock %}
+{% block content %}
+Traduction de mars 2011. <a href="team.html">Version anglaise actuelle</a>
+<h1>Membres du projet I2P</h1>
+<p>Nous sommes un petit groupe disséminé sur tous les continents qui travaille à l'amélioration des différents aspects
+du projet et qui étudie et débat sur la conception du réseau.
+<a href="getinvolved_fr.html">Engagez-vous!</a>
+</p>
+
+<table border="0">
+<tr>
+ <td valign="top" rowspan="17"><b>Administration</b></td>
+ <td valign="top"><b>Responsable du projet</b></td>
+ <td valign="top">zzz</td>
+ <td valign="top"><i>contact en dernier ressort</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Trésorier</b></td>
+ <td valign="top">eche|on</td>
+ <td valign="top"><i>gère les dons / les comptes / les primes</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Relations publiques</b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>contact presse, gère les relations et affaires publiques</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Admin <a href="http://forum.i2p/">Forum</a></b></td>
+ <td valign="top">cervantes</td>
+ <td valign="top"><i>gère le forum utilisateurs public</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Admin miroirs</b></td>
+ <td valign="top">welterde</td>
+ <td valign="top"><i>gère les miroirs du projet</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Grands sachems <a href="/monotone.html">Monotone</a></b></td>
+ <td valign="top">welterde, eche|on</td>
+ <td valign="top"><i>gèrent les dépots publics monotone</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Packager; Linux</b></td>
+ <td valign="top" style="color:blue">kytv (Debian/Ubuntu)</td>
+ <td valign="top"><i>Packager distribution Linux</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Packager; Windows</b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>Packager Windows installer</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Responsable des versions</b></td>
+ <td valign="top">zzz</td>
+ <td valign="top"><i>Compile et signe les versions</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Admin réamorçage</b></td>
+ <td valign="top">_sw_rhpsdy</td>
+ <td valign="top"><i>Surveille, recrute et maintient la liste de réamorçage</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Expert sécurité</b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>Modèle de sécurité / expert cryptologie</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Avocat des utilisateurs</b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>Rassemble, priorise et défend les besoins exprimés</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Concepteur web</b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>Gère la conception du site Internet public</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Admin <a href="http://www.i2p2.i2p/">serveur web</a></b></td>
+ <td valign="top">welterde</td>
+ <td valign="top"><i>Gère les serveurs web du projet</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Admin <a href="http://www.i2p2.i2p/">Website</a></b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>Gère le contenu du site web public</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Admin des News</b></td>
+ <td valign="top">eche|on</td>
+ <td valign="top"><i>Gère les news de la console</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Directeur des passions</b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>Entraineur de la communauté</i></td>
+</tr>
+<tr><td colspan="4"><hr /></td></tr>
+<tr>
+ <td valign="top" rowspan="24"><b>Développement</b></td>
+ <td valign="top"><b>Meneur principal</b></td>
+ <td valign="top">zzz</td>
+ <td valign="top"><i>Dirige le dévoloppement du SDK et du routeur</i></td>
+</tr>
+<tr>
+ <td valign="top">Chef <b><a href="http://hq.postman.i2p/">I2P mail</a></b></td>
+ <td valign="top">postman</td>
+ <td valign="top"><i>Organise et développe le système i2p mail</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Boss <a href="http://i2host.i2p/">I2Host</a></b></td>
+ <td valign="top">sponge</td>
+ <td valign="top"><i>Application I2Host addressbook (carnet d'adresses)</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Patron de <a href="http://bob.i2p/">BOB</a></b></td>
+ <td valign="top">sponge</td>
+ <td valign="top"><i>Basic Open Bridge</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Pilote <a href="http://i2pbote.i2p/">I2P-Bote</a></b></td>
+ <td valign="top">HungryHobo</td>
+ <td valign="top"><i>Greffon I2PBote</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Rhâ de <a href="http://bob.i2p/">Robert</a></b></td>
+ <td valign="top">sponge</td>
+ <td valign="top"><i>Client bittorrent Robert</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Dompteur d'<a href="http://forum.i2p2.de/viewforum?f=25">I2Phex</a></b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>Client Gnutella I2Phex</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Captain <a href="http://forum.i2p2.de/viewforum?f=21">I2PSnark</a></b></td>
+ <td valign="top">zzz</td>
+ <td valign="top"><i>Maintient le client Bittorrent intégré</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Cornac d'<a href="http://forum.i2p2.de/viewforum?f=30">iMule</a></b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>client eMule sur I2P</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Rédac chef <a href="http://forum.i2p2.de/viewforum?f=29">Syndie</a></b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>Développement Syndie</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Chef de bureau Susimail</b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>Développement Susimail</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>Console</b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>Design HTML/CSS console du routeur</i></td>
+</tr>
+<tr>
+ <td valign="top"><b>SAM</b></td>
+ <td valign="top" style="color:blue">[vacant]</td>
+ <td valign="top"><i>SAM</i></td>
+</tr>
+<tr>
+ <td valign="top" rowspan="8"><b>Traductions console</b></td>
+ <td valign="top">walking</td>
+ <td valign="top"><i>Chinois</i></td>
+</tr>
+<tr>
+ <td valign="top">monkeybrains</td>
+ <td valign="top"><i>Hollandais</i></td>
+</tr>
+<tr>
+ <td valign="top" style="color:blue">magma</td>
+ <td valign="top"><i>Français</i></td>
+</tr>
+<tr>
+ <td valign="top">eche|on, mixxy</td>
+ <td valign="top"><i>Allemand</i></td>
+</tr>
+<tr>
+ <td valign="top">rus, 4get, slow</td>
+ <td valign="top"><i>Russe</i></td>
+</tr>
+<tr>
+ <td valign="top">user</td>
+ <td valign="top"><i>Espagnol</i></td>
+</tr>
+<tr>
+ <td valign="top">thelastcode, hamada</td>
+ <td valign="top"><i>Arabe</i></td>
+</tr>
+<tr>
+ <td valign="top" style="color:blue">[vacant] (tu m'étonnes!)</td>
+ <td valign="top"><i>Autres langues</i></td>
+</tr>
+<tr>
+ <td valign="top" rowspan="3"><b>Contributeurs</b></td>
+ <td valign="top">cervantes</td>
+ <td valign="top"><i>fire2pe dev, améliorations console</i></td>
+</tr>
+<tr>
+ <td valign="top">Mathiasdm</td>
+ <td valign="top"><i>Interface graphique utilisateur, portage dijjer</i></td>
+</tr>
+<tr style="color:blue">
+ <td valign="top">[vacant]</td>
+ <td valign="top"><i>Appels à l'aide sur tous les fronts!</i></td>
+</tr>
+<tr><td colspan="4"><hr /></td></tr>
+<tr>
+ <td valign="top" rowspan="32" colspan="2"><b>Anciens contributeurs</b></td>
+ <td valign="top">mihi</td>
+ <td valign="top"><i>développement I2PTunnel, mini bibliothèque de flux</i></td>
+</tr>
+<tr>
+ <td valign="top">jrandom</td>
+ <td valign="top"><i>Responsable du projet, idem pour Syndie</i></td>
+</tr>
+<tr>
+ <td valign="top">Complication</td>
+ <td valign="top"><i>Responsable du projet, de Syndie,d'I2Phex, guru en tous genres</i></td>
+</tr>
+<tr>
+ <td valign="top">mkvore</td>
+ <td valign="top"><i>Vétérinaire accoucheur d'iMule</i></td>
+</tr>
+<tr>
+ <td valign="top">redzara</td>
+ <td valign="top"><i>Tâcheron I2Phex</i></td>
+</tr>
+<tr>
+ <td valign="top">striker</td>
+ <td valign="top"><i>Stakhanoviste I2Phex</i></td>
+</tr>
+<tr>
+ <td valign="top">legion</td>
+ <td valign="top"><i>I2Phex</i></td>
+</tr>
+<tr>
+ <td valign="top">Connely</td>
+ <td valign="top"><i>Bibliothèque Python SAM, simulations d'attaques</i></td>
+</tr>
+<tr>
+ <td valign="top">mastiejaner</td>
+ <td valign="top"><i>Développement i2pmail</i></td>
+</tr>
+<tr>
+ <td valign="top">dust</td>
+ <td valign="top"><i>Aide pour Syndie</i></td>
+</tr>
+<tr>
+ <td valign="top">susi23</td>
+ <td valign="top"><i>Applications i2p mail,susimail et susidns</i></td>
+</tr>
+<tr>
+ <td valign="top">sirup</td>
+ <td valign="top"><i>I2Phex (portage)</i></td>
+</tr>
+<tr>
+ <td valign="top">Ragnarok</td>
+ <td valign="top"><i>addressbook,i2p-bt,syndie client</i></td>
+</tr>
+<tr>
+ <td valign="top">duck</td>
+ <td valign="top"><i>portage/dev client i2p-bt BitTorrent</i></td>
+</tr>
+<tr>
+ <td valign="top">thecrypto</td>
+ <td valign="top"><i>Routines de cryptage et signatures, I2PIM</i></td>
+</tr>
+<tr>
+ <td valign="top">aum</td>
+ <td valign="top"><i>Code jython SAM, stasher (DHT) et v2v (VoI2P)</i></td>
+</tr>
+<tr>
+ <td valign="top">hypercubus</td>
+ <td valign="top"><i>Installer, systray, bogobot</i></td>
+</tr>
+<tr>
+ <td valign="top">ugha</td>
+ <td valign="top"><i>Développement jbigi, migration wiki, nettoyage documentation</i></td>
+</tr>
+<tr>
+ <td valign="top">oOo</td>
+ <td valign="top"><i>Débogage Java, développement client I2PTunnel et console</i></td>
+</tr>
+<tr>
+ <td valign="top">BrianR</td>
+ <td valign="top"><i>Module pearl SAM</i></td>
+</tr>
+<tr>
+ <td valign="top">eco</td>
+ <td valign="top"><i>Boulot sur i2psnark</i></td>
+</tr>
+<tr>
+ <td valign="top">shendaras</td>
+ <td valign="top"><i>Nettoyage Java</i></td>
+</tr>
+<tr>
+ <td valign="top">JAnonymous</td>
+ <td valign="top"><i>docs. migration wiki</i></td>
+</tr>
+<tr>
+ <td valign="top">jar</td>
+ <td valign="top"><i>Traductions en français</i></td>
+</tr>
+<tr>
+ <td valign="top">scintilla</td>
+ <td valign="top"><i>Portage en C de jcpuid</i></td>
+</tr>
+<tr>
+ <td valign="top">smeghead</td>
+ <td valign="top"><i>Bibliothèque SAM C#, pants, fortuna integration</i></td>
+</tr>
+<tr>
+ <td valign="top">Nightblade</td>
+ <td valign="top"><i>libSAM</i></td>
+</tr>
+<tr>
+ <td valign="top">dinoman</td>
+ <td valign="top"><i>Développement tracker i2p-bt</i></td>
+</tr>
+<tr>
+ <td valign="top">DrWoo</td>
+ <td valign="top"><i>Développement tracker i2p-bt</i></td>
+</tr>
+<tr>
+ <td valign="top">dr|z3d</td>
+ <td valign="top"><i>Thèmes console et site</i></td>
+</tr>
+<tr>
+ <td valign="top">et plein d'autres ...</td>
+ <td valign="top"><i></i></td>
+</tr>
+</table>
+{% endblock %}
diff --git a/www.i2p2/pages/techintro.html b/www.i2p2/pages/techintro.html
index bf80f6678e8d72d09f6ab0af0cb04fd437b3bcb9..3e4645f20aa7cd23dc8becd6ccf70616e8f0c394 100644
--- a/www.i2p2/pages/techintro.html
+++ b/www.i2p2/pages/techintro.html
@@ -2,106 +2,59 @@
{% block title %}Introducing I2P{% endblock %}
{% block content %}
- <center>
- <b class="title">
- <h1>I2P: <font size="3">A scalable framework for anonymous communication</font></h1>
- </b>
- <br/>
- <div class="toc">
- <table border="0">
- <tr class="invisible">
- <td valign="top" align="left" class="invisible"> <pre>
-<font size="2"><b>IN THIS DOCUMENT</b></font><br />
-* <a href="#intro">Introduction</a>
-* <a href="#op">Operation</a>
- * <a href="#op.overview">Overview</a>
- * <a href="#op.tunnels">Tunnels</a>
- * <a href="#op.netdb">Network Database</a>
- * <a href="#op.transport">Transport protocols</a>
- * <a href="#op.crypto">Cryptography</a>
-</pre></td>
- <td valign="top" align="left" class="invisible"> <pre>
-<br/>
-* <a href="#future">Future</a>
- * <a href="#future.restricted">Restricted routes</a>
- * <a href="#future.variablelatency">Variable latency</a>
- * <a href="#future.open">Open questions</a>
-</pre></td>
- <td valign="top" align="left" class="invisible"> <pre>
-<br/>
-* <a href="#similar">Similar systems</a>
- * <a href="#similar.tor">Tor</a>
- * <a href="#similar.freenet">Freenet</a>
-* <a href="#app">Appendix A: Application layer</a>
-</pre></td>
- </tr>
- <tr class="invisible">
- <td height="10" colspan="3" align="left" valign="middle" class="invisible">
- <div class="underline"></div></td>
- </tr>
- <tr class="invisible">
- <td valign="top" align="left" class="invisible"><pre>
-<font size="2"><b>FOR MORE INFORMATION</b></font><br>
- * <a href="package-client.html">Client Javadoc</a>
- * <a href="datagrams.html">Datagrams</a>
- * <a href="package-datagram.html">Datagram Javadoc</a>
- * <a href="_static/pdf/datastructures.pdf">Data Structures</a>
- * <a href="i2cp.html">I2CP</a>
- * <a href="i2np.html">I2NP</a>
- * <a href="i2ptunnel.html">I2PTunnel</a>
- * <a href="ministreaming.html">Ministreaming Lib</a>
- * <a href="how_networkdatabase.html">NetDb</a>
-</pre></td>
- <td valign="top" align="left" class="invisible"><pre><br/>
- * <a href="naming.html">Naming and Addressbook</a>
- * <a href="package-naming.html">Naming Javadoc</a>
- * <a href="jbigi.html">Native BigInteger Lib</a>
- * <a href="ntcp.html">NTCP</a>
- * <a href="how_peerselection.html">Peer Selection</a>
- * <a href="performance.html">Performance</a>
- * <a href="protocols.html">Protocol Stack</a>
- * <a href="sam.html">SAM</a>
- * <a href="samv2.html">SAM V2</a>
- * <a href="samv3.html">SAM V3</a>
-</pre></td>
- <td valign="top" align="left" class="invisible"><pre><br/>
- * <a href="socks.html">SOCKS</a>
- * <a href="udp.html">SSU</a>
- * <a href="streaming.html">Streaming Lib</a>
- * <a href="package-streaming.html">Streaming Javadoc</a>
- * <a href="http://syndie.i2p2.de/">Syndie</a>
- * <a href="package-tcp.html">Old TCP Javadoc</a>
- * <a href="tunnel-alt.html">Tunnel Implementation</a>
- * <a href="tunnel-alt-creation.html">Tunnel Creation</a>
- * <a href="tunnel.html">Old Tunnel Implementation</a>
-</pre></td>
- </tr>
- </table>
- </div>
- </center>
+<h1 class="title">I2P: <span style="font-size:medium;">A scalable framework for anonymous communication</span></h1>
+ <div id="toc">
+ <h2>Table of Contents</h2>
+ <ul>
+ <li><a href="#intro">Introduction</a></li>
+ <li>
+ <a href="#op">I2P Operation</a>
+ <ul>
+ <li><a href="#op.overview">Overview</a></li>
+ <li><a href="#op.tunnels">Tunnels</a></li>
+ <li><a href="#op.netdb">Network Database</a></li>
+ <li><a href="#op.transport">Transport protocols</a></li>
+ <li><a href="#op.crypto">Cryptography</a></li>
+ </ul>
+ </li>
+ </ul>
+ </div>
+
<br/>
<h1 id="intro">Introduction</h1>
- <p> I2P is a scalable, self organizing, resilient packet switched anonymous
+ <p>
+ I2P is a scalable, self organizing, resilient packet switched anonymous
network layer, upon which any number of different anonymity or security conscious
applications can operate. Each of these applications may make their own anonymity,
latency, and throughput tradeoffs without worrying about the proper implementation
of a free route mixnet, allowing them to blend their activity with the larger
- anonymity set of users already running on top of I2P. Applications available
- already provide the full range of typical Internet activities - anonymous
- web browsing, anonymous web hosting, anonymous blogging and content syndication
- (with <a href="#app.syndie">Syndie</a>), anonymous chat (via IRC or Jabber),
- anonymous swarming file transfers (with <a
-href="#app.i2pbt">i2p-bt</a>, <a href="#app.i2psnark">I2PSnark</a>, and <a href="#app.azneti2p">Azureus</a>),
- anonymous file sharing (with <a href="#app.i2phex">I2Phex</a>), anonymous
- email (with <a href="#app.i2pmail">I2Pmail</a> and <a href="#app.i2pmail">susimail</a>),
- anonymous newsgroups, as well as several other applications under development.
+ anonymity set of users already running on top of I2P.
+ </p>
+ <p>
+ Applications available already provide the full range of typical Internet activities -
+ <b>anonymous</b> web browsing, web hosting, chat, file sharing, e-mail,
+ blogging and content syndication, newsgroups, as well as several other applications under development.
+ <ul>
+ <li>Web browsing: using any existing browser that supports using a proxy.</li>
+ <li>Chat: IRC, Jabber, <a href="#app.i2pmessenger">I2P-Messenger</a>.</li>
+ <li>File sharing: <a href="#app.i2psnark">I2PSnark</a>, <a href="#app.robert">Robert</a>, <a href="#app.imule">iMule</a>,
+ <a href="#app.i2phex">I2Phex</a>, <a href="#app.pybit">PyBit</a>, <a href="#app.i2pbt">I2P-bt</a>
+ and others.
+ </li>
+ <li>E-mail: <a href="#app.i2pmail">susimail</a> and <a href="#app.i2pbote">I2P-Bote</a>.</li>
+ <li>Blog: using e.g. the pebble plugin or the distributed blogging software <a href="#app.syndie">Syndie</a>.</li>
+ <li>Distributed Data Store: Save your data redundantly in the Tahoe-LAFS cloud over I2P.</li>
+ <li>Newsgroups: using any newsgroup reader that supports using a proxy.</li>
+ </ul>
+ <p>
Unlike web sites hosted within content distribution networks like <a href="#similar.freenet">Freenet</a>
or <a href="http://www.ovmj.org/GNUnet/">GNUnet</a>, the services hosted on
I2P are fully interactive - there are traditional web-style search engines,
bulletin boards, blogs you can comment on, database driven sites, and bridges
to query static systems like Freenet without needing to install it locally.
</p>
- <p> With all of these anonymity enabled applications, I2P takes on the role
+ <p>
+ With all of these anonymity enabled applications, I2P takes on the role
of the message oriented middleware - applications say that they want to send
some data to a cryptographic identifier (a "destination") and I2P takes care
of making sure it gets there securely and anonymously. I2P also bundles a
@@ -112,24 +65,12 @@ href="#app.i2pbt">i2p-bt</a>, <a href="#app.i2psnark">I2PSnark</a>, and <a href=
available to tie existing applications into the network, their value has been
limited as nearly every application routinely exposes what, in an anonymous
context, is sensitive information. The only safe way to go is to fully audit
- an application to ensure proper operation, and to assist in that we provide
+ an application to ensure proper operation and to assist in that we provide
a series of APIs in various languages which can be used to make the most out
- of the network. </p>
- <!-- commented out because "The details [...] are " *NOT* " given later" -->
- <!--
-<p>
-The scope of I2P's anonymity protections varies upon the applications running on
-top of them, as well as the choices that each user makes. The aim is to provide
-the options necessary so that a sufficient level of anonymity can be achieved while
-exposing the functionality that people facing up to state level adversaries require.
-At the same time, those facing less powerful adversaries are able to improve their
-throughput and latency while reducing the resources required to provide the necessary
-level of cover. The details of the techniques available for facing adversaries who
-are internal or external, passive or active, local, national, or global, are given
-later.
-</p>
--->
- <p> I2P is not a research project - academic, commercial, or governmental, but
+ of the network.
+ </p>
+ <p>
+ I2P is not a research project - academic, commercial, or governmental, but
is instead an engineering effort aimed at doing whatever is necessary to provide
a sufficient level of anonymity to those who need it. It has been in active
development since early 2003 with one full time developer and a dedicated
@@ -139,14 +80,16 @@ later.
making use of a few cryptographic routines under BSD-style licenses. The people
working on I2P do not control what people release client applications under,
and there are several GPL'ed applications available (<a href="#app.i2ptunnel">I2PTunnel</a>,
- <a href="#app.i2pmail">susimail</a>, <a href="#app.i2psnark">I2PSnark</a>,
- <a href="#app.azneti2p">Azureus</a>, <a href="#app.i2phex">I2Phex</a>). <a href="http://www.i2p.net/halloffame">Funding</a>
- for I2P comes entirely from donations, and does not receive any tax breaks
- in any jurisdiction at this time, as many of the developers are themselves
- anonymous. </p>
+ <a href="#app.i2pmail">susimail</a>, <a href="#app.i2psnark">I2PSnark</a>, <a href="#app.i2pbote">I2P-Bote</a>,
+ <a href="#app.i2phex">I2Phex</a> and others.).
+ <a href="http://www.i2p.net/halloffame">Funding</a> for I2P comes entirely from donations,
+ and does not receive any tax breaks in any jurisdiction at this time,
+ as many of the developers are themselves anonymous.
+ </p>
<h1 id="op">Operation</h1>
<h2 id="op.overview">Overview</h2>
- <p> To understand I2P's operation, it is essential to understand a few key concepts.
+ <p>
+ To understand I2P's operation, it is essential to understand a few key concepts.
First, I2P makes a strict separation between the software participating in
the network (a "router") and the anonymous endpoints ("destinations") associated
with individual applications. The fact that someone is running I2P is not
@@ -155,38 +98,76 @@ later.
to. End users will typically have several local destinations on their router
- for instance, one proxying in to IRC servers, another supporting the user's
anonymous webserver ("eepsite"), another for an I2Phex instance, another for
- torrents, etc. </p>
- <p> Another critical concept to understand is the "tunnel" - a directed path
- through an explicitly selected set of routers, making use of layered encryption
- so that the messages sent in the tunnel's "gateway" appear entirely random
- at each hop along the path until it reaches the tunnel's "endpoint". These
- unidirectional tunnels can be seen as either "inbound" tunnels or "outbound"
- tunnels, referring to whether they are bringing messages to the tunnel's creator
- or away from them, respectively. The gateway of an inbound tunnel can receive
- messages from any peer and will forward them down through the tunnel until
- it reaches the (anonymous) endpoint (the creator). On the other hand, the
- gateway of an outbound tunnel is the tunnel's creator, and messages sent through
- that tunnel are encoded so that when they reach the outbound tunnel's endpoint,
- that router has the instructions necessary to forward the message on to the
- appropriate location. </p>
- <p> A third critical concept to understand is I2P's "network database" (or "netDb")
+ torrents, etc.
+ </p>
+ <p>
+ Another critical concept to understand is the "tunnel".
+ A tunnel is a directed path through an explicitly selected list of routers.
+ Layered encryption is used, so each of the routers can only decrypt a single layer.
+ The decrypted information contains the IP of the next router, along with
+ the encrypted information to be forwarded.
+ Each tunnel has a starting point (the first router, also known as "gateway")
+ and an end point. Messages can be sent only in one way. To send messages back,
+ another tunnel is required.
+ </p>
+ <div class="box" style="text-align:center;">
+ <img src="_static/images/tunnels.png" alt="Inbound and outbound tunnel schematic" title="Inbound and outbound tunnel schematic" />
+ <br /><br />
+ Figure 1: Two types of tunnels exist: inbound and outbound.
+ </div>
+ <br/>
+ <p>
+ Two types of tunnels exist:
+ <b>"outbound" tunnels</b> send messages away from the tunnel creator,
+ while <b>"inbound" tunnels</b> bring messages to the tunnel creator.
+ Combining these two tunnels allows users to send messages to each other.
+ The sender ("Alice" in the above image) sets up an outbound tunnel,
+ while the receiver ("Bob" in the above image) creates an inbound tunnel.
+ The gateway of an inbound tunnel can receive messages from any other user
+ and will send them on until the endpoint ("Bob").
+ The endpoint of the outbound tunnel will need to send the message
+ on to the gateway of the inbound tunnel.
+ To do this, the sender ("Alice") adds instructions to her encrypted message.
+ Once the endpoint of the outbound tunnel decrypts the message,
+ it will have instructions to forward the message to the correct
+ inbound gateway (the gateway to "Bob").
+ </p>
+ <p>
+ A third critical concept to understand is I2P's <b>"network database"</b> (or "netDb")
- a pair of algorithms used to share network metadata. The two types of metadata
- carried are "routerInfo" and "leaseSets" - the routerInfo gives routers the
+ carried are <b>"routerInfo"</b> and <b>"leaseSets"</b> - the routerInfo gives routers the
data necessary for contacting a particular router (their public keys, transport
addresses, etc), while the leaseSet gives routers the information necessary
- for contacting a particular destination. Within each leaseSet, there are any
- number of "leases", each of which specifies the gateway for one of that destination's
- inbound tunnels as well as when that tunnel will expire. The leaseSet also
- contains a pair of public keys which can be used for layered garlic encryption.
- </p>
- <!--
-<p>
-I2P's operation can be understood by putting those three concepts together:
-</p>
-
-<p><img src="net.png"></p>
-!-->
- <p> When Alice wants to send a message to Bob, she first does a lookup in the
+ for contacting a particular destination. A leaseSet contains a number of "leases".
+ Each of this leases specifies a tunnel gateway, which allows reaching a specific destination.
+ The full information contained in a lease:
+ <ul>
+ <li>Inbound gateway for a tunnel that allows reaching a specific destination.</li>
+ <li>Time when a tunnel expires.</li>
+ <li>Pair of public keys to be able to encrypt messages (to send through the tunnel and reach the destination).</li>
+ </ul>
+ Routers themselves send their routerInfo to the netDb directly, while leaseSets are sent through outbound tunnels
+ (leaseSets need to be sent anonymously, to avoid correlating a router with his leaseSets).
+ </p>
+ <p>
+ We can combine the above concepts to build successful connections in the network.
+ </p>
+ <p>
+ To build up her own inbound and outbound tunnels, Alice does a lookup in the netDb to collect routerInfo.
+ This way, she gathers lists of peers she can use as hops in her tunnels.
+ She can then send a build message to the first hop, requesting the construction of a tunnel and asking
+ that router to send the construction message onward, until the tunnel has been constructed.
+ </p>
+ <div class="box" style="text-align:center;">
+ <img src="_static/images/netdb_get_routerinfo_1.png" alt="Request information on other routers" title="Request information on other routers" />
+
+ <img src="_static/images/netdb_get_routerinfo_2.png" alt="Build tunnel using router information" title="Build tunnel using router information" />
+ <br /><br />
+ Figure 2: Router information is used to build tunnels.
+ </div>
+ <br/>
+ <p>
+ When Alice wants to send a message to Bob, she first does a lookup in the
netDb to find Bob's leaseSet, giving her his current inbound tunnel gateways.
She then picks one of her outbound tunnels and sends the message down it with
instructions for the outbound tunnel's endpoint to forward the message on
@@ -194,12 +175,21 @@ I2P's operation can be understood by putting those three concepts together:
receives those instructions, it forwards the message as requested, and when
Bob's inbound tunnel gateway receives it, it is forwarded down the tunnel
to Bob's router. If Alice wants Bob to be able to reply to the message, she
- needs to transmit her own destination explicitly as part of the message itself
- (taken care of transparently in the <a href="#app.streaming">streaming</a>
- library). Alice may also cut down on the response time by bundling her most
+ needs to transmit her own destination explicitly as part of the message itself.
+ This can be done by introducing a higher-level layer, which is done in the
+ <a href="#app.streaming">streaming</a> library.
+ Alice may also cut down on the response time by bundling her most
recent leaseSet with the message so that Bob doesn't need to do a netDb lookup
- for it when he wants to reply, but this is optional. </p>
- <p> While the tunnels themselves have layered encryption to prevent unauthorized
+ for it when he wants to reply, but this is optional.
+ </p>
+ <div class="box" style="text-align:center;">
+ <img src="_static/images/netdb_get_leaseset.png" alt="Connect tunnels using leaseSets" title="Connect tunnels using leaseSets" />
+ <br /><br />
+ Figure 3: Leasesets are used to connect outbound and inbound tunnels.
+ </div>
+ <br/>
+ <p>
+ While the tunnels themselves have layered encryption to prevent unauthorized
disclosure to peers inside the network (as the transport layer itself does
to prevent unauthorized disclosure to peers outside the network), it is necessary
to add an additional end to end layer of encryption to hide the message from
@@ -210,16 +200,20 @@ I2P's operation can be understood by putting those three concepts together:
those messages say, or where those individual cloves are destined. For typical
end to end communication between Alice and Bob, the garlic will be encrypted
to the public key published in Bob's leaseSet, allowing the message to be
- encrypted without giving out the public key to Bob's own router. </p>
- <p> Another important fact to keep in mind is that I2P is entirely message based
+ encrypted without giving out the public key to Bob's own router.
+ </p>
+ <p>
+ Another important fact to keep in mind is that I2P is entirely message based
and that some messages may be lost along the way. Applications using I2P can
use the message oriented interfaces and take care of their own congestion
control and reliability needs, but most would be best served by reusing the
provided <a href="#app.streaming">streaming</a> library to view I2P as a streams
- based network. </p>
+ based network.
+ </p>
<h2 id="op.tunnels">Tunnels</h2>
- <p> Both inbound and outbound tunnels work along similar principles - the tunnel
- gateway accumulates a number of tunnel messages, eventually preprocessing
+ <p>
+ Both inbound and outbound tunnels work along similar principles.
+ The tunnel gateway accumulates a number of tunnel messages, eventually preprocessing
them into something for tunnel delivery. Next, the gateway encrypts that preprocessed
data and forwards it to the first hop. That peer and subsequent tunnel participants
add on a layer of encryption after verifying that it isn't a duplicate before
@@ -229,19 +223,23 @@ I2P's operation can be understood by putting those three concepts together:
the creator is the endpoint and they simply decrypt all of the layers added,
while for outbound tunnels, the creator is the gateway and they pre-decrypt
all of the layers so that after all of the layers of per-hop encryption are
- added, the message arrives in the clear at the tunnel endpoint. </p>
- <p> The choice of specific peers to pass on messages as well as their particular
+ added, the message arrives in the clear at the tunnel endpoint.
+ </p>
+ <p>
+ The choice of specific peers to pass on messages as well as their particular
ordering is important to understanding both I2P's anonymity and performance
characteristics. While the network database (below) has its own criteria for
- picking what peers to query and store entries on, tunnels may use any peers
+ picking what peers to query and store entries on, tunnel creators may use any peers
in the network in any order (and even any number of times) in a single tunnel.
If perfect latency and capacity data were globally known, selection and ordering
would be driven by the particular needs of the client in tandem with their
threat model. Unfortunately, latency and capacity data is not trivial to gather
anonymously, and depending upon untrusted peers to provide this information
- has its own serious anonymity implications. </p>
- <p> From an anonymity perspective, the simplest technique would be to pick peers
- randomly from the entire network, order them randomly, and use those peers
+ has its own serious anonymity implications.
+ </p>
+ <p>
+ From an anonymity perspective, the simplest technique would be to pick peers
+ randomly from the entire network, order them randomly and use those peers
in that order for all eternity. From a performance perspective, the simplest
technique would be to pick the fastest peers with the necessary spare capacity,
spreading the load across different peers to handle transparent failover,
@@ -249,8 +247,10 @@ I2P's operation can be understood by putting those three concepts together:
former is both brittle and inefficient, the later requires inaccessible information
and offers insufficient anonymity. I2P is instead working on offering a range
of peer selection strategies, coupled with anonymity aware measurement code
- to organize the peers by their profiles. </p>
- <p> As a base, I2P is constantly profiling the peers with which it interacts
+ to organize the peers by their profiles.
+ </p>
+ <p>
+ As a base, I2P is constantly profiling the peers with which it interacts
with by measuring their indirect behavior - for instance, when a peer responds
to a netDb lookup in 1.3 seconds, that round trip latency is recorded in the
profiles for all of the routers involved in the two tunnels (inbound and outbound)
@@ -264,19 +264,22 @@ I2P's operation can be understood by putting those three concepts together:
to be. These calculations are then compared for active peers to organize the
routers into four tiers - fast and high capacity, high capacity, not failing,
and failing. The thresholds for those tiers are determined dynamically, and
- while they currently use fairly simple algorithms, alternatives exist. </p>
+ while they currently use fairly simple algorithms, alternatives exist.
+ </p>
<p> Using this profile data, the simplest reasonable peer selection strategy
is to pick peers randomly from the top tier (fast and high capacity), and
this is currently deployed for client tunnels. Exploratory tunnels (used for
- netDb and tunnel management) pick peers randomly from the not failing tier
+ netDb and tunnel management) pick peers randomly from the "not failing" tier
(which includes routers in 'better' tiers as well), allowing the peer to sample
routers more widely, in effect optimizing the peer selection through randomized
hill climbing. These strategies alone do however leak information regarding
the peers in the router's top tier through predecessor and netDb harvesting
attacks. In turn, several alternatives exist which, while not balancing the
load as evenly, will address the attacks mounted by particular classes of
- adversaries. </p>
- <p> By picking a random key and ordering the peers according to their XOR distance
+ adversaries.
+ </p>
+ <p>
+ By picking a random key and ordering the peers according to their XOR distance
from it, the information leaked is reduced in predecessor and harvesting attacks
according to the peers' failure rate and the tier's churn. Another simple
strategy for dealing with netDb harvesting attacks is to simply fix the inbound
@@ -292,105 +295,95 @@ I2P's operation can be understood by putting those three concepts together:
using individual peers if all of them agree to participate in the same way
each time. This varies from the XOR based ordering in that the predecessor
and successor of each peer is always the same, while the XOR only makes sure
- their order doesn't change. </p>
- <p> As mentioned before, I2P currently (release 0.6.1.1) includes the tiered
- random strategy above. Release 0.6.1.33 will contain the XOR-based ordering
- strategy. Additional improvements may be included in the 0.6.2 release. A
+ their order doesn't change.
+ </p>
+ <p>
+ As mentioned before, I2P currently (release 0.8) includes the tiered
+ random strategy above, with XOR-based ordering. A
more detailed discussion of the mechanics involved in tunnel operation, management,
and peer selection can be found in the <a href="tunnel-alt.html">tunnel spec</a>.
</p>
<h2 id="op.netdb">Network Database</h2>
- <p> <i>Kademlia has been disabled - see <a href="how_networkdatabase.html">NetDb
- Status</a></i> </p>
- <p> As mentioned earlier, I2P's netDb works to share the network's metadata.
- Two algorithms are used to accomplish this - primarily, a small set of routers
- are designated as "floodfill peers", while the rest of the routers participate
- in the <a href="http://en.wikipedia.org/wiki/Kademlia">Kademlia </a> derived
- distributed hash table for redundancy. To integrate the two algorithms, each
- router always uses the Kademlia style store and fetch, but acts as if the
- floodfill peers are 'closest' to the key in question. Additionally, when a
- peer publishes a key into the netDb, after a brief delay they query another
- random floodfill peer, asking them for the key, and if that peer does not
- have it, they move on and republish the key again. Behind the scenes, when
- one of the floodfill peers receives a new valid key, they republish it to
- the other floodfill peers who then cache it locally. </p>
- <p> Each piece of data in the netDb is self authenticating - signed by the appropriate
- party and verified by anyone who uses or stores it. In addition, the data
- has liveliness information within it, allowing irrelevant entries to be dropped,
- newer entries to replace older ones, and, for the paranoid, protection against
- certain classes of attack. This is also why I2P bundles the necessary code
- for maintaining the correct time, occasionally querying some SNTP servers
- (the <a href="http://www.pool.ntp.org/">pool.ntp.org</a> round robin by default)
- and detecting skew between routers at the transport layer. </p>
- <p> The routerInfo structure itself contains all of the information that one
- router needs to know to securely send messages to another router. This includes
- their identity (made up of a 2048bit ElGamal public key, a 1024bit DSA public
- key, and a certificate), the transport addresses which they can be reached
- on, such as an IP address and port, when the structure was published, and
- a set of arbitrary uninterpreted text options. In addition, there is a signature
- against all of that data as generated by the included DSA public key. The
- key for this routerInfo structure in the netDb is the SHA256 hash of the router's
- identity. The options published are often filled with information helpful
- in debugging I2P's operation, but when I2P reaches the 1.0 release, the options
- will be disabled and kept blank. </p>
- <p> The leaseSet structure is similar, in that it includes the I2P destination
- (comprised of a 2048bit ElGamal public key, a 1024bit DSA public key, and
- a certificate), a list of "leases", and a pair of public keys for garlic encrypting
- messages to the destination. Each of the leases specify one of the destination's
- inbound tunnel gateways by including the SHA256 of the gateway's identity,
- a 4 byte tunnel id on that gateway, and when that tunnel will expire. The
- key for the leaseSet in the netDb is the SHA256 of the destination itself.
- </p>
- <p> As the router currently automatically bundles the leaseSet for the sender
- inside a garlic message to the recipient, the leaseSet for destinations which
- will not receive unsolicited messages do not need to be published in the netDb
- at all. If the destination itself is sensitive, the leaseSet could instead
- be transmitted through other means without ever going into the netDb. </p>
- <p> Bootstrapping the netDb itself is simple - once a router has at least one
- routerInfo of a reachable peer, they query that router for references to other
- routers in the network with the Kademlia healing algorithm. Each routerInfo
- reference is stored in an individual file in the router's netDb subdirectory,
- allowing people to easily share their references to bootstrap new users. </p>
- <p> Unlike traditional DHTs, the very act of conducting a search distributes
- the data as well, since rather passing Kademlia's standard IP+port pairs,
- references are given to the routers that the peer should query next (namely,
- the SHA256 of those routers' identities). As such, iteratively searching for
- a particular destination's leaseSet or router's routerInfo will also provide
- you with the routerInfo of the peers along the way. In addition, due to the
- time sensitivity of the data published, the information doesn't often need
- to migrate between peers - since a tunnel is only valid for 10 minutes, the
- leaseSet can be dropped after that time has passed. To take into account Sybil
- attacks on the netDb, the Kademlia routing location used for any given key
- varies over time. For instance, rather than storing a routerInfo on the peers
- closest to SHA256(routerInfo.identity), they are stored on the peers closest
- to SHA256(routerInfo.identity + YYYYMMDD), requiring an adversary to remount
- the attack again daily so as to maintain their closeness to the current routing
- key. As the very fact that a router is making a lookup for a given key may
- expose sensitive data (and the fact that a router is <i>publishing</i> a given
- key even more so), all netDb messages are transmitted through the router's
- exploratory tunnels. </p>
- <p> The netDb plays a very specific role in the I2P network, and the algorithms
- have been tuned towards our needs. This also means that it hasn't been tuned
- to address the needs we have yet to run into. As the network grows, the primary
- floodfill algorithm will need to be refined to exploit the capacity available,
- or perhaps replaced with another technique for securely distributing the network
- metadata. </p>
+ <p>
+ As mentioned earlier, I2P's netDb works to share the network's metadata.
+ This is detailed in <a href="how_networkdatabase.html">the networkdatabase</a> page,
+ but a basic explanation is available below.
+ </p>
+ <p>
+ A percentage of I2P users are appointed as 'floodfill peers'.
+ Currently, I2P installations that have a lot of bandwidth and are fast enough,
+ will appoint themselves as floodfill as soon as the number of existing floodfill routers
+ drops too low.
+ </p>
+ <p>
+ Other I2P routers will store their data and lookup data by sending simple 'store' and 'lookup' queries to the floodfills.
+ If a floodfill router receives a 'store' query, it will spread the information to other floodfill routers
+ using the <a href="http://en.wikipedia.org/wiki/Kademlia">Kademlia algorithm</a>.
+ The 'lookup' queries currently function differently, to avoid an important
+ <a href="how_networkdatabase.html#lookup">security issue</a>.
+ When a lookup is done, the floodfill router will not forward the lookup to other peers,
+ but will always answer by itself (if it has the requested data).
+ </p>
+ <p>
+ Two types of information are stored in the network database.
+ <ul>
+ <li>A <b>routerInfo</b> stores information on a specific I2P router and how to contact it</li>
+ <li>A <b>leaseSet</b> stores information on a specific destination (e.g. I2P website, e-mail server...)</li>
+ </ul>
+ All of this information is signed by the publishing party and verified by any I2P router using or storing the information.
+ In addition, the data contains timing information, to avoid storage of old entries and possible attacks.
+ This is also why I2P bundles the necessary code for maintaining the correct time, occasionally querying some SNTP servers
+ (the <a href="http://www.pool.ntp.org/">pool.ntp.org</a> round robin by default)
+ and detecting skew between routers at the transport layer.
+ </p>
+ <p>
+ Some additional remarks are also important.
+ <ul>
+ <li>
+ <b>Unpublished and encrypted leasesets:</b>
+ <p>
+ One could only want specific people to be able to reach a destination.
+ This is possible by not publishing the destination in the netDb. You will however have to transmit the destination by other means.
+ An alternative are the 'encrypted leaseSets'. These leaseSets can only be decoded by people with access to the decryption key.
+ </p>
+ </li>
+ <li>
+ <b>Bootstrapping:</b>
+ <p>
+ Bootstrapping the netDb is quite simple. Once a router manages to receive a single routerInfo of a reachable peer,
+ it can query that router for references to other routers in the network.
+ Currently, a number of users post their routerInfo files to a website to make this information available.
+ I2P automatically connects to one of these websites to gather routerInfo files and bootstrap.
+ </p>
+ </li>
+ <li>
+ <b>Lookup scalability:</b>
+ <p>
+ Lookups in the I2P network are not forwarded to other netDb routers.
+ Currently, this is not a major problem, since the network is not very large.
+ However, as the network grows, not all routerInfo and leaseSet files will be present
+ on each netDb router. This will cause a deterioration of the percentage of successful lookups.
+ Because of this, refinements to the netDb will be done in the next releases.
+ </p>
+ </li>
+ </ul>
+ </p>
<h2 id="op.transport">Transport protocols</h2>
<p> Communication between routers needs to provide confidentiality and integrity
against external adversaries while authenticating that the router contacted
is the one who should receive a given message. The particulars of how routers
communicate with other routers aren't critical - three separate protocols
have been used at different points to provide those bare necessities. </p>
- <p> I2P started with a <a href="package-tcp.html">TCP-based protocol</a> which
+ <p> I2P started with a TCP-based protocol which
has since been disabled. Then, to accommodate the need for high degree communication
(as a number of routers will end up speaking with many others), I2P moved
from a TCP based transport to a <a href="udp.html">UDP-based one</a> - "Secure
Semireliable UDP", or "SSU". </p>
<p> As described in the <a href="udp.html">SSU spec</a>:</p>
<blockquote> The goal of this protocol is to provide secure, authenticated,
- semireliable, and unordered message delivery, exposing only a minimal amount
+ semireliable and unordered message delivery, exposing only a minimal amount
of data easily discernible to third parties. It should support high degree
- communication as well as TCP-friendly congestion control, and may include
+ communication as well as TCP-friendly congestion control and may include
PMTU detection. It should be capable of efficiently moving bulk data at rates
sufficient for home users. In addition, it should support techniques for addressing
network obstacles, like most NATs or firewalls. </blockquote>
@@ -452,7 +445,7 @@ I2P's operation can be understood by putting those three concepts together:
of asymmetric and symmetric encryption algorithms to provide data confidentiality
and integrity to garlic messages. As a whole, the combination is referred
to as ElGamal/AES+SessionTags, but that is an excessively verbose way to describe
- the simple use of 2048bit ElGamal, AES256, SHA256, and 32 byte nonces. </p>
+ the simple use of 2048bit ElGamal, AES256, SHA256 and 32 byte nonces. </p>
<p> The first time a router wants to encrypt a garlic message to another router,
they encrypt the keying material for an AES256 session key with ElGamal and
append the AES256/CBC encrypted payload after that encrypted ElGamal block.
@@ -503,7 +496,8 @@ I2P's operation can be understood by putting those three concepts together:
<h2 id="future.restricted">Restricted route operation</h2>
<p> I2P is an overlay network designed to be run on top of a functional packet
switched network, exploiting the end to end principle to offer anonymity and
- security. While the Internet no longer fully embraces the end to end principle,
+ security. While the Internet no longer fully embraces the end to end principle
+ (due to the usage of NAT),
I2P does require a substantial portion of the network to be reachable - there
may be a number of peers along the edges running using restricted routes,
but I2P does not include an appropriate routing algorithm for the degenerate
@@ -584,6 +578,7 @@ What other tunnel peer selection and ordering strategies should be available?
two in particular are pulled out here - Tor and Freenet. </p>
<p> See also the <a href="how_networkcomparisons.html">Network Comparisons Page</a>.
</p>
+
<h2 id="similar.tor">Tor</h2>
<p><i><a href="http://www.torproject.org/">website</a></i></p>
<p> At first glance, Tor and I2P have many functional and anonymity related
@@ -613,17 +608,17 @@ What other tunnel peer selection and ordering strategies should be available?
would go out through one or more outbound tunnels and the packets making up
the response would come back through one or more different inbound tunnels.
While I2P's peer selection and ordering strategies should sufficiently address
- predecessor attacks, I2P can trivially mimic Tor's non-redundant duplex tunnels
- by simply building an inbound and outbound tunnel along the same routers.</p>
+ predecessor attacks, should a switch to bidirectional tunnels be necessary,
+ we could simply build an inbound and outbound tunnel along the same routers.</p>
<p> Another anonymity issue comes up in Tor's use of telescopic tunnel creation,
as simple packet counting and timing measurements as the cells in a circuit
pass through an adversary's node exposes statistical information regarding
where the adversary is within the circuit. I2P's unidirectional tunnel creation
with a single message so that this data is not exposed. Protecting the position
- in a tunnel is important, as an adversary would otherwise be able to mounting
+ in a tunnel is important, as an adversary would otherwise be able to mount
a series of powerful predecessor, intersection, and traffic confirmation attacks.
</p>
- <p> Tor's support for a second tier of "onion proxies" does offer a nontrivial
+ <p> Tor's support for a second tier of "onion proxies" does offer a non-trivial
degree of anonymity while requiring a low cost of entry, while I2P will not
offer this topology until <a href="#future.restricted">2.0</a>. </p>
<p> On the whole, Tor and I2P complement each other in their focus - Tor works
@@ -634,6 +629,7 @@ What other tunnel peer selection and ordering strategies should be available?
the steps necessary to modify Tor to take advantage of I2P's design, but concerns
of Tor's viability under resource scarcity suggest that I2P's packet switching
architecture will be able to exploit scarce resources more effectively. </p>
+
<h2 id="similar.freenet">Freenet</h2>
<p><i><a href="http://www.freenetproject.org/">website</a></i></p>
<p> Freenet played a large part in the initial stages of I2P's design - giving
@@ -655,8 +651,8 @@ What other tunnel peer selection and ordering strategies should be available?
<p> Freenet's functionality is very complementary to I2P's, as Freenet natively
provides many of the tools for operating medium and high latency systems,
while I2P natively provides the low latency mix network suitable for offering
- adequate anonymity. The logic of separating the mixnet from the censorship
- resistant distributed data store still seems self evident from an engineering,
+ adequate anonymity. The logic of separating the mixnet from the censorship-
+ resistant distributed data store still seems self-evident from an engineering,
anonymity, security, and resource allocation perspective, so hopefully the
Freenet team will pursue efforts in that direction, if not simply reusing
(or helping to improve, as necessary) existing mixnets like I2P or Tor. </p>
@@ -669,43 +665,52 @@ What other tunnel peer selection and ordering strategies should be available?
regimes against state level adversaries has been tremendously overstated,
and any analysis on the implications of resource scarcity upon the scalability
of the network has seemingly been avoided. Further questions regarding susceptibility
- to traffic analysis, trust, and other topics do exist, but a more in-depth
+ to traffic analysis, trust and other topics do exist, but a more in-depth
review of this "globally scalable darknet" will have to wait until the Freenet
team makes more information available. </p>
+
<h1 id="app">Appendix A: Application layer</h1>
- <p> I2P itself doesn't really do much - it simply sends messages to remote destinations
+
+ <p>
+ I2P itself doesn't really do much - it simply sends messages to remote destinations
and receives messages targeting local destinations - most of the interesting
work goes on at the layers above it. By itself, I2P could be seen as an anonymous
and secure IP layer, and the bundled <a href="#app.streaming">streaming library</a>
as an implementation of an anonymous and secure TCP layer on top of it. Beyond
that, <a href="#app.i2ptunnel">I2PTunnel</a> exposes a generic TCP proxying
system for either getting into or out of the I2P network, plus a variety of
- network applications provide further functionality for end users. </p>
+ network applications provide further functionality for end users.
+ </p>
+
<h2 id="app.streaming">Streaming library</h2>
- <p> The streaming library has grown organically for I2P - first mihi implemented
- the "mini streaming library" as part of I2PTunnel, which was limited to a
- window size of 1 message (requiring an ACK before sending the next one), and
- then it was refactored out into a generic streaming interface (mirroring TCP
- sockets) and the full streaming implementation was deployed with a sliding
- window protocol and optimizations to take into account the high bandwidth
- x delay product. Individual streams may adjust the maximum packet size and
+ <p>
+ The I2P streaming library can be viewed as a generic streaming interface (mirroring TCP sockets),
+ and the implementation supports a <a href="http://en.wikipedia.org/wiki/Sliding_Window_Protocol">sliding window protocol</a>
+ with several optimizations, to take into account the high delay over I2P.
+ Individual streams may adjust the maximum packet size and
other options, though the default of 4KB compressed seems a reasonable tradeoff
between the bandwidth costs of retransmitting lost messages and the latency
- of multiple messages. </p>
- <p> In addition, in consideration of the relatively high cost of subsequent
+ of multiple messages.
+ </p>
+ <p>
+ In addition, in consideration of the relatively high cost of subsequent
messages, the streaming library's protocol for scheduling and delivering messages
has been optimized to allow individual messages passed to contain as much
information as is available. For instance, a small HTTP transaction proxied
through the streaming library can be completed in a single round trip - the
- first message bundles a SYN, FIN, and the small payload (an HTTP request typically
- fits) and the reply bundles the SYN, FIN, ACK, and the small payload (many
+ first message bundles a SYN, FIN and the small payload (an HTTP request typically
+ fits) and the reply bundles the SYN, FIN, ACK and the small payload (many
HTTP responses fit). While an additional ACK must be transmitted to tell the
HTTP server that the SYN/FIN/ACK has been received, the local HTTP proxy can
- deliver the full response to the browser immediately. </p>
- <p> On the whole, however, the streaming library bears much resemblance to an
+ deliver the full response to the browser immediately.
+ </p>
+ <p>
+ On the whole, however, the streaming library bears much resemblance to an
abstraction of TCP, with its sliding windows, congestion control algorithms
(both slow start and congestion avoidance), and general packet behavior (ACK,
- SYN, FIN, RST, rto calculation, etc). </p>
+ SYN, FIN, RST, etc).
+ </p>
+
<h2 id="app.naming">Naming library and addressbook</h2>
<p><i> For more information see the <a href="naming.html">Naming and Addressbook</a>
page.</i></p>
@@ -717,7 +722,7 @@ What other tunnel peer selection and ordering strategies should be available?
voting systems. Instead, I2P ships with a generic naming library and a base
implementation designed to work off a local name to destination mapping, as
well as an optional add-on application called the "addressbook". The addressbook
- is a web-of-trust driven secure, distributed, and human readable naming system,
+ is a web-of-trust-driven secure, distributed, and human readable naming system,
sacrificing only the call for all human readable names to be globally unique
by mandating only local uniqueness. While all messages in I2P are cryptographically
addressed by their destination, different people can have local addressbook
@@ -750,6 +755,7 @@ What other tunnel peer selection and ordering strategies should be available?
library includes a simple service provider interface which alternate naming
systems can plug into, allowing end users to drive what sort of naming tradeoffs
they prefer. </p>
+
<h2 id="app.syndie">Syndie</h2>
<p><i> The old Syndie bundled with I2P has been replaced by the new Syndie which
is distributed separately. For more information see the <a href="http://syndie.i2p2.de/">Syndie</a>
@@ -760,9 +766,10 @@ What other tunnel peer selection and ordering strategies should be available?
needs for security and anonymity. Rather than building its own content distribution
network, Syndie is designed to run on top of existing networks, syndicating
content through eepsites, Tor hidden services, Freenet freesites, normal websites,
- usenet newgroups, email lists, RSS feeds, etc. Data published with Syndie
+ usenet newsgroups, email lists, RSS feeds, etc. Data published with Syndie
is done so as to offer pseudonymous authentication to anyone reading or archiving
it. </p>
+
<h2 id="app.i2ptunnel">I2PTunnel</h2>
<p><i>Developed by: mihi</i></p>
<p> I2PTunnel is probably I2P's most popular and versatile client application,
@@ -800,6 +807,7 @@ What other tunnel peer selection and ordering strategies should be available?
at POP3 and SMTP servers), as well as "client" tunnels pointing at I2P's CVS
server, allowing anonymous development. At times people have even run "client"
proxies to access the "server" instances pointing at an NNTP server. </p>
+
<h2 id="app.i2pbt">i2p-bt</h2>
<p><i>Developed by: duck, et al</i></p>
<p> i2p-bt is a port of the mainline python BitTorrent client to run both the
@@ -812,30 +820,35 @@ What other tunnel peer selection and ordering strategies should be available?
a few modifications as necessary to strip any anonymity-compromising information
from the application and to take into consideration the fact that IPs cannot
be used for identifying peers. </p>
+
<h2 id="app.i2psnark">I2PSnark</h2>
<p><i>I2PSnark developed: jrandom, et al, ported from <a
href="http://www.klomp.org/mark/">mjw</a>'s <a
href="http://www.klomp.org/snark/">Snark</a> client</i></p>
- <p> Bundled with the I2P install, I2PSnark offers a simple anonymous bittorrent
+ <p> Bundled with the I2P install, I2PSnark offers a simple anonymous BitTorrent
client with multitorrent capabilities, exposing all of the functionality through
a plain HTML web interface. </p>
- <h2 id="app.azneti2p">Azureus/azneti2p</h2>
- <p><i>Developed by: parg, et al</i></p>
- <p> The developers of the <a href="http://azureus.sf.net/">Azureus</a> BitTorrent
- client have created an "azneti2p" plugin, allowing Azureus users to participate
- in anonymous swarms over I2P, or simply to access anonymously hosted trackers
- while contacting each peer directly. In addition, Azureus' built in tracker
- lets people run their own anonymous trackers without running bytemonsoon (which
- has substantial prerequisites) or i2p-bt's tracker. The plugin is currently
- (July 2005) fully functional, but is in early beta and has a fairly complicated
- configuration process, though it is hopefully going to be streamlined further.
- </p>
+
+ <h2 id="app.robert">Robert</h2>
+ <p><i>Developed by: sponge</i></p>
+ <p>Robert is a Bittorrent client written in Python.
+ It is hosted on <a href="http://bob.i2p/Robert.html">http://bob.i2p/Robert.html</a></p> <!-- TODO: expand -->
+
+ <h2 id="app.pybit">PyBit</h2>
+ <p><i>Developed by: Blub</i></p>
+ <p>PyBit is a Bittorrent client written in Python.
+ It is hosted on <a href="http://pebcache.i2p/">http://pebcache.i2p/</a></p> <!-- TODO: expand -->
+
<h2 id="app.i2phex">I2Phex</h2>
<p><i>Developed by: sirup</i></p>
<p> I2Phex is a fairly direct port of the Phex Gnutella filesharing client to
run entirely on top of I2P. While it has disabled some of Phex's functionality,
such as integration with Gnutella webcaches, the basic file sharing and chatting
system is fully functional. </p>
+<h2 id="app.imule">iMule</h2>
+ <p><i>Developed by: mkvore</i></p>
+ <p> iMule is a fairly direct port of the aMule filesharing client
+ running entirely inside I2P.</p>
<h2 id="app.i2pmail">I2Pmail/susimail</h2>
<p><i>Developed by: postman, susi23, mastiejaner</i></p>
<p> I2Pmail is more a service than an application - postman offers both internal
@@ -855,4 +868,21 @@ href="http://www.klomp.org/snark/">Snark</a> client</i></p>
mailsystem, called "v2mail". More information can be found on the eepsite
<a href="http://hq.postman.i2p/">hq.postman.i2p</a>.</p>
+ <h2 id="app.i2pbote">I2P-Bote</h2>
+ <p><i>Developed by: HungryHobo</i></p>
+ <p>
+ I2P-Bote is a distributed e-mail application. It does not use the traditional
+ e-mail concept of sending an e-mail to a server and retrieving it from a server.
+ Instead, it uses a Kademlia Distributed Hash Table to store mails.
+ One user can push a mail into the DHT, while another can request the e-mail from the DHT.
+ And all the mails sent within the I2P-Bote network are automatically encrypted end-to-end. <br>
+ Furthermore, I2P-Bote offers a remailer function on top of I2P, for increased high-latency anonymity.
+ </p>
+
+ <h2 id="app.i2pmessenger">I2P-Messenger</h2>
+ <p>
+ I2P-Messenger is an end-to-end encrypted serverless communication application.
+ For communication between two users, they need to give each other their destination keys, to allow the other to connect.
+ It supports file transfer and has a search for other users, based on Seedless.
+ </p>
{% endblock %}
diff --git a/www.i2p2/pages/techintro_fr.html b/www.i2p2/pages/techintro_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..88b6b81649c082de49e4c3a0a670ea9bad7d1df3
--- /dev/null
+++ b/www.i2p2/pages/techintro_fr.html
@@ -0,0 +1,831 @@
+{% extends "_layout_fr.html" %}
+{% block title %}Présentation d'I2P{% endblock %}
+{% block content %}
+Traduction de mars 2011. <a href="techintro.html">Version anglaise actuelle</a>
+ <h1 class="title">I2P: <span style="font-size:medium,">Une plate-forme modulaire pour la communication anonyme</span></h1>
+ <div id="toc">
+ <h2>Table des matières</h2>
+ <ul>
+ <li><a href="#intro">Introduction</a></li>
+ <li><a href="#op">Fonctionnement d'I2P</a>
+ <ul>
+ <li><a href="#op.overview">Aperçu</a></li>
+ <li><a href="#op.tunnels">Tunnels</a></li>
+ <li><a href="#op.netdb">Base de données du réseau</a></li>
+ <li><a href="#op.transport">Protocoles de transport </a></li>
+ <li><a href="#op.crypto">Cryptographie</a></li></ul>
+ </li>
+ <li><a href="#future">L'avenir</a></li>
+ <li><a href="#similar">Systèmes similaires</a>
+ <ul>
+ <li><a href="#similar.tor">Tor</a></li>
+ <li><a href="#similar.freenet">Freenet</a></li>
+ </ul>
+ </li>
+
+
+</li>
+ <li><a href="#app">Appendice A: la couche applicative</a>
+ <ul>
+ <li><a href="#app.streaming">Bibliothèque de flux (streaming)</a></li>
+ <li><a href="#app.naming">Bibliothèque de nommage et carnet d'adresses</a></li>
+ <li><a href="#app.syndie">Syndie</a></li>
+ <li><a href="#app.i2ptunnel">I2PTunnel</a></li>
+ <li><a href="#app.i2pbt">i2p-bt</a></li>
+ <li><a href="#app.i2psnark">I2PSnark</a></li>
+ <li><a href="#app.robert">Robert</a></li>
+ <li><a href="#app.pybit">PyBit</a></li>
+ <li><a href="#app.i2phex">I2Phex</a></li>
+ <li><a href="#app.i2pmail">I2Pmail/susimail</a></li>
+ <li><a href="#app.i2pbote">I2P-Bote</a></li>
+ <li><a href="#app.i2pmessenger">I2P-messenger</a></li>
+ </ul>
+ </li>
+ </ul>
+ </div>
+
+ <br/>
+ <h1 id="intro">Introduction</h1>
+ <p>
+ I2P est une couche réseau à commutation de paquets, modulaire, à tolérance de panne, auto-adaptative, et anonyme
+ sur laquelle peuvent fonctionner n'importe quel nombre d'applications conçues pour l'anonymat ou la sécurité.
+ Chacune de ces applications peut gérer ses propres contraintes d'anonymat, de latence et de débit,
+ sans avoir à se soucier d'une implémentation correcte d'un
+ <a href="http://en.wikipedia.org/wiki/Mix_network">réseau croisé (mixnet)</a>
+ d'accès libre qui leur permet de mêler leur activité au grand groupe d'utilisateurs anonymisés
+ déjà présents sur I2P.
+ </p>
+ <p>
+ Des applications d'ores et déjà disponibles offrent un large éventail de fonctionnalités Internet classiques
+ <b>mais anonymes</b>: exploration web, hébergement, chat, partage de fichiers, e-mail,
+ blogs et publications simultanées, newsgroups, tout comme plusieurs autres applications en cours de développement.
+ <ul>
+ <li>Exploration web: en utilisant tout navigateur compatible avec un serveur mandataire (proxy).</li>
+ <li>Chat: IRC, Jabber, <a href="#app.i2pmessenger">I2P-messenger</a>, ou tout autre compatible proxy.</li>
+ <li>Partage de fichiers: <a href="#app.i2psnark">I2PSnark</a>, <a href="#app.robert">Robert</a>,
+ <a href="#app.i2phex">I2Phex</a>, <a href="#app.pybit">PyBit</a>, <a href="#app.i2pbt">I2P-bt</a>
+ et d'autres.
+ </li>
+ <li>E-mail: <a href="#app.i2pmail">susimail</a> et <a href="#app.i2pbote">I2P-Bote</a>.</li>
+ <li>Newsgroups: via un lecteur de newsgroups compatible proxy.</li>
+ </ul>
+ <p>
+ Contrairement aux sites web hébergés sur des réseaux de distribution de contenu comme
+ <a href="#similar.freenet">Freenet</a> ou <a href="http://www.ovmj.org/GNUnet/">GNUnet</a>,
+ les services hébergés sur I2P sont totalement interactifs: il y des moteurs de recherches traditionnels,
+ des BBS, des blogs sur lesquels vous pouvez déposer des commentaires, des sites pilotés par bases de données,
+ et des ponts pour interroger les systèmes statiques comme Freenet sans devoir en faire une installation locale.
+ </p>
+ <p>
+ Grâce à toutes ces applications prenant l'anonymat en considération, I2P prend le rôle
+ de plaque tournante "orientée messages": les applications demandent à envoyer des données
+ Ã un identifiant cryptographique (une "destination") et I2P prend soin de s'assurer qu'elles
+ y parviennent en toute sécurité et anonymat. I2P fournit aussi une bibliothèque simple pour les
+ <a href="#app.streaming">flux</a> (streaming) pour permettre le transfert fiable et ordonné de messages
+ de flux anonymes, en offrant de façon transparente un algorithme de contrôle de congestion basé sur TCP
+ et optimisé pour les applications à haute bande passante au sein réseau.
+ Bien qu'il y ait eu plusieurs simple mandataires SOCKS disponibles pour attirer des applications existantes
+ dans le réseau, leur intérêt a été limité car presque toutes exposent intrinsèquement ce qui, du point de vue
+ de l'anonymat, s'avère être des informations sensibles. La seule façon d'avancer est d'analyser complètement
+ une application pour s'assurer d'un fonctionnement irréprochable, et pour y aider, nous fournissons
+ une série d'API dans divers langages, qui permettent d'en faire le plus possible en dehors du réseau.
+ </p>
+ <p>
+ I2P n'est pas un projet de recherche (universitaire, commercial, ou gouvernemental), mais un effort
+ d'ingénierie dont le but est de faire tout le nécessaire pour assurer
+ un niveau d'anonymat suffisant à ceux qui en ont besoin. Il est en développement actif
+ depuis les débuts de 2003 avec un développeur à temps plein et un groupe dédié de
+ contributeurs à temps partiel répartis dans le monde entier. Tout le travail fourni pour I2P
+ est "open source" et gratuitement disponible sur le <a href="index_fr.html">site</a>,
+ pour lequel la plus grande partie du code est publié directement dans le domaine public, bien que
+ faisant usage de quelques routines cryptographiques sous licences de style BSD. L'équipe d'I2P
+ ne contrôle pas le cadre légal de publication des applications tierce partie. Il y a plusieurs
+ applications disponibles sous licence GPL (<a href="#app.i2ptunnel">I2PTunnel</a>,
+ <a href="#app.i2pmail">susimail</a>, <a href="#app.i2psnark">I2PSnark</a>,
+ <a href="#app.i2phex">I2Phex</a> et d'autres).
+ Le <a href="http://www.i2p.net/halloffame">financement</a> d'I2P vient entièrement de dons,
+ et ne bénéficie pour l'instant d'aucune dispense d'impôts de la part de quelque juridiction que ce soit,
+ vu que la plupart des développeurs sont anonymes.
+ </p>
+ <h1 id="op">Fonctionnement</h1>
+ <h2 id="op.overview">Aperçu</h2>
+ <p>
+ Pour comprendre le fonctionnement d'I2P, quelques concepts fondamentaux sont prérequis.
+ Tout d'abord, I2P fait une séparation stricte entre le logiciel participant au réseau
+ (un "routeur") et les point terminaux anonymes (les "destinations") associés aux applications particulières.
+ Que quelqu'un utilise I2P n'est généralement pas un secret. Ce qui est caché, c'est
+ c'est tout ce que l'utilisateur en fait, aussi bien qu'à quelle destination particulière le routeur est connecté.
+ En général, l'utilisateur dispose sur son routeur de plusieurs destinations locales: une, par exemple,
+ pour se connecter en proxy aux serveurs IRC, une autre pour héberger son propre site Internet
+ anonyme ("eepsite"), une autre pour une instance I2Phex, une autre encore pour les torrents, etc...
+ </p>
+ <p>
+ Un autre concept majeur est celui de "tunnel".
+ Un tunnel un chemin orienté passant par une liste de routeurs explicitement sélectionnés.
+ Un cryptage en couches est utilisé pour que chacun des routeurs n'en puisse décrypter qu'une seule.
+ L'information décryptée contient l'IP du routeur suivant, avec l'information cryptée à faire suivre.
+ Chaque tunnel a un point de départ (le premier routeur, appelé "passerelle")
+ et un point terminal. Les messages ne peuvent être envoyés que dans un seul sens. Pour les réponses,
+ un autre tunnel est nécessaire.
+ </p>
+ <div class="box" style="text-align:center;">
+ <img src="_static/images/tunnels_fr.png" alt="Schéma de tunnels entrant et sortant"
+ title="Schéma de tunnels entrant et sortant" />
+ <br /><br />
+ Figure 1: Les deux types de tunnels: entrant et sortant.
+ </div>
+ <br/>
+ <p>
+ Il y deux types de tunnels:
+ Les <b>tunnels "sortants"</b> expédient des messages depuis le créateur du tunnel, alors
+ que les <b>tunnels "entrants"</b> ramènent des messages vers le créateur du tunnel.
+ La combinaison de ces deux tunnels permet aux utilisateurs de s'envoyer des messages les uns aux autres.
+ L'expéditeur ("Alice" dans l'illustration ci-dessus) crée un tunnel sortant,
+ et le récepteur ("Bob" ci-dessus) crée un tunnel entrant.
+ La passerelle d'un tunnel entrant peut recevoir des messages de n'importe quel autre utilisateur
+ et les envoie jusqu'au point terminal ("Bob").
+ Le point terminal du tunnel sortant devra pouvoir envoyer le message vers la passerelle du tunnel entrant.
+ Pour le permettre, l'expéditeur ("Alice") ajoute à son message crypté des instructions cryptées à l'intention
+ du point terminal sortant. Une fois décryptées par celui-ci, il dispose alors des informations nécessaires
+ au transfert vers la bonne passerelle entrante (la passerelle vers "Bob").
+ </p>
+ <p>
+ Le troisième concept fondamental est la <b>"base de données"</b> I2P (ou "netDb"):
+ une paire d'algorithmes utilisés pour le partage des métadonnées du réseau. Les deux types de métadonnées
+ transportées sont la <b>"routerInfo"</b> et les <b>"jeux de baux"</b> (leaseSets):
+ la routerInfo donne aux routeurs les données nécessaires pour contacter un autre routeur particulier
+ (ses clés publiques, adresse de transport, etc...), et les jeux de baux donnent au routeurs les informations
+ nécessaires pour joindre une destination particulière. Un jeu de baux contient un certain nombre de "baux".
+ Chacun de ces baux indique une passerelle de tunnel qui permet d'atteindre une destination particulière.
+ Détail complet des informations contenues dans un bail:
+ <ul>
+ <li>Passerelle entrante pour un tunnel permettant d'atteindre une certaine destination.</li>
+ <li>Moment d'expiration du tunnel.</li>
+ <li>Paire de clés publiques pour pouvoir crypter les messages (à envoyer à travers le tunnel
+ et atteindre la destination).</li>
+ </ul>
+ Les routeurs envoient eux-mêmes directement leur "routerInfo" à la base de données,
+ alors que les jeux de baux sont envoyés par des tunnels sortants (ils doivent rester anonymes, pour
+ empêcher toute tentative de corrélation entre un routeur et ses jeux de baux).
+ </p>
+ <p>On peut combiner les trois concepts exposés ci-dessus pour établir des connexions effectives dans le réseau.
+ </p>
+ <p>
+ Pour créer ses propres tunnels entrants et sortants, Alice fait une recherche dans la "netDb" pour obtenir
+ des "routerInfo".
+ De cette façon, elle constitue des listes de pairs qu'elle peut utiliser en tant que sauts dans ses tunnels.
+ Ensuite elle peut envoyer au premier saut un message élaboré, demandant la création d'un tunnel, et de faire passer
+ cette demande plus loin, jusqu'à ce que le tunnel soit entièrement créé.
+ </p>
+ <div class="box" style="text-align:center;">
+ <img src="_static/images/netdb_get_routerinfo_1_fr.png" alt="Demande d'informations sur d'autres routeurs"
+ title="Demande d'informations sur d'autres routeurs" />
+
+ <img src="_static/images/netdb_get_routerinfo_2_fr.png"
+ alt="Construction d'un tunnel grâce aux informations sur les routeurs"
+ title="Construction d'un tunnel grâce aux informations sur les routeurs" />
+ <br /><br />
+ Figure 2: Les informations sur les routeurs servent à construire les tunnels.
+ </div>
+ <br/>
+ <p>
+ Quand Alice désire envoyer un message à Bob, elle recherche tout d'abord dans la netDb
+ un jeu de baux de Bob, ce qui lui donne ses passerelles entrantes de tunnels.
+ Elle choisit ensuite un de ses tunnels sortants et y envoie le message avec les
+ instructions pour le point terminal afin qu'il fasse suivre le message à l'une des
+ passerelles de tunnels entrants de Bob. Quand le point terminal reçois ces instructions,
+ il transfère le message comme demandé, et quand la passerelle de tunnel entrant de Bob le reçoit,
+ elle le transfère dans le tunnel vers le routeur de Bob. Si Alice veut que Bob puisse répondre,
+ elle doit lui indiquer explicitement sa propre destination en tant qu'élément du message lui-même.
+ On y parvient en introduisant une couche de haut niveau, ce qui est fait par la bibliothèque de flux
+ <a href="#app.streaming">flux</a> (streaming).
+ Alice peut aussi raccourcir le temps de réponse en fournissant dans le message son jeu de baux le plus récent,
+ en sorte que Bob soit dispensé d'une requête à netDb quand il voudra répondre. Mais ceci est optionnel.
+ </p>
+ <div class="box" style="text-align:center;">
+ <img src="_static/images/netdb_get_leaseset_fr.png" alt="Connexion de tunnels grâce au jeux de baux"
+title="Connexion de tunnels grâce au jeux de baux" />
+ <br /><br />
+ Figure 3: Les jeux de baux sont utilisés pour connecter les tunnels sortants et entrants.
+ </div>
+ <br/>
+ <p>
+ De même que les tunnels ont eux-mêmes un cryptage étagé pour empêcher un dévoilement non autorisé
+ par les pairs au sein du réseau (comme la couche transport le fait elle-même pour protéger des pairs
+ les contenus en dehors du réseau), il est nécessaire d'ajouter une couche additionnelle
+ de cryptage de bout en bout pour cacher le message au point terminal sortant et à la passerelle entrante.
+ Ce cryptage "<a href="#op.garlic">en tête d'ail</a>" (garlic)
+ fait que le routeur d'Alice va "emballer" de multiples messages dans un seul message
+ (la tête d'ail="garlic message"), crypté pour une certaine clé publique en sorte que les pairs intermédiaires
+ ne puissent déterminer ni combien il y a de messages (des gousses ou caïeux si on veut pousser plus loin
+ l'analogie botanique) dans le bulbe, ni si ces messages sont amers ou sucrés (ce qu'ils disent), ni si ces gousses
+ vont servir à frotter un plat à cassoulet, finir fondus dans un gigot
+ ou hachés/grillés sur une dorade (à qui elles sont destinées). Pour une communication typique
+ de point à point entre Alice et Bob, la tête d'ail va être cryptée avec la clé publique annoncée
+ dans le jeu de baux de Bob, ce qui permet le cryptage sans donner la clé publique du routeur de Bob.
+ </p>
+ <p>
+ Une autre donnée importante qu'il faut garder à l'esprit, est qu'I2P est entièrement basé sur l'échange
+ de messages et que quelques messages pourraient se perdre en chemin. Les applications utilisant I2P peuvent
+ utiliser les interfaces "orientées messages" et s'occuper de leur propre contrôle de congestion et besoins de
+ fiabilité, mais elles seront mieux servies en utilisant la bibliothèque de <a href="#app.streaming">streaming</a>
+ fournie en vue de voir I2P comme un réseau "orienté flux".
+ </p>
+ <h2 id="op.tunnels">Les tunnels</h2>
+ <p>
+ Les tunnels entrants et sortants partagent les mêmes principes de fonctionnement.
+ La passerelle de tunnel accumule un certain nombre de messages, en les pré-traitant éventuellement
+ en vue d'une distribution dans le tunnel. Ensuite, elle crypte ces données préparées
+ et les transfère vers le premier saut. Ce pair et les participants suivants du tunnel
+ y ajoutent une couche de cryptage après avoir vérifié qu'il ne s'agit pas d'un doublon et avant
+ de le transférer au pair suivant. Le message arrive éventuellement au point terminal
+ où les messages sont de nouveau séparés et transférés comme demandé. La différence réside
+ dans l'action du créateur du tunnel: pour les tunnels entrants, le créateur est le point terminal,
+ et il déchiffre simplement toutes les couches ajoutées, alors que pour les tunnels sortants,
+ le créateur est la passerelle, et il pré-déchiffre toutes les couches pour qu'une fois toutes
+ les couches de cryptage par saut ajoutées, le message arrive en clair au point terminal.
+ </p>
+ <p>
+ Le choix de pairs spécifiques pour passer les messages, ainsi que la définition de leur séquence,
+ est important pour une bonne compréhension de l'anatomie et des performances d'I2P.
+ Alors que la base de données dispose de ses propres critères de sélection lors du choix
+ des pairs à interroger et pour mémoriser les entrées correspondantes, les créateurs de tunnels utilisent
+ n'importe quels pairs du réseau et dans n'importe quel ordre (et même un nombre de fois indéfini) dans le
+ même tunnel. Si des données précises de latence et de capacité étaient globalement connues, la sélection et
+ le tri seraient pilotés par les besoins particuliers du client en relation avec leur modèle de sécurité.
+ Malheureusement, la latence et les capacités ne sont pas simples à collecter anonymement, et avoir besoin
+ besoin de pairs sans confiance établie pour fournir ces informations pose de sérieux problèmes d'anonymat.
+ </p>
+ <p>
+ Du point de vue de l'anonymat, la technique la plus simple serait de sélectionner des pairs au hasard
+ dans la totalité du réseau, de les trier aléatoirement, et de les utiliser dans cet ordre ad vitam æternam.
+ Mais pour les performances, la plus simple façon serait de ne retenir que les plus rapides disposant de la
+ réserve de capacité suffisante, de répartir la charge sur différents pairs pour gérer les défaillances
+ de façon transparente, et de recréer le tunnel chaque fois que l'information de capacité est modifiée.
+ alors que la première façon est à la fois fragile et inefficace, la seconde demande des informations
+ indisponibles et n'offre qu'un anonymat insuffisant.
+ I2P fonctionne plutôt en utilisant une gamme de stratégies de sélection des pairs,
+ couplée à du code d'évaluation du niveau d'anonymat pour organiser ces pairs selon leur profil.
+ </p>
+ <p>
+ À la base, I2P classe en permanence les pairs avec lesquels il interagit en mesurant indirectement
+ leur comportement: par exemple, quand un pair répond à une requête netDb en 1,3s,
+ cette latence d'aller-retour est enregistrée dans les profils pour tous les routeurs impliqués
+ dans les deux tunnels (entrant et sortant) au travers desquels la requête et la réponse sont passées,
+ ainsi que le profil du pair. Les mesures directes, telles que la latence de la couche transport ou la congestion,
+ ne sont pas utilisées en tant que données de profil car elles peuvent être manipulées au routeur mesurant,
+ l'exposant ainsi à des attaques basiques. En rassemblant ces profils, une série de calculs est lancée
+ sur chacun pour synthétiser ses performances: sa latence, sa capacité à gérer beaucoup d'activités, s'il est
+ actuellement surchargé, et à quel point il semble bien intégré au réseau.
+ Les résultats de ces calculs sont alors comparés pour les pairs actifs afin de
+ répartir les routeurs en quatre groupes: les rapides à hautes capacités, ceux de hautes capacités, les non
+ défaillants, et les défaillants. Les seuils de ces groupes sont déterminés dynamiquement, et comme ils n'utilisent
+ actuellement que des algorithmes assez simples, il y a d'autres possibilités.
+ </p>
+ <p> Pour utiliser ces données de profils, la stratégie de sélection la plus simple consiste Ã
+ les prendre aléatoirement dans le premier groupe (celui des plus rapides à fortes capacités),
+ et c'est ce qui est actuellement employé pour les tunnels clients.
+ Les tunnels exploratoires (utilisés pour les communications avec la base de données et la gestion des tunnels)
+ prennent les pairs aléatoirement dans le troisième groupe des non défaillants (qui inclut ceux du premier),
+ ce qui permet une base de sélection plus étoffée avec pour effet l'optimisation de la sélection
+ via une progression aléatoire. Ces stratégies laissent cependant fuir des informations concernant les pairs
+ du premier groupe utilisables par des attaques du type collecte de base de données et du type prédécesseur.
+ En retour, il y a plusieurs alternatives qui bien que n'équilibrant pas la charge aussi uniformément,
+ bloquent les attaques lancées par certains types d'ennemis.
+ </p>
+ <p>
+ En sélectionnant une clé aléatoire et en triant les pairs selon leur distance "eXORisée" à cette clé,
+ la fuite d'information est réduite pour les attaques prédécesseur et collecte, suivant le taux de défaillance
+ des pairs et le renouvellement des seuils des groupes. Une autre stratégie simple pour parer aux
+ attaques par collecte de la netDb consiste simplement à obliger la passerelle entrante à figer
+ aléatoirement la position des pairs situés plus loin dans le tunnel. Pour gérer les attaques de prédécesseur
+ par des adversaires que le client contacte, le point terminal de tunnel devrait aussi rester statique.
+ La sélection du pair à figer au point le plus vulnérable doit bien sûr être limitée en durée,
+ car tous les pairs sont susceptibles de défaillance, et donc elle doit soit être ajustée en réaction, ou
+ préventivement empêchée pour simuler le MTBF (temps moyen entre défaillances) mesuré d'autres routeurs.
+ Ces deux stratégies peuvent ensuite être combinées, en utilisant un pair vulnérable figé et un tri sur XOR
+ dans les tunnels eux-mêmes. Une stratégie plus stricte consisterait à définir les pairs précis et leur ordre
+ dans un tunnel potentiel, en utilisant uniquement de pairs qui accepteraient tous de participer de la même
+ façon à chaque fois. Ceci diffère du tri basé sur le résultat de l'XOR en ce que le prédécesseur
+ et le successeur de chaque pair serait toujours les mêmes, alors que le tri sur l'XOR ne permet que de s'assurer
+ que leur ordre ne change pas.
+ </p>
+ <p>
+ Comme déjà mentionné, I2P, actuellement en version 0.8 inclut la stratégie basée sur les groupes,
+ avec le tri basé sur le XOR. Une discussion plus poussée des mécanismes impliqués dans les opérations de tunnel
+ la gestion et la sélection des pairs est disponible sur la page
+ <a href="tunnel-alt.html">spécification des tunnels</a>.
+ </p>
+ <h2 id="op.netdb">Base de données</h2>
+ <p>
+ Comme indiqué précédemment, la base de données d'I2P sert à partager les métadonnées du réseau.
+ Ceci est détaillé sur la page <a href="how_networkdatabase.html">La base de données du réseau</a>,
+ mais en voici une explication simplifiée:
+ </p>
+ <p>
+ Un certain pourcentage des utilisateurs d'I2P sont crédités du statut de 'floodfill peers', pairs remplisseurs par
+ diffusion, diffuseurs dans la suite.
+ Actuellement, les installations d'2P qui on une bonne bande passante et qui sont assez rapides se
+ déclarent elles-mêmes en tant que diffuseur dès que le nombre de routeurs diffuseurs tombe à un niveau trop faible.
+ </p>
+ <p>
+ Les autres routeurs I2P vont y enregistrer leurs données et recherches en envoyant de simples requêtes
+ 'store' et 'lookup' aux diffuseurs.
+ Quand un diffuseur reçoit un requête 'store', il la diffuse aux autres diffuseurs en utilisant
+ l'<a href="http://fr.wikipedia.org/wiki/Kademlia">algorithme Kademlia</a>.
+ Les requêtes 'lookup' fonctionnent actuellement de façon différente, pour éviter
+ <a href="how_networkdatabase.html#lookup">un problème de sécurité important</a>.
+ Lorsqu'une recherche est lancée, le diffuseur ne la diffuse pas, mais y répond lui-même s'il dispose
+ des données demandées.
+ </p>
+ <p>
+ Deux types d'informations sont stockées dans la netDb.
+ <ul>
+ <li><b>routerInfo</b>, un routeur I2P spécifique et la façon de le joindre.</li>
+ <li><b>leaseSet</b>, une destination spécifique (p.e. un site web I2P, un serveur de messagerie, etc...)</li>
+ </ul>
+ Toutes ces infos sont signées par leur propriétaire, et vérifiées par tout routeur I2P qui les utilise
+ ou les stocke.
+ De plus, les données contiennent des informations de temps, pour éviter le stockage de vielles entrées
+ et empêcher d'éventuelles attaques. C'est aussi pourquoi I2P fournit le code nécessaire pour conserver
+ une heure correcte, en interrogeant de temps en temps des serveurs SNTP (dans le
+ tourniquet du réservoir <a href="http://www.pool.ntp.org/fr/">pool.ntp.org</a> par défaut)
+ et en détectant les dérives entre routeurs au niveau de la couche transport.
+ </p>
+ <p>
+ Autres remarques importantes.
+ <ul>
+ <li>
+ <b>Jeux de baux non publiés et cryptés:</b>
+ <p>
+ On pourrait souhaiter que seulement une personne particulière puisse joindre une certaine destination.
+ Ceci est possible par la non publication de la destination dans la base de données.
+ Il faudra alors transmettre la destination par quelqu'autre moyen. Ou alors en utilisant des jeux de baux
+ cryptés, uniquement décryptables par les gens pour lesquels ils ont été cryptés.
+ </p>
+ </li>
+ <li>
+ <b>Amorçage:</b>
+ <p>
+ L'amorçage de la base de données est assez simple. Une fois qu'un routeur réussit à recevoir la routerInfo
+ d'un seul autre pair joignable, il peut interroger ce routeur pour obtenir les informations d'autres routeurs
+ du réseau. Actuellement, bon nombre d'utilisateurs publient leur routerInfo files sur un site web
+ pour rendre cette information disponible. I2P se connecte automatiquement à l'un de ces sites pour
+ collecter des fichiers routerInfo files et d'amorcer.
+ </p>
+ </li>
+ <li>
+ <b>Adaptativité des recherches:</b>
+ <p>
+ Les recherches dans le réseau I2P ne sont pas transmises à d'autres routeurs de la base de données.
+ Actuellement, ce n'est pas un problème majeur, dans la mesure où le réseau n'est pas très grand.
+ Cependant, au fur et à mesure de sa croissance, chaque routeur n'aura pas toutes les routerInfo et tous
+ les jeux de baux de tout le réseau. Ceci provoquera une dégradation du pourcentage de requêtes réussies.
+ Pour ceci, des améliorations de la base de données sont au programme des prochaines versions.
+ </p>
+ </li>
+ </ul>
+ </p>
+ <h2 id="op.transport">Protocoles de transport</h2>
+ <p> Les communications entre routeurs doivent apporter confidentialité et intégrité
+ contre des menaces externes tout en certifiant que le routeur contacté est bien celui
+ qui doit recevoir un message donné. Les particularités sur la façon dont les routeurs communiquent
+ les uns avec les autres ne sont pas critiques: trois protocoles distincts ont été retenus
+ pour répondre à ces exigences. </p>
+ <p> I2P commença avec un protocole basé sur TCP qui depuis a été désactivé.
+ Puis, pour résoudre le problème du besoin élevé en terme de nombre de communications
+ (vu qu'un grand nombre de routeurs peuvent cesser de parler avec plusieurs autres), I2P a migré
+ de TCP vers un protocole <a href="udp.html">basé sur UDP</a> - "Secure
+ Semireliable UDP", UDP Sécurisé Semi-fiable, ou "SSU". </p>
+ <p> Comme expliqué dans la <a href="udp.html">spécification de SSU</a>:</p>
+ <blockquote> Le but de ce protocole est de fournir une livraison sécurisée, authentifiée,
+ semi-fiable, et non ordonnée, dévoilant uniquement une quantité minimale de données facilement
+ discernables par les tierces parties. Il doit tolérer un fort taux de communications
+ tout comme le contrôle de congestion TCP, et inclure la découverte MTU
+ <a href="http://fr.wikipedia.org/wiki/Path_MTU_discovery">PMTU</a>.
+ Il doit pouvoir transférer efficacement des données en vrac à un débit suffisant pour l'utilisation résidentielle.
+ De plus, il doit être compatible avec les techniques de contournement d'obstacles du le réseau
+ tels que les translateurs d'adresses (NAT) ou les pare-feux. </blockquote>
+ <p> Suite à l'introduction de SSU, après l'apparition de problèmes de congestion, un nouveau
+ transport TCP basé sur les <a href="http://en.wikipedia.org/wiki/New_I/O">NIO Java</a> appelé
+ <a href="ntcp.html">NTCP</a> fut implémenté.
+ Il est activé pour les connexions sortantes uniquement. Ceux qui configurent leur pare-feu/NAT
+ pour autoriser les connexions entrantes et précisent l'hôte et le port (même en style DynDNS, etc...)
+ dans la configuration peuvent recevoir des connexions entrantes.
+ Comme NTCP est bâti avec les NIO il n'est pas astreint au problème de "une connexion=une tâche" dont souffrait
+ l'ancien transport TCP. </p>
+ <p> I2P permet de multiples transports simultanément. Un transport particulier pour une connexion sortante
+ est sélectionné par des enchères. Chaque transport fait une offre pour obtenir la connexion, et la valeur relative
+ de l'offre décide de la priorité. Les transports peuvent répondre avec des offres différentes,
+ suivant s'il y a déjà une connexion établie avec le pair. </p>
+ <p> L'implémentation actuelle attribuent la plus haute priorité de transport à NTCP pour les connexions sortantes
+ dans la plupart des cas. SSU est activé à la fois pour les connexions sortantes et entrantes. Votre pare-feu/NAT
+ et votre routeur I2P doivent être configurés pour autoriser les connexions entrantes NTCP.
+ Voir les détails <a href="ntcp.html">ici</a> sur la page NTCP. </p>
+ <h2 id="op.crypto">Cryptographie</h2>
+ <p> Un petit minimum d'algorithmes cryptographiques de base sont combinés pour fournir
+ à I2P les protections étagées contre diverses menaces. Au niveau le plus bas, la communication inter routeurs
+ est protégée par la sécurité de la couche transport: SSU crypte chaque paquet avec
+ l'<a href="http://fr.wikipedia.org/wiki/Advanced_Encryption_Standard">AES</a>256/
+<a href="http://fr.wikipedia.org/wiki/Mode_d%27op%C3%A9ration_%28cryptographie%29#
+Encha.C3.AEnement_des_blocs_:_.C2.AB_Cipher_Block_Chaining_.C2.BB_.28CBC.29">CBC</a>
+ conjugué à un vecteur d'initialisation explicite et un code d'authentification de message
+ (<a href="http://fr.wikipedia.org/wiki/Keyed-Hash_Message_Authentication_Code">HMAC</a>-MD5-128) après
+ négociation préalable d'une clé de session via un échange
+ <a href="http://fr.wikipedia.org/wiki/Diffie-Hellman">Diffie-Hellman</a> Ã 2048 bits et
+ une authentification mutuelle avec la clé <a href="http://fr.wikipedia.org/wiki/Digital_Signature_Algorithm">DSA</a>
+ de l'autre routeur,
+ plus une vérification locale d'intégrité avec le propre hachage du message.
+
+ Les messages de <a href="#op.tunnels">tunnel</a> passés par les transports
+ disposent de leur propre cryptage étagé en AES256/CBC à VI explicite et sont vérifiés
+ au point terminal du tunnel à l'aide d'un hachage <a href="http://fr.wikipedia.org/wiki/SHA-256">SHA256</a>
+ supplémentaire. Divers autres messages sont passés regroupés dans des "garlic messages",
+ qui sont cryptés en
+ <a href="http://fr.wikipedia.org/wiki/Cryptosyst%C3%A8me_de_ElGamal">ElGamal</a>/AES+SessionTags
+ (expliqués ci-dessous).</p>
+ <h3 id="op.garlic">Messages "Garlic" : en têtes d'ail</h3>
+ <p> Ces messages sont une extension du cryptage "onion" en couches, permettant aux contenus d'un seul message
+ de contenir plusieurs "gousses", des messages complets juxtaposés à leurs propres instructions de livraison.
+ Les messages sont empaquetés chaque fois qu'il seraient sinon passés en clair au travers d'un pair qui n'aurait pas
+ accès aux informations de routage: par exemple, quand un routeur veut demander à un autre de participer à un
+ tunnel, ils ajoutent la requête dans un garlic qu'il cryptent à l'intention du routeur destinataire avec sa
+ clé publique ElGamal 2048 bits publiée dans son jeu de baux, et le font suivre dans un tunnel. Dans un autre
+ exemple, un client veut envoyer un message à une destination: le routeur du client va joindre ce message de
+ données (à côté de quelques autres messages) dans un garlic qu'il crypte en ElGamal 2048 à l'intention de la
+ destination avec sa clé publiée dans son jeu de baux, et l'envoie aux tunnels appropriés.</p>
+ <p> Les "instructions" attachées à chaque gousse dans la couche de cryptage incluent la possibilité
+ de demander que cette gousse soit transmise localement, à un routeur distant, ou à un tunnel distant sur un routeur
+ distant. Il y a des champs dans ces instructions permettant à un pair de demander que la livraison soit retardée
+ un certain temps ou jusqu'Ã ce qu'une condition soit remplie, bien qu'ils ne seront pas pris en compte avant que
+ les <a href="#future.variablelatency">retards variables</a> soient déployés. Il est possible
+ de router explicitement les messages en tête d'ail sur n'importe quel nombre de sauts sans construire de tunnels,
+ ou même de rerouter les messages de tunnels en les joignant à un garlic et en le faisant suivre à un certain
+ nombre de saut avant de le passer au saut suivant du tunnel, mais ces techniques ne sont pas actuellement utilisées
+ dans l'implémentation en cours. </p>
+ <h3 id="op.sessiontags">Balises de session</h3>
+ <p> En tant que système orienté messages non fiable et non ordonné, I2P utilise une simple combinaison
+ d'algorithmes de cryptage symétriques et asymétriques pour apporter la confidentialité et l'intégrité
+ des données aux messages garlics. Considérée comme un tout, la combinaison est appelée ElGamal/AES+SessionTags,
+ mais c'est un poil trop verbeux pour décrire une simple utilisation d'ElGamal 2048 bits, d'AES256, d'SHA256,
+ et de vecteurs d'initialisation de 32 octets. </p>
+ <p> La première fois qu'un routeur veut crypter un message garlic à l'usage d'un autre routeur,
+ il crypte les données de clés d'une session AES256 avec ElGamal et joint la charge utile cryptée en AES256/CBC
+ après le bloc crypté avec ElGamal. En plus de la charge utile cryptée, la section encryptée en AES contient
+ la longueur de la charge utile, le hachage de la charge non cryptée, ainsi qu'un certain nombre de balises de
+ session de 32 octets aléatoires. La fois suivante, plutôt que de crypter une nouvelle clé de session en ElGamal,
+ il va simplement prendre une des balises précédemment envoyées et crypter la charge en AES comme avant en utilisant
+ la clé de session associée à la balise, et préfixer la charge cryptée avec la balise. Quand un routeur reçoit
+ un message garlic, il cherche si les 32 premiers octets correspondent à une balise déjà disponible, auquel cas il
+ décryptent l'AES. En l'absence de correspondance, il décryptent le premier bloc en ElGamal.</p>
+ <p> Chaque balise de session est à usage unique, tant pour empêcher une attaque interne de mettre en corrélation
+ différents messages, que venant d'un point situé entre les mêmes routeurs. L'émetteur d'un message crypté
+ ElGamal/AES+SessionTag choisit quand et combien de balises il faut envoyer pour en fournir suffisamment au
+ destinataire afin de couvrir les besoins nécessaires au transfert d'un bouquet de messages.
+ Les messages garlics peuvent détecter la livraison correcte de balises en joignant un petit message supplémentaire
+ en tant que gousse (un accusé de réception): quand la tête d'ail arrive au destinataire prévu et est décryptée
+ avec succès, ce petit message de réussite pré fourni est un de ceux dévoilés dans la gousse, et il contient
+ les instructions pour le destinataire pour la renvoyer à l'émetteur (via un tunnel entrant, évidement).
+ Quand celui-ci reçoit ce message d'état de livraison, il sait que les balises de session ont bien été reçues.</p>
+ <p>Les balises ont une très courte durée de vie, passée laquelle elles sont invalidées faute d'avoir été utilisées.
+ De plus, leur nombre pour chaque clé est limité, tout comme le nombre de clés lui-même:
+ s'il en arrive trop, des messages récents ou plus anciens pourraient être perdus. L'émetteur fait un suivi
+ des messages qui utilisent les balises pour s'assurer qu'ils passent, et dans le cas contraire il se replie sur
+ l'algorithme ElGamal plus coûteux.</p>
+ <p> Une alternative consiste à ne transmettre qu'une seule balise de session, et de là ,
+ initialiser un
+ <a href="http://fr.wikipedia.org/wiki/G%C3%A9n%C3%A9rateur_de_nombres_pseudo-al%C3%A9atoires">
+ générateur de nombres pseudo-aléatoires</a> (PRNG) déterministe pour déduire quelles balises utiliser ou attendre.
+ En tenant ce générateur sommairement synchronisé entre l'émetteur et le destinataire (qui calcule par anticipation
+ par exemple une cinquantaine de balises), la surcharge induite par la fourniture périodique d'un grand nombre de
+ balises est supprimée, permettant ainsi plus d'options d'arbitrage dans l'espace et le temps, et éventuellement
+ la réduction du nombre d'encryptages ElGamal nécessaires. Cependant, il dépend de la robustesse du générateur de
+ fournir la protection contre les menaces internes, bien qu'on puisse minimiser toute faiblesse en limitant le
+ nombre d'utilisations de chaque générateur. Pour l'instant, il n'a pas de plans immédiats de migration vers ce
+ système de PRNGs synchronisés. </p>
+ <h1 id="future">L'avenir</h1>
+ <p> Bien qu'I2P soit actuellement opérationnel et suffisant dans de nombreux scenarii, il reste plusieurs zones qui
+ demandent de profondes améliorations pour atteindre les besoins de ceux devant faire face à des adversaires
+ puissants comme pour l'amélioration de l'utilisation quotidienne par les utilisateurs.
+ </p>
+ <h2 id="future.restricted">Les routes réservées</h2>
+ <p> I2P est une "sur-couche" réseau conçue pour fonctionner sur un réseau commuté par paquets,
+ exploitant la notion de "point à point" pour offrir l'anonymat et la sécurité.
+ Alors qu'Internet ne respecte plus le principe du bout en bout (Ã cause de l'utilisation du NAT),
+ I2P requiert qu'une portion substantielle du réseau soit joignable: il pourrait y avoir un bon nombre
+ de pairs utilisant des routes privées, mais I2P n'inclut pas d'algorithme de routage approprié à un scenario
+ de dégradation dans lequel la plus grande partie des pairs seraient injoignables. Il pourrait cependant fonctionner
+ sur un réseau utilisant un tel algorithme. </p>
+ <p> L'utilisation de routes réservées, où il y a des limites aux pairs joignables directement,
+ induit plusieurs conséquences sur le fonctionnement et l'anonymat, suivant la façon selon laquelle ces routes
+ sont gérées. Au niveau le plus basique, des routes réservées sont présentes quand un pair se trouve derrière
+ un pare-feu ou un NAT qui ne permet pas les connexions entrantes. Ceci a été grandement pris en compte depuis la
+ 0.6.0.6 en intégrant le percement de trous distribué dans la couche transport, permettant ainsi aux gens situés
+ derrière la plupart de pare-feux ou NATs de recevoir des connexions non sollicitées sans aucune configuration.
+ Cependant, ceci ne réduit pas l'exposition de l'adresse IP du pair aux routeurs du réseau,
+ car ils peuvent être présentés au pair au travers de l'intermédiaire publié.</p>
+ <p> Au-delà de la gestion fonctionnelle des routes privées, il y a deux niveaux d'opérations privées qui peuvent être
+ mis en œuvre pour limiter l'exposition des adresses IP: l'utilisation de tunnels dédiés à la communication et de
+ 'routeurs clients'. Pour le premier, les routeurs peuvent soit construire un nouveau groupe de tunnels ou
+ réutiliser leur groupe exploratoire, en publiant les passerelles entrantes vers quelques-uns d'entre eux en tant
+ que partie de leur routerInfo au lieu de leur adresse de transport. Quand un pair veut les contacter, il voit
+ ces passerelles de tunnel dans la base de données et leur envoient simplement le message concerné via un des tunnels
+ publiés. Si le pair situé derrière une route privée veut répondre, il peut le faire soit directement (s'il acceptent
+ de dévoiler leur adresse IP au pair) ou indirectement via leurs tunnels sortants. Quand les routeurs
+ auxquels le pair a une connexion directe veulent le joindre (p.e. pour faire suivre des messages de tunnels), ils
+ doivent simplement prioriser leur connexion directe par rapport à la passerelle de tunnels publiée.
+ Le concept de 'routeur client' étends simplement la route réservée en ne publiant aucune adresse de routeur.
+ Un tel routeur n'aurait même plus besoin de publier leur routerInfo dans la netDb, mais plutôt de fournir leur
+ leur routerInfo auto-signée aux pairs qu'il contacterait (nécessaire au transfert de ses clés publiques).
+ Ces deux niveaux d'opération sur routes privées sont prévus pour la version 2.0 d'I2P. </p>
+ <p> Il y a des choix à établir pour ceux situés sur des routes privées, vu qu'ils participeraient moins souvent aux
+ tunnels des autres utilisateurs, et que les routeurs auxquels ils sont connectés pourraient déduire des motifs
+ de trafic qui ne sont normalement pas exposés. D'un autre côté, si le coût de cette exposition est inférieur Ã
+ celui de rendre l'adresse IP disponible, cela peut être intéressant. Ceci, bien sûr, suppose que les pairs contactés
+ par celui qui est derrière une route réservée ne soient pas hostiles, ou que le réseau soit assez grand pour que la
+ probabilité de tomber sur un pairs hostile pour se connecter soit suffisamment faible. On pourrait aussi préférer
+ utiliser des pairs de confiance (et peut-être temporaires).</p>
+ <h2 id="future.variablelatency">Latence variable</h2>
+ <p> Même si le gros des efforts initiaux d'I2P ont porté sur une communication à faible latence,
+ il fut dès le départ conçu en gardant à l'esprit des services à latence variable.
+ Au niveau le plus bas, les applications s'exécutant sur I2P peuvent offrir l'anonymat du médium des communications
+ à haute latence tout en mêlant leurs motifs de trafic à du trafic à faible latence. En interne cependant,
+ I2P peut offrir son propre médium et une haute latence de communication via le cryptage garlic en tête d'ail:
+ en spécifiant que le message doit être envoyé après un certain délai, à un certain moment, après le passage d'un
+ certain nombre de messages, ou une autre stratégie combinant ces éléments. Avec le cryptage en couches,
+ seul le routeur pour lequel la gousse a dévoilé la requête de retard saura que le message demande une haute
+ latence, au trafic correspondant d'être mélangé ultérieurement à du trafic à faible latence. Une fois la condition
+ de transmission atteinte, le routeur retenant la gousse (qui peut aussi bien être un message garlic) le fait
+ simplement suivre comme demandé: à un routeur, à un tunnel, ou plus probablement à une destination cliente.</p>
+ <p> Il y a un nombre conséquent de manières d'exploiter cette possibilité pour les communications à haute latence
+ dans I2P, mais pour l'instant, son utilisation est planifiée pour la version 3.0. En attendant, ceux qui ont besoin
+ de l'anonymat offert par les communications à latence élevée peuvent se tourner vers la couche applicative pour
+ l'obtenir.</p>
+ <h2 id="future.open">Questions ouvertes</h2>
+ <pre>
+Comment se débarrasser de la contrainte de temps?
+Y a-t-il un moyen plus efficace de gérer les balises de session?
+Quelles stratégies de regroupement/mélange devraient-elles être disponibles dans les tunnels?
+Quelles autre stratégies de sélection/tri des pairs de tunnels devrait-elles être disponibles?
+</pre>
+ <h1 id="similar">Systèmes similaires</h1>
+ <p> L'architecture d'I2P repose sur les concepts de logiciel intermédiaire orienté messages, de topologie de table
+ de hachage décentralisée, de l'anonymat et de la cryptographie des réseaux croisés à routes libres et de
+ l'adaptabilité des réseaux à paquets commutés. L'apport ne vient cependant pas de nouveaux concepts d'algorithmes,
+ mais de l'analyse attentive des résultats de recherches et documentations des systèmes existants.
+ Bien qu'il y ait peu d'efforts similaires qui vaillent d'être analysés en détail, tant au niveau technique que
+ fonctionnel, il en est néanmoins deux qui sortent du lot: Tor et Freenet.</p>
+ <p> Voir aussi la page de <a href="how_networkcomparisons.html">comparaisons des réseaux</a>.
+ </p>
+
+ <h2 id="similar.tor">Tor</h2>
+ <p><i><a href="http://www.torproject.org/">Site officiel</a></i></p>
+ <p>Au premier coup d'Å“il, Tor et I2P ont plusieurs ressemblances fonctionnelles et d'anonymat.
+ Bien que le développement d'I2P ait commencé avant que nous ne fussions au courant des premières étapes du travail
+ sur Tor, plusieurs des leçons du travail d'origine du routage en oignon et de ZKS furent intégrées
+ dans sa conception. Plutôt que de construire un système centralisé de confiance, avec des serveurs d'annuaires, I2P
+ dispose d'une base de données réseau auto-organisée dans laquelle chaque pair assume la responsabilité du profilage
+ des autres routeurs pour déterminer la meilleure façon d'exploiter les ressources disponibles. Une autre différence
+ majeure réside dans le fait que bien qu'utilisant tous les deux des chemins étagés et ordonnés, I2P est
+ fondamentalement un réseau à commutation de paquets alors que Tor est un réseau à commutation de circuits, ce qui
+ permet à I2P de contourner de façon transparente les congestions et autres défaillances du réseau, de gérer des
+ chemins redondants, et de faire de l'équilibrage de charge sur les ressources disponibles.
+ Si Tor offre nativement la fonctionnalité très utile de découverte et de sélection de mandataire de sortie
+ (outproxy), I2P délègue cette décision de couche applicative... aux applications: dans les faits, I2P a même
+ externalisé vers la couche applicative la bibliothèque de flux (streaming) "style TCP" permettant ainsi aux
+ développeurs d'expérimenter diverses stratégies afin d'en tirer les meilleures performances.</p>
+ <p> Du point de vue de l'anonymat, la comparaison du cœur des réseaux présente beaucoup de similarités.
+ Il y a malgré tout quelques différences fondamentales. Pour la prise en compte des menaces internes et de la
+ plupart des menaces externes, les tunnels simplex d'I2P n'exposent au plus que la moitié des données de trafic
+ que ne le font les circuits duplex de Tor, rien qu'au niveau de l'observation des flux: une requête HTTP et sa
+ réponse suivent le même chemin dans Tor, alors que dans I2P, les paquets constituant la requête passent par un ou
+ plusieurs tunnels sortants, et ceux de la réponse empruntent un ou plusieurs tunnels entrants.
+ Les stratégies de sélection et de tri des pairs dans I2P entrave suffisamment les attaques par prédécesseur,
+ mais il peut aussi mimer les tunnels duplex de Tor en créant les tunnels entrants et sortants en suivant les
+ mêmes routeurs.</p>
+ <p> Une autre faille d'anonymat dans Tor vient de la création télescopique de tunnels: le comptage et les mesures de
+ timing des paquets dans un circuit passant à travers le nœud ennemi lui permettent l'extraction de données
+ statistiques pouvant lui révéler sa position dans le circuit. Dans I2P, la création de tunnels unidirectionnels
+ en un seul message masque cette information. La confidentialité de la position occupée dans un tunnel est
+ importante car un attaquant pourrait profiter de cette donnée pour lancer une série d'attaques de prédécesseur,
+ d'intersection, et de confirmation de trafic.
+ </p>
+ <p> Le deuxième niveau de mandataires "oignons" de Tor apporte un bon anonymat à faible coût d'entrée, alors q'I2P
+ ne permettra pas cette topologie avant la version <a href="#future.restricted">2.0</a>. </p>
+ <p> Globalement, Tor et I2P se complètent mutuellement: Tor se focalise sur la mise à disposition de mandataires
+ sortants rapides et anonymes, et I2P s'oriente vers un réseau robuste et décentralisé. En théorie, chacune de ces
+ deux approches sont destinées à des fins différentes, mais étant donné les faibles ressources en développement,
+ elles ont chacune leurs propres forces et faiblesses. Les développeurs d'I2P ont étudié les étapes nécessaires
+ à la modification de Tor pour qu'il puisse bénéficier de la conception d'I2P, mais les inquiétudes quand à la
+ viabilité de Tor en régime de ressources raréfiées suggèrent que l'architecture à commutation de paquets choisie
+ par I2P est à même d'exploiter plus efficacement des ressources rares. </p>
+
+ <h2 id="similar.freenet">Freenet</h2>
+ <p><i><a href="http://www.freenetproject.org/">Le site</a></i></p>
+ <p> Freenet a largement contribué aux premières étapes de conception d'I2P, en donnant la preuve de la viabilité
+ d'une communauté enthousiaste entièrement contenue dans un réseau et en démontrant que les dangers inhérents aux
+ mandataires sortants pouvaient être évités. La première graine d'I2P germa en tant que couche de communication
+ pour Freenet visant à séparer les complexités d'une communication point à point sécurisée, anonyme et adaptable,
+ de celles d'un réservoir de données décentralisé et résistant à la censure.
+ Le temps passant, les problèmes d'anonymat et d'adaptabilité intrinsèques des algorithmes retenus pour la
+ conception de Freenet confirmèrent que la visée d'I2P devait strictement s'en tenir à fournir une couche
+ de communication banalisée plutôt que de rester un composant de Freenet. Après quelques années, les développeurs de
+ Freenet furent amenés à reconnaître les faiblesses de cette conception déjà fort ancienne qui les conduisait Ã
+ y répondre en proposant une couche de "pré-mélange" pour obtenir un anonymat plus solide. En d'autres termes,
+ Freenet a besoin de fonctionner sur un réseau croisé tel que Tor ou I2P, les nœuds clients demandant et publiant
+ les données via le réseau croisé sous-jacent sur les nœuds serveurs qui ensuite les ramènent et les stockent
+ conformément à ses propres algorithmes heuristiques de stockage distribué. </p>
+ <p> La fonctionnalité de Freenet est très complémentaire à celle d'I2P, car il apporte nativement plusieurs des
+ outils nécessaires aux systèmes à haute et moyenne latence, quand de son côté I2P apporte le réseau croisé Ã
+ faible latence adapté au niveau d'anonymat attendu. La logique de séparation du réseau croisé et du stockage
+ distribué résistant à la censure paraissant toujours pertinente d'un point de vue de l'allocation des ressources,
+ de la sécurité, de l'anonymat et de l'ingénierie, on peut espérer que l'équipe de Freenet persévère dans cette
+ voie, si ce n'est simplement en réutilisant (ou en améliorant, au besoin) des réseaux croisés existants tels qu'I2P
+ ou Tor.</p>
+ <p> Il est intéressant de signaler ici les débats et travaux des développeurs de Freenet concernant un "réseau masqué
+ globalement adaptable" qui utiliserait des routes privées entre pairs ayant des relations de confiance
+ disparates. Comme l'insuffisance des informations rendues publiques sur la façon de parvenir à faire fonctionner
+ un tel système empêche d'en faire une analyse exhaustive, les prétentions annoncées en terme d'anonymat et
+ d'adaptabilité doivent être prises avec beaucoup de réserve. En particulier la pertinence de son utilisation en
+ milieu hostile peuplé d'adversaires sur-vitaminés a été énormément surestimée, et toute analyse des conséquences de
+ la rareté des ressources sur l'adaptabilité du réseau a visiblement été oubliée. Restent aussi des questions sur la
+ vulnérabilité à l'analyse de trafic, la confiance et d'autres sujets, mais l'analyse en profondeur de ce "réseau
+ croisé globalement adaptable" devra attendre que l'équipe de Freenet en publie la documentation.</p>
+
+ <h1 id="app">Appendice A: La couche applicative</h1>
+
+ <p>
+ I2P en lui-même ne fait pas grand chose: il envoie simplement des messages à des destinations distantes et reçoit
+ des messages pour le compte de destinations locales. Le travail le plus intéressant se passe dans les étages
+ supérieur. En soi, I2P peut être considéré en tant que couche IP anonyme et sécurisée, et la
+ <a href="#app.streaming">bibliothèque de flux</a> fournie, comme un étage supérieur TCP anonyme et sécurisé.
+ Ensuite, <a href="#app.i2ptunnel">I2PTunnel</a> propose un système de délégation générique pour entrer et sortir du
+ réseau I2P, ainsi qu'une fournée d'applications réseau destinées à donner plus de fonctionnalités aux
+ utilisateurs.
+ </p>
+
+ <h2 id="app.streaming">Bibliothèque de flux (streaming)</h2>
+ <p>
+ La bibliothèque de flux d'I2P peut être considérée comme une interface pour les flux (des connecteurs TCP
+ en mirroir), et la mise en Å“uvre prend en charge un
+ <a href="http://en.wikipedia.org/wiki/Sliding_Window_Protocol">protocole à fenêtre glissante</a> doté de plusieurs
+ optimisations pour tenir compte du haut délai sur I2P. Les flux individuels peuvent ajuster la taille maximum des
+ des paquets ainsi que d'autres options, bien que les 4 ko compressés par défaut semblent un choix raisonnable
+ pour le coût en bande passante de la retransmission des messages perdus et la latence de messages multiples.
+ </p>
+ <p>
+ De plus, au regard du coût assez élevé des messages subséquents, le protocole de planification et de livraison de
+ la bibliothèque a été optimisé pour faire en sorte que les messages individuels transférés contiennent le plus
+ possible de l'information disponible. Par exemple, une petite transaction HTTP mandatée par la bibliothèque
+ peut être pliée en un unique aller-retour: le premier message embarque le SYN, le FIN et la petite charge utile (
+ une requête HTTP y contient en général), et la réponse contient le SYN, le FIN et le ACK, et aussi la petite charge
+ (plusieurs réponses HTTP tiennent dans la boîte de sardines). Lorsque un ACK supplémentaire doit être transmis pour
+ indiquer au serveur que le SYN/FIN/ACK a été reçu, le proxy HTTP local peut immédiatement livrer la réponse
+ complète au navigateur.</p>
+ <p>
+ Globalement, cependant, la bibliothèque de flux revêt beaucoup de ressemblance avec le modèle de TCP avec ses
+ fenêtres glissantes, ses algorithmes de contrôle de congestion (démarrage lent et évitement), et le comportement
+ général des paquets (ACK, SYN, FIN, RST, etc...)</p>
+
+ <h2 id="app.naming">Bibliothèque de nommage et carnet d'adresses</h2>
+ <p><i> <a href="naming_fr.html">Détails avancés</a></i></p>
+ <p><i>Développés par mihi et Ragnarok</i></p>
+ <p> Le nommage dans I2P a dès les tout débuts fait l'objet de nombreux débats entre les tenants de chaque
+ possibilités. Cependant, étant donné les demandes de communication sécurisée et de fonctionnement décentralisé aux
+ principe d'I2P, les traditionnels systèmes du type DNS comme ceux fondés sur des votes à la majorité furent
+ mis hors-jeu. En lieu et place, I2P s'appuie sur une bibliothèque de fonctions de nommage et une implémentation
+ de base conçue pour un fonctionner indifféremment grâce à une correspondance entre un nom local et une destination
+ ou à une application compagnon appelée "carnet d'adresses" (addressbook). Le carnet d'adresses est un système de
+ nommage sécurisé accessible au lecteur humain, décentralisé et piloté par un réseau de confiance, sacrifiant
+ uniquement la nécessité des noms humainement lisibles d'être globalement uniques, en n'exigeant seulement que
+ l'unicité locale. Comme tous les messages dans I2P sont référencés cryptographiquement par leur destination,
+ des personnes différentes peuvent avoir dans leur propre carnet d'adresses une entrée pour "Alice" se rapportant
+ à une destination différente. Les utilisateurs peuvent toujours trouver de nouveaux noms en important les carnets
+ d'adresses publics des pairs spécifiés dans leur réseau de confiance, en ajoutant les entrées procurées par un
+ tiers ou (si quelques uns organisent une série de carnets publiés en se servant d'une méthode d'enregistrement
+ premier entré premier servi) ils peuvent décider de considérer ces carnets d'adresses comme des serveurs de noms
+ fonctionnant à la façon du DNS habituel.</p>
+ <p> Cependant, I2P ne préconise pas l'utilisation de services semblables à DNS, car les dégâts causé par un
+ détournement de site peuvent être énormes - et les destinations non sécurisées n'ont aucune valeur.
+ DNSsec lui-même repose sur les registrars et les autorités de certification, alors qu'avec I2P, les requêtes
+ envoyées ne peuvent être interceptées ni leurs réponses usurpées car cryptées pour la destination qui n'est elle-
+ même qu'une paire de clés publiques et un certificat. Les systèmes de style DNS permettent à tout serveur de noms
+ situé dans le chemin de la requête de lancer des attaques de dénis de service et d'usurpations. L'adjonction aux
+ réponses d'un certificat les authentifiant signé par quelque autorité de certification centrale résoudrait
+ le problème de serveur de nom hostile sans apporter de solutions à ceux des attaques de replay ni à l'hypothèse de
+ l'autorité de certification hostile.</p>
+ <p> Le nommage par votes est dangereux lui aussi, étant donné l'efficacité des attaques de Sibylle dans les systèmes
+ anonymes: un attaquant peu créer des pairs en nombre suffisant pour s'assurer l'attribution d'un nom donné.
+ On pourrait utiliser des méthodes "Proof-of-work" pour donner un prix à l'identité, mais à mesure de la croissance
+ du réseau, le besoin de contacter tout le monde pour organiser un vote en ligne rendrait la charge du réseau
+ inenvisageable. Et renoncer à interroger tout le réseau conduirait à avoir différents jeux de réponses.</p>
+ <p> Comme avec Internet cependant, I2P maintient la structure et le fonctionnement d'un système de nommage en dehors
+ de la couche de communication (elle-même reprise du modèle IP, comme décrit plus haut). La bibliothèque fournie
+ inclut une interface de fournisseur de service permettant d'utiliser d'autres systèmes de nommage en fonction
+ des préférences des utilisateurs.</p>
+
+ <h2 id="app.syndie">Syndie</h2>
+ <p><i> Le vieux Syndie fourni avec I2P a été remplacé par un nouveau qui est distribué séparément.
+ Voir la page <a href="http://syndie.i2p2.de/">Syndie</a>.</i></p>
+ <p> Syndie est un système d'agrégation/publication/blogage anonyme et sécurisé. Vous pouvez créer de l'information,
+ la partager, et lire celle venant de qui vous intéresse, tout ça en prenant en compte vos besoins en sécurité et en
+ anonymat. Plutôt que d'utiliser un réseau de distribution de contenu spécifique, Syndie est conçu pour fonctionner
+ sur des réseaux existant, en réalisant la publication via les sites eep, les services Tor masqués, les freesites
+ Freenet, les sites Internet normaux, les newsgroups de Usenet, les listes de messagerie, les sources RSS, etc...
+ Les données sont publiées pour permettre le respect de la consultation et de l'archivage via une authentification
+ par pseudonyme.</p>
+
+ <h2 id="app.i2ptunnel">I2PTunnel</h2>
+ <p><i>Développé par mihi</i></p>
+ <p> I2PTunnel est assurément l'application I2P la plus appréciée et la plus polyvalente, de part sa capacité Ã
+ fournir un mandatement générique pour l'entrée et la sortie du réseau I2P. On peut se représenter I2PTunnel comme
+ quatre applications mandataires indépendantes: un "client" qui reçoit les connexions TCP et les transfère à une
+ destination I2P particulière, un "client http" (eepproxy) faisant office de mandataire HTTP qui transfère les
+ requêtes à la destination appropriée (après une éventuelle recherche dans le service de nommage), un "serveur" qui
+ reçoit les connexions de flux entrantes à une destination et les transfère au port/hôte TCP voulu et un "serveur
+ HTTP" qui étend le "serveur" en décortiquant les requêtes et les réponses pour permettre un fonctionnement plus
+ sûr. Il y a aussi une application "client socks", mais son utilisation est déconseillée pour les raisons
+ précédemment signalées.</p>
+ <p> I2P <b>n'est pas</b> un réseau mandataire de sortie: les préoccupations de sécurité et d'anonymat au cœur d'un
+ réseau croisé qui échange des données avec le monde extérieur ont centré la conception d'I2P pour qu'elle ne dérive
+ pas de ces préoccupations, et donc ne nécessite pas l'accès à des ressources externes. Cependant, le "client HTTP"
+ offre une possibilité de connexion pour du mandatage sortant: si le nom d'hôte demandé ne finit pas en ".i2p", elle
+ sélectionne aléatoirement une destination dans un groupe de mandataires sortants fournis par l'utilisateur et lui
+ transfère la requête. Ces destinations sont de simples instances de "serveur" I2PTunnel exécutées par des
+ volontaires ayant délibérément décidé de fonctionner en mandataire sortant. Personne n'est dans ce cas par défaut,
+ et rien n'indique automatiquement aux autres de passer votre proxy si vous avez décidé de jouer ce rôle.
+ Bien que les mandataires sortants soient intrinsèquement porteurs de faiblesses, ils démontrent la faisabilité
+ de l'utilisation d'I2P pour certaines utilisations dans lesquelles le modèle de sécurité resterait suffisant pour
+ certains utilisateurs.</p>
+ <p> I2PTunnel active l'utilisation de la plupart des applications. Un "serveur HTTP" pointant sur un serveur web
+ permet à chacun d'avoir son propre site web anonyme (appelé "eepsite"): un serveur web est fourni avec I2P à cet
+ effet, mais on peut utiliser n'importe lequel. Chacun peut utiliser un "client" pointant vers un des serveurs IRC
+ hébergés anonymement, chacun d'entre eux pointant vers son service local IRC et communicant entre services avec
+ leur propre tunnels "clients". Les utilisateurs ont aussi des tunnels "clients" pointant sur des destinations
+ POP3 et SMTP <a href="#app.i2pmail">I2Pmail</a> (qui sont également de simples instances "serveur" pointant sur des
+ serveurs POP3 et SMTP), ainsi que que des tunnels "clients" pour des serveurs CVS sur I2P (pour du développement
+ anonyme). Il y même eu des gens avec des "clients" mandataires pour accéder à des instances "serveur" pointant sur
+ un serveur NNTP.</p>
+
+ <h2 id="app.i2pbt">i2p-bt</h2>
+ <p><i>Développé par duck et al</i></p>
+ <p> i2p-bt est un portage du client BitTorrent python principal destiné à exécuter le tracker et gérer
+ la communication entre pairs I2P. Les demandes du tracker sont transmises par le mandataire eepproxy aux sites eep
+ indiqués dans le fichier torrent, et les réponses se rapportent explicitement aux pairs par leur destination: ceci
+ permet à i2p-bt d'ouvrir une connexion par la <a href="#app.streaming">bibliothèque de flux</a> pour demander les
+ blocs.</p>
+ <p> En complément à i2p-bt, un portage I2P de bytemonsoon a été réalisé, en faisant quelques modifications pour en
+ retirer quelques informations compromettant l'anonymat et prendre du fait que l'IP ne permet pas l'identification
+ des pairs.</p>
+
+ <h2 id="app.i2psnark">I2PSnark</h2>
+ <p><i>I2PSnark développé par jrandom et al, porté du client <a
+href="http://www.klomp.org/snark/">Snark</a> de <a
+href="http://www.klomp.org/mark/">mjw</a>.</i></p>
+ <p> Fourni à l'installation d'I2P, I2PSnark offre un client BitTorrent anonyme simple doté de possibilités
+ multitorrents, et entièrement interfacé en HTML</p>
+
+ <h2 id="app.robert">Robert</h2>
+ <p><i>Développé par sponge</i></p>
+ <p>Robert est un client Bittorrent écrit en Python.
+ Disponible sur <a href="http://bob.i2p/Robert.html">http://bob.i2p/Robert.html</a></p> <!-- TODO: expand -->
+
+ <h2 id="app.pybit">PyBit</h2>
+ <p><i>Développé par Blub</i></p>
+ <p>PyBit est un client Bittorrent écrit en Python.
+ Disponible sur <a href="http://pebcache.i2p/">http://pebcache.i2p/</a></p> <!-- TODO: expand -->
+
+ <h2 id="app.i2phex">I2Phex</h2>
+ <p><i>Développé par sirup</i></p>
+ <p> I2Phex est un portage assez direct du client de partage de fichiers Gnutella Phex. Bien que certaines
+ fonctionnalités aient été désactivées (comme l'intégration des caches web Gnutella), les fonctions basiques de
+ partage de fichiers et de chat sont pleinement opérationnelles.</p>
+ <h2 id="app.i2pmail">I2Pmail/susimail</h2>
+ <p><i>Développé par postman, susi23 et mastiejaner</i></p>
+ <p> I2Pmail est plus un service qu'une application: postman offre un service de mail interne et externe par
+ POP3 et SMTP via des instances I2PTunnel accédant à une série de composants développés avec mastiejaner,
+ permettant aux gens d'utiliser leur client de messagerie préféré pour envoyer et recevoir du courriel avec un
+ pseudonyme. Cependant, comme la plupart de ces clients ont la fâcheuse manie d'embarquer dans les messages des
+ informations compromettant l'anonymat, I2P fournit le client webmail de susi23 construit avec les toutes les
+ exigences d'anonymat en tête. Le service I2Pmail/mail.i2p offre un filtrage anti-virus transparent et une
+ prévention de déni de service par des quotas à pénalités incrémentielles. De plus, chaque utilisateur dispose du
+ contrôle de sa stratégie de traitement par lots avant l'envoi par les mandataires sortants de mail.i2p,
+ qui sont différents des serveurs de mail SMPT/POP3 de mail.i2p: les mandataires sortants et entrants communiquent
+ avec les serveurs de mail d'i2p via I2P lui-même, donc la compromission de ces emplacements non anonymes ne
+ donnerait accès aux comptes de messagerie ou aux motifs/profils d'activité des utilisateurs. En ce moment,
+ les développeurs travaillent sur un système de messagerie décentralisé, appelé "v2mail".
+ Plus d'infos sur le site eep <a href="http://hq.postman.i2p/">hq.postman.i2p</a>.</p>
+
+ <h2 id="app.i2pbote">I2P-Bote</h2>
+ <p><i>Développé par HungryHobo</i></p>
+ <p>
+ I2P-Bote est une application de messagerie décentralisée. Elle n'utilise pas le concept traditionnel
+ d'envoi/réception de messages à un serveur. Elle utilise une table de hachage décentralisée Kedemlia pour stocker
+ les messages. Un utilisateur peut envoyer son message vers la DHT, un autre peut en extraire les siens destinés.</p>
+
+ <h2 id="app.i2pmessenger">I2P-messenger</h2>
+ <p>
+ I2P-messenger est une application de communication sans serveur cryptée de bout en bout. Pour communiquer, deux
+ utilisateurs doivent se donner l'un à l'autre leur destination pour se mettre en relation.
+ </p>
+{% endblock %}
diff --git a/www.i2p2/pages/todo.html b/www.i2p2/pages/todo.html
index 27b3cda5a2da34af2733f05bad47114bd4e67296..a702dfeb652c5a1226a2b9b95249a5db21f99f06 100644
--- a/www.i2p2/pages/todo.html
+++ b/www.i2p2/pages/todo.html
@@ -11,14 +11,14 @@
'big things'. See also <a href="roadmap.html">the roadmap</a>. Want to help?
<a href="getinvolved.html">Get involved</a>! </p>
<br />
- <h2>Core functionality <font size="-1"><a href="#core">[link]</a></font></h2>
+ <h2>Core functionality <span class="permalink"><a href="#core">[link]</a></span></h2>
<ul class="targetlist">
<li><a href="#nat">NAT/Firewall bridging via 1-hop restricted routes</a></li>
<li><a href="#transport">High degree transport layer with UDP, NBIO, or NIO</a></li>
<li><a href="#netdb">NetworkDB and profile tuning and ejection policy for
large nets</a></li>
</ul>
- <h2>Security / anonymity <font size="-1"><a href="#security">[link]</a></font></h2>
+ <h2>Security / anonymity <span class="permalink"><a href="#security">[link]</a></span></h2>
<ul class="targetlist">
<li><a href="#tunnelId">Per-hop tunnel id & new permuted TunnelVerificationStructure
encryption</a></li>
@@ -31,22 +31,20 @@
<li><a href="#batching">Advanced tunnel operation (batching/mixing/throttling/padding)</a></li>
<li><a href="#stop">Stop & go mix w/ garlics & tunnels</a></li>
</ul>
- <h2>Performance <font size="-1"><a href="#performance">[link]</a></font></h2>
- <ul class="targetlist">
- <li><a href="#sessionTag">Migrate sessionTag to synchronized PRNG</a></li>
- <li><a href="#streaming">Full streaming protocol improvements</a></li>
- </ul>
+ <h2>Performance <span class="permalink"><a href="performance.html">[link]</a></span></h2>
<h2 id="core">Core functionality</h2>
<ul class="targetlist">
<li>
<h3 id="nat">NAT/Firewall bridging via 1-hop restricted routes</h3>
</li>
+ <!-- <li style="list-style: none; display: inline"> -->
<b><i>Implemented in I2P 0.6.0.6</i></b>
<p>The functionality of allowing routers to fully participate within the network
while behind firewalls and NATs that they do not control requires some basic
restricted route operation (since those peers will not be able to receive
inbound connections). To do this successfully, you consider peers one of
two ways:</p>
+ <!-- </li> -->
</ul>
<ul>
<li><b>Peers who have reachable interfaces</b> - these peers do not need to
@@ -56,7 +54,7 @@
established a connection with who has both a publicly reachable interface
and who has agreed to serve as their 'introducer'.</li>
</ul>
- <ul class="targetlist">
+ <div style="margin-left:25px;">
<p>To do this, peers who have no IP address simply connect to a few peers,
build a tunnel through them, and publish a reference to those tunnels within
their RouterInfo structure in the network database.</p>
@@ -64,7 +62,7 @@
its RouterInfo from the network database, which will tell them whether they
can connect directly (e.g. the peer has a publicly reachable interface)
or whether they need to contact them indirectly. Direct connections occur
- as normal, while indirect connections are done through one of the the published
+ as normal, while indirect connections are done through one of the published
tunnels.</p>
<p>When a router just wants to get a message or two to a specific hidden peer,
they can just use the indirect tunnel for sending the payload. However,
@@ -87,7 +85,7 @@
For efficiency purposes, a hidden peer would be a bad choice for an inbound
gateway, and within any given tunnel, two neighboring peers wouldn't want
to be hidden. But that is not technically necessary.</p>
- </ul>
+ </div>
<ul class="targetlist">
<li>
<h3 id="transport">High degree transport layer with UDP, NBIO, or NIO</h3>
@@ -217,14 +215,14 @@
with IP-based transports without restricted routes, they know who they
got it from). However, the above two techniques significantly increase
the cost of gaining meaningful samples when dealing with longer tunnels.</p>
- </li>
+ </li></ul>
<ul class="targetlist">
<li>
<h3 id="ordering">Strict ordering of participants within tunnels</h3>
<b><i>Implemented in release 0.6.2</i></b></li>
</ul>
- <ul class="targetlist">
- <p>As Connelly <a href="http://dev.i2p/pipermail/i2p/2004-July/000335.html">proposed</a>
+ <div style="margin-left:25px">
+ <p>As Connelly <a href="http://article.gmane.org/gmane.network.i2p/22/">proposed</a>
to deal with the <a href="http://prisms.cs.umass.edu/brian/pubs/wright-tissec.pdf">predecessor
attack</a> <a href="http://prisms.cs.umass.edu/brian/pubs/wright.tissec.2008.pdf">(2008
update)</a>, keeping the order of peers within our tunnels consistent
@@ -245,12 +243,13 @@
0-hop tunnels may want to periodically use a 1-hop tunnel to simulate
the failure of a normally reliable gateway peer (so every MTBF*(tunnel
duration) minutes, use a 1-hop tunnel).</p>
- </ul>
- <li>
+ </div>
+ <ul class="targetlist"><li>
<h3 id="tunnelLength">Randomly permuted tunnel lengths</h3>
<b><i>Addressed in I2P 0.5 as documented <a href="tunnel-alt.html">elsewhere</a></i></b></li>
</ul>
<ul class="targetlist">
+ <!-- <li style="list-style: none; display: inline"> -->
<p>Without tunnel length permutation, if someone were to somehow detect that
a destination had a particular number of hops, it might be able to use that
information to identify the router the destination is located on, per the
@@ -264,6 +263,7 @@
<p>It is to counter user behavior that tunnel lengths should be permuted,
using algorithms based on the length requested (for example, the 1/MTBF
length change for 0-hop tunnels outlined above).</p>
+ <!-- </li> -->
<li>
<h3 id="fullRestrictedRoutes">Full blown n-hop restricted routes with optional
trusted links</h3>
@@ -342,73 +342,8 @@
</li>
</ul>
<h2 id="performance">Performance</h2>
- <ul class="targetlist">
- <li>
- <h3 id="reply">Persistent Tunnel / Lease Selection</h3>
- <b><i>Outbound tunnel selection implemented in 0.6.1.30, inbound lease selection
- implemented in release 0.6.2</i></b>
- <p>Selecting tunnels and leases at random for every message creates a large
- incidence of out-of-order delivery, which prevents the streaming lib from
- increasing its window size as much as it could. By persisting with the
- same selections for a given connection, the transfer rate is much faster.
- </p>
- </li>
- <li>
- <h3 id="reply">Reduction of Reply LeaseSet Bundling</h3>
- <b><i>Implemented in release 0.6.2</i></b>
- <p>I2P bundled a reply leaseset (typically 1056 bytes) with every outbound
- client message, which was a massive overhead. Fixed in 0.6.2. </p>
- </li>
- <li>
- <h3 id="sessionTag">Migrate sessionTag to synchronized PRNG</h3>
- <p>Right now, our <a href="how_elgamalaes.html">ElGamal/AES+SessionTag</a>
- algorithm works by tagging each encrypted message with a unique random
- 32 byte nonce (a "session tag"), identifying that message as being encrypted
- with the associated AES session's key. This prevents peers from distinguishing
- messages that are part of the same session, since each message has a completely
- new random tag. To accomplish this, every few messages bundle a whole
- new set of session tags within the encrypted message itself, transparently
- delivering a way to identify future messages. We then have to keep track
- of what messages are successfully delivered so that we know what tags
- we may use.</p>
- <p>This works fine and is fairly robust, however it is inefficient in terms
- of bandwidth usage, as it requires the delivery of these tags ahead of
- time (and not all tags may be necessary, or some may be wasted, due to
- their expiration). On average though, predelivering the session tag costs
- 32 bytes per message (the size of a tag). As Taral suggested though, that
- size can be avoided by replacing the delivery of the tags with a synchronized
- PRNG - when a new session is established (through an ElGamal encrypted
- block), both sides seed a PRNG for use and generate the session tags on
- demand (with the recipient precalculating the next few possible values
- to handle out of order delivery).</p>
- </li>
- <li>
- <h3 id="streaming">Full streaming protocol improvements</h3>
- <b><i>Several improvements implemented in I2P 0.6.1.28, and significant
- additional fixes in 0.6.1.33, but still lots here to investigate</i></b>
- </li>
- </ul>
- <ul class="targetlist">
- <p>Since I2P <a href="http://dev.i2p.net/pipermail/i2p/2004-November/000491.html">0.4.2</a>,
- we have had a full sliding window streaming library, improving upon the
- older fixed window size and resend delay implementation greatly. However,
- there are still a few avenues for further optimization:</p>
- </ul>
- <ul>
- <li>some algorithms to share congestion and RTT information across streams
- (per target destination? per source destination? for all of the local destinations?)</li>
- <li>further optimizations for interactive streams (most of the focus in the
- current implementation is on bulk streams)</li>
- <li>more explicit use of the new streaming lib's features in I2PTunnel and
- the SAM bridge, reducing the per-tunnel overhead.</li>
- <li>client level bandwidth limiting (in either or both directions on a stream,
- or possibly shared across multiple streams). This would be in addition to
- the router's overall bandwidth limiting, of course.</li>
- <li>various controls for destinations to throttle how many streams they accept
- or create (we have some basic code, but largely disabled)</li>
- <li>access control lists (only allowing streams to or from certain other known
- destinations)</li>
- <li>web controls and monitoring the health of the various streams, as well
- as the ability to explicitly close or throttle them</li>
- </ul>
+ <p>
+ Performance related improvements are listed on the
+ <a href="performance.html">Performance</a> page.
+ </p>
{% endblock %}
diff --git a/www.i2p2/pages/todo_de.html b/www.i2p2/pages/todo_de.html
index 50af68f1f697044f941a07cd0aee6928985d9ac6..05e9c252e18e70c4f12142a1b86fbafca1a221bb 100644
--- a/www.i2p2/pages/todo_de.html
+++ b/www.i2p2/pages/todo_de.html
@@ -1,6 +1,7 @@
{% extends "_layout_de.html" %}
{% block title %}To Do Liste{% endblock %}
{% block content %}
+<p>Die Webseite wird gerade überholt und dieses Dokument kann alte Informationen enthalten</p>
<h1>I2P Project Targets</h1>
<p>Hier ist eine detaillietere (und dennoch unvollständige)
Diskussion der wichigsten Gebiete zur zukünftigen Entwicklung des grundlegenden
@@ -152,8 +153,8 @@ Entwicklern erlaubt, die Vorteile der nicht-blockierenden IO-Fähigkeiten de
Nutzen - dadurch kann eine grosse Menge von gleichzeitigen IO-Operationen verwaltet werden,
ohne die Notwendigkeit eines seperaten Threads für
jede einzelne IO-Operation. Dieser Ansatz ist vielversprechend, da wir auf diese Weise viele
-Verbindungen gleichzeitig verarbeiten k&oouml;nnen und keinen
-selbstgeschriebenen Mini-TCP Stack in UDP ben&oouml;tigen.
+Verbindungen gleichzeitig verarbeiten können und keinen
+selbstgeschriebenen Mini-TCP Stack in UDP benötigen.
Dennoch sind die NIO Pakete nicht ganz fehlerfrei, wie die Freenetentwickler
feststellen mussten. Hinzu kommt, das wir mit NIO-Support nicht die Open Source
JVMs wie z.B. <a href="http://www.kaffe.org/">Kaffe</a> unterstützen, da
@@ -243,9 +244,9 @@ aussagekräftige Daten zu erlangen.</p>
</li>
<li><h3 id="ordering">Strenges Sortieren der Teilnehmer in Tunneln</h3>
-<b><i>Implementiert im Release 0.6.2</a></i></b>
+<b><i>Implementiert im Release 0.6.2</i></b>
-<p>Wie Connelly <a href="http://dev.i2p/pipermail/i2p/2004-July/000335.html">vorschlug</a>,
+<p>Wie Connelly <a href="http://article.gmane.org/gmane.network.i2p/22/">vorschlug</a>,
der <a href="http://prisms.cs.umass.edu/brian/pubs/wright-tissec.pdf">Predecessor Attacke</a>
<a href="http://prisms.cs.umass.edu/brian/pubs/wright.tissec.2008.pdf">(2008 update)</a>
zu begegnen, in dem wir die Reihenfolge der Knoten in unseren Tunneln konsistent halten
@@ -371,7 +372,7 @@ den die Ummantelung die Verzögerungsanweisung preisgibt.</p>
<li><h2 id="performance">Performance</h2><ul class="targetlist">
- <li><h3 id="reply">Stabile Tunnel / Lease Auswahl</h3>
+ <li><h3>Stabile Tunnel / Lease Auswahl</h3>
<b><i>Ausgehende Tunnel Auswahl in 0.6.1.30 eingebaut, eingehende Lease Auswahl in 0.6.2</i></b>
<p>Die zufällige Auswahl von Tunneln und Leases für jede Nachricht erzeugt
@@ -380,7 +381,7 @@ Dieses hindert die Streaming Bibliothek daran, die Grösse der Nutzdaten auf
maximal mögliche zu erweitern. Durchs stabile Halten der Auswahl für eine
Verbindung wird die Übertragungsrate viel höher.</p></li>
- <li><h3 id="reply">Reduktion des Bündels von Anwort-LeaseSets</h3>
+ <li><h3>Reduktion des Bündels von Anwort-LeaseSets</h3>
<b><i>Implementiert in Release 0.6.2</i></b>
<p>I2P fügte ein Antwort-Leaseset (typischweise 1056 bytes) an jede ausgehende
@@ -415,13 +416,13 @@ Reihenfolge händeln zu können).</p>
und signifikante zusätzliche Korrekturen in 0.6.1.33 eingebracht,
aber noch viel Platz für Verbesserungen</i></b>
-<p>Seit I2P Version <a href="http://dev.i2p.net/pipermail/i2p/2004-November/000491.html">0.4.2</a>
+<p>Seit I2P Version 0.4.2
haben wir eine "full sliding window" Streaming Bibliothek, die die alte
feste "Window"-Grösse Streaming Bibliothek stark erweitert und die
Verzögerung beim nochmal senden stark herabsetzt. Wie auch immer, gibt es
auch hier noch Platz für weitere Optimierungen:</p>
-<ul class="targetlist">
+<ul>
<li>ein paar Algorhythmen um RTT und Überlastungsinformationen
über Streams auszutauschen (je Ziel-Destination?
je Quellen-Destination? Für alle lokalen destination?)
diff --git a/www.i2p2/pages/todo_fr.html b/www.i2p2/pages/todo_fr.html
new file mode 100644
index 0000000000000000000000000000000000000000..5dcd8a4d05922b7827a4c2774fc874343200d019
--- /dev/null
+++ b/www.i2p2/pages/todo_fr.html
@@ -0,0 +1,323 @@
+{% extends "_layout_fr.html" %}
+{% block title %}À faire / Sur le feu{% endblock %}
+{% block content %}
+Traduction de février 2011. <a href="todo.html">Version anglaise actuelle</a>
+ <h1>Cibles du project I2P</h1>
+ <p>Vous trouverez ci-dessous une exposition plus détaillée (bien que toujours incomplète)
+ des principales zones du développement du cœur du réseau I2P, embrassant les
+ nouvelles versions éventuellement planifiées. Ceci n'inclut ni le transport stéganographique,
+ ni les outils de sécurisation de la machine locale et l'adaptation aux périphériques radio (WiFi),
+pas plus que les applications clientes
+ qui sont tous essentiels pour le succès du réseau I2P. Il y a probablement d'autres choses qui
+ viendront, particulièrement quand I2P sera mieux testé, mais il s'agit là des principaux
+ "gros morceaux". Voir aussi la <a href="roadmap_fr.html">feuille de route</a>.
+Vous voulez nous aider? <a href="getinvolved_fr.html">Engagez-vous!</a></p>
+ <br />
+ <h2>Fonctionnalités centrales <span class="permalink"><a href="#core">[hop]</a></span></h2>
+ <ul class="targetlist">
+ <li><a href="#nat">Pontage du Pare-feu/NAT via une route réservée à 1 saut.</a></li>
+ <li><a href="#transport">Couche transport de haut-niveau par UDP, NBIO, ou NIO.</a></li>
+ <li><a href="#netdb">Base de donnée réseau, ajustement de profil et stratégie d'éjection
+ pour les grands réseaux.</a></li>
+ </ul>
+ <h2>Sécurité / anonymat <span class="permalink"><a href="#security">[zyva]</a></span></h2>
+ <ul class="targetlist">
+ <li><a href="#tunnelId">ID de tunnel "par saut" & nouvelle encryption permutée de la structure de
+ vérification des tunnels.</a></li>
+ <li><a href="#ordering">Position stricte des participants dans les tunnels.</a></li>
+ <li><a href="#tunnelLength">Longueur des tunnels aléatoirement permutée.</a></li>
+ <li><a href="#fullRestrictedRoutes">Routes réservées à n-sauts évoluées avec liens de confiance optionnels.
+</a></li>
+ <li><a href="#hashcash">Pénalités pour les requêtes routerIdentity, destination, et demande de tunnel.</a></li>
+ <li><a href="#batching">Fonctionnement évolué des tunnels (regroupement/mélange/étranglement/remplissage)</a></li>
+ <li><a href="#stop">Mélange de Stop & Go pour les "garlics" et les tunnels.</a></li>
+ </ul>
+ <h2>Performances <span class="permalink"><a href="performance.html">[doigt]</a></span></h2>
+ <h2 id="core">Fonctionalités centrales</h2>
+ <ul class="targetlist">
+ <li>
+ <h3 id="nat">Pontage du Pare-feu/NAT via une route réservée à 1 saut.</h3>
+ </li>
+ <!-- <li style="list-style: none; display: inline"> -->
+ <b><i>Implémenté dans I2P 0.6.0.6</i></b>
+ <p>La fonctionnalité permettant aux routeurs de participer pleinement aux réseau
+ même lorsqu'ils se trouvent derrière un pare-feu ou un traducteur d'adresses réseau (NAT) hors de contrôle
+ nécessite quelques
+ opérations avec une route réservée (car ces pairs ne peuvent pas recevoir
+ de connexions entrantes). Pour y parvenir, il y a deux façons de considérer les pairs:</p>
+ <!-- </li> -->
+ </ul>
+ <ul>
+ <li><b>Pairs disposant d'interfaces joignables</b> - ils n'ont rien de particulier à faire.</li>
+ <li><b>Pairs ne disposant pas d'interfaces joignables</b> - ces pairs doivent créer
+ un tunnel pointant sur eux dans lequel la passerelle est un des pairs avec lesquels ils ont établi une connexion
+ et qui, lui, dispose d'une interface publiquement joignable et a accepté de jouer le rôle "d'entremetteur".</li>
+ </ul>
+ <div style="margin-left:25px;">
+ <p>Pour ce faire, les pairs privés se connectent simplement à quelques autres,
+ créent un tunnel à travers chacun d'eux, et en publient une référence dans leur
+ structure RouterInfo de la base de donnée du réseau.</p>
+ <p>Lorsque quelqu'un souhaite joindre un routeur particulier, il doit d'abord obtenir
+ sa "RouterInfo" à partir de la base de donnée, et il saura s'il peut se connecter
+ directement (cas du pair cible public) ou indirectement. Les connexions directes se passent
+ normalement, alors que les indirectes se font via les tunnels publiés.</p>
+ <p>Quand un routeur veut seulement envoyer un ou deux messages à un pair caché,
+ il peut simplement utiliser le tunnel indirect publié pour envoyer les données utiles. Cependant,
+ si le routeur doit converser souvent avec le pair privé (par exemple en tant que participant
+ à un tunnel), il doit envoyer un message "routé-à -la-garlic" à travers le tunnel
+ indirect au pair caché, qui le déballe pour y trouver... un message destiné au routeur originaire.
+ Le pair caché établit alors une connexion sortante
+ au routeur originaire et à partir de là ces deux
+ routeurs peuvent converser directement sur cette nouvelle connexion.</p>
+ <p>Ce scénario ne peut bien sûr fonctionner que si le pair originaire peut recevoir des connexions
+ (c'est-à -dire qu'il ne soit pas lui-même caché). Cependant, s'il est caché lui aussi, il peut indiquer dans
+ le message initial de revenir par son propre tunnel d'entrée.</p>
+ <p>Ceci n'est pas destiné à fournir aux pairs un moyen de dissimuler leur adresse IP,
+ mais plutôt pour permettre à ceux opérant derrière un pare-feu ou un NAT de participer normalement
+ au réseau. La dissimulation d'adresse IP demande plus de travail, comme
+ décrit <a href="#fullRestrictedRoutes">plus bas</a>.</p>
+ <p>Avec cette méthode, n'importe quel routeur peut participer à tout rôle dans un tunnel. Dans un but
+ d'efficacité, opérer en pair caché est un mauvais choix pour officier en tant que passerelle d'entrée, et
+ dans un tunnel donné, deux pairs voisins ne devraient pas être cachés. Mais ça n'est pas indispensable.</p>
+ </div>
+ <ul class="targetlist">
+ <li>
+ <h3 id="transport">Couche transport de haut-niveau par UDP, NBIO, ou NIO.</h3>
+ <b><i>UDP et NIO sont implémentés dans I2P</i></b>
+ <p>La communication TCP standard dans Java nécessite habituellement des appels de socket
+ bloquants, et pour pour empêcher un socket de bloquer le bloquer tout le système, ces
+ appels sont faits dans leur propres tâches. Notre transport TCP actuel
+ est implémenté de façon naïve - pour chaque pair en relation, nous avons
+ une tâche de lecture et une tâche d'écriture. Celle de lecture boucle simplement sur
+ un paquet d'appels read(), construit les messages I2NP et les ajoute à notre file d'attente
+ interne entrante. Il y a une file d'attente de messages sortants par connexion. La tâche d'écriture en extrait
+ les messages et passe les données à travers les appels write().</p>
+ <p>Nous effectuons ceci assez efficacement d'un point de vue charge UC - Ã tout moment,
+ presque toutes ces tâches sont au repos, bloquées dans l'attente de grain à moudre.
+ Cependant, chacune d'entre elles consomme des ressources réelles (par exemple sur de très vieux
+ noyaux Linux, chacune sera souvent mise en Å“uvre en tant que processus fork()'ed).
+ À mesure de la croissance du réseau, le nombre de pairs auxquels chaque routeur voudra s'adresser
+ augmentera (souvenez-vous, I2P est entièrement connecté, c'est-à -dire que chaque pair doit savoir
+ comment passer des messages à tous les autres. Le support des routes réservées
+ ne réduira probablement pas sensiblement le nombre de connexions
+ nécessaires). Ce qui veut dire que dans un réseau de 100000 routeurs, chaque routeur
+ aura jusqu'à 199998 tâches rien que pour s'occuper des connexions TCP!</p>
+ <p>Évidement, ça ne marchera pas. Nous avons besoin d'une couche transport adaptative.
+ Dans Java, nous disposons de deux approches principales:</p>
+ <h4>UDP</h4>
+ <b><i>Implémenté dans I2P 0.6 ("SSU") tel que documenté <a href="udp.html">ailleurs</a>.</i></b>
+ <p>L'envoi et la réception de datagrammes UDP sont des opérations sans connexion - si
+ on communique avec 100000 pairs, on colle simplement les paquets UDP dans une file
+ d'attente et on fait avec une seule tâche pour les extraire et les pousser dans le tuyau
+ (et pour recevoir, une seule tâche en tire les paquets UDP reçus et les ajoute dans une file d'entrée).</p>
+ <p>L'ennui, c'est que l'utilisation de UDP fait perdre les avantages de TCP (réordonnancement, gestion de la
+ congestion, découverte du MTU, etc). Mettre ce code en œuvre demandera un travail important,
+ mais I2P n'a pas besoin d'être aussi solide que TCP. Précisément,
+ lorsque j'ai fait des mesures au simulateur et en réel sur Internet,
+ la plupart des messages transférés tenaient facilement dans un seul paquet UDP
+ non fragmenté, et les plus gros messages prenaient 20 à 30 paquets.
+ Comme <i>mule</i> le mit en évidence, TCP ajoute une surcharge certaine quand il s'agit de gérer
+ autant de petits paquets, vu que les ACKs sont du même ordre de grandeur.
+ Avec UDP, nous pouvons optimiser le transport tant pour l'efficacité que pour la souplesse
+ en prenant en compte les besoins spécifiques d'I2P.</p>
+ <p>Ça ne va quand-même pas être un travail énorme.</p>
+ <h4>NIO or NBIO</h4>
+ <b><i>NIO implémenté dans I2P 0.6.1.22 ("NTCP")</i></b>
+ <p>Java 1.4 propose un jeu de paquetage "New I/O", permettant aux
+ développeurs de tirer avantage des possibilités d'E/S non bloquantes du système d'exploitation
+ - vous pouvez maintenir un grand nombre d'opérations d'E/S simultanées sans avoir besoin de définir une tâche
+ dédiée pour chacune. Cette approche est très prometteuse, car nous pouvons utiliser un grand nombre de
+ connexions simultanées et nous n'avons pas besoin d'écrire une mini-pile TCP pour UDP. Cependant, selon les
+ développeurs de Freenet les paquetages NIO n'ont passé l'épreuve du feu. De plus, le recours aux NIO
+ impliquerait une incompatibilité avec les JVM open-sources telles que
+ <a href="http://www.kaffe.org/">Kaffe</a>, car <a href="http://www.classpath.org/">GNU/Classpath</a> ne les
+ prend en charge que partiellement. <i>(note: ça ne devrait pas durer car il y a eu quelques progrès dans la
+ la Classpath des NIO, bien qu'en quantité inconnue)</i></p>
+ <p>Dans la même veine, il y a l'alternative du paquetage
+ <a href="http://www.eecs.harvard.edu/~mdw/proj/java-nbio/">Non blocking IO</a> -
+ essentiellement une implémentation NIO de salle blanche (écrite avant la parution des NIO).
+ Il utilise du code natif du SE pour faire les E/S non bloquantes, en présentant les évènements via Java.
+ Il semble fonctionner avec Kaffe, mais il a peu d'activité de développement à son sujet (probablement
+ Ã cause de la parution des NIO de Java 1.4).</p>
+ </li>
+ </ul>
+ <ul class="targetlist">
+ <li>
+ <h3 id="netdb">Base de donnée réseau, ajustement de profil et stratégie d'éjection pour les grands réseaux.</h3>
+ <p>Dans l'implémentation actuelle de la base de donnée réseau et de la gestion de profil,
+ on s'est permis quelques raccourcis pratiques. Par exemple, nous n'avons pas de code pour
+ nettoyer les références aux pairs dans les K-buckets, vu que nous n'avons pas assez de pairs pour avoir ne
+ serait-ce qu'une petite chance d'en remplir une. Alors on garde les pairs dans n'importe quelle liste
+ appropriée. Un autre exemple avec les profils de pairs: la quantité de mémoire nécessaire pour maintenir
+ chaque profil est suffisamment faible pour que nous puissions garder des milliers de profils bien détaillés
+ sans aucun problème. Comme nous avons la possibilité d'utiliser des profils réduits (dont nous pouvons
+ maintenir des centaines de milliers en mémoire), nous n'avons pas non-plus le code qui ferait la conversion de
+ détaillé en réduit et vice-versa, ni même la purge des deux. Ça ne serait pertinent d'écrire ce code
+ maintenant car nous ne pas sommes pas près d'en avoir besoin.</p>
+ <p>Ceci dit, nous devons quand même garder ça en tête car la taille du réseau grandit.
+ Il restera du travail, mais on peut le remettre à plus tard.</p>
+ </li>
+ </ul>
+ <h2 id="security">Sécurité / anonymat</h2>
+ <ul class="targetlist">
+ <li>
+ <h3 id="tunnelId">ID de tunnel "par saut" & nouvelle encryption permutée de la structure de vérification des
+ tunnels.</h3>
+ <b><i>Depuis I2P v0.5 et documenté <a href="tunnel-alt.html">là </a>.</i></b>
+ <p>À l'heure actuelle, quand Alice initie un tunnel entrant à quatre sauts commençant par Elvis,
+ puis passant par Dave, puis Charlie,puis Bob, et se terminant chez elle, Alice (A<--B<--C<--D<--E),
+ tous les cinq sont au fait qu'ils participent au tunnel "123", car
+ les messages en font état (TunnelID commun). Nous voulons donner à chaque saut un
+ identifiant unique de saut de tunnel: Charlie recevra des messages sur le tunnel 234
+ et les transmettra à Bob par le tunnel 876. Le but est d'empêcher Bob ou
+ Charlie de savoir qu'ils participent au tunnel d'Alice, car quand chaque saut
+ a le même tunnelID pour un tunnel donné, les attaques par coalition sont simples à mettre en œuvre.
+ </p>
+ <p>L'ajout d'un TunnelID unique par saut n'est pas difficile, mais c'est insuffisant:
+ Si Dave et Bob sont contrôlés par le même attaquant, ils ne pourraient plus identifier un tunnel
+ par leur participation commune via l'information TunnelID, mais seraient quand-même capable de le
+ faire par simple comparaison des corps de messages et des structures de vérification.
+ Pour l'empêcher, le tunnel doit appliquer un cryptage étagé tout au long du chemin,
+ à la fois sur la charge utile et les structures de vérification (utilisées pour empêcher les attaques
+ par marquages). On a besoin de modifications simples du TunnelMessage, et aussi d'inclure par saut, des clés
+ secrètes générées pendant la création du tunnel et passées à la passerelle du tunnel.
+ Nous devons définir une longueur maximale de tunnel (p.e. 16 sauts)
+ et indiquer à la passerelle de chiffrer le message pour chacune des 16 clés,
+ en ordre inverse, et de crypter la signature du hachage de la charge utile (cryptée) à chaque étape.
+ La passerelle envoie alors ce message au premier saut chiffré 16 fois, accompagné d'un plan
+ à 16 entrée chiffré 16 fois. Le premier saut déchiffre le plan et la charge utile avec leur clef secrète
+ pour chercher dans le plan l'entrée associée à son propre saut (indiquée par le tunnelID unique par saut)
+ et pour vérifier la charge utile en la confrontant au hachage signé associé.
+ </p>
+ <p>La passerelle dispose encore de plus d'informations que les autre pairs,
+ et sa compromission avec un participant leur permettrait d'identifier leur participation à un tunnel donné.
+ De toute façon, les pairs voisins savent qu'ils participent au même tunnel, car ils savent à qui ils
+ envoient un message (et avec les transports IP sans routes réservées, ils savent aussi de qui ils reçoivent).
+ Malgré tout, les deux techniques ci-dessus augmentent très sensiblement le coût d'obtention d'échantillons
+ signifiants dans des tunnels très longs.</p>
+ </li></ul>
+ <ul class="targetlist">
+ <li>
+ <h3 id="ordering">Position stricte des participants dans les tunnels.</h3>
+ <b><i>Implementé dans la v0.6.2</i></b></li>
+ </ul>
+ <div style="margin-left:25px">
+ <p>Comme Connelly <a href="http://article.gmane.org/gmane.network.i2p/22/">a proposé</a>
+ de s'occuper du problème de l'<a href="http://prisms.cs.umass.edu/brian/pubs/wright-tissec.pdf">attaque par
+ prédécesseur</a> <a href="http://prisms.cs.umass.edu/brian/pubs/wright.tissec.2008.pdf">(mise à jour 2008)</a>,
+ conserver l'ordre des pairs au sein d'un tunnel (autrement dit,
+ chaque fois qu'Alice crée un tunnel à l'aide de Bob et de Charlie,le saut suivant Bob sera toujours
+ Charlie), nous en sommes protégés car Bob ne peut pas obtenir une connaissance substantielle du
+ groupe de sélection de pairs d'Alice. Nous pourrions même restreindre le mode de participation de Bob Ã
+ seulement recevoir de Dave et envoyer à Charlie - et l'un d'entre-eux n'est pas disponible
+ (surcharge, déconnexion, etc...), éviter de demander à Bob de participer à un tunnel tant qu'ils ne sont pas
+ de nouveau disponibles.</p>
+ <p>Une analyse plus poussée est nécessaire pour repenser la création du tunnel: pour l'instant,
+ nous piochons et ordonnons aléatoirement le premier tiers des pairs (ceux qui ont des capacités élevées et
+ rapides).
+ </p>
+ <p>L'ajout d'un ordre strict des pairs dans un tunnel améliore aussi l'anonymat des pairs des tunnels à zéro saut,
+
+ car sinon, le fait que la passerelle d'un pair ait toujours la même passerelle serait rédhibitoire.
+ Cependant, les pairs avec un tunnel à zéro saut pourraient de temps en temps utiliser un tunnel à un saut
+ pour simuler la défaillance du pair passerelle habituellement fiable (donc toutes les
+ MTBF*(durée du tunnel)minutes, utiliser un tunnel à un saut).</p>
+ </div>
+ <ul class="targetlist"><li>
+ <h3 id="tunnelLength">Permutation aléatoire des longueurs de tunnels.</h3>
+ <b><i>Prise en compte dans I2P v0.5, lire <a href="tunnel-alt.html">là </a>.</i></b></li>
+ </ul>
+ <ul class="targetlist">
+ <!-- <li style="list-style: none; display: inline"> -->
+ <p>Sans la permutation de longueur de tunnel, s'il advenait que quelqu'un puisse de quelque façon
+ détecter qu'une destination se trouve à un certain nombre de sauts, il pourrait mettre à profit
+ cette information pour identifier le routeur se trouvant à cette destination,
+ par l'attaque du prédécesseur. Par exemple, si tout le monde a des tunnels à deux saut, si Bob
+ reçois un message de tunnel de Charlie et le transfère à Alice, Bob déduit qu'Alice est
+ le routeur final du tunnel. Si Bob pouvait identifier la destination à laquelle mène
+ ce tunnel (au moyen d'une collusion avec la passerelle et en collectant tous les baux de la base de donnée
+ du réseau), il trouverait le routeur hébergeant la destination (et sans les routes réservées, ça indiquerait
+ l'adresse IP de la destination).</p>
+ <p>C'est pour contrer ce comportement que les longueurs de tunnel doivent être permutées,
+ en se servant d'algorithmes basés sur la longueur demandée (par exemple, le changement de longueur de 1/MTBF
+ pour les tunnels à zéro saut passés en revue ci-dessus).</p>
+ <!-- </li> -->
+
+ <li>
+ <h3 id="fullRestrictedRoutes">Routes réservées à n-sauts
+ évoluées avec liens de confiance optionnels.</h3>
+ <p>La fonctionnalité de route réservée décrite précédemment était simplement
+ un défaut de fonctionnement: comment laisser des pairs communiquer, qui sans cela ne le pourraient pas.
+ Cependant, l'idée d'autoriser des routes réservées apporte de nouvelles possibilités.
+ Par exemple, si un routeur ne peut absolument pas prendre le risque de communiquer
+ directement avec des pairs sans confiance pré-établie, il peut monter des liens de confiance à travers eux,
+ pour les utiliser pour à la fois envoyer et recevoir tous ses messages.
+ Ces pairs cachés qui souhaitent rester complètement isolés devraient aussi refuser de se connecter
+ aux pairs qui les y invitent (comme démontré dans le schéma de la technique de routage en tête d'ail "garlic
+ routing" exposée précédemment) - ils peuvent simplement prendre la gousse ("clove") qui présente une requête
+ d'envoi à un pair particulier, et router le message dans un tunnel vers un des liens de confiance
+ du pair caché, avec les instructions pour le faire suivre comme demandé.</p>
+ </li>
+ <li>
+ <h3 id="hashcash">Pénalités (Hashcash) pour les requêtes routerIdentity, destination, et demande de tunnel.</h3>
+ <p>Dans le réseau, nous avons besoin de dissuader les gens de consommer
+ de trop nombreuses ressources ou de créer trop de pairs dans le but de lancer une
+ <a href="http://citeseer.ist.psu.edu/douceur02sybil.html">attaque de Sibylle</a>. Les techniques
+ traditionnelles telles permettre à un pair de voir qui demande une ressource ou est un autre pair
+ ne sont pas pertinentes dans I2P, car cela compromettrait l'anonymat du système. Nous nous tournons vers
+ la méthode consistant à rendre certaines requêtes coûteuses.</p>
+ <p><a href="http://www.hashcash.org/">Hashcash</a> est une technique que nous pouvons utiliser
+ pour anonymement accroitre le coût de certaines activités, telles que créer une nouvelle identité de routeur
+ (faite une seule fois pendant l'installation), créer une nouvelle destination (faite une seule fois
+ à la création d'un service), ou demander qu'un pair participe à un tunnel (faite souvent, peut-être 200 à 300
+ fois par heure). Nous ne connaissons encore pas le coût "correct" de chaque type de certificat,
+ mais avec un peu de recherche et d'expérimentation, nous devrions pouvoir élaborer un "tarif" dissuasif
+ tout en restant une charge abordable pour ceux dotés de peu de ressources.</p>
+ <p>Il y a peu d'autres algorithmes à explorer pour enlever la gratuité des ces requêtes,
+ et des recherches plus approfondies dans ce domaine sont souhaitables.</p>
+ </li>
+ <li>
+ <h3 id="batching">Fonctionnement évolué des tunnels (regroupement/mélange/étranglement/remplissage)</h3>
+ <p>Du point de vue d'observateurs passifs externes et puissants comme d'une grande coalition interne,
+ le routage en tunnel standard est vulnérable aux attaques par analyse de trafic (à simplement
+ regarder la taille et la fréquence des messages passant entre les routeurs).
+ Pour nous en prémunir, nous modifions principalement quelques uns des tunnels
+ au niveau de leurs propres éléments constituants: retarder les messages reçus sur la passerelle
+ et les transférer regroupés, les réordonner si nécessaire,
+ et injecter des messages fictifs (indiscernables des autre "vrais" messages de tunnel
+ par les pairs du chemin). Il y a eu sur ces algorithmes un gros travail de
+ <a href="http://freehaven.net/doc/sync-batching/sync-batching.pdf">recherche</a>
+ sur lequel nous pouvons nous appuyer pour commencer à implémenter les diverses
+ de mélange de tunnel.</p>
+ <p>En plus des aspects d'anonymat du mode opératoire plus varié des tunnels,
+ il y a aussi une dimension fonctionnelle. Chaque pair n'a qu'une partie des
+ données qui sont destinées au réseau, et pour éviter qu'un tunnel donné
+ ne consomme trop de bande passante, il peut y introduire quelques freins. Par exemple,
+ un tunnel peut être configurer pour ralentir après avoir passé 600 messages (1 par
+ seconde), 2,4Mo (4kb/s), ou dépasser quelque peu la moyenne mobile (8kb/s pendant
+ dernière minute). Les messages en excès peuvent se voir retardés ou brutalement ignorés. Avec
+ ce genre de régulation, les pairs peuvent offrir une QoS de genre ATM à leurs tunnels,
+ en refusant d'allouer plus de bande passante qu'ils n'en disposent.</p>
+ <p>En complément, nous pourrions implémenter du code destiné à re-router dynamiquement des tunnels
+ pour éviter les pairs défaillants ou pour introduire des sauts supplémentaires dans le chemin.
+ Ceci peut être réalisé en envoyant un message routé "à la garlic" à un pair particulier du tunnel
+ pour lui fournir les instructions destinées à redéfinir le saut suivant du tunnel.</p>
+ </li>
+ <li>
+ <h3 id="stop">Mélange de Stop & Go pour les
+ <a href="http://www.i2p2.de/how_garlicrouting.html">"garlics"</a> et les tunnels.</h3>
+ <p>Au-delà de la stratégie de regroupement et de mélange par tunnel, il y a d'autres moyens de se
+ protéger des attaques des attaquants puissants, comme permettre à chaque saut
+ dans un chemin routé en tête d'ail de définir un délai ou un intervalle au bout ou pendant lequel il
+ devrait être transféré. Ceci protègerait des attaques contre les intersections de longue durée,
+ car un pair pourrait envoyer un message qui paraitrait parfaitement standard à la plupart
+ des pairs qui le font suivre, sauf à ceux où la gousse exposée inclus des instructions de délai.</p>
+ </li>
+ </ul>
+ <h2 id="performance">Performances</h2>
+ <p>
+ Les améliorations de performances sont répertoriées sur une page dédiée aux
+ <a href="performance.html">performances</a>.
+ </p>
+Traduction un poil laborieuse de fin février 2011. Toute amélioration est bienvenue. magma
+{% endblock %}
diff --git a/www.i2p2/pages/transition-guide.html b/www.i2p2/pages/transition-guide.html
new file mode 100644
index 0000000000000000000000000000000000000000..4481d759881774b4d4c5e16357f036a2e6864392
--- /dev/null
+++ b/www.i2p2/pages/transition-guide.html
@@ -0,0 +1,27 @@
+{% extends "_layout.html" %}
+{% block title %}Monotone{% endblock %}
+{% block content %}<p>The I2P sourcecode is kept in several distributed monotone repositories.
+See the
+<a href="http://www.monotone.ca/">Monotone website</a> for information
+on monotone.
+See
+<a href="http://forum.i2p2.de/viewtopic.php?t=2524">this forum post on i2p monotone</a>
+for more information on how to get started and check out the source anonymously.
+There is also a quick-start guide on the
+<a href="newdevelopers.html">new developer's page</a>.
+</p>
+
+<p>
+If you want to get the source non-anonymously, pull from the public server mtn.welterde.de.
+The i2p source code branch is "i2p.i2p".
+</p>
+
+<h2>Guide</h2>
+<p>
+The following is a detailed guide by Complication.
+</p>
+<pre>
+ {% include "transition-guide.txt" %}
+</pre>
+
+{% endblock %}
diff --git a/www.i2p2/pages/transport.html b/www.i2p2/pages/transport.html
index 10ba7c256fe5a4041e495230d7a67926569818e2..4dba232ae9cb8c8cfae1d83df6b882c9ac532c25 100644
--- a/www.i2p2/pages/transport.html
+++ b/www.i2p2/pages/transport.html
@@ -42,7 +42,6 @@ The transport subsystem in I2P provides the following services:
<li>Coordination of firewall status and local IP, and changes to either, among the transports
<li>Communication of firewall status and local IP, and changes to either, to the router and the user interface
<li>Determination of a consensus clock, which is used to periodically update the router's clock, as a backup for NTP
-<li>GeoIP lookup of router IPs for the user interface
<li>Maintenance of status for each peer, including whether it is connected, whether it was recently connected,
and whether it was reachable in the last attempt
<li>Qualification of valid IP addresses according to a local rule set
@@ -118,5 +117,11 @@ the memory requirements for an NTCP connection are higher than that for SSU.
However, as NTCP buffers are partially in the kernel and SSU buffers are on the Java heap,
that assumption is difficult to verify.
+</p><p>
+Analyze
+<a href="http://www.cse.chalmers.se/%7Ejohnwolf/publications/hjelmvik_breaking.pdf">Breaking and Improving Protocol Obfuscation</a>
+and see how transport-layer padding may improve things.
+</p>
+
{% endblock %}
diff --git a/www.i2p2/pages/tunnel-alt-creation.html b/www.i2p2/pages/tunnel-alt-creation.html
index 8612f9781623a6d09e8250ac38eab5f34c3cb731..ed9a815421d6ba63aa460303993bb45d69d49b6f 100644
--- a/www.i2p2/pages/tunnel-alt-creation.html
+++ b/www.i2p2/pages/tunnel-alt-creation.html
@@ -2,32 +2,55 @@
{% block title %}Tunnel Creation{% endblock %}
{% block content %}
-<b>Note: This documents the current tunnel build implementation as of release 0.6.1.10.</b>
-<br>
-<pre>
-1) <a href="#tunnelCreate.overview">Tunnel creation</a>
-1.1) <a href="#tunnelCreate.requestRecord">Tunnel creation request record</a>
-1.2) <a href="#tunnelCreate.hopProcessing">Hop processing</a>
-1.3) <a href="#tunnelCreate.replyRecord">Tunnel creation reply record</a>
-1.4) <a href="#tunnelCreate.requestPreparation">Request preparation</a>
-1.5) <a href="#tunnelCreate.requestDelivery">Request delivery</a>
-1.6) <a href="#tunnelCreate.endpointHandling">Endpoint handling</a>
-1.7) <a href="#tunnelCreate.replyProcessing">Reply processing</a>
-2) <a href="#tunnelCreate.notes">Notes</a>
-</pre>
+This page documents the current tunnel build implementation.
+Updated August 2010 for release 0.8
+
+<h2 id="tunnelCreate.overview">Tunnel Creation Specification</h2>
-<h2 id="tunnelCreate.overview">1) Tunnel creation encryption:</h2>
+<p>
+This document specifies the details of the encrypted tunnel build messages
+used to create tunnels using a "non-interactive telescoping" method.
+See <a href="tunnel-alt.html">the tunnel build document</a>
+for an overview of the process, including peer selection and ordering methods.
<p>The tunnel creation is accomplished by a single message passed along
the path of peers in the tunnel, rewritten in place, and transmitted
back to the tunnel creator. This single tunnel message is made up
-of a fixed number of records (8) - one for each potential peer in
-the tunnel. Individual records are asymmetrically encrypted to be
+of a variable number of records (up to 8) - one for each potential peer in
+the tunnel. Individual records are asymmetrically
+<a href="how_cryptography.html#elgamal">(ElGamal)</a>
+encrypted to be
read only by a specific peer along the path, while an additional
-symmetric layer of encryption is added at each hop so as to expose
+symmetric layer of encryption
+<a href="how_cryptography.html#AES">(AES)</a>
+is added at each hop so as to expose
the asymmetrically encrypted record only at the appropriate time.</p>
-<h3 id="tunnelCreate.requestRecord">1.1) Tunnel creation request record</h3>
+<h3 id="number">Number of Records</h3>
+Not all records must contain valid data.
+The build message for a 3-hop tunnel, for example, may contain more records
+to hide the actual length of the tunnel from the participants.
+There are two build message types. The original
+<a href="i2np_spec.html#msg_TunnelBuild">Tunnel Build Message</a> (TBM)
+contains 8 records, which is more than enough for any practical tunnel length.
+The recently-implemented
+<a href="i2np_spec.html#msg_VariableTunnelBuild">Variable Tunnel Build Message</a> (VTBM)
+contains 1 to 8 records. The originator may trade off the size of the message
+with the desired amount of tunnel length obfuscation.
+<p>
+In the current network, most tunnels are 2 or 3 hops long.
+The current implementation uses a 5-record VTBM to build tunnels of 4 hops or less,
+and the 8-record TBM for longer tunnels.
+The 5-record VTBM (which, when fragmented, fits in three 1KB tunnel messaages) reduces network traffic
+and increases build sucess rate, because smaller messages are less likely to be dropped.
+<p>
+The reply message must be the same type and length as the build message.
+
+
+<h3 id="tunnelCreate.requestRecord">Request Record Specification</h3>
+
+Also specified in the
+<a href="i2np_spec.html#struct_BuildRequestRecord">I2NP Specification</a>
<p>Cleartext of the record, visible only to the hop being asked:</p><pre>
bytes 0-3: tunnel ID to receive messages as
@@ -37,11 +60,11 @@ the asymmetrically encrypted record only at the appropriate time.</p>
bytes 72-103: AES-256 tunnel layer key
bytes 104-135: AES-256 tunnel IV key
bytes 136-167: AES-256 reply key
- bytes 168-183: reply IV
+ bytes 168-183: AES-256 reply IV
byte 184: flags
bytes 185-188: request time (in hours since the epoch)
bytes 189-192: next message ID
- bytes 193-222: uninterpreted / random padding</pre>
+ bytes 193-221: uninterpreted / random padding</pre>
<p>The next tunnel ID and next router identity hash fields are used to
specify the next hop in the tunnel, though for an outbound tunnel
@@ -49,85 +72,168 @@ endpoint, they specify where the rewritten tunnel creation reply
message should be sent. In addition, the next message ID specifies the
message ID that the message (or reply) should use.</p>
-<p>The flags field currently has two bits defined:</p><pre>
- bit 0: if set, allow messages from anyone
- bit 1: if set, allow messages to anyone, and send the reply to the
- specified next hop in a tunnel message</pre>
+<p>The flags field contains the following:
+<pre>
+ Bit order: 76543210 (bit 7 is MSB)
+ bit 7: if set, allow messages from anyone
+ bit 6: if set, allow messages to anyone, and send the reply to the
+ specified next hop in a Tunnel Build Reply Message
+ bits 5-0: Undefined
+</pre>
+
+Bit 7 indicates that the hop will be an inbound gateway (IBGW).
+Bit 6 indicates that the hop will be an outbound endpoint (OBEP).
+If neither bit is set, the hop will be an intermediate participant.
+
+<h4>Request Record Creation</h4>
+<p>
+Every hop gets a random Tunnel ID.
+The current and next-hop Tunnel IDs are filled in.
+Every record gets a random tunnel IV key, and reply IV.
+The layer and reply key pairs are generated.
+</p>
-<p>That cleartext record is ElGamal 2048 encrypted with the hop's
+
+<h4 id="encryption">Request Record Encryption</h4>
+
+<p>That cleartext record is <a href="how_cryptography.html#elgamal">ElGamal 2048 encrypted</a> with the hop's
public encryption key and formatted into a 528 byte record:</p><pre>
- bytes 0-15: SHA-256-128 of the current hop's router identity
+ bytes 0-15: First 16 bytes of the SHA-256 of the current hop's router identity
bytes 16-527: ElGamal-2048 encrypted request record</pre>
+In the 512-byte encrypted record,
+the ElGamal data contains bytes 1-256 and 258-513 of the
+<a href="how_cryptography.html#elgamal">514-byte ElGamal encrypted block</a>.
+The two padding bytes from the block (the zero bytes at locations 0 and 257) are removed.
+
<p>Since the cleartext uses the full field, there is no need for
additional padding beyond <code>SHA256(cleartext) + cleartext</code>.</p>
-<h3 id="tunnelCreate.hopProcessing">1.2) Hop processing</h3>
+<p>
+Each 528-byte record is then iteratively encrypted
+(using AES decryption, with the reply key and reply IV for each hop) so that the router identity will only be in cleartext
+for the hop in question.
+</p>
-<p>When a hop receives a TunnelBuildMessage, it looks through the 8
+<h3 id="tunnelCreate.hopProcessing">Hop Processing and Encryption</h3>
+
+<p>When a hop receives a TunnelBuildMessage, it looks through the
records contained within it for one starting with their own identity
hash (trimmed to 8 bytes). It then decrypts the ElGamal block from
that record and retrieves the protected cleartext. At that point,
they make sure the tunnel request is not a duplicate by feeding the
-AES-256 reply key into a bloom filter and making sure the request
-time is within an hour of current. Duplicates or invalid requests
+AES-256 reply key into a bloom filter.
+Duplicates or invalid requests
are dropped.</p>
<p>After deciding whether they will agree to participate in the tunnel
or not, they replace the record that had contained the request with
-an encrypted reply block. All other records are AES-256/CBC
-encrypted with the included reply key and IV (though each is
-encrypted separately, rather than chained across records).</p>
+an encrypted reply block. All other records are <a href="how_cryptography.html#AES">AES-256
+encrypted</a> with the included reply key and IV. Each is
+encrypted separately, rather than chained across records.</p>
+
+<p>
+Each hop knows only its own response.
+If it agrees, it will maintain the tunnel until expiration,
+even if it will not be used,
+as it cannot know whether all other hops agreed.
+</p>
-<h3 id="tunnelCreate.replyRecord">1.3) Tunnel creation reply record</h3>
+
+<h4 id="tunnelCreate.replyRecord">Reply Record Specification</h4>
<p>After the current hop reads their record, they replace it with a
reply record stating whether or not they agree to participate in the
tunnel, and if they do not, they classify their reason for
rejection. This is simply a 1 byte value, with 0x0 meaning they
agree to participate in the tunnel, and higher values meaning higher
-levels of rejection. The reply is encrypted with the AES session
-key delivered to it in the encrypted block, padded with random data
-until it reaches the full record size:</p><pre>
+levels of rejection.
+<p>
+The following rejection codes are defined:
+<ul>
+<li>
+TUNNEL_REJECT_PROBABALISTIC_REJECT = 10
+<li>
+TUNNEL_REJECT_TRANSIENT_OVERLOAD = 20
+<li>
+TUNNEL_REJECT_BANDWIDTH = 30
+<li>
+TUNNEL_REJECT_CRIT = 50
+</ul>
+To hide other causes, such as router shutdown, from peers, the current implementation
+uses TUNNEL_REJECT_BANDWIDTH for almost all rejections.
+
+<p>
+ The reply is encrypted with the AES session
+key delivered to it in the encrypted block, padded with 527 bytes of random data
+to reach the full record size.
+The padding is placed before the status byte:
+</p><pre>
AES-256-CBC(SHA-256(padding+status) + padding + status, key, IV)</pre>
+This is also described in the
+<a href="i2np_spec.html#msg_TunnelBuildReply">I2NP spec</a>.
-<h3 id="tunnelCreate.requestPreparation">1.4) Request preparation</h3>
+<h3 id="tunnelCreate.requestPreparation">Tunnel Build Message Preparation</h3>
-<p>When building a new request, all of the records must first be
-built and asymmetrically encrypted. Each record should then be
-decrypted with the reply keys and IVs of the hops earlier in the
-path. That decryption should be run in reverse order so that the
+<p>When building a new Tunnel Build Messaage, all of the Build Request Records must first be
+built and asymmetrically encrypted using
+<a href="how_cryptography.html#elgamal">ElGamal</a>.
+Each record is then
+premptively decrypted with the reply keys and IVs of the hops earlier in the
+path, using
+<a href="how_cryptography.html#AES">AES</a>.
+That decryption should be run in reverse order so that the
asymmetrically encrypted data will show up in the clear at the
right hop after their predecessor encrypts it.</p>
<p>The excess records not needed for individual requests are simply
filled with random data by the creator.</p>
-<h3 id="tunnelCreate.requestDelivery">1.5) Request delivery</h3>
+<h3 id="tunnelCreate.requestDelivery">Tunnel Build Message Delivery</h3>
<p>For outbound tunnels, the delivery is done directly from the tunnel
creator to the first hop, packaging up the TunnelBuildMessage as if
the creator was just another hop in the tunnel. For inbound
-tunnels, the delivery is done through an existing outbound tunnel
-(and during startup, when no outbound tunnel exists yet, a fake 0
-hop outbound tunnel is used).</p>
+tunnels, the delivery is done through an existing outbound tunnel.
+The outbound tunnel is generally from the same pool as the new tunnel being built.
+If no outbound tunnel is available in that pool, an outbound exploratory tunnel is used.
+At startup, when no outbound exploratory tunnel exists yet, a fake 0-hop
+outbound tunnel is used.</p>
-<h3 id="tunnelCreate.endpointHandling">1.6) Endpoint handling</h3>
+<h3 id="tunnelCreate.endpointHandling">Tunnel Build Message Endpoint Handling</h3>
-<p>When the request reaches an outbound endpoint (as determined by the
+<p>
+For creation of an outbound tunnel,
+when the request reaches an outbound endpoint (as determined by the
'allow messages to anyone' flag), the hop is processed as usual,
encrypting a reply in place of the record and encrypting all of the
other records, but since there is no 'next hop' to forward the
TunnelBuildMessage on to, it instead places the encrypted reply
-records into a TunnelBuildReplyMessage and delivers it to the
+records into a
+<a href="i2np_spec.html#msg_TunnelBuildReply">TunnelBuildReplyMessage</a>
+or
+<a href="i2np_spec.html#msg_VariableTunnelBuildReply">VariableTunnelBuildReplyMessage</a>
+(the type of message and number of records must match that of the request)
+and delivers it to the
reply tunnel specified within the request record. That reply tunnel
-forwards the reply records down to the tunnel creator for
-processing, as below.</p>
+forwards the Tunnel Build Reply Message back to the tunnel creator,
+<a href="tunnel-alt.html#tunnel.operation">just as for any other message</a>.
+The tunnel creator then
+processes it, as described below.</p>
+
+<p>The reply tunnel was selected by the creator as follows:
+Generally it is an inbound tunnel from the same pool as the new outbound tunnel being built.
+If no inbound tunnel is available in that pool, an inbound exploratory tunnel is used.
+At startup, when no inbound exploratory tunnel exists yet, a fake 0-hop
+inbound tunnel is used.</p>
-<p>When the request reaches the inbound endpoint (also known as the
-tunnel creator), the router processes each of the replies, as below.</p>
+<p>
+For creation of an inbound tunnel,
+when the request reaches the inbound endpoint (also known as the
+tunnel creator), there is no need to generate an explicit Tunnel Build Reply Message, and
+the router processes each of the replies, as below.</p>
-<h3 id="tunnelCreate.replyProcessing">1.7) Reply processing</h3>
+<h3 id="tunnelCreate.replyProcessing">Tunnel Build Reply Message Processing</h3>
<p>To process the reply records, the creator simply has to AES decrypt
each record individually, using the reply key and IV of each hop in
@@ -137,18 +243,37 @@ why they refuse. If they all agree, the tunnel is considered
created and may be used immediately, but if anyone refuses, the
tunnel is discarded.</p>
-<h2 id="tunnelCreate.notes">2) Notes</h2>
+<p>
+The agreements and rejections are noted in each peer's
+<a href="how_peerselection.html">profile</a>, to be used in future assessments
+of peer tunnel capacity.
+
+
+<h2 id="tunnelCreate.notes">History and Notes</h2>
+<p>
+This strategy came about during a discussion on the I2P mailing list
+ between Michael Rogers, Matthew Toseland (toad), and jrandom regarding
+ the predecessor attack. See: <ul>
+ <li><a href="http://osdir.com/ml/network.i2p/2005-10/msg00138.html">Summary</a></li>
+ <li><a href="http://osdir.com/ml/network.i2p/2005-10/msg00129.html">Reasoning</a></li>
+ </ul></li>
+It was introduced in release 0.6.1.10 on 2006-02-16, which was the last time
+a non-backward-compatible change was made in I2P.
+</p>
+
+<p>
+Notes:
<ul>
-<li>This does not prevent two hostile peers within a tunnel from
+<li>This design does not prevent two hostile peers within a tunnel from
tagging one or more request or reply records to detect that they are
within the same tunnel, but doing so can be detected by the tunnel
creator when reading the reply, causing the tunnel to be marked as
invalid.</li>
-<li>This does not include a proof of work on the asymmetrically
+<li>This design does not include a proof of work on the asymmetrically
encrypted section, though the 16 byte identity hash could be cut in
-half with the later replaced by a hashcash function of up to 2^64
-cost. This will not immediately be pursued, however.</li>
-<li>This alone does not prevent two hostile peers within a tunnel from
+half with the latter replaced by a hashcash function of up to 2^64
+cost.</li>
+<li>This design alone does not prevent two hostile peers within a tunnel from
using timing information to determine whether they are in the same
tunnel. The use of batched and synchronized request delivery
could help (batching up requests and sending them off on the
@@ -159,12 +284,43 @@ window would work (though doing that would require a high degree of
clock synchronization). Alternately, perhaps individual hops could
inject a random delay before forwarding on the request?</li>
<li>Are there any nonfatal methods of tagging the request?</li>
-<li>This strategy came about during a discussion on the I2P mailing list
- between Michael Rogers, Matthew Toseland (toad), and jrandom regarding
- the predecessor attack. See: <ul>
- <li><a href="http://osdir.com/ml/network.i2p/2005-10/msg00138.html">Summary</a></li>
- <li><a href="http://osdir.com/ml/network.i2p/2005-10/msg00129.html">Reasoning</a></li>
- </ul></li>
</ul>
+<h2 id="ref">References</h2>
+<ul>
+<li>
+<a href="http://prisms.cs.umass.edu/brian/pubs/wright-tissec.pdf">Predecessor
+attack</a>
+<li>
+<a href="http://prisms.cs.umass.edu/brian/pubs/wright.tissec.2008.pdf">2008
+update</a>
+<li>
+<a href="http://www-users.cs.umn.edu/~hopper/hashing_it_out.pdf">Hashing it out in Public</a>
+</ul>
+
+<h2 id="future">Future Work</h2>
+<ul>
+<li>
+In the current implementation, the originator leaves one record empty
+for itself. Thus a message of n records can only build a
+tunnel of n-1 hops.
+This appears to be necessary for inbound tunnels (where the next-to-last hop
+can see the hash prefix for the next hop), but not for outbound tunnels.
+This is to be researched and verified.
+If it is possible to use the remaining record without compromising anonymity,
+we should do so.
+<li>
+The usefulness of a timestamp with an hour resolution is questionable,
+and the constraint is not currently enforced.
+Therefore the request time field is unused.
+This should be researched and possibly changed.
+<li>
+Further analysis of possible tagging and timing attacks described in the above notes.
+</li><li>
+The Bloom filter rotation time should be evaluated.
+</li><li>
+Use only VTBM; do not select old peers that don't support it.
+</li></ul>
+
+
{% endblock %}
diff --git a/www.i2p2/pages/tunnel-alt.html b/www.i2p2/pages/tunnel-alt.html
index 2581d66c2d21451b300dc419d1a4a17e188d5ef0..cc64b17be670e7556e77afe41a084824d869d574 100644
--- a/www.i2p2/pages/tunnel-alt.html
+++ b/www.i2p2/pages/tunnel-alt.html
@@ -3,18 +3,18 @@
{% block content %}
This page documents the current tunnel implementation.
-Updated July 2010 for release 0.8
+Updated October 2010 for release 0.8
-<h2>1) <a name="tunnel.overview">Tunnel overview</a></h2>
+<h2 id="tunnel.overview">Tunnel overview</h2>
<p>Within I2P, messages are passed in one direction through a virtual
tunnel of peers, using whatever means are available to pass the
message on to the next hop. Messages arrive at the tunnel's
-gateway, get bundled up and/or fragmented into fixed sizes tunnel messages,
+</i>gateway</i>, get bundled up and/or fragmented into fixed-size tunnel messages,
and are forwarded on to the next hop in the tunnel, which processes and verifies
the validity of the message and sends it on to the next hop, and so on, until
-it reaches the tunnel endpoint. That endpoint takes the messages
+it reaches the tunnel endpoint. That <i>endpoint</i> takes the messages
bundled up by the gateway and forwards them as instructed - either
to another router, to another tunnel on another router, or locally.</p>
@@ -27,8 +27,8 @@ out to the remote endpoint.</p>
<p>The tunnel's creator selects exactly which peers will participate
in the tunnel, and provides each with the necessary configuration
-data. They may have any number of hops, but may be constrained with various
-proof-of-work requests to add on additional steps. It is the intent to make
+data. They may have any number of hops.
+It is the intent to make
it hard for either participants or third parties to determine the length of
a tunnel, or even for colluding participants to determine whether they are a
part of the same tunnel at all (barring the situation where colluding peers are
@@ -48,31 +48,93 @@ the core I2P layer, there is an optional end to end streaming library
available for client applications, exposing TCP-esque operation,
including message reordering, retransmission, congestion control, etc.</p>
-<h2>2) <a name="tunnel.operation">Tunnel operation</a></h2>
-
-<p>Tunnel operation has four distinct processes, taken on by various
-peers in the tunnel. First, the tunnel gateway accumulates a number
-of tunnel messages and preprocesses them into something for tunnel
-delivery. Next, that gateway encrypts that preprocessed data, then
-forwards it to the first hop. That peer, and subsequent tunnel
+<p>
+An overview of I2P tunnel terminology is
+<a href="how_tunnelrouting.html">on the tunnel overview page</a>.
+</p>
+
+<h2 id="tunnel.operation">Tunnel Operation (Message Processing)</h2>
+<h3>Overview</h3>
+
+<p>After a tunnel is built, <a href="i2np.html">I2NP messages</a> are processed and passed through it.
+Tunnel operation has four distinct processes, taken on by various
+peers in the tunnel. <ol><li>First, the tunnel gateway accumulates a number
+of I2NP messages and preprocesses them into tunnel messages for
+delivery. </li><li>Next, that gateway encrypts that preprocessed data, then
+forwards it to the first hop. </li><li>That peer, and subsequent tunnel
participants, unwrap a layer of the encryption, verifying that it isn't
a duplicate, then forward it on to the next peer.
-Eventually, the message arrives at the endpoint where the messages
-bundled by the gateway are split out again and forwarded on as
-requested.</p>
+</li><li>Eventually, the tunnel messages arrive at the endpoint where the I2NP messages
+originally bundled by the gateway are reassembled and forwarded on as
+requested.</li></ol></p>
-<p>Tunnel IDs are 4 byte numbers used at each hop - participants know what
-tunnel ID to listen for messages with and what tunnel ID they should be forwarded
-on as to the next hop, and each hop chooses the tunnel ID which they receive messages
-on. Tunnels themselves are short-lived (10 minutes).
-Even if subsequent tunnels are built using the same sequence of
-peers, each hop's tunnel ID will change.</p>
-
-<h3>2.1) <a name="tunnel.preprocessing">Message preprocessing</a></h3>
+<p>
+Intermediate tunnel participants do not know whether they are in an
+inbound or an outbound tunnel; they always "encrypt" for the next hop.
+Therefore, we take advantage of symmetric AES encryption
+to "decrypt" at the outbound tunnel gateway,
+so that the plaintext is revealed at the outbound endpoint.
+</p>
+<p>
+<center>
+ <img src="/_static/images/tunnels.png" alt="Inbound and outbound tunnel schematic" title="Inbound and outbound tunnel schematic" />
+</center>
+</p>
+
+<table><tr>
+<th>Role</th>
+<th>Preprocessing</th>
+<th>Encryption Operation</th>
+<th>Postprocessing</th>
+</tr>
+
+<tr><td>Outbound Gateway (Creator)</td>
+<td>Fragment, Batch, and Pad</td>
+<td>Iteratively encrypt (using decryption operations)</td>
+<td>Forward to next hop</td>
+</tr>
+
+<tr><td>Participant</td>
+<td> </td>
+<td>Decrypt (using an encryption operation)</td>
+<td>Forward to next hop</td>
+</tr>
+
+<tr><td>Outbound Endpoint</td>
+<td> </td>
+<td>Decrypt (using an encryption operation) to reveal plaintext tunnel message</td>
+<td>Reassemble Fragments, Forward as instructed to Inbound Gateway or Router</td>
+</tr>
+
+<tr><td colspan="4"><hr></td></tr>
+
+<tr><td>Inbound Gateway</td>
+<td>Fragment, Batch, and Pad</td>
+<td>Encrypt</td>
+<td>Forward to next hop</td>
+</tr>
+
+<tr><td>Participant</td>
+<td> </td>
+<td>Encrypt</td>
+<td>Forward to next hop</td>
+</tr>
+
+<tr><td>Inbound Endpoint (Creator)</td>
+<td> </td>
+<td>Iteratively decrypt to reveal plaintext tunnel message</td>
+<td>Reassemble Fragments, Receive data</td>
+</tr>
+</table>
+
+
+
+<h3 id="tunnel.gateway">Gateway Processing</h3>
+<h4 id="tunnel.preprocessing">Message Preprocessing</h4>
<p>A tunnel gateway's function is to fragment and pack
<a href="i2np.html">I2NP messages</a> into fixed-size
-<a href="tunnel_message_specification.html">tunnel messages</a>
+<a href="tunnel_message_spec.html">tunnel messages</a>
and encrypt the tunnel messages.
Tunnel messages contain the following:
@@ -81,17 +143,31 @@ Tunnel messages contain the following:
<li>A 16 byte IV (initialization vector)</li>
<li>A checksum
<li>Padding, if necessary</li>
-<li>One or more { delivery instruction, I2NP message fragment} pairs</li>
+<li>One or more { delivery instruction, I2NP message fragment } pairs</li>
</ul>
+<p>Tunnel IDs are 4 byte numbers used at each hop - participants know what
+tunnel ID to listen for messages with and what tunnel ID they should be forwarded
+on as to the next hop, and each hop chooses the tunnel ID which they receive messages
+on. Tunnels themselves are short-lived (10 minutes).
+Even if subsequent tunnels are built using the same sequence of
+peers, each hop's tunnel ID will change.</p>
+
+<p>To prevent adversaries from tagging the messages along the path by adjusting
+the message size, all tunnel messages are a fixed 1024 bytes in size. To accommodate
+larger I2NP messages as well as to support smaller ones more efficiently, the
+gateway splits up the larger I2NP messages into fragments contained within each
+tunnel message. The endpoint will attempt to rebuild the I2NP message from the
+fragments for a short period of time, but will discard them as necessary.</p>
+
<p>
Details are in the
-<a href="tunnel_message_specification.html">tunnel message specification</a>.
+<a href="tunnel_message_spec.html">tunnel message specification</a>.
-<h3>2.2) <a name="tunnel.gateway">Gateway Processing</a></h3>
+<h3>Gateway Encryption</h3>
<p>After the preprocessing of messages into a padded payload, the gateway builds
a random 16 byte IV value, iteratively encrypting it and the tunnel message as
@@ -106,7 +182,7 @@ data with the IV and layer keys for all hops in the tunnel. The result of the o
tunnel encryption is that when each peer encrypts it, the endpoint will recover
the initial preprocessed data.</p>
-<h3>2.3) <a name="tunnel.participant">Participant Processing</a></h3>
+<h3 id="tunnel.participant">Participant Processing</h3>
<p>When a peer receives a tunnel message, it checks that the message came from
the same previous hop as before (initialized when the first message comes through
@@ -129,7 +205,7 @@ false positive. The unique value fed into the Bloom filter is the XOR of the IV
and the first block so as to prevent nonsequential colluding peers in the tunnel
from tagging a message by resending it with the IV and first block switched.</p>
-<h3>2.4) <a name="tunnel.endpoint">Endpoint Processing</a></h3>
+<h3 id="tunnel.endpoint">Endpoint Processing</h3>
<p>After receiving and validating a tunnel message at the last hop in the tunnel,
how the endpoint recovers the data encoded by the gateway depends upon whether
@@ -143,25 +219,8 @@ layer and IV keys of each step in reverse order.</p>
which it may then parse out into the included I2NP messages and forwards them as
requested in their delivery instructions.</p>
-<p>These padding strategies can be used on a variety of levels, addressing the
-exposure of message size information to different adversaries. After gathering
-and reviewing some <a href="http://dev.i2p.net/~jrandom/messageSizes/">statistics</a>
-from the 0.4 network, as well as exploring the anonymity tradeoffs, we're starting
-with a fixed tunnel message size of 1024 bytes. Within this however, the fragmented
-messages themselves are not padded by the tunnel at all (though for end to end
-messages, they may be padded as part of the garlic wrapping).</p>
-
-<h3>2.6) <a name="tunnel.fragmentation">Tunnel Fragmentation</a></h3>
-
-<p>To prevent adversaries from tagging the messages along the path by adjusting
-the message size, all tunnel messages are a fixed 1024 bytes in size. To accommodate
-larger I2NP messages as well as to support smaller ones more efficiently, the
-gateway splits up the larger I2NP messages into fragments contained within each
-tunnel message. The endpoint will attempt to rebuild the I2NP message from the
-fragments for a short period of time, but will discard them as necessary.</p>
-
-<h2><a name="tunnel.building">Tunnel Building</a></h2>
+<h2 id="tunnel.building">Tunnel Building</h2>
<p>When building a tunnel, the creator must send a request with the necessary
configuration data to each of the hops and wait for all of them to agree before
@@ -172,14 +231,14 @@ reply. There are three important dimensions to keep in mind when producing
the tunnels: what peers are used (and where), how the requests are sent (and
replies received), and how they are maintained.</p>
-<h3>3.1) <a name="tunnel.peerselection">Peer Selection</a></h3>
+<h3 id="tunnel.peerselection">Peer Selection</h3>
<p>Beyond the two types of tunnels - inbound and outbound - there are two styles
of peer selection used for different tunnels - exploratory and client.
Exploratory tunnels are used for both network database maintenance and tunnel
maintenance, while client tunnels are used for end to end client messages. </p>
-<h4><a name="tunnel.selection.exploratory">Exploratory tunnel peer selection</a></h4>
+<h4 id="tunnel.selection.exploratory">Exploratory tunnel peer selection</h4>
<p>Exploratory tunnels are built out of a random selection of peers from a subset
of the network. The particular subset varies on the local router and on what their
@@ -194,7 +253,7 @@ Exploratory peer selection is discussed further on the
<a href="how_peerselection.html">Peer Profiling and Selection page</a>.
-<h4><a name="tunnel.selection.client">Client tunnel peer selection</a></h4>
+<h4 id="tunnel.selection.client">Client tunnel peer selection</h4>
<p>Client tunnels are built with a more stringent set of requirements - the local
router will select peers out of its "fast and high capacity" profile category so
@@ -206,7 +265,7 @@ should be adhered to, depending upon the client's anonymity needs.</p>
Client peer selection is discussed further on the
<a href="how_peerselection.html">Peer Profiling and Selection page</a>.
-<h4><a name="ordering">Peer Ordering within Tunnels</a></h4>
+<h4 id="ordering">Peer Ordering within Tunnels</h4>
Peers are ordered within tunnels to
to deal with the <a href="http://prisms.cs.umass.edu/brian/pubs/wright-tissec.pdf">predecessor
@@ -235,7 +294,7 @@ within a single pool but not between different pools.
New keys are generated at each router restart.
-<h3>3.2) <a name="tunnel.request">Request delivery</a></h3>
+<h3 id="tunnel.request">Request delivery</h3>
<p>
A multi-hop tunnel is built using a single build message which is repeatedly
@@ -267,7 +326,7 @@ the router in question.
For more information on peer profiling, see the
<a href="how_peerselection.html">Peer Profiling and Selection page</a>.
-<h3>3.3) <a name="tunnel.pooling">Tunnel Pools</a></h3>
+<h3 id="tunnel.pooling">Tunnel Pools</h3>
<p>To allow efficient operation, the router maintains a series of tunnel pools,
each managing a group of tunnels used for a specific purpose with their own
@@ -286,17 +345,42 @@ lengths should be randomized, as
well as any of the other settings allowed when configuring individual tunnels.
Configuration options are specified on the <a href="i2cp.html">I2CP page</a>.
-<h3 id="length">Default Tunnel Lengths</h3>
+<h3 id="length">Tunnel Lengths and Defaults</h3>
-TODO
+<a href="how_tunnelrouting.html#length">On the tunnel overview page</a>.
<h3 id="strategy">Anticipatory Build Strategy and Priority</h3>
-TODO - Parallelism, priority, success time tracking, pool differences
+<p>
+Tunnel building is expensive, and tunnels expire a fixed time after they are built.
+However, when a pool that runs out of tunnels, the Destination is essentially dead.
+In addition, tunnel build success rate may vary greatly with both local and global
+network conditions.
+Therefore, it is important to maintain an anticipatory, adaptive build strategy
+to ensure that new tunnels are successfully built before they are needed,
+without building an excess of tunnels, building them too soon,
+or consuming too much CPU or bandwidth creating and sending the encrypted build messages.
+</p>
+<p>
+For each tuple {exploratory/client, in/out, length, length variance}
+the router maintains statistics on the time required for a successful
+tunnel build.
+Using these statistics, it calculates how long before a tunnel's expiration
+it should start attempting to build a replacement.
+As the expiration time approaches without a successful replacement,
+it starts multiple build attempts in parallel, and then
+will increase the number of parallel attempts if necessary.
+</p>
+<p>
+To cap bandwidth and CPU usage,
+the router also limits the maximum number of build attempts outstanding
+across all pools.
+Critical builds (those for exploratory tunnels, and for pools that have
+run out of tunnels) are prioritized.
+</p>
-<h2><a name="tunnel.throttling">Tunnel Message Throttling</a></h2>
-TODO: Document current strategies, priority, and WRED
+<h2 id="tunnel.throttling">Tunnel Message Throttling</h2>
<p>Even though the tunnels within I2P bear a resemblance to a circuit switched
network, everything within I2P is strictly message based - tunnels are merely
@@ -312,9 +396,25 @@ capacity and utilization. On the other hand, each router can simply drop
messages that are beyond its capacity, exploiting the research used on the
normal Internet.</p>
-
-<h2><a name="future">Future Work</a></h3>
-<h3><a name="tunnel.mixing">Mixing/batching</a></h3>
+<p>
+In the current implementation, routers implement a
+weighted random early discard (WRED) strategy.
+For all participating routers (internal participant, inbound gateway, and outbound endpoint),
+the router will start randomly dropping a portion of messages as the
+bandwidth limits are approached.
+As traffic gets closer to, or exceeds, the limits, more messages are dropped.
+For an internal participant, all messages are fragmented and padded and therefore are the same size.
+At the inbound gateway and outbound endpoint, however, the dropping decision is made
+on the full (coalesced) message, and the message size is taken into account.
+Larger messages are more likely to be dropped.
+Also, messages are more likely to be dropped at the outbound endpoint than the inbound gateway,
+as those messages are not as "far along" in their journey and thus the network cost of
+dropping those messages is lower.
+</p>
+
+
+<h2 id="future">Future Work</h3>
+<h3 id="tunnel.mixing">Mixing/batching</h3>
<p>What strategies could be used at the gateway and at each hop for delaying,
reordering, rerouting, or padding messages? To what extent should this be done
@@ -322,4 +422,19 @@ automatically, how much should be configured as a per tunnel or per hop setting,
and how should the tunnel's creator (and in turn, user) control this operation?
All of this is left as unknown, to be worked out for a distant future release.
+
+<h3>Padding</h3>
+<p>The padding strategies can be used on a variety of levels, addressing the
+exposure of message size information to different adversaries.
+The current fixed tunnel message size is 1024 bytes. Within this however, the fragmented
+messages themselves are not padded by the tunnel at all, though for end to end
+messages, they may be padded as part of the garlic wrapping.</p>
+
+<h3>WRED</h3>
+<p>
+WRED strategies have a significant impact on end-to-end performance,
+and prevention of network congestion collapse.
+The current WRED strategy should be carefully evaluated and improved.
+</p>
+
{% endblock %}
diff --git a/www.i2p2/pages/tunnel_message_spec.html b/www.i2p2/pages/tunnel_message_spec.html
index 408674b0520b835165d60f793782cce2b680155b..3dbc888163ad1f1f72bac683456e7d3378d34b66 100644
--- a/www.i2p2/pages/tunnel_message_spec.html
+++ b/www.i2p2/pages/tunnel_message_spec.html
@@ -2,7 +2,7 @@
{% block title %}Tunnel Message Specification{% endblock %}
{% block content %}
-Updated July 2010 for release 0.8
+Updated October 2011 for release 0.8.10
<h1>Tunnel Message Specification</h1>
This document specifies the format of tunnel messages.
@@ -119,7 +119,6 @@ These are the contents of a tunnel data message when decrypted.
<h4>Definition</h4>
<pre>
-{% filter escape %}
Tunnel ID:
4 bytes
The ID of the next hop
@@ -151,7 +150,6 @@ Message Fragment:
Total Size: 1028 Bytes
-{% endfilter %}
</pre>
@@ -166,6 +164,16 @@ how the remainder of the header is interpreted - if it is not set, the message
is either not fragmented or this is the first fragment in the message. If it is
set, this is a follow on fragment.</p>
+<p>
+Note that Delivery Instructions are also used inside
+<a href="i2np_spec#struct_GarlicClove">Garlic Cloves</a>,
+where the format is slightly different. In a Garlic Clove,
+messages are not fragmented, and the fragment bit in the flag byte is
+redefined. See the
+<a href="i2np_spec#struct_GarlicClove">Garlic Clove documentation</a>
+for more details.
+
+
<h3>First Fragment Delivery Instructions</h3>
<p>If the MSB of the first byte is 0, this is an initial I2NP message fragment,
or a complete I2NP message, and the instructions are:</p>
@@ -189,13 +197,15 @@ or a complete I2NP message, and the instructions are:</p>
<h4>Definition</h4>
<pre>
-{% filter escape %}
flag:
1 byte
Bit order: 76543210
bit 7: 0 to specify an initial fragment
bits 6-5: delivery type
- 0x0 = LOCAL, 0x01 = DESTINATION, 0x02 = ROUTER, 0x03 = TUNNEL
+ For tunnel messages:
+ 0x0 = LOCAL, 0x01 = TUNNEL, 0x02 = ROUTER, 0x03 = unused
+ For garlic cloves:
+ 0x0 = LOCAL, 0x01 = DESTINATION, 0x02 = ROUTER, 0x03 = TUNNEL
bit 4: delay included? Unimplemented, always 0
If 1, a delay byte is included
bit 3: fragmented? If 0, the message is not fragmented, what follows is the entire message
@@ -217,11 +227,12 @@ To Hash:
If TUNNEL, the SHA256 Hash of the gateway router
Delay:
- 1 bytes
+ 1 byte (tunnel message) or 4 bytes (garlic clove)
Optional, present if delay included flag is set
- Unimplemented, never present; original specification:
+ In tunnel messages: Unimplemented, never present; original specification:
bit 7: type (0 = strict, 1 = randomized)
bits 6-0: delay exponent (2^value minutes)
+ In garlic cloves: Not fully implemented. A 4 byte integer specifying the delay in seconds.
Message ID:
4 bytes
@@ -238,12 +249,13 @@ Extended Options:
size:
2 bytes
The length of the fragment that follows
- Valid values: 1 to approx. 960
+ Valid values: 1 to approx. 960 in a tunnel message; 1 to 64K - 1 in a garlic clove
-Total length: Typical length is 39 bytes for ROUTER / DESTINATION delivery or 43 bytes for TUNNEL delivery (unfragmented);
- 43 bytes for ROUTER / DESTINATION delivery or 47 bytes for TUNNEL delivery (first fragment)
+Total length: Typical length is:
+ 3 bytes for LOCAL delivery (garlic clove);
+ 35 bytes for ROUTER / DESTINATION delivery or 39 bytes for TUNNEL delivery (unfragmented or garlic clove);
+ 39 bytes for ROUTER delivery or 43 bytes for TUNNEL delivery (first fragment)
-{% endfilter %}
</pre>
<h3>Follow-on Fragment Delivery Instructions</h3>
@@ -280,9 +292,9 @@ Total length: 7 bytes
{% endfilter %}
</pre>
-<h3><a href="http://docs.i2p2.de/router/net/i2p/data/i2np/DeliveryInstructions.html">Delivery Instructions Javadoc</a></h3>
+<h3><a href="http://docs.i2p-projekt.de/javadoc/net/i2p/data/i2np/DeliveryInstructions.html">Delivery Instructions Javadoc</a></h3>
-<h2>Notes</h2>
+<h2 id="notes">Notes</h2>
<h3>I2NP Message Maximum Size</h3>
<p>
While the maximum I2NP message size is nominally 64 KB, the size is further constrained by the
diff --git a/www.i2p2/pages/udp.html b/www.i2p2/pages/udp.html
index b0f14a2705bfa416a0c717a87e2a23a4bde74ebf..b391c5e43455c23583424470ebc5f0459d3f996c 100644
--- a/www.i2p2/pages/udp.html
+++ b/www.i2p2/pages/udp.html
@@ -2,7 +2,7 @@
{% block title %}SSU Transport{% endblock %}
{% block content %}
-Updated July 2010 for release 0.8
+Updated August 2012 for release 0.9.1
<h1>Secure Semireliable UDP (SSU)</h1>
<p>
@@ -13,9 +13,6 @@ The other is <a href="ntcp.html">NTCP</a>.
SSU is the newer of the two transports,
introduced in I2P release 0.6.
In a standard I2P installation, the router uses both NTCP and SSU for outbound connections.
-A router
-The selection of a transport for a connection.
-
<h2>SSU Services</h2>
@@ -39,12 +36,12 @@ and the capacity for high throughput allows a great deal of latitude in
congestion control. The congestion control algorithm outlined below is
meant to be both efficient in bandwidth as well as simple to implement.</p>
-<p>Packets are scheduled according to the the router's policy, taking care
+<p>Packets are scheduled according to the router's policy, taking care
not to exceed the router's outbound capacity or to exceed the measured
-capacity of the remote peer. The measured capacity should operate along the
+capacity of the remote peer. The measured capacity operates along the
lines of TCP's slow start and congestion avoidance, with additive increases
to the sending capacity and multiplicative decreases in face of congestion.
-Veering away from TCP, however, routers may give up on some messages after
+Unlike for TCP, routers may give up on some messages after
a given period or number of retransmissions while continuing to transmit
other messages.</p>
@@ -58,40 +55,55 @@ duplicate fragments arrive, the message should be ACKed again, or if the
message has still not been fully received, the bitfield should be
retransmitted with any new updates.</p>
-<p>The simplest possible implementation does not need to pad the packets to
+<p>The current implementation does not pad the packets to
any particular size, but instead just places a single message fragment into
-a packet and sends it off (careful not to exceed the MTU). A more efficient
-strategy would be to bundle multiple message fragments into the same packet,
-so long as it doesn't exceed the MTU, but this is not necessary. Eventually,
-a set of fixed packet sizes may be appropriate to further hide the data
-fragmentation to external adversaries, but the tunnel, garlic, and end to
-end padding should be sufficient for most needs until then.</p>
+a packet and sends it off (careful not to exceed the MTU).
+</p>
<h3><a name="mtu">MTU</a></h3>
<p>
-The current implementation uses two MTU values: 608 and 1350.
+As of router version 0.8.12,
+two MTU values are used: 620 and 1484.
+The MTU value is adjusted based on the percentage of packets that are retransmitted.
</p><p>
-596 gives us 588 IP byes, 568 UDP bytes, and with an SSU data message,
-522 fragment bytes, which is enough to send a tunnel data message in 2
-packets. A tunnel data message sent over the wire is 1044 bytes, meaning
-we need 522 fragment bytes to fit it in 2 packets - add 46 for SSU, 20
-for UDP, and 8 for IP, giving us 596. Round up to mod 16, giving a total
-of 608.
+For both MTU values, it is desirable that (MTU % 16) == 12, so that
+the payload portion after the 28-byte IP/UDP header is a multiple of
+16 bytes, for encryption purposes.
+This calculation is for IPv4 only. While the protocol as specified supports IPv6
+addresses, IPv6 is not yet implemented.
</p><p>
-Based on measurements, 1350 fits nearly all reasonably small I2NP messages
+For the small MTU value, it is desirable to pack a 2646-byte
+Variable Tunnel Build Message efficiently into multiple packets;
+with a 620-byte MTU, it fits into 5 packets with nicely.
+</p><p>
+Based on measurements, 1492 fits nearly all reasonably small I2NP messages
(larger I2NP messages may be up to 1900 to 4500 bytes, which isn't going to fit
into a live network MTU anyway).
+</p><p>
+The MTU values were 608 and 1492 for releases 0.8.9 - 0.8.11.
+The large MTU was 1350 prior to release 0.8.9.
+</p><p>
+The maximum receive packet size
+is 1571 bytes as of release 0.8.12.
+For releases 0.8.9 - 0.8.11 it was 1535 bytes.
+Prior to release 0.8.9 it was 2048 bytes.
+</p><p>
+As of release 0.9.2, if a router's network interface MTU is less than 1484,
+it will publish that in the network database, and other routers should
+honor that when a connection is established.
</p>
-<h3><ajname="max">Message Size Limits</a></h3>
+<h3><a name="max">Message Size Limits</a></h3>
<p>
-While a statement above claims that the maximum message size is 32KB, the practical
+While the maximum message size is nominally 32KB, the practical
limit differs. The protocol limits the number of fragments to 7 bits, or 128.
The current implementation, however, limits each message to a maximum of 64 fragments,
-which is sufficient for 64 * 534 = 33.3 KB.
-Due to overhead for bundled leasesets and session keys, the practical limit
+which is sufficient for 64 * 534 = 33.3 KB when using the 608 MTU.
+Due to overhead for bundled LeaseSets and session keys, the practical limit
at the application level is about 6KB lower, or about 26KB.
Further work is necessary to raise the UDP transport limit above 32KB.
+For connections using the larger MTU, larger messages are possible.
+</p>
<h2><a name="keys">Keys</a></h2>
@@ -133,8 +145,10 @@ MODP group (#14) is used:</p>
g = 2
</pre>
-<p>The DSA p, q, and g are shared according to the scope of the
-identity which created them.</p>
+<p>
+These are the same p and g used for I2P's
+<a href="how_cryptography.html#elgamal">ElGamal encryption</a>.
+</p>
<h2><a name="replay">Replay prevention</a></h2>
@@ -149,8 +163,61 @@ are not in any particular order - in fact, they are likely to be
entirely random. The SSU layer makes no attempt at messageId
replay prevention - higher layers should take that into account.</p>
+<h2 id="addressing">Addressing</h2>
+
+<p>To contact an SSU peer, one of two sets of information is necessary:
+a direct address, for when the peer is publicly reachable, or an
+indirect address, for using a third party to introduce the peer.
+There is no restriction on the number of addresses a peer may have.</p>
+
+<pre>
+ Direct: host, port, introKey, options
+ Indirect: tag, relayhost, port, relayIntroKey, targetIntroKey, options
+</pre>
+
+<p>Each of the addresses may also expose a series of options - special
+capabilities of that particular peer. For a list of available
+capabilities, see <a href="#capabilities">below</a>.</p>
+
+<p>
+The addresses, options, and capabilities are published in the <a href="how_networkdatabase.html">network database</a>.
+</p>
+
+
+<h2><a name="direct">Direct Session Establishment</a></h2>
+<p>
+Direct session establishment is used when no third party is required for NAT traversal.
+The message sequence is as follows:
+</p>
+
+<h3><a name="establishDirect">Connection establishment (direct)</a></h3>
+
+Alice connects directly to Bob.
+
+<pre>
+ Alice Bob
+ SessionRequest--------------------->
+ <---------------------SessionCreated
+ SessionConfirmed------------------->
+ <---------------------->Data
+</pre>
+
+
+
<h2><a name="introduction">Introduction</a></h2>
+<p>Introduction keys are delivered through an external channel
+(the network database, where they are identical to the router Hash for now)
+and must be used when establishing a session key. For the indirect
+address, the peer must first contact the relayhost and ask them for
+an introduction to the peer known at that relayhost under the given
+tag. If possible, the relayhost sends a message to the addressed
+peer telling them to contact the requesting peer, and also gives
+the requesting peer the IP and port on which the addressed peer is
+located. In addition, the peer establishing the connection must
+already know the public keys of the peer they are connecting to (but
+not necessary to any intermediary relay peer).</p>
+
<p>Indirect session establishment by means of a third party introduction
is necessary for efficient NAT traversal. Charlie, a router behind a
NAT or firewall which does not allow unsolicited inbound UDP packets,
@@ -176,6 +243,21 @@ full direction session establishment with the specified IP and port.</p>
least one of them gets through
-->
+<h3><a name="establishIndirect">Connection establishment (indirect using an introducer)</a></h3>
+
+Alice first connects to introducer Bob, who relays the request to Charlie.
+
+<pre>
+ Alice Bob Charlie
+ RelayRequest ---------------------->
+ <--------------RelayResponse RelayIntro----------->
+ <--------------------------------------------HolePunch (data ignored)
+ SessionRequest-------------------------------------------->
+ <--------------------------------------------SessionCreated
+ SessionConfirmed------------------------------------------>
+ <----------------------------------------------->Data
+</pre>
+
<h2><a name="peerTesting">Peer testing</a></h2>
<p>The automation of collaborative reachability testing for peers is
@@ -247,81 +329,6 @@ session with Bob and so that Charlie can contact her without knowing
any additional information. Alice may go on to establish a session
with either Bob or Charlie, but it is not required.</p>
-<h2><a name="messageSequences">Message sequences</a></h2>
-
-<h3><a name="establishDirect">Connection establishment (direct)</a></h3>
-
-Alice connects directly to Bob.
-
-<pre>
- Alice Bob
- SessionRequest--------------------->
- <---------------------SessionCreated
- SessionConfirmed------------------->
- SessionConfirmed------------------->
- SessionConfirmed------------------->
- SessionConfirmed------------------->
- <--------------------------Data
-</pre>
-
-<h3><a name="establishIndirect">Connection establishment (indirect using an introducer)</a></h3>
-
-Alice first connects to introducer Bob, who relays the request to Charlie.
-
-<pre>
- Alice Bob Charlie
- RelayRequest ---------------------->
- <--------------RelayResponse RelayIntro----------->
- <--------------------------------------------Data (ignored)
- SessionRequest-------------------------------------------->
- <--------------------------------------------SessionCreated
- SessionConfirmed------------------------------------------>
- SessionConfirmed------------------------------------------>
- SessionConfirmed------------------------------------------>
- SessionConfirmed------------------------------------------>
- <---------------------------------------------------Data
-</pre>
-
-<h2><a name="sampleDatagrams">Sample datagrams</a></h2>
-
-<b>Minimal data message (no fragments, no ACKs, no NACKs, etc)</b><br />
-<i>(Size: 39 bytes)</i>
-
-<pre>
- +----+----+----+----+----+----+----+----+
- | MAC |
- | |
- +----+----+----+----+----+----+----+----+
- | IV |
- | |
- +----+----+----+----+----+----+----+----+
- |flag| time |flag|#frg| |
- +----+----+----+----+----+----+----+ |
- | padding to fit a full AES256 block |
- +----+----+----+----+----+----+----+----+
-</pre>
-
-<b>Minimal data message with payload</b><br />
-<i>(Size: 46+fragmentSize bytes)</i>
-
-<pre>
- +----+----+----+----+----+----+----+----+
- | MAC |
- | |
- +----+----+----+----+----+----+----+----+
- | IV |
- | |
- +----+----+----+----+----+----+----+----+
- |flag| time |flag|#frg|
- +----+----+----+----+----+----+----+----+
- messageId | frag info | |
- +----+----+----+----+----+----+ |
- | that many bytes of fragment data |
- . . .
- | |
- +----+----+----+----+----+----+----+----+
-</pre>
-
<h2><a name="capabilities">Peer capabilities</a></h2>
<dl>
@@ -336,18 +343,39 @@ Alice first connects to introducer Bob, who relays the request to Charlie.
</dl>
<h1><a name="future">Future Work</a></h1>
-<p>
+<ul><li>
Analysis of current SSU performance, including assessment of window size adjustment
and other parameters, and adjustment of the protocol implementation to improve
performance, is a topic for future work.
-<p>
+</li><li>
The current implementation repeatedly sends acknowledgments for the same packets,
which unnecessarily increases overhead.
-<p>
-The Session Destroyed message is not currently implemented and is scheduled for release 0.8.1.
-<p>
+</li><li>
+The default small MTU value of 620 should be analyzed and possibly increased.
+The current MTU adjustment strategy should be evaluated.
+Does a streaming lib 1730-byte packet fit in 3 small SSU packets? Probably not.
+</li><li>
+The protocol should be extended to exchange MTUs during the setup.
+</li><li>
Rekeying is currently unimplemented and may never be.
-
+</li><li>
+The potential use of the 'challenge' fields in RelayIntro and RelayResponse,
+and use of the padding field in SessionRequest and SessionCreated, is undocumented.
+</li><li>
+Instead of a single fragment per packet, a more efficient
+strategy may be to bundle multiple message fragments into the same packet,
+so long as it doesn't exceed the MTU.
+</li><li>
+A set of fixed packet sizes may be appropriate to further hide the data
+fragmentation to external adversaries, but the tunnel, garlic, and end to
+end padding should be sufficient for most needs until then.
+</li><li>
+Why are introduction keys the same as the router hash, should it be changed, would there be any benefit?
+</li><li>
+Capacities appear to be unused.
+</li><li>
+Signed-on times in SessionCreated and SessionConfirmed appear to be unused or unverified.
+</li></ul>
<h1>Implementation Diagram</h1>
This diagram
diff --git a/www.i2p2/pages/udp_spec.html b/www.i2p2/pages/udp_spec.html
index 6d330a675f7b320509fadd568b5e3eeed333b3d6..9e0aa74fd5e0e19b5eb9d714b8d0876a79bcc30a 100644
--- a/www.i2p2/pages/udp_spec.html
+++ b/www.i2p2/pages/udp_spec.html
@@ -1,112 +1,75 @@
{% extends "_layout.html" %}
-{% block title %}SSU Specification{% endblock %}
+{% block title %}SSU Protocol Specification{% endblock %}
{% block content %}
-Updated July 2010 for release 0.8
+Updated September 2012 for release 0.9.2
+
<p>
<a href="udp.html">See the SSU page for an overview of the SSU transport</a>.
<h1>Specification</h1>
-<p>
-The goal of this protocol is to provide secure, authenticated,
-semireliable, and unordered message delivery, exposing only a minimal
-amount of data easily discernible to third parties. It should
-support high degree communication as well as TCP-friendly congestion
-control, and may include PMTU detection. It should be capable of
-efficiently moving bulk data at rates sufficient for home users.
-In addition, it should support techniques for addressing network
-obstacles, like most NATs or firewalls.</p>
-
-<h2 id="addressing">Addressing and introduction</h2>
-
-<p>To contact an SSU peer, one of two sets of information is necessary:
-a direct address, for when the peer is publicly reachable, or an
-indirect address, for using a third party to introduce the peer.
-There is no restriction on the number of addresses a peer may have.</p>
-
-<pre>
- Direct: ssu://host:port/introKey[?opts=[A-Z]*]
- Indirect: ssu://tag@relayhost:port/relayIntroKey/targetIntroKey[?opts=[A-Z]*]
-</pre>
-<p>These introduction keys are delivered through an external channel
-(the network database, where they are identical to the router Hash for now)
-and must be used when establishing a session key. For the indirect
-address, the peer must first contact the relayhost and ask them for
-an introduction to the peer known at that relayhost under the given
-tag. If possible, the relayhost sends a message to the addressed
-peer telling them to contact the requesting peer, and also gives
-the requesting peer the IP and port on which the addressed peer is
-located. In addition, the peer establishing the connection must
-already know the public keys of the peer they are connecting to (but
-not necessary to any intermediary relay peer).</p>
+<h2 id="DH">DH Key Exchange</h2>
+<p>
+The initial 2048-bit DH key exchange is described on the
+<a href="udp.html#keys">SSU page</a>.
+This exchange uses the same shared prime as that used for I2P's
+<a href="how_cryptography.html#elgamal">ElGamal encryption</a>.
+</p>
-<p>Each of the addresses may also expose a series of options - special
-capabilities of that particular peer. For a list of available
-capabilities, see <a href="#capabilities">below</a>.</p>
-<h2 id="header">Header</h2>
+<h2 id="header">Message Header</h2>
<p>
All UDP datagrams begin with a 16 byte MAC (Message Authentication Code)
-and a 16 byte IV (Initialization Vector
-followed by a variable
-size payload encrypted with the appropriate key. The MAC used is
+and a 16 byte IV (Initialization Vector)
+followed by a variable-size
+payload encrypted with the appropriate key. The MAC used is
HMAC-MD5, truncated to 16 bytes, while the key is a full 32 byte AES256
key. The specific construct of the MAC is the first 16 bytes from:</p>
<pre>
HMAC-MD5(payload || IV || (payloadLength ^ protocolVersion), macKey)
</pre>
+where '||' means append.
+The payload is the message starting with the flag byte.
+The macKey is either the introduction key or the
+session key, as specified for each message below.
-<p>The protocol version is currently 0.</p>
-<p>The payload itself is AES256/CBC encrypted with the IV and the
+<p>The payload itself (that is, the message starting with the flag byte)
+is AES256/CBC encrypted with the IV and the
sessionKey, with replay prevention addressed within its body,
explained below. The payloadLength in the MAC is a 2 byte unsigned
-integer in 2s complement.</p>
+integer.</p>
-<p>The protocolVersion is a 2 byte unsigned integer in 2s complement,
-and currently set to 0. Peers using a different protocol version will
+<p>The protocolVersion is a 2 byte unsigned integer
+and is currently set to 0. Peers using a different protocol version will
not be able to communicate with this peer, though earlier versions not
using this flag are.</p>
-<h2 id="payload">Payload</h2>
-
<p>Within the AES encrypted payload, there is a minimal common structure
to the various messages - a one byte flag and a four byte sending
-timestamp (*seconds* since the unix epoch). The flag byte contains
+timestamp (seconds since the unix epoch). The flag byte contains
the following bitfields:</p>
<pre>
- bits 0-3: payload type
- bit 4: rekey?
- bit 5: extended options included
- bits 6-7: reserved
-</pre>
-
-<p>If the rekey flag is set, 64 bytes of keying material follow the
-timestamp. If the extended options flag is set, a one byte option
-size value is appended to, followed by that many extended option
-bytes, which are currently uninterpreted.</p>
-
-<p>When rekeying, the first 32 bytes of the keying material is fed
-into a SHA256 to produce the new MAC key, and the next 32 bytes are
-fed into a SHA256 to produce the new session key, though the keys are
-not immediately used. The other side should also reply with the
-rekey flag set and that same keying material. Once both sides have
-sent and received those values, the new keys should be used and the
-previous keys discarded. It may be useful to keep the old keys
-around briefly, to address packet loss and reordering.</p>
-
-<p>NOTE: Rekeying is currently unimplemented.</p>
+ Bit order: 76543210 (bit 7 is MSB)
+ bits 7-4: payload type
+ bit 3: rekey?
+ bit 2: extended options included
+ bits 1-0: reserved
+</pre>
<pre>
Header: 37+ bytes
+ Encryption starts with the flag byte.
+----+----+----+----+----+----+----+----+
| MAC |
+ + +
| |
+----+----+----+----+----+----+----+----+
| IV |
+ + +
| |
+----+----+----+----+----+----+----+----+
|flag| time | (optionally |
@@ -116,25 +79,101 @@ around briefly, to address packet loss and reordering.</p>
+---------------------------------------|
</pre>
+
+<h3 id="rekey">Rekeying</h3>
+<p>If the rekey flag is set, 64 bytes of keying material follow the
+timestamp.
+
+<p>When rekeying, the first 32 bytes of the keying material is fed
+into a SHA256 to produce the new MAC key, and the next 32 bytes are
+fed into a SHA256 to produce the new session key, though the keys are
+not immediately used. The other side should also reply with the
+rekey flag set and that same keying material. Once both sides have
+sent and received those values, the new keys should be used and the
+previous keys discarded. It may be useful to keep the old keys
+around briefly, to address packet loss and reordering.</p>
+
+<p>NOTE: Rekeying is currently unimplemented.</p>
+
+<h3 id="extend">Extended Options</h3>
+<p>
+If the extended options flag is set, a one byte option
+size value is appended, followed by that many extended option
+bytes.</p>
+
+<p>NOTE: Extended options is currently unimplemented.</p>
+
+<h2 id="padding">Padding</h2>
+<p>
+All messages contain 0 or more bytes of padding.
+Each message must be padded to a 16 byte boundary, as required by the <a href="how_cryptography.html#AES">AES256 encryption layer</a>.
+Currently, messages are not padded beyond the next 16 byte boundary.
+The fixed-size tunnel messages of 1024 bytes (at a higher layer)
+provide a significant amount of protection.
+In the future, additional padding in the transport layer up to
+a set of fixed packet sizes may be appropriate to further hide the data
+fragmentation to external adversaries.
+</p>
+
+
+<h2 id="keys">Keys</h2>
+<p>
+DSA signatures in the SessionCreated and SessionConfirmed messages are generated using
+the
+<a href="common_structures_spec.html#type_SigningPublicKey">signing public key</a>
+from the
+<a href="common_structures_spec.html#struct_RouterIdentity">router identity</a>
+which is distributed out-of-band by publishing in the network database, and the associated
+<a href="common_structures_spec.html#type_SigningPrivateKey">signing private key</a>.
+</p><p>
+Both introduction keys and session keys are 32 bytes,
+and are defined by the
+<a href="common_structures_spec.html#type_SessionKey">Common structures specification</a>.
+The key used for the MAC and encryption is specified for each message below.
+</p>
+<p>Introduction keys are delivered through an external channel
+(the network database, where they are identical to the router Hash for now).
+</p>
+
+
+<h2 id="notes">Notes</h2>
+
+<h3 id="ipv6">IPv6 Notes</h3>
+While the protocol specification supports 16-byte IPv6 addresses,
+IPv6 addressing is not currently supported within I2P.
+All IP addresses are currently 4 bytes.
+
+<h3 id="time">Timestamps</h3>
+While most of I2P uses 8-byte <a href="common_structures_spec.html#type_Date">Date</a> timestamps with
+millisecond resolution, SSU uses a 4-byte timestamp with one-second resolution.
+
+
+
+
<h2 id="messages">Messages</h2>
<p>
-There are 8 messages defined:
+There are 10 messages (payload types) defined:
</p><p>
<table border="1">
<tr><th>Type<th>Message<th>Notes
-<tr><td align="center">0<td>SessionRequest
-<tr><td align="center">1<td>SessionCreated
-<tr><td align="center">2<td>SessionConfirmed
-<tr><td align="center">8<td>SessionDestroyed<td>Unimplemented
-<tr><td align="center">3<td>RelayRequest
-<tr><td align="center">4<td>RelayResponse
-<tr><td align="center">5<td>RelayIntro
-<tr><td align="center">6<td>Data
-<tr><td align="center">7<td>PeerTest
+<tr><td align="center">0<td>SessionRequest<td>
+<tr><td align="center">1<td>SessionCreated<td>
+<tr><td align="center">2<td>SessionConfirmed<td>
+<tr><td align="center">3<td>RelayRequest<td>
+<tr><td align="center">4<td>RelayResponse<td>
+<tr><td align="center">5<td>RelayIntro<td>
+<tr><td align="center">6<td>Data<td>
+<tr><td align="center">7<td>PeerTest<td>
+<tr><td align="center">8<td>SessionDestroyed<td>Implemented as of 0.8.9
+<tr><td align="center">n/a<td>HolePunch<td>
</table>
</p>
<h3 id="sessionRequest">SessionRequest (type 0)</h3>
+<p>
+This is the first message sent to establish a session.
+</p>
+
<table border="1">
<tr><td align="right" valign="top"><b>Peer:</b></td>
<td>Alice to Bob</td></tr>
@@ -143,7 +182,7 @@ There are 8 messages defined:
<li>256 byte X, to begin the DH agreement</li>
<li>1 byte IP address size</li>
<li>that many byte representation of Bob's IP address</li>
- <li>N bytes, currently uninterpreted (later, for challenges)</li>
+ <li>N bytes, currently uninterpreted</li>
</ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td>
<td>introKey</td></tr>
@@ -165,7 +204,27 @@ There are 8 messages defined:
+----+----+----+----+----+----+----+----+
</pre>
+<p>
+Typical size including header, in current implementation: 304 bytes
+</p>
+
+<h4>Notes</h4>
+<ul><li>
+IP address is always 4 bytes in the current implementation.
+</li><li>
+The uninterpreted data could possibly be used in the future for challenges.
+</li></ul>
+
+
+IP address is always 4 bytes in the current implementation.
+
+
+
<h3 id="sessionCreated">SessionCreated (type 1)</h3>
+<p>
+This is the response to a Session Request.
+</p>
+
<table border="1">
<tr><td align="right" valign="top"><b>Peer:</b></td>
<td>Bob to Alice</td></tr>
@@ -174,18 +233,18 @@ There are 8 messages defined:
<li>256 byte Y, to complete the DH agreement</li>
<li>1 byte IP address size</li>
<li>that many byte representation of Alice's IP address</li>
- <li>2 byte port number (unsigned, big endian 2s complement)</li>
- <li>4 byte relay tag which Alice can publish (else 0x0)</li>
+ <li>2 byte Alice's port number</li>
+ <li>4 byte relay (introduction) tag which Alice can publish (else 0x00000000)</li>
<li>4 byte timestamp (seconds from the epoch) for use in the DSA
signature</li>
- <li>40 byte DSA signature of the critical exchanged data
+ <li>40 byte <a href="common_structures_spec.html#type_Signature">DSA signature</a> of the critical exchanged data
(X + Y + Alice's IP + Alice's port + Bob's IP + Bob's port + Alice's
new relay tag + Bob's signed on time), encrypted with another
layer of encryption using the negotiated sessionKey. The IV
is reused here.</li>
<li>8 bytes padding, encrypted with an additional layer of encryption
using the negotiated session key as part of the DSA block</li>
- <li>N bytes, currently uninterpreted (later, for challenges)</li>
+ <li>N bytes, currently uninterpreted</li>
</ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td>
<td>introKey, with an additional layer of encryption over the 40 byte
@@ -206,10 +265,13 @@ There are 8 messages defined:
on time | |
+----+----+ |
| DSA signature |
+ + +
| |
+ + +
| |
+ + +
| |
- | +----+----+----+----+----+----+
+ + +----+----+----+----+----+----+
| | (8 bytes of padding)
+----+----+----+----+----+----+----+----+
| |
@@ -221,64 +283,135 @@ There are 8 messages defined:
+----+----+----+----+----+----+----+----+
</pre>
+<p>
+Typical size including header, in current implementation: 368 bytes
+</p>
+
+<h4>Notes</h4>
+<ul><li>
+IP address is always 4 bytes in the current implementation.
+</li><li>
+If the relay tag is nonzero, Bob is offering to act as an introducer for Alice.
+Alice may subsequently publish Bob's address and the relay tag in the network database.
+</li><li>
+For the signature, Bob must use his external port, as that what Alice will use to verify.
+If Bob's NAT/firewall has mapped his internal port to a different external port,
+and Bob is unaware of it, the verification by Alice will fail.
+</li><li>
+See <a href="#keys">the Keys section above</a> for details on DSA signatures.
+Alice already has Bob's public signing key, from the network database.
+</li><li>
+Signed-on time appears to be unused or unverified in the current implementation.
+</li><li>
+The uninterpreted data could possibly be used in the future for challenges.
+</li></ul>
+
+
+
<h3 id="sessionConfirmed">SessionConfirmed (type 2)</h3>
+<p>
+This is the response to a Session Created message and the last step in establishing a session.
+There may be multiple Session Confirmed messages required if the Router Identity must be fragmented.
+</p>
+
<table border="1">
<tr><td align="right" valign="top"><b>Peer:</b></td>
<td>Alice to Bob</td></tr>
<tr><td align="right" valign="top"><b>Data:</b></td>
<td><ul>
<li>1 byte identity fragment info:<pre>
-bits 0-3: current identity fragment #
-bits 4-7: total identity fragments</pre></li>
+Bit order: 76543210 (bit 7 is MSB)
+bits 7-4: current identity fragment # 0-14
+bits 3-0: total identity fragments (F) 1-15</pre></li>
<li>2 byte size of the current identity fragment</li>
- <li>that many byte fragment of Alice's identity.</li>
- <li>on the last identity fragment, the signed on time is
- included after the identity fragment, and the last 40
- bytes contain the DSA signature of the critical exchanged
+ <li>that many byte fragment of Alice's
+ <a href="common_structures_spec#struct_RouterIdentity">Router Identity</a>
+ </li>
+ <li>After the last identity fragment only:
+ <ul><li>4 byte signed-on time
+ </li></ul>
+ <li>N bytes padding, currently uninterpreted
+ <li>After the last identity fragment only:
+ <ul><li>The last 40
+ bytes contain the <a href="common_structures_spec.html#type_Signature">DSA signature</a> of the critical exchanged
data (X + Y + Alice's IP + Alice's port + Bob's IP + Bob's port
+ Alice's new relay key + Alice's signed on time)</li>
+ </li></ul>
</ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td>
<td>sessionKey</td></tr>
</table>
<pre>
- <b>Fragment 1 through N-1</b>
+ <b>Fragment 0 through F-2</b>
+----+----+----+----+----+----+----+----+
|info| cursize | |
+----+----+----+ |
| fragment of Alice's full |
- | identity keys |
+ | Router Identity |
. . .
| |
+----+----+----+----+----+----+----+----+
+ | arbitrary amount of uninterpreted |
+ | data |
+ +----+----+----+----+----+----+----+----+
- <b>Fragment N:</b>
+ <b>Fragment F-1:</b>
+----+----+----+----+----+----+----+----+
|info| cursize | |
+----+----+----+ |
- | fragment of Alice's full |
- | identity keys |
+ | last fragment of Alice's full |
+ | Router Identity |
. . .
| |
+----+----+----+----+----+----+----+----+
| signed on time | |
+----+----+----+----+ |
| arbitrary amount of uninterpreted |
- | data, up from the end of the |
- | identity key to 40 bytes prior to |
+ | data, to 40 bytes prior to |
| end of the current packet |
+----+----+----+----+----+----+----+----+
| DSA signature |
+ + +
| |
+ + +
| |
+ + +
| |
+ + +
| |
+----+----+----+----+----+----+----+----+
</pre>
+<p>
+Typical size including header, in current implementation: 480 bytes
+</p>
+
+<h4>Notes</h4>
+<ul><li>
+In the current implementation, the maximum fragment size is 512 bytes.
+</li><li>
+The typical <a href="common_structures_spec.html#struct_RouterIdentity">Router Identity</a>
+is 387 bytes, so no fragmentation is usually necessary.
+</li><li>
+There is no mechanism for requesting or redelivering missing fragments.
+</li><li>
+The total fragments field F must be set identically in all fragments.
+</li><li>
+See <a href="#keys">the Keys section above</a> for details on DSA signatures.
+</li><li>
+Signed-on time appears to be unused or unverified in the current implementation.
+</li></ul>
+
+
+
+
<h3 id="sessionDestroyed">SessionDestroyed (type 8)</h3>
-Currently unimplemented, scheduled for implementation in version 0.8.1.
+<p>
+The Session Destroyed message was implemented (reception only) in release 0.8.1,
+and is never sent. Transmission implemented as of release 0.8.9.
+</p>
+
<table border="1">
<tr><td align="right" valign="top"><b>Peer:</b></td>
<td>Alice to Bob or Bob to Alice</td></tr>
@@ -295,19 +428,27 @@ Currently unimplemented, scheduled for implementation in version 0.8.1.
+----+----+----+----+----+----+----+----+
</pre>
+<p>
+Typical size including header, in current implementation: 48 bytes
+</p>
+
<h3 id="relayRequest">RelayRequest (type 3)</h3>
+<p>
+This is the first message sent from Alice to Bob to request an introduction to Charlie.
+</p>
+
<table border="1">
<tr><td align="right" valign="top"><b>Peer:</b></td>
<td>Alice to Bob</td></tr>
<tr><td align="right" valign="top"><b>Data:</b></td>
<td><ul>
- <li>4 byte relay tag</li>
+ <li>4 byte relay (introduction) tag, nonzero</li>
<li>1 byte IP address size</li>
<li>that many byte representation of Alice's IP address</li>
<li>2 byte port number (of Alice)</li>
<li>1 byte challenge size</li>
<li>that many bytes to be relayed to Charlie in the intro</li>
- <li>Alice's intro key (so Bob can reply with Charlie's info)</li>
+ <li>Alice's 32-byte introduction key (so Bob can reply with Charlie's info)</li>
<li>4 byte nonce of Alice's relay request</li>
<li>N bytes, currently uninterpreted</li>
</ul></td></tr>
@@ -317,17 +458,18 @@ Currently unimplemented, scheduled for implementation in version 0.8.1.
<pre>
+----+----+----+----+----+----+----+----+
- | relay tag |size| that many |
- +----+----+----+----+----+ +----|
- | bytes for Alice's IP address |port
- +----+----+----+----+----+----+----+----+
- (A) |size| that many challenge bytes |
- +----+----+ |
- | to be delivered to Charlie |
+ | relay tag |size| Alice IP addr
+ +----+----+----+----+----+--- +----+----|
+ | Port (A)|size| challenge bytes |
+ +----+----+----+----+ +
+ | to be delivered to Charlie |
+----+----+----+----+----+----+----+----+
| Alice's intro key |
+ + +
| |
+ + +
| |
+ + +
| |
+----+----+----+----+----+----+----+----+
| nonce | |
@@ -336,7 +478,23 @@ Currently unimplemented, scheduled for implementation in version 0.8.1.
+----+----+----+----+----+----+----+----+
</pre>
+<p>
+Typical size including header, in current implementation: 96 bytes
+</p>
+
+<h4>Notes</h4>
+<ul><li>
+IP address is always 4 bytes in the current implementation.
+</li><li>
+Challenge is unimplemented, challenge size is always zero
+</li></ul>
+
+
<h3 id="relayResponse">RelayResponse (type 4)</h3>
+<p>
+This is the response to a Relay Request and is sent from Bob to Alice.
+</p>
+
<table border="1">
<tr><td align="right" valign="top"><b>Peer:</b></td>
<td>Bob to Alice</td></tr>
@@ -344,10 +502,10 @@ Currently unimplemented, scheduled for implementation in version 0.8.1.
<td><ul>
<li>1 byte IP address size</li>
<li>that many byte representation of Charlie's IP address</li>
- <li>2 byte port number</li>
+ <li>2 byte Charlie's port number</li>
<li>1 byte IP address size</li>
<li>that many byte representation of Alice's IP address</li>
- <li>2 byte port number</li>
+ <li>2 byte Alice's port number</li>
<li>4 byte nonce sent by Alice</li>
<li>N bytes, currently uninterpreted</li>
</ul></td></tr>
@@ -357,21 +515,30 @@ Currently unimplemented, scheduled for implementation in version 0.8.1.
<pre>
+----+----+----+----+----+----+----+----+
- |size| that many bytes making up |
- +----+ +----+----+
- | Charlie's IP address | Port (C)|
+ |size| Charlie IP | Port (C)|size|
+----+----+----+----+----+----+----+----+
- |size| that many bytes making up |
- +----+ +----+----+
- | Alice's IP address | Port (A)|
+ | Alice IP | Port (A)| nonce
+----+----+----+----+----+----+----+----+
- | nonce | |
- +----+----+----+----+ |
- | arbitrary amount of uninterpreted data|
+ | arbitrary amount of |
+ +----+----+ |
+ | uninterpreted data |
+----+----+----+----+----+----+----+----+
</pre>
+<p>
+Typical size including header, in current implementation: 64 bytes
+</p>
+
+<h4>Notes</h4>
+IP address is always 4 bytes in the current implementation.
+
+
+
<h3 id="relayIntro">RelayIntro (type 5)</h3>
+<p>
+This is the introduction for Alice, which is sent from Bob to Charlie.
+</p>
+
<table border="1">
<tr><td align="right" valign="top"><b>Peer:</b></td>
<td>Bob to Charlie</td></tr>
@@ -390,33 +557,50 @@ Currently unimplemented, scheduled for implementation in version 0.8.1.
<pre>
+----+----+----+----+----+----+----+----+
- |size| that many bytes making up |
- +----+ +----+----+
- | Alice's IP address | Port (A)|
+ |size| Alice IP | Port (A)|size|
+----+----+----+----+----+----+----+----+
- |size| that many bytes of challenge |
- +----+ |
- | data relayed from Alice |
+ | that many bytes of challenge |
+ + |
+ | data relayed from Alice |
+----+----+----+----+----+----+----+----+
| arbitrary amount of uninterpreted data|
+----+----+----+----+----+----+----+----+
</pre>
+<p>
+Typical size including header, in current implementation: 48 bytes
+</p>
+
+<h4>Notes</h4>
+<ul><li>
+IP address is always 4 bytes in the current implementation.
+</li><li>
+Challenge is unimplemented, challenge size is always zero
+</li></ul>
+
+
+
+
<h3 id="data">Data (type 6)</h3>
+<p>
+This message is used for data transport and acknowledgment.
+</p>
+
<table border="1">
<tr><td align="right" valign="top"><b>Peer:</b></td>
<td>Any</td></tr>
<tr><td align="right" valign="top"><b>Data:</b></td>
<td><ul>
<li>1 byte flags:<pre>
- bit 0: explicit ACKs included
- bit 1: ACK bitfields included
- bit 2: reserved
- bit 3: explicit congestion notification
- bit 4: request previous ACKs
- bit 5: want reply
- bit 6: extended data included
- bit 7: reserved</pre></li>
+ Bit order: 76543210 (bit 7 is MSB)
+ bit 7: explicit ACKs included
+ bit 6: ACK bitfields included
+ bit 5: reserved
+ bit 4: explicit congestion notification (ECN)
+ bit 3: request previous ACKs
+ bit 2: want reply
+ bit 1: extended data included (unused, never set)
+ bit 0: reserved</pre></li>
<li>if explicit ACKs are included:<ul>
<li>a 1 byte number of ACKs</li>
<li>that many 4 byte MessageIds being fully ACKed</li>
@@ -432,35 +616,38 @@ Currently unimplemented, scheduled for implementation in version 0.8.1.
clarify, assuming fragments 0, 2, 5, and 9 have been received,
the bitfield bytes would be as follows:<pre>
byte 0
- bit 0: 1 (further bitfield bytes follow)
- bit 1: 1 (fragment 0 received)
- bit 2: 0 (fragment 1 not received)
- bit 3: 1 (fragment 2 received)
- bit 4: 0 (fragment 3 not received)
- bit 5: 0 (fragment 4 not received)
- bit 6: 1 (fragment 5 received)
- bit 7: 0 (fragment 6 not received)
+ Bit order: 76543210 (bit 7 is MSB)
+ bit 7: 1 (further bitfield bytes follow)
+ bit 6: 1 (fragment 0 received)
+ bit 5: 0 (fragment 1 not received)
+ bit 4: 1 (fragment 2 received)
+ bit 3: 0 (fragment 3 not received)
+ bit 2: 0 (fragment 4 not received)
+ bit 1: 1 (fragment 5 received)
+ bit 0: 0 (fragment 6 not received)
byte 1
- bit 0: 0 (no further bitfield bytes)
- bit 1: 0 (fragment 7 not received)
- bit 1: 0 (fragment 8 not received)
- bit 1: 1 (fragment 9 received)
- bit 1: 0 (fragment 10 not received)
- bit 1: 0 (fragment 11 not received)
+ Bit order: 76543210 (bit 7 is MSB)
+ bit 7: 0 (no further bitfield bytes)
+ bit 6: 0 (fragment 7 not received)
+ bit 5: 0 (fragment 8 not received)
+ bit 4: 1 (fragment 9 received)
+ bit 3: 0 (fragment 10 not received)
+ bit 2: 0 (fragment 11 not received)
bit 1: 0 (fragment 12 not received)
- bit 1: 0 (fragment 13 not received)</pre></li>
+ bit 0: 0 (fragment 13 not received)</pre></li>
</ul></li>
<li>If extended data included:<ul>
<li>1 byte data size</li>
<li>that many bytes of extended data (currently uninterpreted)</li></ul></li>
<li>1 byte number of fragments (can be zero)</li>
- <li>If nonzero, that many message fragments:<ul>
+ <li>If nonzero, that many message fragments. Each fragment contains:<ul>
<li>4 byte messageId</li>
<li>3 byte fragment info:<pre>
- bits 0-6: fragment #
- bit 7: isLast (1 = true)
- bits 8-9: unused
-bits 10-23: fragment size</pre></li>
+ Bit order: 76543210 (bit 7 is MSB)
+ bits 23-17: fragment # 0 - 127
+ bit 16: isLast (1 = true)
+ bits 15-14: unused
+ bits 13-0: fragment size 0 - 16383</pre></li>
<li>that many bytes</li></ul>
<li>N bytes padding, uninterpreted</li>
</ul></td></tr>
@@ -497,17 +684,66 @@ bits 10-23: fragment size</pre></li>
+----+----+----+----+----+----+----+----+
</pre>
+<h4>Notes</h4>
+<ul><li>
+The current implementation adds a limited number of duplicate acks for
+messages previously acked, if space is available.
+</li><li>
+If the number of fragments is zero, this is an ack-only or keepalive message.
+</li><li>
+The ECN feature is unimplemented, and the bit is never set.
+</li><li>
+The want reply bit is always set in the current implementation.
+</li><li>
+Extended data is unimplemented and never present.
+</li><li>
+The current implementation does not pack multiple fragments into a single packet;
+the number of fragments is always 0 or 1.
+</li><li>
+As currently implemented, maximum fragments is 64
+(maximum fragment number = 63).
+</li><li>
+As currently implemented, maximum fragment size is of course
+less than the MTU.
+</li><li>
+Take care not to exceed the maximum MTU even if there is a large number of
+ACKs to send.
+</li><li>
+The protocol allows zero-length fragments but there's no reason to send them.
+</li><li>
+In SSU, the data uses a short 5-byte I2NP header followed by the payload
+of the I2NP message instead of the standard 16-byte I2NP header.
+The short I2NP header consists only of
+the one-byte I2NP type and 4-byte expiration in seconds.
+The I2NP message ID is used as the message ID for the fragment.
+The I2NP size is assembled from the fragment sizes.
+The I2NP checksum is not required as UDP message integrity is ensured by decryption.
+</li><li>
+Message IDs are not sequence numbers and are not consecutive.
+SSU does not guarantee in-order delivery.
+While we use the I2NP message ID as the SSU message ID, from the SSU
+protocol view, they are random numbers.
+In fact, since the router uses a single Bloom filter for all peers,
+the message ID must be an actual random number.
+</li></ul>
+
+
+
<h3 id="peerTest">PeerTest (type 7)</h3>
+<p>
+See <a href="udp.html#peerTesting">the UDP overview page</a> for details.
+</p>
+
<table border="1">
<tr><td align="right" valign="top"><b>Peer:</b></td>
- <td><a href="#peerTesting">Any</a></td></tr>
+ <td>Any</td></tr>
<tr><td align="right" valign="top"><b>Data:</b></td>
<td><ul>
<li>4 byte nonce</li>
<li>1 byte IP address size</li>
<li>that many byte representation of Alice's IP address</li>
- <li>2 byte port number</li>
- <li>Alice's introduction key</li>
+ <li>2 byte Alice's port number</li>
+ <li>Alice's 32-byte introduction key</li>
<li>N bytes, currently uninterpreted</li>
</ul></td></tr>
<tr><td align="right" valign="top"><b>Key used:</b></td>
@@ -516,22 +752,81 @@ bits 10-23: fragment size</pre></li>
<pre>
+----+----+----+----+----+----+----+----+
- | test nonce |size| that many |
- +----+----+----+----+----+ |
- |bytes making up Alice's IP address |
- |----+----+----+----+----+----+----+----+
- | Port (A)| Alice or Charlie's |
- +----+----+ |
- | introduction key (Alice's is sent to |
- | Bob and Charlie, while Charlie's is | |
- | sent to Alice) |
- | +----+----+----+----+----+----+
- | | arbitrary amount of |
- |----+----+ |
+ | test nonce |size| Alice IP addr
+ +----+----+----+----+----+----+----+----+
+ | Port (A)| |
+ +----+----+----+ +
+ | Alice or Charlie's |
+ + introduction key (Alice's is sent to +
+ | Bob and Charlie, while Charlie's is |
+ + sent to Alice) +
+ | |
+ | +----+----+----+----+----+
+ | | arbitrary amount of |
+ |----+----+----+ |
| uninterpreted data |
+----+----+----+----+----+----+----+----+
</pre>
+<p>
+Typical size including header, in current implementation: 80 bytes
+</p>
+
+<h4>Notes</h4>
+IP address is always 4 bytes in the current implementation.
+
+<h3 id="holePunch">HolePunch</h3>
+<p>
+A HolePunch is simply a UDP packet with no data.
+It is unauthenticated and unencrypted.
+It does not contain a SSU header, so it does not have a message type number.
+It is sent from Charlie to Alice as a part of the Introduction sequence.
+</p>
+
+
+<h2><a name="sampleDatagrams">Sample datagrams</a></h2>
+
+<b>Minimal data message (no fragments, no ACKs, no NACKs, etc)</b><br />
+<i>(Size: 39 bytes)</i>
+
+<pre>
+ +----+----+----+----+----+----+----+----+
+ | MAC |
+ + +
+ | |
+ +----+----+----+----+----+----+----+----+
+ | IV |
+ + +
+ | |
+ +----+----+----+----+----+----+----+----+
+ |flag| time |flag|#frg| |
+ +----+----+----+----+----+----+----+ |
+ | padding to fit a full AES256 block |
+ +----+----+----+----+----+----+----+----+
+</pre>
+
+<b>Minimal data message with payload</b><br />
+<i>(Size: 46+fragmentSize bytes)</i>
+
+<pre>
+ +----+----+----+----+----+----+----+----+
+ | MAC |
+ + +
+ | |
+ +----+----+----+----+----+----+----+----+
+ | IV |
+ + +
+ | |
+ +----+----+----+----+----+----+----+----+
+ |flag| time |flag|#frg|
+ +----+----+----+----+----+----+----+----+
+ messageId | frag info | |
+ +----+----+----+----+----+----+ |
+ | that many bytes of fragment data |
+ . . .
+ | |
+ +----+----+----+----+----+----+----+----+
+</pre>
{% endblock %}
diff --git a/www.i2p2/pages/unidirectional-tunnels.html b/www.i2p2/pages/unidirectional-tunnels.html
new file mode 100644
index 0000000000000000000000000000000000000000..5d82c220a45f90161f7f33b9115f3c7e3314c5fd
--- /dev/null
+++ b/www.i2p2/pages/unidirectional-tunnels.html
@@ -0,0 +1,138 @@
+{% extends "_layout.html" %}
+{% block title %}Unidirectional Tunnels{% endblock %}
+{% block content %}
+<p>
+Updated July 2011 for release 0.8.7
+</p>
+
+<h2>Overview</h2>
+<p>
+This page describes the origins and design of I2P's unidirectional tunnels.
+For further infomrmation see:
+<ul>
+<li>
+<a href="how_tunnelrouting.html">tunnel overview page</a>
+<li>
+<a href="tunnel-alt.html">tunnel specification</a>
+</li><li>
+<a href="tunnel-alt-creation.html">tunnel creation specification</a>
+</li><li>
+<a href="tunnel_discussion.html">tunnel design discussion</a>
+</li><li>
+<a href="how_peerselection.html">peer selection</a>
+</li><li>
+<a href="meeting125.html">Meeting 125 (~13:12-13:30)</a>
+</li>
+</ul>
+</p>
+
+<h2>Review</h2>
+
+<p>
+While we aren't aware of any published research on the advantages of
+unidirecdtional tunnels,
+they appear to make it harder to detect a
+request/response pattern, which is quite possible to detect over a
+bidirectional tunnel.
+Several apps and protocols, notably HTTP,
+do transfer data in such manner. Having the traffic follow the same
+route to its destination and back could make it easier for an
+attacker who has only timing and traffic volume data to infer the path a
+tunnel is taking.
+Having the response come back along a different path arguably
+makes it harder.
+
+</p><p>
+ When dealing with
+ an internal adversary or most external adversaries, I2P's undirectional tunnels
+ expose half as much traffic data than would be exposed with bidirectional circuits
+ by simply looking at the flows themselves - an HTTP request and response would
+ follow the same path in Tor, while in I2P the packets making up the request
+ would go out through one or more outbound tunnels and the packets making up
+ the response would come back through one or more different inbound tunnels.
+
+</p><p>
+The strategy of using two separate tunnels for inbound and outbound
+communication is not the only technique available, and it does have anonymity
+implications. On the positive side, by using separate tunnels it lessens the
+traffic data exposed for analysis to participants in a tunnel - for instance,
+peers in an outbound tunnel from a web browser would only see the traffic of
+an HTTP GET, while the peers in an inbound tunnel would see the payload
+delivered along the tunnel. With bidirectional tunnels, all participants would
+have access to the fact that e.g. 1KB was sent in one direction, then 100KB
+in the other. On the negative side, using unidirectional tunnels means that
+there are two sets of peers which need to be profiled and accounted for, and
+additional care must be taken to address the increased speed of predecessor
+attacks. The tunnel pooling and building process
+(peer selection and ordering strategies)
+should minimize the worries of the predecessor attack.
+
+</p>
+
+
+<h2>Anonymity</h2>
+
+<p>
+A recent
+<a href="http://grothoff.org/christian/i2p.pdf">paper by Hermann and Grothoff</a>
+declared that I2P's unidirectional tunnels "seems to be a bad design decision".
+
+The paper's main point is that
+deanonymizations on unidirectional tunnels take a longer time, which is an
+advantage, but that an attacker can be more certain in the unidirectional case.
+Therefore, the paper claims it isn't an advantage at all, but a disadvantage, at least
+with long-living eepsites.
+
+</p><p>
+This conclusion is not fully supported by the paper. Unidirectional tunnels clearly
+mitigate other attacks and it's not clear how to trade off the risk of the
+attack in the paper
+with attacks on a bidirectional tunnel architecture.
+
+</p><p>
+This conclusion is based on an arbitrary certainty vs. time weighting
+(tradeoff) that may not be applicable in all cases. For
+example, somebody could make a list of possible IPs then issue subpoenas to
+each. Or the attacker could DDoS each in turn and via a simple
+intersection attack see if the eepsite goes down or is slowed down. So close
+may be good enough, or time may be more important.
+
+The conclusion is based on a specific weighting of the importance of certainty
+vs. time, and that weighting may be wrong, and it's definitely debatable,
+especially in a real world with subpoenas, search warrants, and other methods
+available for final confirmation.
+
+</p><p>
+A full analysis of the tradeoffs of unidirectional vs. bidirectional
+tunnels is clearly outside the scope of the paper, and has not been done
+elsewhere. For example, how does this attack compare to the numerous possible
+timing attacks published about onion-routed networks? Clearly the authors have not
+done that analysis, if it's even possible to do it
+effectively.
+
+</p><p>
+Tor uses bidirectional tunnels and has had a lot of academic review. I2P
+uses unidirectional tunnels and has had very little review. Does the lack of a
+research paper defending unidirectional tunnels mean that it is a poor design
+choice, or just that it needs more study? Timing attacks and
+distributed attacks are difficult to defend against in both I2P and Tor. The
+design intent (see references above) was that unidirectional tunnels are more
+resistant to timing attacks. However, the paper presents a somewhat different type of timing
+attack. Is this attack, innovative as it is, sufficient to label I2P's
+tunnel architecture (and thus I2P as a whole) a "bad design", and by
+implication clearly inferior to Tor, or is it just a design alternative that
+clearly needs further investigation and analysis? There are several other reasons
+to consider I2P currently inferior to Tor and other projects (small network
+size, lack of funding, lack of review) but is unidirectional tunnels really a
+reason?
+
+</p><p>
+In summary, "bad design decision" is apparently (since the paper does
+not label bidirectional tunnels "bad") shorthand for "unidirectional
+tunnels are unequivocally inferior to bidirectional tunnels", yet this
+conclusion is not supported by the paper.
+
+</p>
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/updates.html b/www.i2p2/pages/updates.html
new file mode 100644
index 0000000000000000000000000000000000000000..c8ea2f088faae31c47a1f537f40780c98fc41851
--- /dev/null
+++ b/www.i2p2/pages/updates.html
@@ -0,0 +1,118 @@
+{% extends "_layout.html" %}
+{% block title %}I2P Software Update Specification{% endblock %}
+{% block content %}
+Page last updated November 2011, current as of router version 0.8.12
+<h3>Overview</h3>
+<p>
+I2P uses a simple, yet secure, system for automated software update.
+The router console periodically pulls a news file from a configurable I2P URL.
+There is a hardcoded backup URL pointing to the project website, in case
+the default project news host goes down.
+</p><p>
+The contents of the news file are displayed on the home page of the router console.
+In addition, the news file contains the most recent version number of the software.
+If the version is higher than the router's version number, it will
+display an indication to the user that an update is available.
+</p><p>
+The router may optionally download, or download and install, the new version
+if configured to do so.
+</p>
+
+<h3>News File Specification</h3>
+<p>
+The news.xml file may contain the following elements:
+</p>
+<pre>
+<i2p.news date="$Date: 2010-01-22 00:00:00 $" />
+<i2p.release version="0.7.14" date="2010/01/22" minVersion="0.6" />
+</pre>
+
+<p>
+The elements may be included inside XML comments to prevent interpretation by browsers.
+The i2p.release element and version are required. All others are optional and are
+currently unused.
+</p><p>
+The news source is trusted only to indicate that a new version is available.
+It does not specify the URL of the update, the checksum, or any other information.
+</p>
+
+
+<h3>Update File Specification</h3>
+<p>
+The signed update file, traditionally named i2pupdate.sud,
+is simply a zip file with a prepended 56 byte header.
+The header contains:
+<ul>
+<li>
+A 40-byte <a href="common_structures_spec.html#type_signature">DSA signature</a>
+</li><li>
+A 16-byte I2P version in UTF-8, padded with trailing zeroes if necessary
+</li></ul>
+</p><p>
+The signature covers only the zip archive - not the prepended version.
+The signature must match one of the <a href="common_structures_spec.html#type_SigningPublicKey">DSA public keys</a> configured into the router,
+which has a hardcoded default list of keys of the current project release managers.
+</p><p>
+For version comparison purposes, version fields contain [0-9]*, field separators are
+'-', '_', and '.', and all other characters are ignored.
+</p><p>
+As of version 0.8.8, the version must also be specified as a zip file comment in UTF-8,
+without the trailing zeroes.
+The updating router verifes that the version in the header (not covered by the signature)
+matches the version in the zip file comment, which is covered by the signature.
+This prevents spoofing of the version number in the header.
+</p>
+
+<h3>Download and Installation</h3>
+<p>
+The router first downloads the header of the update file from one in a configurable list of I2P URLs,
+using the built-in HTTP client and proxy,
+and checks that the version is newer.
+This prevents the problem of update hosts that do not have the latest file.
+The router then downloads the full update file.
+The router verifies that the update file version is newer before installation.
+It also, of course, verifies the signature, and
+verifes that the zip file comment matches the header version, as explained above.
+</p><p>
+The zip file is extracted in the base $I2P installation directory.
+</p><p>
+As of release 0.7.12, the router supports Pack200 decompression.
+Files inside the zip archive with a .jar.pack or .war.pack suffix
+are transparently decompressed to a .jar or .war file.
+Update files containing .pack files are traditionally named with a '.su2' suffix.
+Pack200 shrinks the update files by about 60%.
+</p><p>
+As of release 0.8.7, the router will delete the libjbigi.so and libjcpuid.so files
+if the zip archive contains a lib/jbigi.jar file, so that the new files will
+be extracted from jbigi.jar.
+</p><p>
+As of release 0.8.12, if the zip archive contains a file deletelist.txt, the router will
+delete the files listed there. The format is:
+<ul><li>
+One file name per line
+</li><li>
+All file names are relative to the installation directory; no absolute file names allowed, no files starting with ".."
+</li><li>
+Comments start with '#'
+</li></ul>
+The router will then delete the deletelist.txt file.
+</p>
+
+
+<h3>Future Work</h3>
+<ul><li>
+When a new update file specification is defined, it should use a larger
+DSA signature, and the signature should cover the version.
+A file format version number might be a good idea too.
+</li><li>
+The network will eventually grow too large for update over HTTP.
+The built-in BitTorrent client, i2psnark, may be used as a distributed update method.
+This development effort was started in 2009 but is on hold until it is required.
+</li><li>
+The router update mechanism is part of the web router console.
+There is currently no provision for updates of an embedded router lacking the router console.
+</li></ul>
+
+
+
+{% endblock %}
diff --git a/www.i2p2/pages/updates_de.html b/www.i2p2/pages/updates_de.html
new file mode 100644
index 0000000000000000000000000000000000000000..15da941fb7aefb60fa8b155160841d5b1e8df252
--- /dev/null
+++ b/www.i2p2/pages/updates_de.html
@@ -0,0 +1,89 @@
+{% extends "_layout.html" %}
+{% block title %}I2P Software Update Specification{% endblock %}
+{% block content %}
+Diese Seite wurde zuletzt im September 2010 aktualisiert und bezieht sich auf die Routerversion (I2P-Version) 0.8.
+<h3>Übersicht</h3>
+<p>
+I2P setzt ein einfaches, aber sicheres System zur automatischen Softwareaktualisierung ein.
+Die Routerkonsole lädt in regelmäßigen Abständen eine Datei mit Neuigkeiten rund um I2P von einer konfigurierbaren URL.
+Für den Fall, dass der Server nicht erreichbar ist, ist eine Ersatz-URL fest einprogrammiert.
+</p><p>
+Der Inhalt der Neuigkeitendatei wird auf der Eingangsseite der Routerkonsole angezeigt.
+Zusätzlich enthält die Datei die neueste I2P-Versionsnummer.
+Wenn die Versionsnummer höher als die Routerversion ist, wird dem
+Benutzer angezeigt, dass eine neue Version verfügbar ist.
+
+</p><p>
+Wenn der Router entsprechend eingestellt ist, lädt er die neue Version
+herunter und installiert sie ggf. auch gleich.
+</p>
+
+<h3>Format der Neuigkeitendatei</h3>
+<p>
+Die Datei news.xml kann die folgenden Elemente enthalten:
+</p>
+<pre>
+<i2p.news date="$Date: 2010-01-22 00:00:00 $" />
+<i2p.release version="0.7.14" date="2010/01/22" minVersion="0.6" />
+</pre>
+
+<p>
+Elemente können in XML-Kommentaren eingeschlossen werden, wenn sie nicht im Browser angezeigt werden sollen.
+Die Elemente <tt>i2p.release</tt> und <tt>version</tt> sind Pflicht. Alle anderen sind optional und werden derzeit nicht verwendet.
+</p><p>
+Der Nachrichtenquelle wird nur insoweit vertraut, als sie angibt, ob eine neue Version verfügbar ist.
+Die Aktualisierungs-URL, die Prüfsumme und alle anderen Informationen werden daraus nicht bezogen.
+</p>
+
+
+<h3>Format der Aktualisierungsdatei</h3>
+<p>
+Die digital unterschriebene Aktualisierungsdatei ist eine Zip-Datei mit einem vorangestellten, 56 Byte langen Vorspann. Als Dateiname ist <tt>i2pupdate.sud</tt> üblich.
+Der Vorspann enthält:
+<ul>
+<li>
+Eine 40 Byte lange <a href="common_structures_spec.html#type_signature">DSA-Signatur</a> und
+</li><li>
+Eine 16 Byte lange UTF8-Zeichenkette, die die I2P-Version angibt und falls nötig am Ende mit Nullen aufgefüllt wird.
+</li></ul>
+</p><p>
+Die Signatur deckt nur die Zip-Datei, nicht den Versionsvorspann ab.
+Die Signatur muss auf einen der fest in den Router einprogrammierten <a href="common_structures_spec.html#type_SigningPublicKey">Öffentlichen DSA-Schlüssel</a> der I2P-Projektverantwortlichen passen.
+</p><p>
+Beim Versionsvergleich wird [0-9]* als Hauptversion bzw. Unterversionen und '-', '_' und '.' als Trennzeichen interpretiert; alle anderen Zeichen werden ignoriert.
+</p>
+
+<h3>Laden und Installation</h3>
+<p>
+Der Router lädt die Aktualisierungsdatei mit Hilfe des eingebauten HTTP-Klienten und -Proxys von einer URL in einer konfigurierbaren I2P-URL-Liste.
+Es sind mehrere URLs fest einprogrammiert.
+Der Router überprüft, ob die Version in der Aktualisierungsdatei neuer als die installierte Version ist. Die Signatur wird selbstverständlich auch überprüft.
+</p><p>
+Die Zip-Datei wird im Verzeichnis <tt>$I2P</tt>, d.h. im I2P-Grundverzeichnis installiert.
+</p><p>
+Neuere Routerversionen unterstützen die Pack200-Komprimierung.
+Dateien im Zip-Archiv, die auf .jar.pack oder .war.pack enden, werden selbsttätig in eine Jar- bzw. War-Datei dekomprimiert.
+Aktualisierungsdateien, die Pack200-Dateien enthalten, haben üblicherweise die Endung ".su2".
+Pack200 verkleinert die Aktualisierungsdateien um ca. 60%.
+</p>
+
+
+<h3>Zukünftige Verbesserungen</h3>
+<ul><li>
+Der Router könnte die neueste Versionsnummer mit einer HEAD-Anfrage ermitteln.
+Dadurch würde verhindert, dass statt der neuen die alte Version heruntergeladen und installiert wird, weil der Aktualisierungsserver noch nichts von der neuen Version mitbekommen hat.
+</li><li>
+Wenn irgendwann ein neues Format für die Aktualisierungsdatei festgelegt wird, sollte die DSA-Signaturschlüssellänge erhöht werden und die Signatur die Versionsnummer einschließen.
+Eine Versionsnummer für das Dateiformat wäre auch erwägenswert.
+</li><li>
+Das I2P-Netzwerk wird früher oder später für Aktualisierungen über HTTP zu groß werden.
+Mit dem eingebauten Bittorrent-Klient, I2PSnark, kann dann die Aktualisierung verteilt durchgeführt werden.
+Mit der Arbeit daran wurde 2009 begonnen; diese ruht aber, bis die Funktionalität benötigt wird.
+</li><li>
+Der Router-Aktualisierungsmechanismus ist Teil der (Web-) Routerkonsole.
+Eine Aktualisierung von Routern, die in Kleingeräten laufen und keine Routerkonsole haben, ist zur Zeit nicht möglich (außer natürlich von Hand).
+</li></ul>
+
+
+
+{% endblock %}
diff --git a/www.i2p2/runserver.py b/www.i2p2/runserver.py
new file mode 100644
index 0000000000000000000000000000000000000000..45e60621aa988cfeb26fb11605bdda5a23fbec61
--- /dev/null
+++ b/www.i2p2/runserver.py
@@ -0,0 +1,2 @@
+from i2p2www import app
+app.run(debug=True)