diff options
Diffstat (limited to 'doc/old/handbook/chapters/user.texi')
-rw-r--r-- | doc/old/handbook/chapters/user.texi | 2603 |
1 files changed, 2603 insertions, 0 deletions
diff --git a/doc/old/handbook/chapters/user.texi b/doc/old/handbook/chapters/user.texi new file mode 100644 index 000000000..714336228 --- /dev/null +++ b/doc/old/handbook/chapters/user.texi | |||
@@ -0,0 +1,2603 @@ | |||
1 | @node Using GNUnet | ||
2 | @chapter Using GNUnet | ||
3 | |||
4 | |||
5 | This tutorial is supposed to give a first introduction for users | ||
6 | trying to do something real with GNUnet. Installation and | ||
7 | configuration are specifically outside of the scope of this tutorial. | ||
8 | Instead, we start by briefly checking that the installation works, and | ||
9 | then dive into uncomplicated, concrete practical things that can be done | ||
10 | with the framework provided by GNUnet. | ||
11 | |||
12 | In short, this chapter of the ``GNUnet Reference Documentation'' will | ||
13 | show you how to use the various peer-to-peer applications of the | ||
14 | GNUnet system. | ||
15 | As GNUnet evolves, we will add new sections for the various | ||
16 | applications that are being created. | ||
17 | |||
18 | Comments on the content of this chapter, and extensions of it are | ||
19 | always welcome. | ||
20 | |||
21 | |||
22 | @menu | ||
23 | * Start and stop GNUnet:: | ||
24 | * First steps - Using the GNU Name System:: | ||
25 | * First steps - Using GNUnet Conversation:: | ||
26 | * First steps - Using the GNUnet VPN:: | ||
27 | * File-sharing:: | ||
28 | * The GNU Name System:: | ||
29 | * reclaimID Identity Provider:: | ||
30 | * Using the Virtual Public Network:: | ||
31 | * Using the GNUnet Messenger:: | ||
32 | @end menu | ||
33 | |||
34 | @node Start and stop GNUnet | ||
35 | @section Start and stop GNUnet | ||
36 | |||
37 | Prior to using any GNUnet-based application, one has to start a node: | ||
38 | |||
39 | @example | ||
40 | $ gnunet-arm -s -l gnunet.log | ||
41 | @end example | ||
42 | |||
43 | To stop GNUnet: | ||
44 | |||
45 | @example | ||
46 | $ gnunet-arm -e | ||
47 | @end example | ||
48 | |||
49 | @node First steps - Using the GNU Name System | ||
50 | @section First steps - Using the GNU Name System | ||
51 | |||
52 | |||
53 | @menu | ||
54 | * Preliminaries:: | ||
55 | * Managing Egos:: | ||
56 | * The GNS Tab:: | ||
57 | * Creating a Record:: | ||
58 | * Resolving GNS records:: | ||
59 | * Integration with Browsers (DNS2GNS service):: | ||
60 | * Integration with Browsers (SOCKS proxy):: | ||
61 | * Creating a Business Card:: | ||
62 | * Be Social:: | ||
63 | * Backup of Identities and Egos:: | ||
64 | * Revocation:: | ||
65 | * What's Next?:: | ||
66 | @end menu | ||
67 | |||
68 | @node Preliminaries | ||
69 | @subsection Preliminaries | ||
70 | |||
71 | In the default configuration, there are two zones defined and shipped with | ||
72 | GNUnet: | ||
73 | |||
74 | The first is ``gnunet.org'', which points to the authoritate zone of the | ||
75 | GNUnet project. It can be used to resolve, for example, ``www.gnunet.org''. | ||
76 | |||
77 | ``.pin'' is another default zone which points to a special zone also managed | ||
78 | by gnunet.org. Users may register submodomains on a first-come first-served-basis | ||
79 | at @url{https://fcfs.gnunet.org}. | ||
80 | |||
81 | Use @code{gnunet-config -s gns} to view the GNS configuration, including | ||
82 | all configured zones that are operated by other users. The respective | ||
83 | configuration entry names start with a ``.'', e.g. ``.pin''. | ||
84 | |||
85 | You can configure any number of top-level domains, and point them to | ||
86 | the respective zones of your friends! For this, simply obtain the | ||
87 | respective public key (you will learn how below) and extend the | ||
88 | configuration: | ||
89 | |||
90 | @example | ||
91 | $ gnunet-config -s gns -o .myfriend -V PUBLIC_KEY | ||
92 | @end example | ||
93 | |||
94 | @node Managing Egos | ||
95 | @subsection Managing Egos | ||
96 | |||
97 | In GNUnet, identity management is about managing egos. Egos can | ||
98 | correspond to pseudonyms or real-world identities. If you value your | ||
99 | privacy, you are encouraged to use separate egos for separate | ||
100 | activities. | ||
101 | |||
102 | Technically, an ego is first of all a public-private key pair, and | ||
103 | thus egos also always correspond to a GNS zone. Egos are managed by | ||
104 | the IDENTITY service. Note that this service has nothing to do with | ||
105 | the peer identity. The IDENTITY service essentially stores the | ||
106 | private keys under human-readable names, and keeps a mapping of which | ||
107 | private key should be used for particular important system functions. | ||
108 | The existing identities can be listed using the command | ||
109 | @command{gnunet-identity --display} | ||
110 | |||
111 | @example | ||
112 | gnu - JTDVJC69NHU6GQS4B5721MV8VM7J6G2DVRGJV0ONIT6QH7OI6D50 | ||
113 | rules - GO0T87F9BPMF8NKD5A54L2AH1T0GRML539TPFSRMCEA98182QD30 | ||
114 | @end example | ||
115 | |||
116 | |||
117 | @node The GNS Tab | ||
118 | @subsection The GNS Tab | ||
119 | |||
120 | |||
121 | Maintaining your zones is through the NAMESTORE service and is discussed | ||
122 | here. You can manage your zone using @command{gnunet-identity} and | ||
123 | @command{gnunet-namestore}, or most conveniently using | ||
124 | @command{gnunet-namestore-gtk}. | ||
125 | |||
126 | We will use the GTK+ interface in this introduction. Please start | ||
127 | @command{gnunet-gkt} and switch to the GNS tab, which is the tab in | ||
128 | the middle with the letters "GNS" connected by a graph. | ||
129 | |||
130 | Next to the ``Add'' button there is a field where you can enter the | ||
131 | label (pseudonym in IDENTITY subsystem speak) of a zone you would like | ||
132 | to create. Pushing the ``Add'' button will create the zone. | ||
133 | Afterwards, you can change the label in the combo box below at any | ||
134 | time. The label will be the top-level domain that the GNU Name System | ||
135 | will resolve using your zone. For the label, you should pick | ||
136 | a name by which you would like to | ||
137 | be known by your friends (or colleagues). You should pick a label that | ||
138 | is reasonably unique within your social group. Be aware that | ||
139 | the label will be published together with every record in that zone. | ||
140 | |||
141 | Once you have created a first zone, you should see a QR code for the | ||
142 | zone on the right. Next to it is a "Copy" button to copy the public | ||
143 | key string to the clipboard. You can also save the QR code image to | ||
144 | disk. | ||
145 | |||
146 | Furthermore, you now can see the bottom part of the dialog. The | ||
147 | bottom of the window contains the existing entries in the selected zone. | ||
148 | |||
149 | @node Creating a Record | ||
150 | @subsection Creating a Record | ||
151 | |||
152 | |||
153 | We will begin by creating a simple record in your master zone. | ||
154 | To do this, click on the text "<new name>" in the table. The field is | ||
155 | editable, allowing you to enter a fresh label. Labels are restricted | ||
156 | to 63 characters and must not contain dots. For now, simply enter | ||
157 | "test", then press ENTER to confirm. This will create a new (empty) | ||
158 | record group under the label "test". Now click on "<new record>" next | ||
159 | to the new label "test". In the drop-down menu, select "A" and push | ||
160 | ENTER to confirm. Afterwards, a new dialog will pop up, asking to enter | ||
161 | details for the "A" record. | ||
162 | |||
163 | "A" records are used in the @dfn{Domain Name System} (DNS) to specify | ||
164 | IPv4 addresses. An IPv4 address is a number that is used to identify | ||
165 | and address a computer on the Internet (version 4). Please enter | ||
166 | "217.92.15.146" in the dialog below "Destination IPv4 Address" and | ||
167 | select "Record is public". Do not change any of the other options. | ||
168 | Note that as you enter a (well-formed) IPv4 address, the "Save" | ||
169 | button in the bottom right corner becomes sensitive. In general, buttons | ||
170 | in dialogs are often insensitive as long as the contents of the dialog | ||
171 | are incorrect. | ||
172 | |||
173 | Once finished, press the "Save" button. Back in the main dialog, select | ||
174 | the tiny triangle left of the "test" label. By doing so, you get to see | ||
175 | all of the records under "test". Note that you can right-click a record | ||
176 | to edit it later. | ||
177 | |||
178 | |||
179 | @node Resolving GNS records | ||
180 | @subsection Resolving GNS records | ||
181 | |||
182 | |||
183 | Next, you should try resolving your own GNS records. The method we | ||
184 | found to be the most uncomplicated is to do this by explicitly | ||
185 | resolving using @code{gnunet-gns}. For this exercise, we will assume | ||
186 | that you used the string ``gnu'' for the pseudonym (or label) of your | ||
187 | GNS zone. If you used something else, replace ``.gnu'' with your real | ||
188 | pseudonym in the examples below. | ||
189 | |||
190 | In the shell, type: | ||
191 | |||
192 | @example | ||
193 | $ gnunet-gns -u test.gnu # what follows is the reply | ||
194 | test.gnu: | ||
195 | Got `A' record: 217.92.15.146 | ||
196 | @end example | ||
197 | |||
198 | @noindent | ||
199 | That shows that resolution works, once GNS is integrated with | ||
200 | the application. | ||
201 | |||
202 | @node Integration with Browsers (DNS2GNS service) | ||
203 | @subsection Integration with Browsers (DNS2GNS service) | ||
204 | |||
205 | Most OSes allow you to either modify your @code{/etc/resolv.conf} directly or | ||
206 | through @code{resolvectl}. | ||
207 | We are going to configure the @code{dns2gns} service in order to translate DNS name | ||
208 | queries by applications to GNS name queries where applicable and else fall back | ||
209 | to DNS. | ||
210 | |||
211 | Optionally, you may want to configure your @code{dns2gns} service to run on a | ||
212 | non-priviledged port like 5353. | ||
213 | But, in case you are going to edit @code{/etc/resolv.conf} directly, the | ||
214 | @code{dns2gns} service MUST run on port 53 as you cannot specify the port number. | ||
215 | A $FALLBACK_DNS variable should be a DNS server you trust such as your local router: | ||
216 | |||
217 | @example | ||
218 | $ gnunet-config -s dns2gns -o OPTIONS -V "-d $FALLBACK_DNS -p 5252" | ||
219 | $ gnunet-arm -i dns2gns # Make sure the service is started | ||
220 | @end example | ||
221 | |||
222 | If you edit your resolv.conf directly, it should contain and entry like this: | ||
223 | |||
224 | @example | ||
225 | nameserver 127.0.0.1 | ||
226 | @end example | ||
227 | |||
228 | In any case, it is very likely that the method of modification of your | ||
229 | resolver is OS specific. | ||
230 | Recently, the combination of NetworkManager and systemd-resolved is becoming | ||
231 | increasingly popular. | ||
232 | |||
233 | If you use resolvectl and systemd-resolved you can temporarily | ||
234 | set the nameserver like this: | ||
235 | |||
236 | @example | ||
237 | $ resolvectl $INTERFACE 127.0.0.1:5353 | ||
238 | @end example | ||
239 | |||
240 | Where @code{$INTERFACE} is your network interface such as ``eth0''. | ||
241 | |||
242 | In order to automatically set the DNS2GNS server if it is running already you | ||
243 | can use NetworkManager-dispatcher. First, enable it: | ||
244 | |||
245 | @example | ||
246 | $ sudo systemctl enable NetworkManager-dispatcher.service | ||
247 | $ sudo systemctl start NetworkManager-dispatcher.service | ||
248 | @end example | ||
249 | |||
250 | Then, create a script /etc/NetworkManager/dispatch.h/10-dns2-gns.sh: | ||
251 | |||
252 | @example | ||
253 | #!/bin/sh | ||
254 | interface=$1 | ||
255 | status=$2 | ||
256 | |||
257 | if [ "$interface" = "eth0" ]; then | ||
258 | case $status in | ||
259 | up) | ||
260 | if nc -u -z 127.0.0.1 5353; then | ||
261 | resolvectl dns $interface 127.0.0.1:5353 | ||
262 | fi | ||
263 | ;; | ||
264 | down) | ||
265 | ;; | ||
266 | esac | ||
267 | fi | ||
268 | @end example | ||
269 | |||
270 | Make sure the script is owned by root and executable: | ||
271 | |||
272 | @example | ||
273 | $ sudo root:root /etc/NetworkManager/dispatch.d/10-dns2gns.sh | ||
274 | $ sudo +x /etc/NetworkManager/dispatch.d/10-dns2gns.sh | ||
275 | @end example | ||
276 | |||
277 | You can test accessing this website using your browser or curl: | ||
278 | |||
279 | @example | ||
280 | $ curl www.gnunet.org | ||
281 | @end example | ||
282 | |||
283 | Note that ``gnunet.org'' is a domain that also exists in DNS and for which the | ||
284 | GNUnet project webservers can provide trusted TLS certificates. | ||
285 | When using non-DNS names with GNS or aliases, this may result in issues | ||
286 | when accessing HTTPS websites with browsers. | ||
287 | In order learn how to provide relief for this issue, read on. | ||
288 | |||
289 | @node Integration with Browsers (SOCKS proxy) | ||
290 | @subsection Integration with Browsers (SOCKS proxy) | ||
291 | |||
292 | While we recommend integrating GNS using the DNS2GNS service or the | ||
293 | NSSwitch plugin, you can also | ||
294 | integrate GNS directly with your browser via the @code{gnunet-gns-proxy}. | ||
295 | This method can have the advantage that the proxy can validate | ||
296 | TLS/X.509 records and thus strengthen web security; however, the proxy | ||
297 | is still a bit brittle, so expect subtle failures. We have had reasonable | ||
298 | success with Chromium, and various frustrations with Firefox in this area | ||
299 | recently. | ||
300 | |||
301 | The first step is to start the proxy. As the proxy is (usually) | ||
302 | not started by default, this is done as a unprivileged user | ||
303 | using @command{gnunet-arm -i gns-proxy}. Use @command{gnunet-arm -I} | ||
304 | as a unprivileged user to check that the proxy was actually | ||
305 | started. (The most common error for why the proxy may fail to start | ||
306 | is that you did not run @command{gnunet-gns-proxy-setup-ca} during | ||
307 | installation.) The proxy is a SOCKS5 proxy running (by default) | ||
308 | on port 7777. Thus, you need to now configure your browser to use | ||
309 | this proxy. With Chromium, you can do this by starting the browser | ||
310 | as a unprivileged user using | ||
311 | @command{chromium --proxy-server="socks5://localhost:7777"} | ||
312 | For @command{Firefox} (or @command{Icecat}), select "Edit-Preferences" | ||
313 | in the menu, and then select the "Advanced" tab in the dialog | ||
314 | and then "Network": | ||
315 | |||
316 | Here, select "Settings..." to open the proxy settings dialog. | ||
317 | Select "Manual proxy configuration" and enter @code{localhost} | ||
318 | with port 7777 under SOCKS Host. Furthermore, set the | ||
319 | checkbox ``Proxy DNS when using SOCKS v5'' at the bottom of | ||
320 | the dialog. Finally, push "OK". | ||
321 | |||
322 | You must also go to about:config and change the | ||
323 | @code{browser.fixup.alternate.enabled} option to @code{false}, | ||
324 | otherwise the browser will autoblunder an address like | ||
325 | @code{@uref{http://www.gnu/, www.gnu}} to | ||
326 | @code{@uref{http://www.gnu.com/, www.gnu.com}}. If you want | ||
327 | to resolve @@ in your own TLDs, you must additionally | ||
328 | set @code{browser.fixup.dns_first_use_for_single_words} to @code{true}. | ||
329 | |||
330 | After configuring your browser, you might want to first confirm that it | ||
331 | continues to work as before. (The proxy is still experimental and if you | ||
332 | experience "odd" failures with some webpages, you might want to disable | ||
333 | it again temporarily.) Next, test if things work by typing | ||
334 | "@uref{http://test.gnu/}" into the URL bar of your browser. | ||
335 | This currently fails with (my version of) Firefox as Firefox is | ||
336 | super-smart and tries to resolve "@uref{http://www.test.gnu/}" instead of | ||
337 | "@uref{test.gnu}". Chromium can be convinced to comply if you explicitly | ||
338 | include the "http://" prefix --- otherwise a Google search might be | ||
339 | attempted, which is not what you want. If successful, you should | ||
340 | see a simple website. | ||
341 | |||
342 | Note that while you can use GNS to access ordinary websites, this is | ||
343 | more an experimental feature and not really our primary goal at this | ||
344 | time. Still, it is a possible use-case and we welcome help with testing | ||
345 | and development. | ||
346 | |||
347 | @pindex gnunet-bcd | ||
348 | @node Creating a Business Card | ||
349 | @subsection Creating a Business Card | ||
350 | @c FIXME: Which parts of texlive are needed? Some systems offer a modular | ||
351 | @c texlive (smaller size). | ||
352 | Before we can really use GNS, you should create a business card. | ||
353 | Note that this requires having @command{LaTeX} installed on your system. | ||
354 | If you are using a Debian GNU/Linux based operating system, the | ||
355 | following command should install the required components. | ||
356 | Keep in mind that this @b{requires 3GB} of downloaded data and possibly | ||
357 | @b{even more} when unpacked. On a GNU Guix based system texlive 2017 has | ||
358 | returns a DAG size of 5032.4 MiB. | ||
359 | The packages which are confirmed to be required are: | ||
360 | |||
361 | @itemize @bullet | ||
362 | @item texlive-units | ||
363 | @item texlive-labels | ||
364 | @item texlive-pst-barcode | ||
365 | @item texlive-luatex85 | ||
366 | @item texlive-preview | ||
367 | @item texlive-pdfcrop | ||
368 | @item texlive-koma-script | ||
369 | @end itemize | ||
370 | |||
371 | |||
372 | @b{We welcome any help in identifying the required components of the | ||
373 | TexLive Distribution. This way we could just state the required components | ||
374 | without pulling in the full distribution of TexLive.} | ||
375 | |||
376 | @example | ||
377 | apt-get install texlive-full | ||
378 | @end example | ||
379 | |||
380 | @noindent | ||
381 | Start creating a business card by clicking the "Copy" button | ||
382 | in @command{gnunet-namestore-gtk}. Next, you should start | ||
383 | the @command{gnunet-bcd} program (in the terminal, on the command-line). | ||
384 | You do not need to pass any options, and please be not surprised if | ||
385 | there is no output: | ||
386 | |||
387 | @example | ||
388 | $ gnunet-bcd # seems to hang... | ||
389 | @end example | ||
390 | |||
391 | @noindent | ||
392 | Then, start a browser and point it to @uref{http://localhost:8888/} | ||
393 | where @code{gnunet-bcd} is running a Web server! | ||
394 | |||
395 | First, you might want to fill in the "GNS Public Key" field by | ||
396 | right-clicking and selecting "Paste", filling in the public key | ||
397 | from the copy you made in @command{gnunet-namestore-gtk}. | ||
398 | Then, fill in all of the other fields, including your @b{GNS NICKname}. | ||
399 | Adding a GPG fingerprint is optional. | ||
400 | Once finished, click "Submit Query". | ||
401 | If your @code{LaTeX} installation is incomplete, the result will be | ||
402 | disappointing. | ||
403 | Otherwise, you should get a PDF containing fancy 5x2 double-sided | ||
404 | translated business cards with a QR code containing your public key | ||
405 | and a GNUnet logo. | ||
406 | We'll explain how to use those a bit later. | ||
407 | You can now go back to the shell running @code{gnunet-bcd} and press | ||
408 | @b{CTRL-C} to shut down the Web server. | ||
409 | |||
410 | |||
411 | @node Be Social | ||
412 | @subsection Be Social | ||
413 | |||
414 | |||
415 | Next, you should print out your business card and be social. | ||
416 | Find a friend, help them install GNUnet and exchange business cards with | ||
417 | them. Or, if you're a desperate loner, you might try the next step with | ||
418 | your own card. Still, it'll be hard to have a conversation with | ||
419 | yourself later, so it would be better if you could find a friend. | ||
420 | You might also want a camera attached to your computer, so | ||
421 | you might need a trip to the store together. | ||
422 | |||
423 | Before we get started, we need to tell @code{gnunet-qr} which zone | ||
424 | it should import new records into. For this, run: | ||
425 | |||
426 | @pindex gnunet-identity | ||
427 | @example | ||
428 | $ gnunet-identity -s namestore -e NAME | ||
429 | @end example | ||
430 | where NAME is the name of the zone you want to import records | ||
431 | into. In our running example, this would be ``gnu''. | ||
432 | |||
433 | @pindex gnunet-qr | ||
434 | Henceforth, for every business card you collect, simply run: | ||
435 | @example | ||
436 | $ gnunet-qr | ||
437 | @end example | ||
438 | |||
439 | @noindent | ||
440 | to open a window showing whatever your camera points at. | ||
441 | Hold up your friend's business card and tilt it until | ||
442 | the QR code is recognized. At that point, the window should | ||
443 | automatically close. At that point, your friend's NICKname and their | ||
444 | public key should have been automatically imported into your zone. | ||
445 | |||
446 | Assuming both of your peers are properly integrated in the | ||
447 | GNUnet network at this time, you should thus be able to | ||
448 | resolve your friends names. Suppose your friend's nickname | ||
449 | is "Bob". Then, type | ||
450 | |||
451 | @pindex gnunet-gns | ||
452 | @example | ||
453 | $ gnunet-gns -u test.bob.gnu | ||
454 | @end example | ||
455 | |||
456 | @noindent | ||
457 | to check if your friend was as good at following instructions | ||
458 | as you were. | ||
459 | |||
460 | |||
461 | @node Backup of Identities and Egos | ||
462 | @subsection Backup of Identities and Egos | ||
463 | |||
464 | |||
465 | One should always backup their files, especially in these SSD days (our | ||
466 | team has suffered 3 SSD crashes over a span of 2 weeks). Backing up peer | ||
467 | identity and zones is achieved by copying the following files: | ||
468 | |||
469 | The peer identity file can be found | ||
470 | in @file{~/.local/share/gnunet/private_key.ecc} | ||
471 | |||
472 | The private keys of your egos are stored in the | ||
473 | directory @file{~/.local/share/gnunet/identity/egos/}. | ||
474 | They are stored in files whose filenames correspond to the zones' | ||
475 | ego names. These are probably the most important files you want | ||
476 | to backup from a GNUnet installation. | ||
477 | |||
478 | Note: All these files contain cryptographic keys and they are | ||
479 | stored without any encryption. So it is advisable to backup | ||
480 | encrypted copies of them. | ||
481 | |||
482 | |||
483 | @node Revocation | ||
484 | @subsection Revocation | ||
485 | |||
486 | Now, in the situation of an attacker gaining access to the private key of | ||
487 | one of your egos, the attacker can create records in the respective | ||
488 | GNS zone | ||
489 | and publish them as if you published them. Anyone resolving your | ||
490 | domain will get these new records and when they verify they seem | ||
491 | authentic because the attacker has signed them with your key. | ||
492 | |||
493 | To address this potential security issue, you can pre-compute | ||
494 | a revocation certificate corresponding to your ego. This certificate, | ||
495 | when published on the P2P network, flags your private key as invalid, | ||
496 | and all further resolutions or other checks involving the key will fail. | ||
497 | |||
498 | @pindex gnunet-revocation | ||
499 | A revocation certificate is thus a useful tool when things go out of | ||
500 | control, but at the same time it should be stored securely. | ||
501 | Generation of the revocation certificate for a zone can be done through | ||
502 | @command{gnunet-revocation}. For example, the following command (as | ||
503 | unprivileged user) generates a revocation file | ||
504 | @file{revocation.dat} for the zone @code{zone1}: | ||
505 | @command{gnunet-revocation -f revocation.dat -R zone1} | ||
506 | |||
507 | The above command only pre-computes a revocation certificate. It does | ||
508 | not revoke the given zone. Pre-computing a revocation certificate | ||
509 | involves computing a proof-of-work and hence may take up to 4 to 5 days | ||
510 | on a modern processor. Note that you can abort and resume the | ||
511 | calculation at any time. Also, even if you did not finish the | ||
512 | calculation, the resulting file will contain the signature, which is | ||
513 | sufficient to complete the revocation process even without access to | ||
514 | the private key. So instead of waiting for a few days, you can just | ||
515 | abort with CTRL-C, backup the revocation certificate and run the | ||
516 | calculation only if your key actually was compromised. This has the | ||
517 | disadvantage of revocation taking longer after the incident, but | ||
518 | the advantage of saving a significant amount of energy. So unless | ||
519 | you believe that a key compromise will need a rapid response, we | ||
520 | urge you to wait with generating the revocation certificate. | ||
521 | Also, the calculation is deliberately expensive, to deter people from | ||
522 | doing this just for fun (as the actual revocation operation is expensive | ||
523 | for the network, not for the peer performing the revocation). | ||
524 | |||
525 | |||
526 | @c FIXME: The Manual should give away the command using an example that is | ||
527 | @c very likely to never exist. | ||
528 | To avoid TL;DR ones from accidentally revocating their zones, we are not | ||
529 | giving away the command, but it is uncomplicated: the actual revocation is | ||
530 | performed by using the @command{-p} option of @command{gnunet-revocation}. | ||
531 | |||
532 | |||
533 | @node What's Next? | ||
534 | @subsection What's Next? | ||
535 | |||
536 | |||
537 | This may seem not like much of an application yet, but you have | ||
538 | just been one of the first to perform a decentralized secure name | ||
539 | lookup (where nobody could have altered the value supplied by your | ||
540 | friend) in a privacy-preserving manner (your query on the network | ||
541 | and the corresponding response were always encrypted). So what | ||
542 | can you really do with this? Well, to start with, you can publish your | ||
543 | GnuPG fingerprint in GNS as a "CERT" record and replace the public | ||
544 | web-of-trust with its complicated trust model with explicit names | ||
545 | and privacy-preserving resolution. Also, you should read the next | ||
546 | chapter of the tutorial and learn how to use GNS to have a | ||
547 | private conversation with your friend. Finally, help us | ||
548 | with the next GNUnet release for even more applications | ||
549 | using this new public key infrastructure. | ||
550 | |||
551 | @pindex gnunet-conservation-gtk | ||
552 | @node First steps - Using GNUnet Conversation | ||
553 | @section First steps - Using GNUnet Conversation | ||
554 | |||
555 | |||
556 | First, you should launch the graphical user interface. You can do | ||
557 | this from the command-line by typing | ||
558 | |||
559 | @example | ||
560 | $ gnunet-conversation-gtk | ||
561 | @end example | ||
562 | |||
563 | @menu | ||
564 | * Testing your Audio Equipment:: | ||
565 | * GNS Zones:: | ||
566 | @end menu | ||
567 | |||
568 | @node Testing your Audio Equipment | ||
569 | @subsection Testing your Audio Equipment | ||
570 | |||
571 | |||
572 | First, you should use @code{gnunet-conversation-test} to check that your | ||
573 | microphone and speaker are working correctly. You will be prompted to | ||
574 | speak for 5 seconds, and then those 5 seconds will be replayed to you. | ||
575 | The network is not involved in this test. If it fails, you should run | ||
576 | your pulse audio configuration tool to check that microphone and | ||
577 | speaker are not muted and, if you have multiple input/output devices, | ||
578 | that the correct device is being associated with GNUnet's audio tools. | ||
579 | |||
580 | @node GNS Zones | ||
581 | @subsection GNS Zones | ||
582 | |||
583 | |||
584 | @code{gnunet-conversation} uses GNS for addressing. This means that | ||
585 | you need to have a GNS zone created before using it. Information | ||
586 | about how to create GNS zones can be found here. | ||
587 | |||
588 | |||
589 | @menu | ||
590 | * Picking an Identity:: | ||
591 | * Calling somebody:: | ||
592 | @end menu | ||
593 | |||
594 | @node Picking an Identity | ||
595 | @subsubsection Picking an Identity | ||
596 | |||
597 | |||
598 | To make a call with @code{gnunet-conversation}, you first | ||
599 | need to choose an identity. This identity is both the caller ID | ||
600 | that will show up when you call somebody else, as well as the | ||
601 | GNS zone that will be used to resolve names of users that you | ||
602 | are calling. Run | ||
603 | |||
604 | @pindex gnunet-conversation | ||
605 | @example | ||
606 | gnunet-conversation -e zone-name | ||
607 | @end example | ||
608 | |||
609 | @noindent | ||
610 | to start the command-line tool. You will see a message saying | ||
611 | that your phone is now "active on line 0". You can connect | ||
612 | multiple phones on different lines at the same peer. For the | ||
613 | first phone, the line zero is of course a fine choice. | ||
614 | |||
615 | Next, you should type in @command{/help} for a list of | ||
616 | available commands. We will explain the important ones | ||
617 | during this tutorial. First, you will need to type in | ||
618 | @command{/address} to determine the address of your | ||
619 | phone. The result should look something like this: | ||
620 | |||
621 | @example | ||
622 | /address | ||
623 | 0-PD67SGHF3E0447TU9HADIVU9OM7V4QHTOG0EBU69TFRI2LG63DR0 | ||
624 | @end example | ||
625 | |||
626 | @noindent | ||
627 | Here, the "0" is your phone line, and what follows | ||
628 | after the hyphen is your peer's identity. This information will | ||
629 | need to be placed in a PHONE record of | ||
630 | your GNS master-zone so that other users can call you. | ||
631 | |||
632 | Start @code{gnunet-namestore-gtk} now (possibly from another | ||
633 | shell) and create an entry home-phone in your master zone. | ||
634 | For the record type, select PHONE. You should then see the | ||
635 | PHONE dialog: | ||
636 | |||
637 | @image{images/gnunet-namestore-gtk-phone,5in,,Dialog to publish a PHONE record} | ||
638 | |||
639 | Note: Do not choose the expiry time to be 'Never'. If you | ||
640 | do that, you assert that this record will never change and | ||
641 | can be cached indefinitely by the DHT and the peers which | ||
642 | resolve this record. A reasonable period is 1 year. | ||
643 | |||
644 | Enter your peer identity under Peer and leave the line | ||
645 | at zero. Select the first option to make the record public. | ||
646 | If you entered your peer identity incorrectly, | ||
647 | the "Save" button will not work; you might want to use | ||
648 | copy-and-paste instead of typing in the peer identity | ||
649 | manually. Save the record. | ||
650 | |||
651 | @node Calling somebody | ||
652 | @subsubsection Calling somebody | ||
653 | |||
654 | |||
655 | Now you can call a buddy. Obviously, your buddy will have to have GNUnet | ||
656 | installed and must have performed the same steps. Also, you must have | ||
657 | your buddy in your GNS master zone, for example by having imported | ||
658 | your buddy's public key using @code{gnunet-qr}. Suppose your buddy | ||
659 | is in your zone as @code{buddy.mytld} and they also created their | ||
660 | phone using a label "home-phone". Then you can initiate a call using: | ||
661 | |||
662 | @example | ||
663 | /call home-phone.buddy.mytld | ||
664 | @end example | ||
665 | |||
666 | It may take some time for GNUnet to resolve the name and to establish | ||
667 | a link. If your buddy has your public key in their master zone, they | ||
668 | should see an incoming call with your name. If your public key is not | ||
669 | in their master zone, they will just see the public key as the caller ID. | ||
670 | |||
671 | Your buddy then can answer the call using the "/accept" command. After | ||
672 | that, (encrypted) voice data should be relayed between your two peers. | ||
673 | Either of you can end the call using @command{/cancel}. You can exit | ||
674 | @code{gnunet-conversation} using @command{/quit}. | ||
675 | |||
676 | |||
677 | @node First steps - Using the GNUnet VPN | ||
678 | @section First steps - Using the GNUnet VPN | ||
679 | |||
680 | |||
681 | |||
682 | @menu | ||
683 | * VPN Preliminaries:: | ||
684 | * GNUnet-Exit configuration:: | ||
685 | * GNS configuration:: | ||
686 | * Accessing the service:: | ||
687 | * Using a Browser:: | ||
688 | @end menu | ||
689 | |||
690 | @node VPN Preliminaries | ||
691 | @subsection VPN Preliminaries | ||
692 | |||
693 | |||
694 | To test the GNUnet VPN, we should first run a web server. | ||
695 | The easiest way to do this is to just start @code{gnunet-bcd}, | ||
696 | which will run a webserver on port @code{8888} by default. | ||
697 | Naturally, you can run some other HTTP server for our little tutorial. | ||
698 | |||
699 | If you have not done this, you should also configure your | ||
700 | Name System Service switch to use GNS. In your @code{/etc/nsswitch.conf} | ||
701 | you should fine a line like this: | ||
702 | |||
703 | @example | ||
704 | hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 | ||
705 | @end example | ||
706 | |||
707 | @noindent | ||
708 | The exact details may differ a bit, which is fine. Add the text | ||
709 | @code{gns [NOTFOUND=return]} after @code{files}: | ||
710 | |||
711 | @example | ||
712 | hosts: files gns [NOTFOUND=return] mdns4_minimal [NOTFOUND=return] dns mdns4 | ||
713 | @end example | ||
714 | |||
715 | @c TODO: outdated section, we no longer install this as part of the | ||
716 | @c TODO: standard installation procedure and should point out the manual | ||
717 | @c TODO: steps required to make it useful. | ||
718 | @noindent | ||
719 | You might want to make sure that @code{/lib/libnss_gns.so.2} exists on | ||
720 | your system, it should have been created during the installation. | ||
721 | If not, re-run | ||
722 | |||
723 | @example | ||
724 | $ configure --with-nssdir=/lib | ||
725 | $ cd src/gns/nss; sudo make install | ||
726 | @end example | ||
727 | |||
728 | @noindent | ||
729 | to install the NSS plugins in the proper location. | ||
730 | |||
731 | @node GNUnet-Exit configuration | ||
732 | @subsection GNUnet-Exit configuration | ||
733 | |||
734 | |||
735 | Stop your peer (as user @code{gnunet}, run @command{gnunet-arm -e}) and | ||
736 | run @command{gnunet-setup}. In @command{gnunet-setup}, make sure to | ||
737 | activate the @strong{EXIT} and @strong{GNS} services in the General tab. | ||
738 | Then select the Exit tab. Most of the defaults should be fine (but | ||
739 | you should check against the screenshot that they have not been modified). | ||
740 | In the bottom area, enter @code{bcd} under Identifier and change the | ||
741 | Destination to @code{169.254.86.1:8888} (if your server runs on a port | ||
742 | other than 8888, change the 8888 port accordingly). | ||
743 | |||
744 | Now exit @command{gnunet-setup} and restart your peer | ||
745 | (@command{gnunet-arm -s}). | ||
746 | |||
747 | @node GNS configuration | ||
748 | @subsection GNS configuration | ||
749 | |||
750 | |||
751 | Now, using your normal user (not the @code{gnunet} system user), run | ||
752 | @command{gnunet-namestore-gtk}. Add a new label www in your | ||
753 | master zone. For the record type, select @code{VPN}. You should then | ||
754 | see the VPN dialog: | ||
755 | |||
756 | @image{images/gnunet-namestore-gtk-vpn,5in,,Dialog to publish a VPN record} | ||
757 | |||
758 | Under peer, you need to supply the peer identity of your own peer. You can | ||
759 | obtain the respective string by running @command{gnunet-peerinfo -sq} | ||
760 | as the @code{gnunet} user. For the Identifier, you need to supply the same | ||
761 | identifier that we used in the Exit setup earlier, so here supply "bcd". | ||
762 | If you want others to be able to use the service, you should probably make | ||
763 | the record public. For non-public services, you should use a passphrase | ||
764 | instead of the string "bcd". Save the record and | ||
765 | exit @command{gnunet-namestore-gtk}. | ||
766 | |||
767 | @node Accessing the service | ||
768 | @subsection Accessing the service | ||
769 | |||
770 | |||
771 | You should now be able to access your webserver. Type in: | ||
772 | |||
773 | @example | ||
774 | $ wget http://www.gnu/ | ||
775 | @end example | ||
776 | |||
777 | @noindent | ||
778 | The request will resolve to the VPN record, telling the GNS resolver | ||
779 | to route it via the GNUnet VPN. The GNS resolver will ask the | ||
780 | GNUnet VPN for an IPv4 address to return to the application. The | ||
781 | VPN service will use the VPN information supplied by GNS to create | ||
782 | a tunnel (via GNUnet's MESH service) to the EXIT peer. | ||
783 | At the EXIT, the name "bcd" and destination port (80) will be mapped | ||
784 | to the specified destination IP and port. While all this is currently | ||
785 | happening on just the local machine, it should also work with other | ||
786 | peers --- naturally, they will need a way to access your GNS zone | ||
787 | first, for example by learning your public key from a QR code on | ||
788 | your business card. | ||
789 | |||
790 | @node Using a Browser | ||
791 | @subsection Using a Browser | ||
792 | |||
793 | |||
794 | Sadly, modern browsers tend to bypass the Name Services Switch and | ||
795 | attempt DNS resolution directly. You can either run | ||
796 | a @code{gnunet-dns2gns} DNS proxy, or point the browsers to an | ||
797 | HTTP proxy. When we tried it, Iceweasel did not like to connect to | ||
798 | the socks proxy for @code{.gnu} TLDs, even if we disabled its | ||
799 | autoblunder of changing @code{.gnu} to ".gnu.com". Still, | ||
800 | using the HTTP proxy with Chrome does work. | ||
801 | |||
802 | @node File-sharing | ||
803 | @section File-sharing | ||
804 | |||
805 | |||
806 | This chapter documents the GNUnet file-sharing application. The original | ||
807 | file-sharing implementation for GNUnet was designed to provide | ||
808 | @strong{anonymous} file-sharing. However, over time, we have also added | ||
809 | support for non-anonymous file-sharing (which can provide better | ||
810 | performance). Anonymous and non-anonymous file-sharing are quite | ||
811 | integrated in GNUnet and, except for routing, share most of the concepts | ||
812 | and implementation. There are three primary file-sharing operations: | ||
813 | publishing, searching and downloading. For each of these operations, | ||
814 | the user specifies an @strong{anonymity level}. If both the publisher and | ||
815 | the searcher/downloader specify "no anonymity", non-anonymous | ||
816 | file-sharing is used. If either user specifies some desired degree | ||
817 | of anonymity, anonymous file-sharing will be used. | ||
818 | |||
819 | After a short introduction, we will first look at the various concepts | ||
820 | in GNUnet's file-sharing implementation. Then, we will discuss | ||
821 | specifics as to how they impact users that publish, search or download | ||
822 | files. | ||
823 | |||
824 | |||
825 | @menu | ||
826 | * fs-Searching:: | ||
827 | * fs-Downloading:: | ||
828 | * fs-Publishing:: | ||
829 | * fs-Concepts:: | ||
830 | * Namespace Management:: | ||
831 | * File-Sharing URIs:: | ||
832 | * GTK User Interface:: | ||
833 | @end menu | ||
834 | |||
835 | @node fs-Searching | ||
836 | @subsection Searching | ||
837 | |||
838 | |||
839 | The command @command{gnunet-search} can be used to search | ||
840 | for content on GNUnet. The format is: | ||
841 | |||
842 | @example | ||
843 | $ gnunet-search [-t TIMEOUT] KEYWORD | ||
844 | @end example | ||
845 | |||
846 | @noindent | ||
847 | The @command{-t} option specifies that the query should timeout after | ||
848 | approximately TIMEOUT seconds. A value of zero (``0'') is interpreted | ||
849 | as @emph{no timeout}, which is the default. In this case, | ||
850 | @command{gnunet-search} will never terminate (unless you press | ||
851 | @command{CTRL-C}). | ||
852 | |||
853 | If multiple words are passed as keywords, they will all be | ||
854 | considered optional. Prefix keywords with a "+" to make them mandatory. | ||
855 | |||
856 | Note that searching using | ||
857 | |||
858 | @example | ||
859 | $ gnunet-search Das Kapital | ||
860 | @end example | ||
861 | |||
862 | @noindent | ||
863 | is not the same as searching for | ||
864 | |||
865 | @example | ||
866 | $ gnunet-search "Das Kapital" | ||
867 | @end example | ||
868 | |||
869 | @noindent | ||
870 | as the first will match files shared under the keywords | ||
871 | "Das" or "Kapital" whereas the second will match files | ||
872 | shared under the keyword "Das Kapital". | ||
873 | |||
874 | Search results are printed by @command{gnunet-search} like this: | ||
875 | |||
876 | @c it will be better the avoid the ellipsis altogether because I don't | ||
877 | @c understand the explanation below that | ||
878 | @c ng0: who is ``I'' and what was the complete sentence? | ||
879 | @example | ||
880 | #15: | ||
881 | gnunet-download -o "COPYING" gnunet://fs/chk/PGK8M...3EK130.75446 | ||
882 | |||
883 | @end example | ||
884 | |||
885 | @noindent | ||
886 | The whole line is the command you would have to enter to download | ||
887 | the file. The first argument passed to @code{-o} is the suggested | ||
888 | filename (you may change it to whatever you like). | ||
889 | It is followed by the key for decrypting the file, the query for | ||
890 | searching the file, a checksum (in hexadecimal) finally the size of | ||
891 | the file in bytes. | ||
892 | |||
893 | @node fs-Downloading | ||
894 | @subsection Downloading | ||
895 | |||
896 | |||
897 | In order to download a file, you need the whole line returned by | ||
898 | @command{gnunet-search}. | ||
899 | You can then use the tool @command{gnunet-download} to obtain the file: | ||
900 | |||
901 | @example | ||
902 | $ gnunet-download -o <FILENAME> <GNUNET-URL> | ||
903 | @end example | ||
904 | |||
905 | @noindent | ||
906 | FILENAME specifies the name of the file where GNUnet is supposed | ||
907 | to write the result. Existing files are overwritten. If the | ||
908 | existing file contains blocks that are identical to the | ||
909 | desired download, those blocks will not be downloaded again | ||
910 | (automatic resume). | ||
911 | |||
912 | If you want to download the GPL from the previous example, | ||
913 | you do the following: | ||
914 | |||
915 | @example | ||
916 | $ gnunet-download -o "COPYING" gnunet://fs/chk/PGK8M...3EK130.75446 | ||
917 | @end example | ||
918 | |||
919 | @noindent | ||
920 | If you ever have to abort a download, you can continue it at any time by | ||
921 | re-issuing @command{gnunet-download} with the same filename. | ||
922 | In that case, GNUnet will @strong{not} download blocks again that are | ||
923 | already present. | ||
924 | |||
925 | GNUnet's file-encoding mechanism will ensure file integrity, even if the | ||
926 | existing file was not downloaded from GNUnet in the first place. | ||
927 | |||
928 | You may want to use the @command{-V} switch to turn on verbose | ||
929 | reporting. In this case, @command{gnunet-download} will print the | ||
930 | current number of bytes downloaded whenever new data was received. | ||
931 | |||
932 | @node fs-Publishing | ||
933 | @subsection Publishing | ||
934 | |||
935 | |||
936 | The command @command{gnunet-publish} can be used to add content | ||
937 | to the network. The basic format of the command is | ||
938 | |||
939 | @example | ||
940 | $ gnunet-publish [-n] [-k KEYWORDS]* [-m TYPE:VALUE] FILENAME | ||
941 | @end example | ||
942 | |||
943 | For example | ||
944 | @example | ||
945 | $ gnunet-publish -m "description:GNU License" -k gpl -k test -m "mimetype:text/plain" COPYING | ||
946 | @end example | ||
947 | |||
948 | @menu | ||
949 | * Important command-line options:: | ||
950 | * Indexing vs. Inserting:: | ||
951 | @end menu | ||
952 | |||
953 | @node Important command-line options | ||
954 | @subsubsection Important command-line options | ||
955 | |||
956 | |||
957 | The option @code{-k} is used to specify keywords for the file that | ||
958 | should be inserted. You can supply any number of keywords, | ||
959 | and each of the keywords will be sufficient to locate and | ||
960 | retrieve the file. Please note that you must use the @code{-k} option | ||
961 | more than once -- one for each expression you use as a keyword for | ||
962 | the filename. | ||
963 | |||
964 | The -m option is used to specify meta-data, such as descriptions. | ||
965 | You can use -m multiple times. The TYPE passed must be from the | ||
966 | list of meta-data types known to libextractor. You can obtain this | ||
967 | list by running @command{extract -L}. Use quotes around the entire | ||
968 | meta-data argument if the value contains spaces. The meta-data | ||
969 | is displayed to other users when they select which files to | ||
970 | download. The meta-data and the keywords are optional and | ||
971 | may be inferred using @code{GNU libextractor}. | ||
972 | |||
973 | @command{gnunet-publish} has a few additional options to handle | ||
974 | namespaces and directories. Refer to the man-page for details: | ||
975 | |||
976 | @example | ||
977 | man gnunet-publish | ||
978 | @end example | ||
979 | |||
980 | @node Indexing vs. Inserting | ||
981 | @subsubsection Indexing vs Inserting | ||
982 | |||
983 | |||
984 | By default, GNUnet indexes a file instead of making a full copy. | ||
985 | This is much more efficient, but requires the file to stay unaltered | ||
986 | at the location where it was when it was indexed. If you intend to move, | ||
987 | delete or alter a file, consider using the option @code{-n} which will | ||
988 | force GNUnet to make a copy of the file in the database. | ||
989 | |||
990 | Since it is much less efficient, this is strongly discouraged for large | ||
991 | files. When GNUnet indexes a file (default), GNUnet does @strong{not} | ||
992 | create an additional encrypted copy of the file but just computes a | ||
993 | summary (or index) of the file. That summary is approximately two percent | ||
994 | of the size of the original file and is stored in GNUnet's database. | ||
995 | Whenever a request for a part of an indexed file reaches GNUnet, | ||
996 | this part is encrypted on-demand and send out. This way, there is no | ||
997 | need for an additional encrypted copy of the file to stay anywhere | ||
998 | on the drive. This is different from other systems, such as Freenet, | ||
999 | where each file that is put online must be in Freenet's database in | ||
1000 | encrypted format, doubling the space requirements if the user wants | ||
1001 | to preserve a directly accessible copy in plaintext. | ||
1002 | |||
1003 | Thus indexing should be used for all files where the user will keep | ||
1004 | using this file (at the location given to gnunet-publish) and does | ||
1005 | not want to retrieve it back from GNUnet each time. If you want to | ||
1006 | remove a file that you have indexed from the local peer, use the tool | ||
1007 | @command{gnunet-unindex} to un-index the file. | ||
1008 | |||
1009 | The option @code{-n} may be used if the user fears that the file might | ||
1010 | be found on their drive (assuming the computer comes under the control | ||
1011 | of an adversary). When used with the @code{-n} flag, the user has a | ||
1012 | much better chance of denying knowledge of the existence of the file, | ||
1013 | even if it is still (encrypted) on the drive and the adversary is | ||
1014 | able to crack the encryption (e.g. by guessing the keyword. | ||
1015 | |||
1016 | @node fs-Concepts | ||
1017 | @subsection Concepts | ||
1018 | |||
1019 | |||
1020 | For better results with filesharing it is useful to understand the | ||
1021 | following concepts. | ||
1022 | In addition to anonymous routing GNUnet attempts to give users a better | ||
1023 | experience in searching for content. GNUnet uses cryptography to safely | ||
1024 | break content into smaller pieces that can be obtained from different | ||
1025 | sources without allowing participants to corrupt files. GNUnet makes it | ||
1026 | difficult for an adversary to send back bogus search results. GNUnet | ||
1027 | enables content providers to group related content and to establish a | ||
1028 | reputation. Furthermore, GNUnet allows updates to certain content to be | ||
1029 | made available. This section is supposed to introduce users to the | ||
1030 | concepts that are used to achieve these goals. | ||
1031 | |||
1032 | |||
1033 | @menu | ||
1034 | * Files:: | ||
1035 | * Keywords:: | ||
1036 | * Directories:: | ||
1037 | * Egos and File-Sharing:: | ||
1038 | * Namespaces:: | ||
1039 | * Advertisements:: | ||
1040 | * Anonymity level:: | ||
1041 | * Content Priority:: | ||
1042 | * Replication:: | ||
1043 | @end menu | ||
1044 | |||
1045 | @node Files | ||
1046 | @subsubsection Files | ||
1047 | |||
1048 | |||
1049 | A file in GNUnet is just a sequence of bytes. Any file-format is allowed | ||
1050 | and the maximum file size is theoretically @math{2^64 - 1} bytes, except | ||
1051 | that it would take an impractical amount of time to share such a file. | ||
1052 | GNUnet itself never interprets the contents of shared files, except when | ||
1053 | using GNU libextractor to obtain keywords. | ||
1054 | |||
1055 | @node Keywords | ||
1056 | @subsubsection Keywords | ||
1057 | |||
1058 | |||
1059 | Keywords are the most simple mechanism to find files on GNUnet. | ||
1060 | Keywords are @strong{case-sensitive} and the search string | ||
1061 | must always match @strong{exactly} the keyword used by the | ||
1062 | person providing the file. Keywords are never transmitted in | ||
1063 | plaintext. The only way for an adversary to determine the keyword | ||
1064 | that you used to search is to guess it (which then allows the | ||
1065 | adversary to produce the same search request). Since providing | ||
1066 | keywords by hand for each shared file is tedious, GNUnet uses | ||
1067 | GNU libextractor to help automate this process. Starting a | ||
1068 | keyword search on a slow machine can take a little while since | ||
1069 | the keyword search involves computing a fresh RSA key to formulate the | ||
1070 | request. | ||
1071 | |||
1072 | @node Directories | ||
1073 | @subsubsection Directories | ||
1074 | |||
1075 | |||
1076 | A directory in GNUnet is a list of file identifiers with meta data. | ||
1077 | The file identifiers provide sufficient information about the files | ||
1078 | to allow downloading the contents. Once a directory has been created, | ||
1079 | it cannot be changed since it is treated just like an ordinary file | ||
1080 | by the network. Small files (of a few kilobytes) can be inlined in | ||
1081 | the directory, so that a separate download becomes unnecessary. | ||
1082 | |||
1083 | Directories are shared just like ordinary files. If you download a | ||
1084 | directory with @command{gnunet-download}, you can use | ||
1085 | @command{gnunet-directory} to list its contents. The canonical | ||
1086 | extension for GNUnet directories when stored as files in your | ||
1087 | local file-system is ".gnd". The contents of a directory are URIs and | ||
1088 | meta data. | ||
1089 | The URIs contain all the information required by | ||
1090 | @command{gnunet-download} to retrieve the file. The meta data | ||
1091 | typically includes the mime-type, description, a filename and | ||
1092 | other meta information, and possibly even the full original file | ||
1093 | (if it was small). | ||
1094 | |||
1095 | @node Egos and File-Sharing | ||
1096 | @subsubsection Egos and File-Sharing | ||
1097 | |||
1098 | When sharing files, it is sometimes desirable to build a reputation as | ||
1099 | a source for quality information. With egos, publishers can | ||
1100 | (cryptographically) sign files, thereby demonstrating that various | ||
1101 | files were published by the same entity. An ego thus allows users to | ||
1102 | link different publication events, thereby deliberately reducing | ||
1103 | anonymity to pseudonymity. | ||
1104 | |||
1105 | Egos used in GNUnet's file-sharing for such pseudonymous publishing | ||
1106 | also correspond to the egos used to identify and sign zones in the | ||
1107 | GNU Name System. However, if the same ego is used for file-sharing | ||
1108 | and for a GNS zone, this will weaken the privacy assurances provided | ||
1109 | by the anonymous file-sharing protocol. | ||
1110 | |||
1111 | Note that an ego is NOT bound to a GNUnet peer. There can be multiple | ||
1112 | egos for a single user, and users could (theoretically) share | ||
1113 | the private keys of an ego by copying the respective private keys. | ||
1114 | |||
1115 | |||
1116 | @node Namespaces | ||
1117 | @subsubsection Namespaces | ||
1118 | |||
1119 | A namespace is a set of files that were signed by the same ego. | ||
1120 | Today, namespaces are implemented independently of GNS zones, but | ||
1121 | in the future we plan to merge the two such that a GNS zone can | ||
1122 | basically contain files using a file-sharing specific record type. | ||
1123 | |||
1124 | Files (or directories) that have been signed and placed into a | ||
1125 | namespace can be updated. Updates are identified as authentic if the | ||
1126 | same secret key was used to sign the update. | ||
1127 | |||
1128 | @node Advertisements | ||
1129 | @subsubsection Advertisements | ||
1130 | |||
1131 | Advertisements are used to notify other users about the existence of a | ||
1132 | namespace. Advertisements are propagated using the normal keyword | ||
1133 | search. When an advertisement is received (in response to a search), | ||
1134 | the namespace is added to the list of namespaces available in the | ||
1135 | namespace-search dialogs of gnunet-fs-gtk and printed by | ||
1136 | @code{gnunet-identity}. Whenever a namespace is created, an | ||
1137 | appropriate advertisement can be generated. The default keyword for | ||
1138 | the advertising of namespaces is "namespace". | ||
1139 | |||
1140 | |||
1141 | @node Anonymity level | ||
1142 | @subsubsection Anonymity level | ||
1143 | |||
1144 | The anonymity level determines how hard it should be for an adversary to | ||
1145 | determine the identity of the publisher or the searcher/downloader. An | ||
1146 | anonymity level of zero means that anonymity is not required. The default | ||
1147 | anonymity level of "1" means that anonymous routing is desired, but no | ||
1148 | particular amount of cover traffic is necessary. A powerful adversary | ||
1149 | might thus still be able to deduce the origin of the traffic using | ||
1150 | traffic analysis. Specifying higher anonymity levels increases the | ||
1151 | amount of cover traffic required. | ||
1152 | |||
1153 | The specific numeric value (for anonymity levels above 1) is simple: | ||
1154 | Given an anonymity level L (above 1), each request FS makes on your | ||
1155 | behalf must be hidden in L-1 equivalent requests of cover traffic | ||
1156 | (traffic your peer routes for others) in the same time-period. The | ||
1157 | time-period is twice the average delay by which GNUnet artificially | ||
1158 | delays traffic. | ||
1159 | |||
1160 | While higher anonymity levels may offer better privacy, they can also | ||
1161 | significantly hurt performance. | ||
1162 | |||
1163 | |||
1164 | @node Content Priority | ||
1165 | @subsubsection Content Priority | ||
1166 | |||
1167 | Depending on the peer's configuration, GNUnet peers migrate content | ||
1168 | between peers. Content in this sense are individual blocks of a file, | ||
1169 | not necessarily entire files. When peers run out of space (due to | ||
1170 | local publishing operations or due to migration of content from other | ||
1171 | peers), blocks sometimes need to be discarded. GNUnet first always | ||
1172 | discards expired blocks (typically, blocks are published with an | ||
1173 | expiration of about two years in the future; this is another option). | ||
1174 | If there is still not enough space, GNUnet discards the blocks with the | ||
1175 | lowest priority. The priority of a block is decided by its popularity | ||
1176 | (in terms of requests from peers we trust) and, in case of blocks | ||
1177 | published locally, the base-priority that was specified by the user | ||
1178 | when the block was published initially. | ||
1179 | |||
1180 | |||
1181 | @node Replication | ||
1182 | @subsubsection Replication | ||
1183 | |||
1184 | When peers migrate content to other systems, the replication level | ||
1185 | of a block is used to decide which blocks need to be migrated most | ||
1186 | urgently. GNUnet will always push the block with the highest | ||
1187 | replication level into the network, and then decrement the replication | ||
1188 | level by one. If all blocks reach replication level zero, the | ||
1189 | selection is simply random. | ||
1190 | |||
1191 | |||
1192 | @node Namespace Management | ||
1193 | @subsection Namespace Management | ||
1194 | |||
1195 | The @code{gnunet-identity} tool can be used to create egos. | ||
1196 | By default, @code{gnunet-identity --display} simply | ||
1197 | lists all locally available egos. | ||
1198 | |||
1199 | |||
1200 | @menu | ||
1201 | * Creating Egos:: | ||
1202 | * Deleting Egos:: | ||
1203 | @end menu | ||
1204 | |||
1205 | @node Creating Egos | ||
1206 | @subsubsection Creating Egos | ||
1207 | |||
1208 | With the @command{--create=NICK} option it can also be used to create a new | ||
1209 | ego. An ego is the virtual identity of the entity in control of a | ||
1210 | namespace or GNS zone. Anyone can create any number of egos. The | ||
1211 | provided NICK name automatically corresponds to a GNU Name System | ||
1212 | domain name. Thus, henceforth name resolution for any name ending in | ||
1213 | ``.NICK'' will use the NICK's zone. You should avoid using NICKs that | ||
1214 | collide with well-known DNS names. | ||
1215 | |||
1216 | Currently, the IDENTITY subsystem supports two types of identity keys: | ||
1217 | ECDSA and EdDSA. By default, ECDSA identities are creates with ECDSA keys. | ||
1218 | In order to create an identity with EdDSA keys, you can use the | ||
1219 | @command{--eddsa} flag. | ||
1220 | |||
1221 | @node Deleting Egos | ||
1222 | @subsubsection Deleting Egos | ||
1223 | |||
1224 | With the @command{-D NICK} option egos can be deleted. Once the ego | ||
1225 | has been deleted it is impossible to add content to the corresponding | ||
1226 | namespace or zone. However, the existing GNS zone data is currently | ||
1227 | not dropped. This may change in the future. | ||
1228 | |||
1229 | Deleting the pseudonym does not make the namespace or any content in | ||
1230 | it unavailable. | ||
1231 | |||
1232 | @node File-Sharing URIs | ||
1233 | @subsection File-Sharing URIs | ||
1234 | |||
1235 | |||
1236 | GNUnet (currently) uses four different types of URIs for | ||
1237 | file-sharing. They all begin with "gnunet://fs/". | ||
1238 | This section describes the four different URI types in detail. | ||
1239 | |||
1240 | For FS URIs empty KEYWORDs are not allowed. Quotes are allowed to | ||
1241 | denote whitespace between words. Keywords must contain a balanced | ||
1242 | number of double quotes. Doubles quotes can not be used in the actual | ||
1243 | keywords. This means that the string '""foo bar""' will be turned | ||
1244 | into two OR-ed keywords 'foo' and 'bar', not into '"foo bar"'. | ||
1245 | |||
1246 | @menu | ||
1247 | * Encoding of hash values in URIs:: | ||
1248 | * Content Hash Key (chk):: | ||
1249 | * Location identifiers (loc):: | ||
1250 | * Keyword queries (ksk):: | ||
1251 | * Namespace content (sks):: | ||
1252 | @end menu | ||
1253 | |||
1254 | @node Encoding of hash values in URIs | ||
1255 | @subsubsection Encoding of hash values in URIs | ||
1256 | |||
1257 | |||
1258 | Most URIs include some hash values. Hashes are encoded using | ||
1259 | base32hex (RFC 2938). | ||
1260 | |||
1261 | @cindex chk-uri | ||
1262 | @node Content Hash Key (chk) | ||
1263 | @subsubsection Content Hash Key (chk) | ||
1264 | |||
1265 | |||
1266 | A chk-URI is used to (uniquely) identify a file or directory | ||
1267 | and to allow peers to download the file. Files are stored in | ||
1268 | GNUnet as a tree of encrypted blocks. | ||
1269 | The chk-URI thus contains the information to download and decrypt | ||
1270 | those blocks. A chk-URI has the format | ||
1271 | "gnunet://fs/chk/KEYHASH.QUERYHASH.SIZE". Here, "SIZE" | ||
1272 | is the size of the file (which allows a peer to determine the | ||
1273 | shape of the tree), KEYHASH is the key used to decrypt the file | ||
1274 | (also the hash of the plaintext of the top block) and QUERYHASH | ||
1275 | is the query used to request the top-level block (also the hash | ||
1276 | of the encrypted block). | ||
1277 | |||
1278 | @cindex loc-uri | ||
1279 | @node Location identifiers (loc) | ||
1280 | @subsubsection Location identifiers (loc) | ||
1281 | |||
1282 | |||
1283 | For non-anonymous file-sharing, loc-URIs are used to specify which | ||
1284 | peer is offering the data (in addition to specifying all of the | ||
1285 | data from a chk-URI). Location identifiers include a digital | ||
1286 | signature of the peer to affirm that the peer is truly the | ||
1287 | origin of the data. The format is | ||
1288 | "gnunet://fs/loc/KEYHASH.QUERYHASH.SIZE.PEER.SIG.EXPTIME". | ||
1289 | Here, "PEER" is the public key of the peer (in GNUnet format in | ||
1290 | base32hex), SIG is the RSA signature (in GNUnet format in | ||
1291 | base32hex) and EXPTIME specifies when the signature expires | ||
1292 | (in milliseconds after 1970). | ||
1293 | |||
1294 | @cindex ksk-uri | ||
1295 | @node Keyword queries (ksk) | ||
1296 | @subsubsection Keyword queries (ksk) | ||
1297 | |||
1298 | |||
1299 | A keyword-URI is used to specify that the desired operation | ||
1300 | is the search using a particular keyword. The format is simply | ||
1301 | "gnunet://fs/ksk/KEYWORD". Non-ASCII characters can be specified | ||
1302 | using the typical URI-encoding (using hex values) from HTTP. | ||
1303 | "+" can be used to specify multiple keywords (which are then | ||
1304 | logically "OR"-ed in the search, results matching both keywords | ||
1305 | are given a higher rank): "gnunet://fs/ksk/KEYWORD1+KEYWORD2". | ||
1306 | ksk-URIs must not begin or end with the plus ('+') character. | ||
1307 | Furthermore they must not contain '++'. | ||
1308 | |||
1309 | @cindex sks-uri | ||
1310 | @node Namespace content (sks) | ||
1311 | @subsubsection Namespace content (sks) | ||
1312 | |||
1313 | |||
1314 | @b{Please note that the text in this subsection is outdated and needs} | ||
1315 | @b{to be rewritten for version 0.10!} | ||
1316 | @b{This especially concerns the terminology of Pseudonym/Ego/Identity.} | ||
1317 | |||
1318 | Namespaces are sets of files that have been approved by some (usually | ||
1319 | pseudonymous) user --- typically by that user publishing all of the | ||
1320 | files together. A file can be in many namespaces. A file is in a | ||
1321 | namespace if the owner of the ego (aka the namespace's private key) | ||
1322 | signs the CHK of the file cryptographically. An SKS-URI is used to | ||
1323 | search a namespace. The result is a block containing meta data, | ||
1324 | the CHK and the namespace owner's signature. The format of a sks-URI | ||
1325 | is "gnunet://fs/sks/NAMESPACE/IDENTIFIER". Here, "NAMESPACE" | ||
1326 | is the public key for the namespace. "IDENTIFIER" is a freely | ||
1327 | chosen keyword (or password!). A commonly used identifier is | ||
1328 | "root" which by convention refers to some kind of index or other | ||
1329 | entry point into the namespace. | ||
1330 | |||
1331 | @node GTK User Interface | ||
1332 | @subsection GTK User Interface | ||
1333 | This chapter describes first steps for file-sharing with GNUnet. | ||
1334 | To start, you should launch @command{gnunet-fs-gtk}. | ||
1335 | |||
1336 | As we want to be sure that the network contains the data that we are | ||
1337 | looking for for testing, we need to begin by publishing a file. | ||
1338 | |||
1339 | @menu | ||
1340 | * gtk-Publishing:: | ||
1341 | * gtk-Searching:: | ||
1342 | * gtk-Downloading:: | ||
1343 | @end menu | ||
1344 | |||
1345 | @node gtk-Publishing | ||
1346 | @subsubsection Publishing | ||
1347 | |||
1348 | |||
1349 | To publish a file, select "File Sharing" in the menu bar just below the | ||
1350 | "Statistics" icon, and then select "Publish" from the menu. | ||
1351 | |||
1352 | Afterwards, the following publishing dialog will appear: | ||
1353 | |||
1354 | @image{images/gnunet-gtk-0-10-fs-publish,5in,,The gnunet-fs-gtk publishing dialog} | ||
1355 | |||
1356 | In this dialog, select the "Add File" button. This will open a | ||
1357 | file selection dialog: | ||
1358 | |||
1359 | @image{images/gnunet-gtk-0-10-fs-publish-select,5in,,Dialog to select the file to publish (looks may differ for other Gtk+ versions)} | ||
1360 | |||
1361 | Now, you should select a file from your computer to be published on | ||
1362 | GNUnet. To see more of GNUnet's features later, you should pick a | ||
1363 | PNG or JPEG file this time. You can leave all of the other options | ||
1364 | in the dialog unchanged. Confirm your selection by pressing the "OK" | ||
1365 | button in the bottom right corner. Now, you will briefly see a | ||
1366 | "Messages..." dialog pop up, but most likely it will be too short for | ||
1367 | you to really read anything. That dialog is showing you progress | ||
1368 | information as GNUnet takes a first look at the selected file(s). | ||
1369 | For a normal image, this is virtually instant, but if you later | ||
1370 | import a larger directory you might be interested in the progress dialog | ||
1371 | and potential errors that might be encountered during processing. | ||
1372 | After the progress dialog automatically disappears, your file | ||
1373 | should now appear in the publishing dialog: | ||
1374 | |||
1375 | @image{images/gnunet-gtk-0-10-fs-publish-with-file,5in,,Publishing dialog with file added} | ||
1376 | |||
1377 | Now, select the file (by clicking on the file name) and then click | ||
1378 | the "Edit" button. This will open the editing dialog: | ||
1379 | |||
1380 | @image{images/gnunet-gtk-0-10-fs-publish-editing,5in,,Editing meta data of a file to be published} | ||
1381 | |||
1382 | In this dialog, you can see many details about your file. In the | ||
1383 | top left area, you can see meta data extracted about the file, | ||
1384 | such as the original filename, the mimetype and the size of the image. | ||
1385 | In the top right, you should see a preview for the image | ||
1386 | (if GNU libextractor was installed correctly with the | ||
1387 | respective plugins). Note that if you do not see a preview, this | ||
1388 | is not a disaster, but you might still want to install more of | ||
1389 | GNU libextractor in the future. In the bottom left, the dialog contains | ||
1390 | a list of keywords. These are the keywords under which the file will be | ||
1391 | made available. The initial list will be based on the extracted meta data. | ||
1392 | Additional publishing options are in the right bottom corner. We will | ||
1393 | now add an additional keyword to the list of keywords. This is done by | ||
1394 | entering the keyword above the keyword list between the label "Keyword" | ||
1395 | and the "Add keyword" button. Enter "test" and select "Add keyword". | ||
1396 | Note that the keyword will appear at the bottom of the existing keyword | ||
1397 | list, so you might have to scroll down to see it. Afterwards, push the | ||
1398 | "OK" button at the bottom right of the dialog. | ||
1399 | |||
1400 | You should now be back at the "Publish content on GNUnet" dialog. Select | ||
1401 | "Execute" in the bottom right to close the dialog and publish your file | ||
1402 | on GNUnet! Afterwards, you should see the main dialog with a new area | ||
1403 | showing the list of published files (or ongoing publishing operations | ||
1404 | with progress indicators). | ||
1405 | |||
1406 | @node gtk-Searching | ||
1407 | @subsubsection Searching | ||
1408 | |||
1409 | |||
1410 | Below the menu bar, there are four entry widges labeled "Namespace", | ||
1411 | "Keywords", "Anonymity" and "Mime-type" (from left to right). These | ||
1412 | widgets are used to control searching for files in GNUnet. Between the | ||
1413 | "Keywords" and "Anonymity" widgets, there is also a big "Search" button, | ||
1414 | which is used to initiate the search. We will ignore the "Namespace", | ||
1415 | "Anonymity" and "Mime-type" options in this tutorial, please leave them | ||
1416 | empty. Instead, simply enter "test" under "Keywords" and press "Search". | ||
1417 | Afterwards, you should immediately see a new tab labeled after your | ||
1418 | search term, followed by the (current) number of search | ||
1419 | results --- "(15)" in our screenshot. Note that your results may | ||
1420 | vary depending on what other users may have shared and how your | ||
1421 | peer is connected. | ||
1422 | |||
1423 | You can now select one of the search results. Once you do this, | ||
1424 | additional information about the result should be displayed on the | ||
1425 | right. If available, a preview image should appear on the top right. | ||
1426 | Meta data describing the file will be listed at the bottom right. | ||
1427 | |||
1428 | Once a file is selected, at the bottom of the search result list | ||
1429 | a little area for downloading appears. | ||
1430 | |||
1431 | @node gtk-Downloading | ||
1432 | @subsubsection Downloading | ||
1433 | |||
1434 | |||
1435 | In the downloading area, you can select the target directory (default is | ||
1436 | "Downloads") and specify the desired filename (by default the filename it | ||
1437 | taken from the meta data of the published file). Additionally, you can | ||
1438 | specify if the download should be anonymous and (for directories) if | ||
1439 | the download should be recursive. In most cases, you can simply start | ||
1440 | the download with the "Download!" button. | ||
1441 | |||
1442 | Once you selected download, the progress of the download will be | ||
1443 | displayed with the search result. You may need to resize the result | ||
1444 | list or scroll to the right. The "Status" column shows the current | ||
1445 | status of the download, and "Progress" how much has been completed. | ||
1446 | When you close the search tab (by clicking on the "X" button next to | ||
1447 | the "test" label), ongoing and completed downloads are not aborted | ||
1448 | but moved to a special "*" tab. | ||
1449 | |||
1450 | You can remove completed downloads from the "*" tab by clicking the | ||
1451 | cleanup button next to the "*". You can also abort downloads by right | ||
1452 | clicking on the respective download and selecting "Abort download" | ||
1453 | from the menu. | ||
1454 | |||
1455 | That's it, you now know the basics for file-sharing with GNUnet! | ||
1456 | |||
1457 | |||
1458 | @node The GNU Name System | ||
1459 | @section The GNU Name System | ||
1460 | |||
1461 | |||
1462 | |||
1463 | The GNU Name System (GNS) is secure and decentralized naming system. | ||
1464 | It allows its users to register names as @dfn{top-level domains} (TLDs) and | ||
1465 | resolve other namespaces within their TLDs. | ||
1466 | |||
1467 | GNS is designed to provide: | ||
1468 | @itemize @bullet | ||
1469 | @item Censorship resistance | ||
1470 | @item Query privacy | ||
1471 | @item Secure name resolution | ||
1472 | @item Compatibility with DNS | ||
1473 | @end itemize | ||
1474 | |||
1475 | For the initial configuration and population of your | ||
1476 | GNS installation, please follow the GNS setup instructions. | ||
1477 | The remainder of this chapter will provide some background on GNS | ||
1478 | and then describe how to use GNS in more detail. | ||
1479 | |||
1480 | Unlike DNS, GNS does not rely on central root zones or authorities. | ||
1481 | Instead any user administers their own root and can can create arbitrary | ||
1482 | name value mappings. Furthermore users can delegate resolution to other | ||
1483 | users' zones just like DNS NS records do. Zones are uniquely identified | ||
1484 | via public keys and resource records are signed using the corresponding | ||
1485 | public key. Delegation to another user's zone is done using special PKEY | ||
1486 | records and petnames. A petname is a name that can be freely chosen by | ||
1487 | the user. This results in non-unique name-value mappings as | ||
1488 | @code{@uref{http://www.bob.gnu/, www.bob.gnu}} to one user might be | ||
1489 | @code{@uref{http://www.friend.gnu/, www.friend.gnu}} for someone else. | ||
1490 | |||
1491 | |||
1492 | @menu | ||
1493 | * Creating a Zone:: | ||
1494 | * Maintaining your own Zones:: | ||
1495 | * Obtaining your Zone Key:: | ||
1496 | * Adding Links to Other Zones:: | ||
1497 | * Using Public Keys as Top Level Domains:: | ||
1498 | * Resource Records in GNS:: | ||
1499 | * Synchronizing with legacy DNS:: | ||
1500 | * Migrating an existing DNS zone into GNS:: | ||
1501 | @end menu | ||
1502 | |||
1503 | |||
1504 | @node Creating a Zone | ||
1505 | @subsection Creating a Zone | ||
1506 | |||
1507 | To use GNS, you probably should create at least one zone of your own. | ||
1508 | You can create any number of zones using the gnunet-identity tool | ||
1509 | using: | ||
1510 | |||
1511 | @example | ||
1512 | $ gnunet-identity --create="myzone" | ||
1513 | @end example | ||
1514 | |||
1515 | Henceforth, on your system you control the TLD ``myzone''. | ||
1516 | |||
1517 | All of your zones can be listed (displayed) using the | ||
1518 | @command{gnunet-identity} command line tool as well: | ||
1519 | |||
1520 | @example | ||
1521 | $ gnunet-identity --display | ||
1522 | @end example | ||
1523 | |||
1524 | @node Maintaining your own Zones | ||
1525 | @subsection Maintaining your own Zones | ||
1526 | |||
1527 | @noindent | ||
1528 | Now you can add (or edit, or remove) records in your GNS zone using the | ||
1529 | @command{gnunet-namestore-gtk} GUI or using the @command{gnunet-namestore} | ||
1530 | command-line tool. | ||
1531 | In either case, your records will be stored in an SQL database under | ||
1532 | control of the @command{gnunet-service-namestore}. | ||
1533 | Note that if multiple users use one peer, the namestore database will | ||
1534 | include the combined records of all users. | ||
1535 | However, users will not be able to see each other's records | ||
1536 | if they are marked as private. | ||
1537 | |||
1538 | To provide a short example for editing your own zone, suppose you | ||
1539 | have your own web server with the IP @code{1.2.3.4}. Then you can put an | ||
1540 | @code{A} record (@code{A} records in DNS are for IPv4 IP addresses) | ||
1541 | into your local zone ``myzone'' using the command: | ||
1542 | |||
1543 | @example | ||
1544 | $ gnunet-namestore -z myzone -a -n www -t A -V 1.2.3.4 -e never | ||
1545 | @end example | ||
1546 | |||
1547 | @noindent | ||
1548 | Afterwards, you will be able to access your webpage under "www.myzone" | ||
1549 | (assuming your webserver does not use virtual hosting, if it does, | ||
1550 | please read up on setting up the GNS proxy). | ||
1551 | |||
1552 | Similar commands will work for other types of DNS and GNS records, | ||
1553 | the syntax largely depending on the type of the record. | ||
1554 | Naturally, most users may find editing the zones using the | ||
1555 | @command{gnunet-namestore-gtk} GUI to be easier. | ||
1556 | |||
1557 | @node Obtaining your Zone Key | ||
1558 | @subsection Obtaining your Zone Key | ||
1559 | |||
1560 | Each zone in GNS has a public-private key. Usually, gnunet-namestore and | ||
1561 | gnunet-setup will access your private key as necessary, so you do not | ||
1562 | have to worry about those. What is important is your public key | ||
1563 | (or rather, the hash of your public key), as you will likely want to | ||
1564 | give it to others so that they can securely link to you. | ||
1565 | |||
1566 | You can usually get the hash of your public key using | ||
1567 | |||
1568 | @example | ||
1569 | $ gnunet-identity -d $options | grep myzone | awk '@{print $3@}' | ||
1570 | @end example | ||
1571 | |||
1572 | @noindent | ||
1573 | For example, the output might be something like: | ||
1574 | |||
1575 | @example | ||
1576 | DC3SEECJORPHQNVRH965A6N74B1M37S721IG4RBQ15PJLLPJKUE0 | ||
1577 | @end example | ||
1578 | |||
1579 | @noindent | ||
1580 | Alternatively, you can obtain a QR code with your zone key AND your | ||
1581 | pseudonym from gnunet-namestore-gtk. The QR code is displayed in the | ||
1582 | main window and can be stored to disk using the ``Save as'' button | ||
1583 | next to the image. | ||
1584 | |||
1585 | @node Adding Links to Other Zones | ||
1586 | @subsection Adding Links to Other Zones | ||
1587 | |||
1588 | |||
1589 | A central operation in GNS is the ability to securely delegate to | ||
1590 | other zones. Basically, by adding a delegation you make all of the | ||
1591 | names from the other zone available to yourself. This section | ||
1592 | describes how to create delegations. | ||
1593 | |||
1594 | Suppose you have a friend who you call 'bob' who also uses GNS. | ||
1595 | You can then delegate resolution of names to Bob's zone by adding | ||
1596 | a PKEY record to their local zone: | ||
1597 | |||
1598 | @example | ||
1599 | $ gnunet-namestore -a -n bob --type PKEY -V XXXX -e never -Z myzone | ||
1600 | @end example | ||
1601 | |||
1602 | @noindent | ||
1603 | Note that ``XXXX'' in the command above must be replaced with the hash | ||
1604 | of Bob's public key (the output your friend obtained using the | ||
1605 | @command{gnunet-identity} command from the previous section and told | ||
1606 | you, for example by giving you a business card containing this | ||
1607 | information as a QR code). | ||
1608 | |||
1609 | Assuming Bob has an ``A'' record for their website under the name of | ||
1610 | ``www'' in his zone, you can then access Bob's website under | ||
1611 | ``www.bob.myzone'' --- as well as any (public) GNS record that Bob has | ||
1612 | in their zone by replacing www with the respective name of the | ||
1613 | record in Bob's zone. | ||
1614 | |||
1615 | @c themselves? themself? | ||
1616 | Furthermore, if Bob has themselves a (public) delegation to Carol's | ||
1617 | zone under "carol", you can access Carol's records under | ||
1618 | ``NAME.carol.bob.myzone'' (where ``NAME'' is the name of Carol's | ||
1619 | record you want to access). | ||
1620 | |||
1621 | |||
1622 | @node Using Public Keys as Top Level Domains | ||
1623 | @subsection Using Public Keys as Top Level Domains | ||
1624 | |||
1625 | |||
1626 | GNS also assumes responsibility for any name that uses in a | ||
1627 | well-formed public key for the TLD. Names ending this way are then | ||
1628 | resolved by querying the respective zone. Such public key TLDs are | ||
1629 | expected to be used under rare circumstances where globally unique | ||
1630 | names are required, and for integration with legacy systems. | ||
1631 | |||
1632 | @node Resource Records in GNS | ||
1633 | @subsection Resource Records in GNS | ||
1634 | |||
1635 | |||
1636 | GNS supports the majority of the DNS records as defined in | ||
1637 | @uref{http://www.ietf.org/rfc/rfc1035.txt, RFC 1035}. Additionally, | ||
1638 | GNS defines some new record types the are unique to the GNS system. | ||
1639 | For example, GNS-specific resource records are used to give petnames | ||
1640 | for zone delegation, revoke zone keys and provide some compatibility | ||
1641 | features. | ||
1642 | |||
1643 | For some DNS records, GNS does extended processing to increase their | ||
1644 | usefulness in GNS. In particular, GNS introduces special names | ||
1645 | referred to as "zone relative names". Zone relative names are allowed | ||
1646 | in some resource record types (for example, in NS and CNAME records) | ||
1647 | and can also be used in links on webpages. Zone relative names end | ||
1648 | in ".+" which indicates that the name needs to be resolved relative | ||
1649 | to the current authoritative zone. The extended processing of those | ||
1650 | names will expand the ".+" with the correct delegation chain to the | ||
1651 | authoritative zone (replacing ".+" with the name of the location | ||
1652 | where the name was encountered) and hence generate a | ||
1653 | valid GNS name. | ||
1654 | |||
1655 | The GNS currently supports the record types as defined in | ||
1656 | @uref{https://git.gnunet.org/gana.git/tree/gnu-name-system-record-types/registry.rec, GANA}. | ||
1657 | In addition, GNS supports DNS record types, such as A, AAAA or TXT. | ||
1658 | |||
1659 | For a complete description of the records, please refer to the specification | ||
1660 | at @uref{https://lsd.gnunet.org/lsd0001, LSD0001}. | ||
1661 | |||
1662 | In the following, we discuss GNS records with specific behaviour or special | ||
1663 | handling of DNS records. | ||
1664 | |||
1665 | @menu | ||
1666 | * NICK:: | ||
1667 | * PKEY:: | ||
1668 | * BOX:: | ||
1669 | * LEHO:: | ||
1670 | * VPN:: | ||
1671 | * REDIRECT:: | ||
1672 | * GNS2DNS:: | ||
1673 | * TOMBSTONE:: | ||
1674 | * SOA SRV PTR and MX:: | ||
1675 | @end menu | ||
1676 | |||
1677 | @node NICK | ||
1678 | @subsubsection NICK | ||
1679 | |||
1680 | A NICK record is used to give a zone a name. With a NICK record, you | ||
1681 | can essentially specify how you would like to be called. GNS expects | ||
1682 | this record under the empty label ``@@'' in the zone's database | ||
1683 | (NAMESTORE); however, it will then automatically be copied into each | ||
1684 | record set, so that clients never need to do a separate lookup to | ||
1685 | discover the NICK record. Also, users do not usually have to worry | ||
1686 | about setting the NICK record: it is automatically set to the local | ||
1687 | name of the TLD. | ||
1688 | |||
1689 | @b{Example}@ | ||
1690 | |||
1691 | @example | ||
1692 | Name: @@; RRType: NICK; Value: bob | ||
1693 | @end example | ||
1694 | |||
1695 | @noindent | ||
1696 | This record in Bob's zone will tell other users that this zone wants | ||
1697 | to be referred to as 'bob'. Note that nobody is obliged to call Bob's | ||
1698 | zone 'bob' in their own zones. It can be seen as a | ||
1699 | recommendation ("Please call this zone 'bob'"). | ||
1700 | |||
1701 | @node PKEY | ||
1702 | @subsubsection PKEY | ||
1703 | |||
1704 | PKEY records are used to add delegation to other users' zones and | ||
1705 | give those zones a petname. | ||
1706 | |||
1707 | @b{Example}@ | ||
1708 | |||
1709 | Let Bob's zone be identified by the hash "ABC012". Bob is your friend | ||
1710 | so you want to give them the petname "friend". Then you add the | ||
1711 | following record to your zone: | ||
1712 | |||
1713 | @example | ||
1714 | Name: friend; RRType: PKEY; Value: ABC012; | ||
1715 | @end example | ||
1716 | |||
1717 | @noindent | ||
1718 | This will allow you to resolve records in bob's zone | ||
1719 | under "*.friend.gnu". | ||
1720 | |||
1721 | @node BOX | ||
1722 | @subsubsection BOX | ||
1723 | |||
1724 | BOX records are there to integrate information from TLSA or | ||
1725 | SRV records under the main label. In DNS, TLSA and SRV records | ||
1726 | use special names of the form @code{_port._proto.(label.)*tld} to | ||
1727 | indicate the port number and protocol (like TCP or UDP) for which | ||
1728 | the TLSA or SRV record is valid. This causes various problems, and | ||
1729 | is elegantly solved in GNS by integrating the protocol and port | ||
1730 | numbers together with the respective value into a "BOX" record. | ||
1731 | Note that in the GUI, you do not get to edit BOX records directly | ||
1732 | right now --- the GUI will provide the illusion of directly | ||
1733 | editing the TLSA and SRV records, even though they internally | ||
1734 | are BOXed up. | ||
1735 | |||
1736 | @node LEHO | ||
1737 | @subsubsection LEHO | ||
1738 | |||
1739 | The LEgacy HOstname of a server. Some webservers expect a specific | ||
1740 | hostname to provide a service (virtual hosting). Also SSL | ||
1741 | certificates usually contain DNS names. To provide the expected | ||
1742 | legacy DNS name for a server, the LEHO record can be used. | ||
1743 | To mitigate the just mentioned issues the GNS proxy has to be used. | ||
1744 | The GNS proxy will use the LEHO information to apply the necessary | ||
1745 | transformations. | ||
1746 | |||
1747 | @node VPN | ||
1748 | @subsubsection VPN | ||
1749 | |||
1750 | GNS allows easy access to services provided by the GNUnet Virtual Public | ||
1751 | Network. When the GNS resolver encounters a VPN record it will contact | ||
1752 | the VPN service to try and allocate an IPv4/v6 address (if the queries | ||
1753 | record type is an IP address) that can be used to contact the service. | ||
1754 | |||
1755 | @b{Example}@ | ||
1756 | |||
1757 | I want to provide access to the VPN service "web.gnu." on port 80 on peer | ||
1758 | ABC012:@ | ||
1759 | Name: www; RRType: VPN; Value: 80 ABC012 web.gnu. | ||
1760 | |||
1761 | The peer ABC012 is configured to provide an exit point for the service | ||
1762 | "web.gnu." on port 80 to it's server running locally on port 8080 by | ||
1763 | having the following lines in the @file{gnunet.conf} configuration file: | ||
1764 | |||
1765 | @example | ||
1766 | [web.gnunet.] | ||
1767 | TCP_REDIRECTS = 80:localhost4:8080 | ||
1768 | @end example | ||
1769 | |||
1770 | @node REDIRECT | ||
1771 | @subsubsection REDIRECT | ||
1772 | |||
1773 | As specified in LSD0001 whenever a REDIRECT is encountered the query | ||
1774 | needs to be restarted with the specified name. A REDIRECT | ||
1775 | can either be: | ||
1776 | |||
1777 | @itemize @bullet | ||
1778 | @item A zone relative name, | ||
1779 | @item A zkey name or | ||
1780 | @item A DNS name (in which case resolution will continue outside | ||
1781 | of GNS with the systems DNS resolver) | ||
1782 | @end itemize | ||
1783 | |||
1784 | @node GNS2DNS | ||
1785 | @subsubsection GNS2DNS | ||
1786 | |||
1787 | GNS can delegate authority to a legacy DNS zone. For this, the | ||
1788 | name of the DNS nameserver and the name of the DNS zone are | ||
1789 | specified in a GNS2DNS record. | ||
1790 | |||
1791 | @b{Example} | ||
1792 | |||
1793 | @example | ||
1794 | Name: pet; RRType: GNS2DNS; Value: gnunet.org@@a.ns.joker.com | ||
1795 | @end example | ||
1796 | |||
1797 | @noindent | ||
1798 | Any query to @code{pet.gnu} will then be delegated to the DNS server at | ||
1799 | @code{a.ns.joker.com}. For example, | ||
1800 | @code{@uref{http://www.pet.gnu/, www.pet.gnu}} will result in a DNS query | ||
1801 | for @code{@uref{http://www.gnunet.org/, www.gnunet.org}} to the server | ||
1802 | at @code{a.ns.joker.com}. Delegation to DNS via NS records in GNS can | ||
1803 | be useful if you do not want to start resolution in the DNS root zone | ||
1804 | (due to issues such as censorship or availability). | ||
1805 | |||
1806 | Note that you would typically want to use a relative name for the | ||
1807 | nameserver, like so: | ||
1808 | |||
1809 | @example | ||
1810 | Name: pet; RRType: GNS2DNS; Value: gnunet.org@@ns-joker.+@ | ||
1811 | |||
1812 | Name: ns-joker; RRType: A; Value: 184.172.157.218 | ||
1813 | @end example | ||
1814 | |||
1815 | @noindent | ||
1816 | This way, you can avoid involving the DNS hierarchy in the resolution of | ||
1817 | @code{a.ns.joker.com}. In the example above, the problem may not be | ||
1818 | obvious as the nameserver for "gnunet.org" is in the ".com" zone. | ||
1819 | However, imagine the nameserver was "ns.gnunet.org". In this case, | ||
1820 | delegating to "ns.gnunet.org" would mean that despite using GNS, | ||
1821 | censorship in the DNS ".org" zone would still be effective. | ||
1822 | |||
1823 | @node TOMBSTONE | ||
1824 | @subsubsection TOMBSTONE | ||
1825 | |||
1826 | The GNUnet GNS implementation uses the TOMBSTONE record to ensure | ||
1827 | ciphertext indistinguishability for published records. | ||
1828 | It must be ensured that when relative expiration times are decreased, the | ||
1829 | expiration time of the next record block MUST be after the last published block. | ||
1830 | A similar issue arises if the record set under a label is deleted and reused | ||
1831 | later. | ||
1832 | |||
1833 | The creation and maintenance of the TOMBSTONE record is done automatically. | ||
1834 | You do not need to mind it yourself and can safely ignore any TOMBSTONE | ||
1835 | blocks you may see when investigating your zone(s). | ||
1836 | TOMBSTONE records are always private and will never be published. | ||
1837 | |||
1838 | @node SOA SRV PTR and MX | ||
1839 | @subsubsection SOA SRV PTR and MX | ||
1840 | |||
1841 | The domain names in those records can, again, be either | ||
1842 | |||
1843 | @itemize @bullet | ||
1844 | @item A zone relative name, | ||
1845 | @item A zkey name or | ||
1846 | @item A DNS name | ||
1847 | @end itemize | ||
1848 | |||
1849 | The resolver will expand the zone relative name if possible. | ||
1850 | Note that when using MX records within GNS, the target mail | ||
1851 | server might still refuse to accept e-mails to the resulting | ||
1852 | domain as the name might not match. GNS-enabled mail clients | ||
1853 | should use the ZKEY zone as the destination hostname and | ||
1854 | GNS-enabled mail servers should be configured to accept | ||
1855 | e-mails to the ZKEY-zones of all local users. | ||
1856 | |||
1857 | To add a SOA record via the gnunet-namestore command line | ||
1858 | tool use the following syntax for the value option. Choose | ||
1859 | the other options according to your preference, however in | ||
1860 | this example we will use a relative expiry, add the record | ||
1861 | under the label @ and add the records to the zone bar | ||
1862 | which already exists: | ||
1863 | |||
1864 | @example | ||
1865 | $ gnunet-namestore -a -n @ -t SOA -z bar -e 3600s -V \ | ||
1866 | > "rname=$PRIMARY_NS \ | ||
1867 | > mname=$CONTACT_MAIL \ | ||
1868 | > $SERIAL,$REFRESH,$RETRY,$EXPIRY,$MINIMUM_TTL" | ||
1869 | @end example | ||
1870 | |||
1871 | The above command filled in with values looks like this: | ||
1872 | @example | ||
1873 | $ gnunet-namestore -a -n @ -t SOA -z bar -e 3600s -V \ | ||
1874 | > "rname=ns1.bar \ | ||
1875 | > mname=root.bar \ | ||
1876 | > 2019081701,3600,1800,86400,7200" | ||
1877 | @end example | ||
1878 | |||
1879 | MX records use a similar syntax which is outlined in the | ||
1880 | example below. $SERVER is a domain name as mentioned above. | ||
1881 | @example | ||
1882 | $ gnunet-namestore -a -n mail -t MX -z bar -e 3600s -V \ | ||
1883 | > "$PRIORITY,$SERVER" | ||
1884 | @end example | ||
1885 | |||
1886 | With the values substituted this is an example of a working | ||
1887 | command: | ||
1888 | @example | ||
1889 | $ gnunet-namestore -a -n mail -t MX -z bar -e 3600s -V \ | ||
1890 | > "10,mail.bar" | ||
1891 | @end example | ||
1892 | |||
1893 | @node Synchronizing with legacy DNS | ||
1894 | @subsection Synchronizing with legacy DNS | ||
1895 | |||
1896 | If you want to support GNS but the master database for a zone | ||
1897 | is only available and maintained in DNS, GNUnet includes the | ||
1898 | @command{gnunet-zoneimport} tool to monitor a DNS zone and | ||
1899 | automatically import records into GNS. Today, the tool does | ||
1900 | not yet support DNS AF(X)R, as we initially used it on the | ||
1901 | ``.fr'' zone which does not allow us to perform a DNS zone | ||
1902 | transfer. Instead, @command{gnunet-zoneimport} reads a list | ||
1903 | of DNS domain names from @code{stdin}, issues DNS queries for | ||
1904 | each, converts the obtained records (if possible) and stores | ||
1905 | the result in the namestore. | ||
1906 | |||
1907 | @image{images/gns,6in,, picture of DNS-GNS data flow} | ||
1908 | |||
1909 | The zonemaster service then takes the records from the namestore, | ||
1910 | publishes them into the DHT which makes the result available to the | ||
1911 | GNS resolver. In the GNS configuration, non-local zones can be | ||
1912 | configured to be intercepted by specifying ``.tld = PUBLICKEY'' in the | ||
1913 | configuration file in the ``[gns]'' section. | ||
1914 | |||
1915 | Note that the namestore by default also populates the namecache. | ||
1916 | This pre-population is cryptographically expensive. Thus, on | ||
1917 | systems that only serve to import a large (millions of records) | ||
1918 | DNS zone and that do not have a local gns service in use, it | ||
1919 | is thus advisable to disable the namecache by setting the | ||
1920 | option ``DISABLE'' to ``YES'' in section ``[namecache]''. | ||
1921 | |||
1922 | @node Migrating an existing DNS zone into GNS | ||
1923 | @subsection Migrating an existing DNS zone into GNS | ||
1924 | |||
1925 | Ascension is a tool to migrate existing DNS zones into GNS. | ||
1926 | |||
1927 | @xref{Migrating existing DNS zones into GNS}, for installation instructions and | ||
1928 | further information about Ascension. | ||
1929 | |||
1930 | Compared to the gnunet-zoneimport tool it strictly uses AXFR or IXFR depending | ||
1931 | on whether or not there exists a SOA record for the zone. If that is the case it | ||
1932 | will take the serial as a reference point and request the zone. The server will | ||
1933 | either answer the IXFR request with a correct incremental zone or with the | ||
1934 | entire zone, which depends on the server configuration. | ||
1935 | |||
1936 | After installing the tool according to the README file you have the following | ||
1937 | options: | ||
1938 | |||
1939 | @example | ||
1940 | Ascension | ||
1941 | Usage: | ||
1942 | ascension <domain> [-d] [-p] [-s] [--minimum-ttl=<ttl>] \ | ||
1943 | [--dry-run] | ||
1944 | ascension <domain> <port> [-d] [-p] [-s] \ | ||
1945 | [--minimum-ttl=<ttl>] [--dry-run] | ||
1946 | ascension <domain> -n <transferns> [-d] [-p] \ | ||
1947 | [-s] [--minimum-ttl=<ttl>] [--dry-run] | ||
1948 | ascension <domain> -n <transferns> <port> [-d] \ | ||
1949 | [-p] [-s] [--minimum-ttl=<ttl>] [--dry-run] | ||
1950 | ascension -p | --public | ||
1951 | ascension -d | --debug | ||
1952 | ascension -s | --standalone | ||
1953 | ascension -h | --help | ||
1954 | ascension -v | --version | ||
1955 | |||
1956 | Options: | ||
1957 | <domain> Domain to migrate | ||
1958 | <port> Port for zone transfer | ||
1959 | <transferns> DNS Server that does the zone transfer | ||
1960 | --minimum-ttl=<ttl> Minimum TTL for records to migrate \ | ||
1961 | [default: 3600] | ||
1962 | --dry-run Only try if a zone transfer is allowed | ||
1963 | -p --public Make records public on the DHT | ||
1964 | -s --standalone Run ascension once | ||
1965 | -d --debug Enable debugging | ||
1966 | -h --help Show this screen. | ||
1967 | -v --version Show version. | ||
1968 | @end example | ||
1969 | |||
1970 | Before you can migrate any zone though, you need to start a local GNUnet peer: | ||
1971 | @example | ||
1972 | $ gnunet-arm -s | ||
1973 | @end example | ||
1974 | |||
1975 | To migrate the Syrian top level domain - one of the few top level domains that | ||
1976 | support zone transfers - into GNS use the following command: | ||
1977 | |||
1978 | @example | ||
1979 | $ ascension sy. -n ns1.tld.sy. -p | ||
1980 | @end example | ||
1981 | |||
1982 | The -p flag will tell GNS to put these records on the DHT so that other users | ||
1983 | may resolve these records by using the public key of the zone. | ||
1984 | |||
1985 | Once the zone is migrated, Ascension will output a message telling you, that it | ||
1986 | will refresh the zone after the time has elapsed. You can resolve the names in | ||
1987 | the zone directly using GNS or if you want to use it with your browser, check | ||
1988 | out the GNS manual section. @ref{Configuring the GNU Name System}. To resolve | ||
1989 | the records from another system you need the respective zones PKEY. To get the | ||
1990 | zones public key, you can run the following command: | ||
1991 | |||
1992 | @example | ||
1993 | $ gnunet-identity -dqe sy | ||
1994 | @end example | ||
1995 | |||
1996 | Where "sy" is the name of the zone you want to migrate. | ||
1997 | |||
1998 | You can share the PKEY of the zone with your friends. They can then resolve | ||
1999 | records in the zone by doing a lookup replacing the zone label with your PKEY: | ||
2000 | |||
2001 | @example | ||
2002 | $ gnunet-gns -t SOA -u "$PKEY" | ||
2003 | @end example | ||
2004 | |||
2005 | The program will continue to run as a daemon and update once the refresh time | ||
2006 | specified in the zones SOA record has elapsed. | ||
2007 | |||
2008 | DNSCurve style records are supported in the latest release and they are added | ||
2009 | as a PKEY record to be referred to the respective GNS public key. Key | ||
2010 | distribution is still a problem but provided someone else has a public key | ||
2011 | under a given label it can be looked up. | ||
2012 | |||
2013 | There is an unofficial Debian package called python3-ascension that adds a | ||
2014 | system user ascension and runs a GNUnet peer in the background. | ||
2015 | |||
2016 | Ascension-bind is also an unofficial Debian package that on installation checks | ||
2017 | for running DNS zones and whether or not they are transferable using DNS zone | ||
2018 | transfer (AXFR). It asks the administrator which zones to migrate into GNS and | ||
2019 | installs a systemd unit file to keep the zone up to date. If you want to | ||
2020 | migrate different zones you might want to check the unit file from the package | ||
2021 | as a guide. | ||
2022 | |||
2023 | @node reclaimID Identity Provider | ||
2024 | @section reclaimID Identity Provider | ||
2025 | |||
2026 | The re:claimID Identity Provider (IdP) is a decentralized IdP service. | ||
2027 | It allows its users to manage and authorize third parties to access | ||
2028 | their identity attributes such as email or shipping addresses. | ||
2029 | |||
2030 | It basically mimics the concepts of centralized IdPs, such as those | ||
2031 | offered by Google or Facebook. | ||
2032 | Like other IdPs, reclaimID features an (optional) OpenID Connect | ||
2033 | 1.0-compliant protocol layer that can be used for websites to | ||
2034 | integrate reclaimID as an Identity Provider with little effort. | ||
2035 | |||
2036 | @menu | ||
2037 | * Managing Attributes:: | ||
2038 | * Managing Credentials:: | ||
2039 | * Sharing Attributes with Third Parties:: | ||
2040 | * Revoking Authorizations of Third Parties:: | ||
2041 | * OpenID Connect:: | ||
2042 | * Providing Third Party Attestation:: | ||
2043 | @end menu | ||
2044 | |||
2045 | @node Managing Attributes | ||
2046 | @subsection Managing Attributes | ||
2047 | |||
2048 | Before adding attributes to an identity, you must first create an ego: | ||
2049 | |||
2050 | @example | ||
2051 | $ gnunet-identity --create="user" | ||
2052 | @end example | ||
2053 | |||
2054 | Henceforth, you can manage a new user profile of the user ``user''. | ||
2055 | |||
2056 | To add an email address to your user profile, simply use the @command{gnunet-reclaim} command line tool:: | ||
2057 | |||
2058 | @example | ||
2059 | $ gnunet-reclaim -e "user" -a "email" -V "username@@example.gnunet" | ||
2060 | @end example | ||
2061 | |||
2062 | All of your attributes can be listed using the @command{gnunet-reclaim} | ||
2063 | command line tool as well: | ||
2064 | |||
2065 | @example | ||
2066 | $ gnunet-reclaim -e "user" -D | ||
2067 | @end example | ||
2068 | |||
2069 | Currently, and by default, attribute values are interpreted as plain text. | ||
2070 | In the future there might be more value types such as X.509 certificate credentials. | ||
2071 | |||
2072 | @node Managing Credentials | ||
2073 | @subsection Managing Credentials | ||
2074 | |||
2075 | Attribute values may reference a claim in a third party attested credential. | ||
2076 | Such a credential can have a variety of formats such as JSON-Web-Tokens or | ||
2077 | X.509 certificates. | ||
2078 | Currently, reclaimID only supports JSON-Web-Token credentials. | ||
2079 | |||
2080 | To add a credential to your user profile, invoke the @command{gnunet-reclaim} command line tool as follows: | ||
2081 | |||
2082 | @example | ||
2083 | $ gnunet-reclaim -e "user"\ | ||
2084 | --credential-name="email"\ | ||
2085 | --credential-type="JWT"\ | ||
2086 | --value="ey..." | ||
2087 | @end example | ||
2088 | |||
2089 | All of your credentials can be listed using the @command{gnunet-reclaim} | ||
2090 | command line tool as well: | ||
2091 | |||
2092 | @example | ||
2093 | $ gnunet-reclaim -e "user" --credentials | ||
2094 | @end example | ||
2095 | |||
2096 | In order to add an attribe backed by a credential, specify the attribute | ||
2097 | value as the claim name in the credential to reference along with the credential | ||
2098 | ID: | ||
2099 | |||
2100 | @example | ||
2101 | $ gnunet-reclaim -e "user"\ | ||
2102 | --add="email"\ | ||
2103 | --value="verified_email"\ | ||
2104 | --credential-id="<CREDENTIAL_ID>" | ||
2105 | @end example | ||
2106 | |||
2107 | |||
2108 | @node Sharing Attributes with Third Parties | ||
2109 | @subsection Sharing Attributes with Third Parties | ||
2110 | |||
2111 | If you want to allow a third party such as a website or friend to access to your attributes (or a subset thereof) execute: | ||
2112 | |||
2113 | @example | ||
2114 | $ TICKET=$(gnunet-reclaim -e "user"\ | ||
2115 | -r "$RP_KEY"\ | ||
2116 | -i "attribute1,attribute2,...") | ||
2117 | @end example | ||
2118 | |||
2119 | The command will return a "ticket" string. | ||
2120 | You must give $TICKET to the requesting third party. | ||
2121 | |||
2122 | $RP_KEY is the public key of the third party and "attribute1,attribute2,..." is a comma-separated list of attribute names, such as "email,name,...", that you want to share. | ||
2123 | |||
2124 | The third party may retrieve the key in string format for use in the above | ||
2125 | call using "gnunet-identity": | ||
2126 | |||
2127 | @example | ||
2128 | $ RP_KEY=$(gnunet-identity -d | grep "relyingparty" | awk '@{print $3@}') | ||
2129 | @end example | ||
2130 | |||
2131 | The third party can then retrieve your shared identity attributes using: | ||
2132 | |||
2133 | @example | ||
2134 | $ gnunet-reclaim -e "relyingparty" -C "ticket" | ||
2135 | @end example | ||
2136 | |||
2137 | Where "relyingparty" is the name for the identity behind $RP_KEY that the | ||
2138 | requesting party is using. | ||
2139 | This will retrieve and list the shared identity attributes. | ||
2140 | The above command will also work if the user is currently offline since the attributes are retrieved from GNS. | ||
2141 | Further, $TICKET can be re-used later to retrieve up-to-date attributes in case "friend" has changed the value(s). For instance, because his email address changed. | ||
2142 | |||
2143 | To list all given authorizations (tickets) you can execute: | ||
2144 | @example | ||
2145 | $ gnunet-reclaim -e "user" -T | ||
2146 | @end example | ||
2147 | |||
2148 | @node Revoking Authorizations of Third Parties | ||
2149 | @subsection Revoking Authorizations of Third Parties | ||
2150 | |||
2151 | If you want to revoke the access of a third party to your attributes you can execute: | ||
2152 | |||
2153 | @example | ||
2154 | $ gnunet-reclaim -e "user" -R $TICKET | ||
2155 | @end example | ||
2156 | |||
2157 | This will prevent the third party from accessing the attribute in the future. | ||
2158 | Please note that if the third party has previously accessed the attribute, there is not way in which the system could have prevented the thiry party from storing the data. | ||
2159 | As such, only access to updated data in the future can be revoked. | ||
2160 | This behaviour is _exactly the same_ as with other IdPs. | ||
2161 | |||
2162 | @node OpenID Connect | ||
2163 | @subsection OpenID Connect | ||
2164 | |||
2165 | There is an @uref{OpenID Connect, https://openid.net/specs/openid-connect-core-1_0.html} API for use with re:claimID. | ||
2166 | However, its use is quite complicated to setup. | ||
2167 | |||
2168 | @example | ||
2169 | https://api.reclaim/openid/authorize | ||
2170 | http://localhost:7776/openid/token | ||
2171 | http://localhost:7776/openid/userinfo | ||
2172 | http://localhost:7776/openid/login | ||
2173 | @end example | ||
2174 | |||
2175 | The token endpoint is protected using HTTP basic authentication. | ||
2176 | You can authenticate using any username and the password configured under: | ||
2177 | |||
2178 | @example | ||
2179 | $ gnunet-config -s reclaim-rest-plugin -o OIDC_CLIENT_SECRET | ||
2180 | @end example | ||
2181 | |||
2182 | The authorize endpoint is protected using a Cookie which can be obtained through | ||
2183 | a request against the login endpoint. | ||
2184 | This functionality is meant to be used in the context of the OpenID Connect authorization | ||
2185 | flow to collect user consent interactively. | ||
2186 | Without a Cookie, the authorize endpoint redirects to a URI configured under: | ||
2187 | |||
2188 | @example | ||
2189 | $ gnunet-config -s reclaim-rest-plugin -o ADDRESS | ||
2190 | @end example | ||
2191 | |||
2192 | The token endpoint is protected using OAuth2 and expects the grant | ||
2193 | which is retrieved from the authorization endpoint according to the standard. | ||
2194 | |||
2195 | The userinfo endpoint is protected using OAuth2 and expects a bearer access | ||
2196 | token which is retrieved from a token request. | ||
2197 | |||
2198 | In order to make use of OpenID Connect flows as a user, you need to install | ||
2199 | the browser plugin: | ||
2200 | |||
2201 | @itemize @bullet | ||
2202 | @item @uref{https://addons.mozilla.org/addon/reclaimid/, Firefox Add-on} | ||
2203 | @item @uref{https://chrome.google.com/webstore/detail/reclaimid/jiogompmdejcnacmlnjhnaicgkefcfll, Chrome Web Store} | ||
2204 | @end itemize | ||
2205 | |||
2206 | In order to create and register an OpenID Connect client as a relying party, | ||
2207 | you need to execute the following steps: | ||
2208 | |||
2209 | @example | ||
2210 | $ gnunet-identity -C <client_name> | ||
2211 | $ gnunet-namestore -z <client_name> -a -n "@@" -t RECLAIM_OIDC_REDIRECT -V <redirect_uri> -e 1d -p | ||
2212 | $ gnunet-namestore -z <client_name> -a -n "@@" -t RECLAIM_OIDC_CLIENT -V "My OIDC Client" -e 1d -p | ||
2213 | @end example | ||
2214 | |||
2215 | The "client_id" for use in OpenID Connect is the public key of the client as | ||
2216 | displayed using: | ||
2217 | @example | ||
2218 | $ gnunet-identity -d grep "relyingparty" | awk '@{print $3@}' | ||
2219 | @end example | ||
2220 | |||
2221 | The RECLAIM_OIDC_REDIRECT record contains your website redirect URI. | ||
2222 | You may use any globally unique DNS or GNS URI. | ||
2223 | The RECLAIM_OIDC_CLIENT record represents the client description which whill | ||
2224 | be displayed to users in an authorization request. | ||
2225 | |||
2226 | Any website or relying party must use the authorization endpoint | ||
2227 | @uref{https://api.reclaim/openid/authorize} in its authorization redirects, e.g. | ||
2228 | |||
2229 | @example | ||
2230 | <a href="https://api.reclaim/openid/authorize?client_id=<PKEY>\ | ||
2231 | &scope=openid email\ | ||
2232 | &redirect_uri=<redirect_uri>\ | ||
2233 | &nonce=<random>">Login</a> | ||
2234 | @end example | ||
2235 | |||
2236 | This will direct the user's browser onto his local reclaimID instance. | ||
2237 | After giving consent, you will be provided with the OpenID Connect authorization | ||
2238 | code according to the specifications at your provided redirect URI. | ||
2239 | |||
2240 | The ID Tokens issues by the token endpoints are signed using HS512 with the | ||
2241 | shared secret configured under: | ||
2242 | |||
2243 | @example | ||
2244 | $ gnunet-config -s reclaim-rest-plugin -o JWT_SECRET | ||
2245 | @end example | ||
2246 | |||
2247 | The authorization code flow optionally supports @uref{https://tools.ietf.org/html/rfc7636, Proof Key for Code Exchange}. | ||
2248 | If PKCE is used, the client does not need to authenticate against the token | ||
2249 | endpoint. | ||
2250 | |||
2251 | @node Providing Third Party Attestation | ||
2252 | @subsection Providing Third Party Attestation | ||
2253 | |||
2254 | If you are running an identity provider (IdP) service you may be able to | ||
2255 | support providing credentials for re:claimID users. | ||
2256 | IdPs can issue JWT credentials as long as they support OpenID Connect and | ||
2257 | @uref{https://openid.net/specs/openid-connect-discovery-1_0.html,OpenID Connect Discovery}. | ||
2258 | |||
2259 | In order to allow users to import attributes through the re:claimID user interface, | ||
2260 | you need to register the following public OAuth2/OIDC client: | ||
2261 | |||
2262 | @itemize @bullet | ||
2263 | @item client_id: reclaimid | ||
2264 | @item client_secret: none | ||
2265 | @item redirect_uri: https://ui.reclaim (The URI of the re:claimID webextension) | ||
2266 | @item grant_type: authorization_code with PKCE (@uref{https://tools.ietf.org/html/rfc7636, RFC7636}) | ||
2267 | @item scopes: all you want to offer. | ||
2268 | @item id_token: JWT | ||
2269 | @end itemize | ||
2270 | |||
2271 | When your users add an attribute with name "email" which supports webfinger | ||
2272 | discovery they will be prompted with the option to retrieve the OpenID Connect | ||
2273 | ID Token through the user interface. | ||
2274 | |||
2275 | @node Using the Virtual Public Network | ||
2276 | @section Using the Virtual Public Network | ||
2277 | |||
2278 | @menu | ||
2279 | * Setting up an Exit node:: | ||
2280 | * Fedora and the Firewall:: | ||
2281 | * Setting up VPN node for protocol translation and tunneling:: | ||
2282 | @end menu | ||
2283 | |||
2284 | Using the GNUnet Virtual Public Network (VPN) application you can | ||
2285 | tunnel IP traffic over GNUnet. Moreover, the VPN comes | ||
2286 | with built-in protocol translation and DNS-ALG support, enabling | ||
2287 | IPv4-to-IPv6 protocol translation (in both directions). | ||
2288 | This chapter documents how to use the GNUnet VPN. | ||
2289 | |||
2290 | The first thing to note about the GNUnet VPN is that it is a public | ||
2291 | network. All participating peers can participate and there is no | ||
2292 | secret key to control access. So unlike common virtual private | ||
2293 | networks, the GNUnet VPN is not useful as a means to provide a | ||
2294 | "private" network abstraction over the Internet. The GNUnet VPN | ||
2295 | is a virtual network in the sense that it is an overlay over the | ||
2296 | Internet, using its own routing mechanisms and can also use an | ||
2297 | internal addressing scheme. The GNUnet VPN is an Internet | ||
2298 | underlay --- TCP/IP applications run on top of it. | ||
2299 | |||
2300 | The VPN is currently only supported on GNU/Linux systems. | ||
2301 | Support for operating systems that support TUN (such as FreeBSD) | ||
2302 | should be easy to add (or might not even require any coding at | ||
2303 | all --- we just did not test this so far). Support for other | ||
2304 | operating systems would require re-writing the code to create virtual | ||
2305 | network interfaces and to intercept DNS requests. | ||
2306 | |||
2307 | The VPN does not provide good anonymity. While requests are routed | ||
2308 | over the GNUnet network, other peers can directly see the source | ||
2309 | and destination of each (encapsulated) IP packet. Finally, if you | ||
2310 | use the VPN to access Internet services, the peer sending the | ||
2311 | request to the Internet will be able to observe and even alter | ||
2312 | the IP traffic. We will discuss additional security implications | ||
2313 | of using the VPN later in this chapter. | ||
2314 | |||
2315 | @node Setting up an Exit node | ||
2316 | @subsection Setting up an Exit node | ||
2317 | |||
2318 | Any useful operation with the VPN requires the existence of an exit | ||
2319 | node in the GNUnet Peer-to-Peer network. Exit functionality can only | ||
2320 | be enabled on peers that have regular Internet access. If you want | ||
2321 | to play around with the VPN or support the network, we encourage | ||
2322 | you to setup exit nodes. This chapter documents how to setup an | ||
2323 | exit node. | ||
2324 | |||
2325 | There are four types of exit functions an exit node can provide, | ||
2326 | and using the GNUnet VPN to access the Internet will only work | ||
2327 | nicely if the first three types are provided somewhere in | ||
2328 | the network. The four exit functions are: | ||
2329 | |||
2330 | @itemize @bullet | ||
2331 | @item DNS: allow other peers to use your DNS resolver | ||
2332 | @item IPv4: allow other peers to access your IPv4 Internet connection | ||
2333 | @item IPv6: allow other peers to access your IPv6 Internet connection | ||
2334 | @item Local service: allow other peers to access a specific TCP or | ||
2335 | UDP service your peer is providing | ||
2336 | @end itemize | ||
2337 | |||
2338 | By enabling "exit" in gnunet-setup and checking the respective boxes | ||
2339 | in the "exit" tab, you can easily choose which of the above exit | ||
2340 | functions you want to support. | ||
2341 | |||
2342 | Note, however, that by supporting the first three functions you will | ||
2343 | allow arbitrary other GNUnet users to access the Internet via your | ||
2344 | system. This is somewhat similar to running a Tor exit node. The | ||
2345 | Torproject has a nice article about what to consider if you want | ||
2346 | to do this here. We believe that generally running a DNS exit node | ||
2347 | is completely harmless. | ||
2348 | |||
2349 | The exit node configuration does currently not allow you to restrict the | ||
2350 | Internet traffic that leaves your system. In particular, you cannot | ||
2351 | exclude SMTP traffic (or block port 25) or limit to HTTP traffic using | ||
2352 | the GNUnet configuration. However, you can use your host firewall to | ||
2353 | restrict outbound connections from the virtual tunnel interface. This | ||
2354 | is highly recommended. In the future, we plan to offer a wider range | ||
2355 | of configuration options for exit nodes. | ||
2356 | |||
2357 | Note that by running an exit node GNUnet will configure your kernel | ||
2358 | to perform IP-forwarding (for IPv6) and NAT (for IPv4) so that the | ||
2359 | traffic from the virtual interface can be routed to the Internet. | ||
2360 | In order to provide an IPv6-exit, you need to have a subnet routed | ||
2361 | to your host's external network interface and assign a subrange of | ||
2362 | that subnet to the GNUnet exit's TUN interface. | ||
2363 | |||
2364 | When running a local service, you should make sure that the local | ||
2365 | service is (also) bound to the IP address of your EXIT interface | ||
2366 | (e.g. 169.254.86.1). It will NOT work if your local service is | ||
2367 | just bound to loopback. You may also want to create a "VPN" record | ||
2368 | in your zone of the GNU Name System to make it easy for others to | ||
2369 | access your service via a name instead of just the full service | ||
2370 | descriptor. Note that the identifier you assign the service can | ||
2371 | serve as a passphrase or shared secret, clients connecting to the | ||
2372 | service must somehow learn the service's name. VPN records in the | ||
2373 | GNU Name System can make this easier. | ||
2374 | |||
2375 | @node Fedora and the Firewall | ||
2376 | @subsection Fedora and the Firewall | ||
2377 | |||
2378 | |||
2379 | When using an exit node on Fedora 15, the standard firewall can | ||
2380 | create trouble even when not really exiting the local system! | ||
2381 | For IPv4, the standard rules seem fine. However, for IPv6 the | ||
2382 | standard rules prohibit traffic from the network range of the | ||
2383 | virtual interface created by the exit daemon to the local IPv6 | ||
2384 | address of the same interface (which is essentially loopback | ||
2385 | traffic, so you might suspect that a standard firewall would | ||
2386 | leave this traffic alone). However, as somehow for IPv6 the | ||
2387 | traffic is not recognized as originating from the local | ||
2388 | system (and as the connection is not already "established"), | ||
2389 | the firewall drops the traffic. You should still get ICMPv6 | ||
2390 | packets back, but that's obviously not very useful. | ||
2391 | |||
2392 | Possible ways to fix this include disabling the firewall (do you | ||
2393 | have a good reason for having it on?) or disabling the firewall | ||
2394 | at least for the GNUnet exit interface (or the respective | ||
2395 | IPv4/IPv6 address range). The best way to diagnose these kinds | ||
2396 | of problems in general involves setting the firewall to REJECT | ||
2397 | instead of DROP and to watch the traffic using wireshark | ||
2398 | (or tcpdump) to see if ICMP messages are generated when running | ||
2399 | some tests that should work. | ||
2400 | |||
2401 | @node Setting up VPN node for protocol translation and tunneling | ||
2402 | @subsection Setting up VPN node for protocol translation and tunneling | ||
2403 | |||
2404 | |||
2405 | The GNUnet VPN/PT subsystem enables you to tunnel IP traffic over the | ||
2406 | VPN to an exit node, from where it can then be forwarded to the | ||
2407 | Internet. This section documents how to setup VPN/PT on a node. | ||
2408 | Note that you can enable both the VPN and an exit on the same peer. | ||
2409 | In this case, IP traffic from your system may enter your peer's VPN | ||
2410 | and leave your peer's exit. This can be useful as a means to do | ||
2411 | protocol translation. For example, you might have an application that | ||
2412 | supports only IPv4 but needs to access an IPv6-only site. In this case, | ||
2413 | GNUnet would perform 4to6 protocol translation between the VPN (IPv4) | ||
2414 | and the Exit (IPv6). Similarly, 6to4 protocol translation is also | ||
2415 | possible. However, the primary use for GNUnet would be to access | ||
2416 | an Internet service running with an IP version that is not supported | ||
2417 | by your ISP. In this case, your IP traffic would be routed via GNUnet | ||
2418 | to a peer that has access to the Internet with the desired IP version. | ||
2419 | |||
2420 | Setting up an entry node into the GNUnet VPN primarily requires you | ||
2421 | to enable the "VPN/PT" option in "gnunet-setup". This will launch the | ||
2422 | "gnunet-service-vpn", "gnunet-service-dns" and "gnunet-daemon-pt" | ||
2423 | processes. The "gnunet-service-vpn" will create a virtual interface | ||
2424 | which will be used as the target for your IP traffic that enters the | ||
2425 | VPN. Additionally, a second virtual interface will be created by | ||
2426 | the "gnunet-service-dns" for your DNS traffic. You will then need to | ||
2427 | specify which traffic you want to tunnel over GNUnet. If your ISP only | ||
2428 | provides you with IPv4 or IPv6-access, you may choose to tunnel the | ||
2429 | other IP protocol over the GNUnet VPN. If you do not have an ISP | ||
2430 | (and are connected to other GNUnet peers via WLAN), you can also | ||
2431 | choose to tunnel all IP traffic over GNUnet. This might also provide | ||
2432 | you with some anonymity. After you enable the respective options | ||
2433 | and restart your peer, your Internet traffic should be tunneled | ||
2434 | over the GNUnet VPN. | ||
2435 | |||
2436 | The GNUnet VPN uses DNS-ALG to hijack your IP traffic. Whenever an | ||
2437 | application resolves a hostname (like 'gnunet.org'), the | ||
2438 | "gnunet-daemon-pt" will instruct the "gnunet-service-dns" to intercept | ||
2439 | the request (possibly route it over GNUnet as well) and replace the | ||
2440 | normal answer with an IP in the range of the VPN's interface. | ||
2441 | "gnunet-daemon-pt" will then tell "gnunet-service-vpn" to forward all | ||
2442 | traffic it receives on the TUN interface via the VPN to the original | ||
2443 | destination. | ||
2444 | |||
2445 | For applications that do not use DNS, you can also manually create | ||
2446 | such a mapping using the gnunet-vpn command-line tool. Here, you | ||
2447 | specify the desired address family of the result (e.g. "-4"), and the | ||
2448 | intended target IP on the Internet (e.g. "-i 131.159.74.67") and | ||
2449 | "gnunet-vpn" will tell you which IP address in the range of your | ||
2450 | VPN tunnel was mapped. | ||
2451 | |||
2452 | @command{gnunet-vpn} can also be used to access "internal" services | ||
2453 | offered by GNUnet nodes. So if you happen to know a peer and a | ||
2454 | service offered by that peer, you can create an IP tunnel to | ||
2455 | that peer by specifying the peer's identity, service name and | ||
2456 | protocol (--tcp or --udp) and you will again receive an IP address | ||
2457 | that will terminate at the respective peer's service. | ||
2458 | |||
2459 | @node Using the GNUnet Messenger | ||
2460 | @section Using the GNUnet Messenger | ||
2461 | |||
2462 | The GNUnet Messenger subsystem allows decentralized message-based | ||
2463 | communication inside of so called rooms. Each room can be relayed by | ||
2464 | a variable amount of peers. Every member of a room has the possibility | ||
2465 | to relay the room on its own peer. A peer allows any amount of members | ||
2466 | to join a room. The amount of members in a room is not restricted. | ||
2467 | |||
2468 | Messages in a room will be distributed between all peers relaying the | ||
2469 | room or being internally (in context of the messenger service) connected | ||
2470 | to a relaying peer. All received or sent messages will be stored on any | ||
2471 | peer locally which is relaying the respective room or is internally | ||
2472 | connected to such a relaying peer. | ||
2473 | |||
2474 | The Messenger service is built on the CADET subsystem to make internal | ||
2475 | connections between peers using a reliable and encrypted transmission. | ||
2476 | Additionally the service uses a discrete padding to few different sizes. | ||
2477 | So kinds of messages and potential content can't be identified by the | ||
2478 | size of traffic from any attacker being unable to break the encryption | ||
2479 | of the transmission layer. | ||
2480 | |||
2481 | Another feature is additional end-to-end encryption for selected messages | ||
2482 | which uses the public key of another member (the receiver) to encrypt | ||
2483 | the message. Therefore it is ensured that only the selected member can | ||
2484 | read its content. This will also use additional padding. | ||
2485 | |||
2486 | @menu | ||
2487 | * Current state:: | ||
2488 | * Entering a room:: | ||
2489 | * Opening a room:: | ||
2490 | * Messaging in a room:: | ||
2491 | * Private messaging:: | ||
2492 | @end menu | ||
2493 | |||
2494 | @node Current state | ||
2495 | @subsection Current state | ||
2496 | |||
2497 | Currently there is only a simplistic CLI application available to use the | ||
2498 | messenger service. You can use this application with the | ||
2499 | @command{gnunet-messenger} command. | ||
2500 | |||
2501 | This application was designed for testing purposes and it does not provide | ||
2502 | full functionality in the current state. It is planned to replace this CLI | ||
2503 | application in later stages with a fully featured one using a client-side | ||
2504 | library designed for messenger applications. | ||
2505 | |||
2506 | @node Entering a room | ||
2507 | @subsection Entering a room | ||
2508 | |||
2509 | You can enter any room by its ROOMKEY and any PEERIDENTITY of a relaying | ||
2510 | peer. Optionally you can provide any IDENTITY which can represent a local | ||
2511 | ego by its name. | ||
2512 | |||
2513 | @example | ||
2514 | $ gnunet-messenger [-e IDENTITY] -d PEERIDENTITY -r ROOMKEY | ||
2515 | @end example | ||
2516 | |||
2517 | A PEERIDENTITY gets entered in encoded form. You can get your own peer ID by | ||
2518 | using the @command{gnunet-peerinfo} command: | ||
2519 | |||
2520 | @example | ||
2521 | $ gnunet-peerinfo -s | ||
2522 | @end example | ||
2523 | |||
2524 | A ROOMKEY gets entered in readable text form. The service will then hash the | ||
2525 | entered ROOMKEY and use the result as shared secret for transmission through | ||
2526 | the CADET submodule. You can also optionally leave out the '-r' parameter and | ||
2527 | the ROOMKEY to use the zeroed hash instead. | ||
2528 | |||
2529 | If no IDENTITY is provided you will not send any name to others, you will be | ||
2530 | referred as "anonymous" instead and use the anonymous ego. If you provide any | ||
2531 | IDENTITY a matching ego will be used to sign your messages. If there is no | ||
2532 | matching ego you will use the anonymous ego instead. The provided IDENTITY will | ||
2533 | be distributed as your name for the service in any case. | ||
2534 | |||
2535 | @node Opening a room | ||
2536 | @subsection Opening a room | ||
2537 | |||
2538 | You can open any room in a similar way to entering it. You just have to leave | ||
2539 | out the '-d' parameter and the PEERIDENTITY of the relaying peer. | ||
2540 | |||
2541 | @example | ||
2542 | $ gnunet-messenger [-e IDENTITY] -r ROOMKEY | ||
2543 | @end example | ||
2544 | |||
2545 | Providing ROOMKEY and IDENTITY is identical to entering a room. Opening a room | ||
2546 | will also make your peer to a relay of this room. So others can enter the room | ||
2547 | through your peer if they have the required ROOMKEY and your peer ID. | ||
2548 | |||
2549 | If you want to use the zeroed hash as shared secret key for the room you can | ||
2550 | also leave it out as well: | ||
2551 | |||
2552 | @example | ||
2553 | $ gnunet-messenger | ||
2554 | @end example | ||
2555 | |||
2556 | @node Messaging in a room | ||
2557 | @subsection Messaging in a room | ||
2558 | |||
2559 | Once joined a room by entering it or opening it you can write text-based | ||
2560 | messages which will be distributed between all internally conntected peers. All | ||
2561 | sent messages will be displayed in the same way as received messages. | ||
2562 | |||
2563 | This relates to the internal handling of sent and received messages being mostly | ||
2564 | identical on application layer. Every handled message will be represented | ||
2565 | visually depending on its kind, content and sender. A sender can usually be | ||
2566 | identified by the encoded member ID or their name. | ||
2567 | |||
2568 | @example | ||
2569 | [17X37K] * 'anonymous' says: "hey" | ||
2570 | @end example | ||
2571 | |||
2572 | @node Private messaging | ||
2573 | @subsection Private messaging | ||
2574 | |||
2575 | As referred in the introduction the service allows sending private messages with | ||
2576 | additional end-to-end encryption. These messages will be visually represented | ||
2577 | by messages of the kind 'PRIVATE' in case they can't be decrypted with your used | ||
2578 | ego. Members who can't decrypt the message can potentially only identify its | ||
2579 | sender but they can't identify its receiver. | ||
2580 | |||
2581 | @example | ||
2582 | [17X37K] ~ message: PRIVATE | ||
2583 | @end example | ||
2584 | |||
2585 | If they can be decrypted they will appear as their secret message instead | ||
2586 | but marked visually. | ||
2587 | |||
2588 | @example | ||
2589 | [17X37K] ** 'anonymous' says: "hey" | ||
2590 | @end example | ||
2591 | |||
2592 | Currently you can only activate sending such encrypted text messages instead of | ||
2593 | usual text messages by adding the '-p' parameter: | ||
2594 | |||
2595 | @example | ||
2596 | $ gnunet-messenger [-e IDENTITY] -d PEERIDENTITY -r ROOMKEY -p | ||
2597 | @end example | ||
2598 | |||
2599 | Notice that you can only send such encrypted messages to members who use an ego | ||
2600 | which is not publicly known as the anonymous ego to ensure transparency. If | ||
2601 | any user could decrypt these messages they would not be private. So as receiver | ||
2602 | of such messages the IDENTITY is required and it has to match a local ego. | ||
2603 | |||