1 files changed, 204 insertions, 0 deletions
diff --git a/template/gsoc.html.j2 b/template/gsoc.html.j2
new file mode 100644
index 00000000..20669de4
--- /dev/null
+++ b/template/gsoc.html.j2
@@ -0,0 +1,204 @@
+{% extends "common/base.j2" %}
+{% block body_content %}
+  <article class="d-flex flex-column p-2 bd-highlight">
+    <div class="container">
+      <div class="text-center">
+        <header>
+          <h1>{{ _("GNUnet's Google Summer of Code projects") }}</h1>
+        </header>
+        <p>
+          {% trans %}
+            As a GNU project, GNUnet has participated in the
+            Google Summer of Code (GSoC) for a number of years.
+            This page lists all current, past, and finished
+            projects.
+          {% endtrans %}
+        </p>
+      </div>
+        <h2>{{ _("Current projects (2019)") }}</h2>
+        <section>
+          <h4>Android Port</h4>
+          <p>
+            {% trans %}
+              It is time for GNUnet to run properly on Android.  Note that
+              GNUnet is written in C, and this is not about rewriting
+              GNUnet in Java, but about getting the C code to run on Android.
+              <br>
+              Mentor: <a href="https://www.goebel-consult.de/">Hartmut Goebel</a>
+            {% endtrans %}
+          </p>
+        </section>
+        <section>
+          <h4>Help with Continuous Integration setup</h4>
+          <p>
+            {% trans %}
+              There is a push for migrating our CI to Gitlab.  The CI should
+              eventually not just run "make check" on various platforms, but also
+              perform tests with multiple peers running in different VMs with
+              specific network topologies (i.e. NAT) between them being simulated.
+              The CI should also be integrated with Gauger for performance
+              regression analysis.  Running jobs only when dependencies have changed
+              and scripting more granular triggers or ideally automatic dependency
+              discovery (as done by the autotools) is also important.
+              <br>
+              Mentor: TBD
+            {% endtrans %}
+          </p>
+        </section>
+        <section>
+          <h4>Migrate gnunet-qr from Python 2.7 to C using libzbar</h4>
+          <p>
+            {% trans %}
+              Python 2.7 is reaching its end-of-life, and we want to get rid
+              of the dependency on Python. The existing gnunet-qr tool is a
+              rather simple wrapper around python-zbar, which itself wraps
+              libzbar. The goal of this project is to directly use libzbar
+              to scan QR codes for GNUnet / the GNU Name System (see
+              also <a href="https://bugs.gnunet.org/view.php?id=5562">#5562</a>).
+              <br>
+              Mentor: Christian Grothoff
+            {% endtrans %}
+          </p>
+        </section>
+        <section>
+          <h4>re:claimID OpenID Connect performance improvements</h4>
+          <p>
+            {% trans %}
+              reclaimID is a decentralized identity system build on top of the GNU
+              Name System.
+              Upon authorization, the user provides a requesting party (RP) such as a website
+              with an authorization ticket (e.g. piggybacked in an OpenID authorization code).
+              The RP uses information contained in this ticket to
+              <ol>
+                <li> Retrieve the decryption key from GNS</li>
+                <li> Retrieve the user attributes from GNS</li>
+              </ol>
+              The GNS lookups ensure that the RP receives up-to-date attributes and functional
+              decryption keys. However, in particular the RP-specific encryption key
+              resolution can be slow and even fail depending on the network topology.
+              We propose that in an initial exchange, in particular OpenID authorization code
+              flows, we try to incorporate key and maybe even an attribute set in the ticket
+              exchange.
+              In order to mitigate this issue, this project is meant to investigate and implement how...
+              <ol>
+                <li> ... decryption keys can be added to an initial exchange in OpenID.</li>
+                <li> ... initial set(s) of attributes can be piggybacked in OpenID.</li>
+              </ol>
+              <br/>
+              Mentor: Martin Schanzenbach
+            {% endtrans %}
+          </p>
+        </section>
+        <section>
+          <h4>re:claimID alternative GNS-based encryption</h4>
+          <p>
+            {% trans %}
+              re:claimID is a decentralized identity system build on top of the GNU
+              Name System.
+              The initial design and implementation of re:claimID includes an attribute-based
+              encryption module in order to prevent unauthorized access to attributes in the
+              name system.
+              Our motivation for re:claimID was for it to be name system agnostic, which
+              means the design theoretically also works for other name systems such as
+              namecoin.
+              Other name systems often do not have built-in mechanisms in order to do this.
+              Hence, we implemented an ABE access control layer. Our ABE implementation
+              requires two third party libraries: libpbc and libgabe. While we could merge
+              libgabe into the gnunet service implementation of re:claimID, libpbc is a
+              rather large, third party library which lacks packaging in distributions and
+              for platforms.
+              On the other hand, GNS supports record data encryption using symmetric keys as
+              labels.
+              If we make the access control layer of re:claimID more generic in order to
+              support both ABE and GNS encryption, we could reduce the required depenencies.
+              This would result in gnunet packages to include re:claimID by default.
+              In short, the goals are to...
+              <ol>
+                <li> ... improve performance by reducing encryption overhead.</li>
+                <li> ... reduce dependencies.</li>
+              </ol>
+              <br/>
+              Mentor: Martin Schanzenbach
+            {% endtrans %}
+          </p>
+        </section>
+        <section>
+          <h4>Enable all networking applications to run over GNUnet out of the box</h4>
+          <p>
+            {% trans %}
+              One great problem of the current Internet is the lack of
+              disintermediation. When people want to talk they need a
+              chat service. When they want to share files they need a
+              file transfer service. Although GNUnet already possesses
+              quite advanced integration into Linux networking, a little
+              extra work is needed for existing applications like irc,
+              www, ftp, rsh, nntpd to run over it in a peer-to-peer way,
+              simply by using a GNS hostname like friend.gnu. Once
+              people have added a person to their GNS they can
+              immediately message, exchange files and suchlike directly,
+              with nothing but the GNUnet in the middle, using
+              applications that have been distributed with unix systems
+              ever since the 1980's. We can produce an OS distribution
+              where these things work out of the box with the nicknames
+              of people instead of cloud services. We have discussed
+              about this topic at the 2018 GNUnet Hacker Meeting, and
+              concluded that this will take
+            {% endtrans %}
+          </p>
+          <ol>
+            <li>
+              {% trans %}
+                deterministic allocation of IP addresses in exit range
+                by PeerId AND CADET port.
+              {% endtrans %}
+            </li>
+            <li>
+              {% trans %}
+                change of exit daemon to exit service, with new APIs to
+                (a) export mapping of allocated IP addresses to PeerID
+                and CADET port (and eventually also dynamic
+                adding/removing of exit maps)
+              {% endtrans %}
+            </li>
+            <li>
+              {% trans %}
+                new service that hijacks DNS reverse lookups in the exit
+                range, mapping them to its own GNS zone where labels are
+                mapped to VPN records with the information from (2), and
+                the label.zone is returned for the reverse lookup.
+              {% endtrans %}
+            </li>
+          </ol>
+          <p>
+            {% trans %}
+              For more information and context,
+              read
+              <a href="https://bugs.gnunet.org/view.php?id=4625">bug id 4625</a>.
+            {% endtrans %}
+          </p>
+          <p>
+            {% trans %}
+              Mentors: lynX, dvn
+            {% endtrans %}
+          </p>
+        </section>
+        <!--
+          Past projects: Previously proposed, but left
+          unfinished. Inspiration for students.
+        -->
+        <!-- <h2>{{ _("Past projects") }}</h2> -->
+        <!--
+          Commentary: Finished projects, descriptions and
+          Links to write-ups about them.
+        -->
+        <!-- <h2>{{ _("Finished projects") }}</h2> -->
+      </div>
+  </article>
+{% endblock body_content %}

diff --git a/template/gsoc.html.j2 b/template/gsoc.html.j2 new file mode 100644 index 00000000..20669de4 --- /dev/null +++ b/template/gsoc.html.j2
@@ -0,0 +1,204 @@
	1	{% extends "common/base.j2" %}
	2	{% block body_content %}
	3	<article class="d-flex flex-column p-2 bd-highlight">
	4	<div class="container">
	5	<div class="text-center">
	6	<header>
	7	<h1>{{ _("GNUnet's Google Summer of Code projects") }}</h1>
	8	</header>
	9	<p>
	10	{% trans %}
	11	As a GNU project, GNUnet has participated in the
	12	Google Summer of Code (GSoC) for a number of years.
	13	This page lists all current, past, and finished
	14	projects.
	15	{% endtrans %}
	16	</p>
	17	</div>
	18	<h2>{{ _("Current projects (2019)") }}</h2>
	19	<section>
	20	<h4>Android Port</h4>
	21	<p>
	22	{% trans %}
	23	It is time for GNUnet to run properly on Android. Note that
	24	GNUnet is written in C, and this is not about rewriting
	25	GNUnet in Java, but about getting the C code to run on Android.
	26	<br>
	27	Mentor: <a href="https://www.goebel-consult.de/">Hartmut Goebel</a>
	28	{% endtrans %}
	29	</p>
	30	</section>
	31
	32	<section>
	33	<h4>Help with Continuous Integration setup</h4>
	34	<p>
	35	{% trans %}
	36	There is a push for migrating our CI to Gitlab. The CI should
	37	eventually not just run "make check" on various platforms, but also
	38	perform tests with multiple peers running in different VMs with
	39	specific network topologies (i.e. NAT) between them being simulated.
	40	The CI should also be integrated with Gauger for performance
	41	regression analysis. Running jobs only when dependencies have changed
	42	and scripting more granular triggers or ideally automatic dependency
	43	discovery (as done by the autotools) is also important.
	44	<br>
	45	Mentor: TBD
	46	{% endtrans %}
	47	</p>
	48	</section>
	49
	50	<section>
	51	<h4>Migrate gnunet-qr from Python 2.7 to C using libzbar</h4>
	52	<p>
	53	{% trans %}
	54	Python 2.7 is reaching its end-of-life, and we want to get rid
	55	of the dependency on Python. The existing gnunet-qr tool is a
	56	rather simple wrapper around python-zbar, which itself wraps
	57	libzbar. The goal of this project is to directly use libzbar
	58	to scan QR codes for GNUnet / the GNU Name System (see
	59	also <a href="https://bugs.gnunet.org/view.php?id=5562">#5562</a>).
	60	<br>
	61	Mentor: Christian Grothoff
	62	{% endtrans %}
	63	</p>
	64	</section>
	65
	66	<section>
	67	<h4>re:claimID OpenID Connect performance improvements</h4>
	68	<p>
	69	{% trans %}
	70	reclaimID is a decentralized identity system build on top of the GNU
	71	Name System.
	72	Upon authorization, the user provides a requesting party (RP) such as a website
	73	with an authorization ticket (e.g. piggybacked in an OpenID authorization code).
	74	The RP uses information contained in this ticket to
	75	<ol>
	76	<li> Retrieve the decryption key from GNS</li>
	77	<li> Retrieve the user attributes from GNS</li>
	78	</ol>
	79	The GNS lookups ensure that the RP receives up-to-date attributes and functional
	80	decryption keys. However, in particular the RP-specific encryption key
	81	resolution can be slow and even fail depending on the network topology.
	82	We propose that in an initial exchange, in particular OpenID authorization code
	83	flows, we try to incorporate key and maybe even an attribute set in the ticket
	84	exchange.
	85
	86	In order to mitigate this issue, this project is meant to investigate and implement how...
	87	<ol>
	88	<li> ... decryption keys can be added to an initial exchange in OpenID.</li>
	89	<li> ... initial set(s) of attributes can be piggybacked in OpenID.</li>
	90	</ol>
	91	<br/>
	92	Mentor: Martin Schanzenbach
	93	{% endtrans %}
	94	</p>
	95	</section>
	96
	97	<section>
	98	<h4>re:claimID alternative GNS-based encryption</h4>
	99	<p>
	100	{% trans %}
	101	re:claimID is a decentralized identity system build on top of the GNU
	102	Name System.
	103	The initial design and implementation of re:claimID includes an attribute-based
	104	encryption module in order to prevent unauthorized access to attributes in the
	105	name system.
	106	Our motivation for re:claimID was for it to be name system agnostic, which
	107	means the design theoretically also works for other name systems such as
	108	namecoin.
	109	Other name systems often do not have built-in mechanisms in order to do this.
	110	Hence, we implemented an ABE access control layer. Our ABE implementation
	111	requires two third party libraries: libpbc and libgabe. While we could merge
	112	libgabe into the gnunet service implementation of re:claimID, libpbc is a
	113	rather large, third party library which lacks packaging in distributions and
	114	for platforms.
	115	On the other hand, GNS supports record data encryption using symmetric keys as
	116	labels.
	117	If we make the access control layer of re:claimID more generic in order to
	118	support both ABE and GNS encryption, we could reduce the required depenencies.
	119	This would result in gnunet packages to include re:claimID by default.
	120
	121	In short, the goals are to...
	122	<ol>
	123	<li> ... improve performance by reducing encryption overhead.</li>
	124	<li> ... reduce dependencies.</li>
	125	</ol>
	126	<br/>
	127	Mentor: Martin Schanzenbach
	128	{% endtrans %}
	129	</p>
	130	</section>
	131
	132	<section>
	133	<h4>Enable all networking applications to run over GNUnet out of the box</h4>
	134	<p>
	135	{% trans %}
	136	One great problem of the current Internet is the lack of
	137	disintermediation. When people want to talk they need a
	138	chat service. When they want to share files they need a
	139	file transfer service. Although GNUnet already possesses
	140	quite advanced integration into Linux networking, a little
	141	extra work is needed for existing applications like irc,
	142	www, ftp, rsh, nntpd to run over it in a peer-to-peer way,
	143	simply by using a GNS hostname like friend.gnu. Once
	144	people have added a person to their GNS they can
	145	immediately message, exchange files and suchlike directly,
	146	with nothing but the GNUnet in the middle, using
	147	applications that have been distributed with unix systems
	148	ever since the 1980's. We can produce an OS distribution
	149	where these things work out of the box with the nicknames
	150	of people instead of cloud services. We have discussed
	151	about this topic at the 2018 GNUnet Hacker Meeting, and
	152	concluded that this will take
	153	{% endtrans %}
	154	</p>
	155	<ol>
	156	<li>
	157	{% trans %}
	158	deterministic allocation of IP addresses in exit range
	159	by PeerId AND CADET port.
	160	{% endtrans %}
	161	</li>
	162	<li>
	163	{% trans %}
	164	change of exit daemon to exit service, with new APIs to
	165	(a) export mapping of allocated IP addresses to PeerID
	166	and CADET port (and eventually also dynamic
	167	adding/removing of exit maps)
	168	{% endtrans %}
	169	</li>
	170	<li>
	171	{% trans %}
	172	new service that hijacks DNS reverse lookups in the exit
	173	range, mapping them to its own GNS zone where labels are
	174	mapped to VPN records with the information from (2), and
	175	the label.zone is returned for the reverse lookup.
	176	{% endtrans %}
	177	</li>
	178	</ol>
	179	<p>
	180	{% trans %}
	181	For more information and context,
	182	read
	183	<a href="https://bugs.gnunet.org/view.php?id=4625">bug id 4625</a>.
	184	{% endtrans %}
	185	</p>
	186	<p>
	187	{% trans %}
	188	Mentors: lynX, dvn
	189	{% endtrans %}
	190	</p>
	191	</section>
	192	<!--
	193	Past projects: Previously proposed, but left
	194	unfinished. Inspiration for students.
	195	-->
	196	<!-- <h2>{{ _("Past projects") }}</h2> -->
	197	<!--
	198	Commentary: Finished projects, descriptions and
	199	Links to write-ups about them.
	200	-->
	201	<!-- <h2>{{ _("Finished projects") }}</h2> -->
	202	</div>
	203	</article>
	204	{% endblock body_content %}