gnunet-svn
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] r934 - GNUnet-docs/WWW/test


From: durner
Subject: [GNUnet-SVN] r934 - GNUnet-docs/WWW/test
Date: Tue, 14 Jun 2005 11:48:03 -0700 (PDT)

Author: durner
Date: 2005-06-14 11:48:00 -0700 (Tue, 14 Jun 2005)
New Revision: 934

Modified:
   GNUnet-docs/WWW/test/protocol_p2p_core.php3
Log:
Reformat

Modified: GNUnet-docs/WWW/test/protocol_p2p_core.php3
===================================================================
--- GNUnet-docs/WWW/test/protocol_p2p_core.php3 2005-06-14 18:36:16 UTC (rev 
933)
+++ GNUnet-docs/WWW/test/protocol_p2p_core.php3 2005-06-14 18:48:00 UTC (rev 
934)
@@ -5,8 +5,9 @@
 include("html_header.php3");
 
 ANCHOR("protocol");H3("GNUnet Protocol: node-to-node: core messages");
-
+BP();
 W("The GNUnet node-to-node (peer-to-peer) procotol currently defines seven 
different messages that must be supported by all peers:");
+EP();
 echo "<ul>\n";
 LIV(extlink_("#HELO","HELO"));
 LIV(extlink_("#SKEY","SKEY"));
@@ -16,13 +17,14 @@
 LIV(extlink_("#FRAGMENT","FRAGMENT"));
 LIV(extlink_("#NOISE","NOISE"));
 echo "</ul>\n";
+BP();
 W("The most basic sequence is that a host sends a %s to any other host to 
notify it of its existance on the network.",
   extlink_("#HELO","HELO"));
 W("The recipient of the HELO sends back a %s to confirm that the host is 
actually reachable.",
   extlink_("#PING","PING"));
 W("The receiver of the PING always sends back a %s to confirm receit.",
   extlink_("#PONG","PONG"));
-BR();
+P();
 W("Later, either of the hosts sends the other host an %s message with an 
encrypted %s to initiate a connection.",
   ARRAY(extlink_("#SKEY","SKEY"),
         extlink_("#PING", "PING")));
@@ -65,7 +67,7 @@
 W("The GNUnet core adds a checksum, information about bandwidth limitations 
and sequencing information to prevent processing messages twice.");
 W("The encryption, decryption and verification is done by the GNUnet core and 
neither the application nor the transport code need to worry about it.");
 W("The format of the header that is added by the GNUnet core to each message 
is the following:");
-echo "<table border=3>\n";
+echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n";
 include("bittable.inc");
 fiveRowIntEntries("hash of the plaintext (RipeMD160)");
 rowIntEntryNBO("sequence number, 0 for plaintext");
@@ -76,13 +78,14 @@
 W("This header is followed by individual messages.");
 W("Note again that the identity of the sender must also be communicated, but 
how this is done depends on the specific transport.");
 
-P();
+EP();
 ANCHOR("HELO");H4("HELO");
 
+BP();
 W("A HELO packet is used to propagate information about participating nodes 
throughout GNUnet.");
 W("Each GNUnet node is identified by its public key K.");
 W("Throughout GNUnet, the public key of a node is often abbreviated by just 
the hash of K, short H(K).");
-BR();
+P();
 W("The HELO packet is the way nodes propagate public keys of other nodes.");
 W("Furthermore, the identity of the node is <strong>bound</strong> to an 
address.");
 W("How an address is specified depends on the underlying transport mechanism 
that is used.");
@@ -91,14 +94,14 @@
 W("GNUnet nodes can have multiple addresses and change addresses at any time, 
e.g. if the IP is dynamically assigned, like in DHCP or on dialup.");
 W("The %s is used to notify other hosts of a changed address.",
   extlink_("doxygen/html/structHELO__Message.html","HELO message"));
-BR();
+P();
 W("<strong>Security considerations</strong>.");
 W("Malicious nodes could disrupt GNUnet by telling nodes fake addresses.");
 W("As nodes forward HELOs from other nodes, malicious hosts could replace the 
address of the original node by an invalid address.");
 W("In order to prevent this, the address portion of a HELO must be signed with 
the private key of the node.");
 W("In order to prevent malicious hosts from forwarding outdated addresses, the 
signed portion of a HELO also contains a timestamp stating how long the HELO is 
going to be valid.");
 W("The administrator of each node can specify how long the HELOs signed by 
that node are going to be valid; the administrator is in the best position to 
judge how long the current address will be valid.");
-BR();
+P();
 W("Another security concern is where hosts send out valid, signed HELO 
messages with IPs of non-participating machines.");
 W("The goal of this attack could either be to flood the non-participating 
hosts with traffic (trick GNUnet into performing an attack) or to make it hard 
for the receiver to find a valid GNUnet host in the ocean of addresses that it 
learned from the HELOs.");
 W("GNUnet defends against this type of attack by sending a PING to the 
acclaimed host and only believes the HELO of a PONG is received.");
@@ -114,7 +117,7 @@
   EXTLINK_("#SKEY","SKEY"));
 W("Once an encrypted channel was formed, nodes can exchange HELOs via that 
channel.");
 
-echo "<table border=3>\n";
+echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n";
 include("bittable.inc");
 rowSizeType("556 + " . W_("sender address size"),"0");
 rowIntEntryVerbatim(extlink_("doxygen/html/structSignature.html",
@@ -132,15 +135,16 @@
     shortEntry_("transport protocol number", NBO_()));
 rowIntEntryNBO("sender address (sender address size bytes)");
 echo "</table>\n";
-P();
+EP();
 
 ANCHOR("SKEY");H4("SKEY");
+BP
 W("Sessionkeys are 128 bit keys for blowfish, a symmetric cipher that is used 
for all communication between GNUnet nodes except %ss and SKEYs themselves (for 
those, RSA with 2048 bit keys is used).",
   extlink_("#HELO","HELO"));
-BR();
+P();
 W("A session between two GNUnet nodes is the existance of a pair of 
sessionkeys between the two nodes that have been confirmed by receiving an 
encrypted PONG response to an encrypted PING challenge.");
 W("Even if the underlying protocol may be connectionless, the notion of a 
session is still meaningful for GNUnet.");
-BR();
+P();
 W("A session key exchange may be initiated by either node.");
 W("SKEYS are always encrypted with the public key of the receiving node.");
 W("The sender of a session key not only encrypts the key with the public key 
of the receiver but also signs it (together with an creation time) with its own 
private key.");
@@ -157,12 +161,12 @@
 W("The sender must remember the sessionkey and can start using it after 
receiving an acknowledgement in the form of a %s from the receiver.",
   extlink_("#PONG","PONG"));
 W("The PONG must be encrypted and can be transmitted either as part of the 
symmetrically encrpyted portion of another SKEY or as an ordinary encrypted 
message.");
-BR();
+P();
 W("The format of an %s is the following:",
   extlink_("doxygen/html/structSKEY__Message.html","SKEY message"));
 P();
 
-echo "<table border=3>\n";
+echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n";
 include("bittable.inc");
 rowSizeType("520+N","1");
 rowIntEntryNBO("creation time (not expiration!)");
@@ -172,27 +176,30 @@
 echo "</table>\n";
 W("Note that N is always either 28 or 56 bytes.");
 
-P();
+EP();
 
 ANCHOR("PING");H4("PING");
+BP();
 W("PINGs are used to test if a node receives messages correctly.");
 W("PINGs are exchanged in encrypted messages, as part of SKEYs and in 
plaintext.");
 W("The receit of a PING must be answered by a PONG with identical body (the 
receiver just changes the type).");
 W("An encrypted PING must be answered by an encrypted PONG.");
 W("It does not matter if the encrypted PONG is encrypted as part of an SKEY or 
part of an ordinary encrypted message.");
 W("The challenge number in a PING is a random number that is used to make it 
impractical for an adversary to guess the contents of the PING and thus hard to 
fake a PONG response.");
-BR();
+P();
 W("The identity stored in the PING is the identity of the receiver.");
 W("If that identity does not match, the PING must be silently discarded.");
 
-echo "<table border=3>\n";
+echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n";
 include("bittable.inc");
 rowSizeType("28","2");
 fiveRowIntEntries("receiver identity");
 rowIntEntryNBO("challenge");
 echo "</table>\n";
+EP();
 
 ANCHOR("PONG");H4("PONG");
+BP();
 W("PONGs are responses to PINGs.");
 W("If the node is not aware of a corresponding PING (or if the challenge is 
wrong), the PONG is silently dropped.");
 W("Otherwise the appropriate action corresponding to the PING is triggered.");
@@ -203,32 +210,35 @@
 fiveRowIntEntries("receiver identity");
 rowIntEntryNBO("challenge");
 echo "</table>\n";
-P();
+EP();
 
 
 ANCHOR("HANGUP");H4("HANGUP");
+BP();
 W("The format of the HANGUP message is:");
 
-echo "<table border=3>\n";
+echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n";
 include("bittable.inc");
 rowSizeType("24","4");
 fiveRowIntEntries("sender identity");
 echo "</table>\n";
 
+BP();
 W("When a HANGUP message is received, the node must stop using the current 
sessionkey (assuming the receiver is the other node involved in the 
corresponding session with the sender).");
 W("If the receiving node desires further communication with the sender, a new 
sessionkey must be exchanged.");
-P();
+EP();
 
 
 ANCHOR("FRAGMENT");H4("FRAGMENT");
+BP();
 W("Fragments are used to communicate messages that are larger than the MTU of 
the transport.");
 W("The peer sending fragments should make sure to transmit all fragments in 
sequence.");
 W("No peer is expected to reassemble multiple fragments for the same sender at 
any time.");
 W("If the receiving peer does not receive all parts of a fragment, the entire 
message has to be discarded.");
 W("The messages constructed from fragments cannot be larger than 64k.");
 W("The format for fragments is:");
-
-echo "<table border=3>\n";
+EP();
+echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n";
 include("bittable.inc");
 rowSizeType("12 + N","5");
 rowIntEntryNBO("fragment id");
@@ -236,29 +246,32 @@
     shortEntry_("total size"));
 rowIntEntry("N bytes of data");
 echo "</table>\n";
+BP();
 W("The N bytes of data from the fragment belong to a larger message of the 
given total size and are to be placed at the given offset.");
 W("Unlike IP fragmentation, GNUnet fragments should never be overlapping.");
-P();
+EP();
 
 
 
 ANCHOR("NOISE");H4("NOISE");
+BP();
 W("Noise is used to make it harder for adversaries to perform traffic 
analysis.");
 W("A node receiving noise should just silently ignore it.");
 W("Nodes may append noise to packets that are short to make all packets look 
more uniform in size.");
 W("Noise should only be used in encrypted traffic.");
 W("The format for noise is:");
-
+EP();
 echo "<table border=3>\n";
 include("bittable.inc");
 rowSizeType("&ge; 4","6");
 rowIntEntry("noise");
 echo "</table>\n";
 
+BP();
 W("The number of bytes of noise should be a multiple of 4 to preserve 
alignment.");
 W("The noise in the packet should be (pseudo) random.");
 
-P();
+EP();
 
 include("html_footer.php3");
 ?>





reply via email to

[Prev in Thread] Current Thread [Next in Thread]