Those who are able to give up their freedom in order to gain short-lived protection from danger deserve neither freedom nor security.
— Benjamin Franklin
This digest is intended to increase the interest of the Community in the issue of privacy, which in the light of becomes more relevant than ever.
On the agenda:
- Certification Authority introduces protocol verification of certificates
- Features of the OCSP protocol: why the Expect-Staple header is needed
- We invite you to summer August 3 - a meeting of enthusiasts interested in information security, privacy on the Internet and the development of the "Medium" network
Remind me - what is "Medium"?
Medium (English Medium — “intermediary”, original slogan — Don't ask for your privacy. take it back; also in English word medium means "intermediate") - a Russian decentralized Internet provider that provides network access services at no cost.
The full name is Medium Internet Service Provider. The project was originally conceived as в .
It was formed in April 2019 as part of the creation of an independent telecommunications environment by providing end users with access to I2P network resources through the use of Wi-Fi wireless data transmission technology.
Goals and objectives
On May 1, 2019, the current President of the Russian Federation signed , also known as .
"Medium" provides users with access to network resources free of charge , due to the use of which it becomes impossible to calculate not only the router where the traffic came from (see. ), but also the end user — the Medium subscriber.
When creating a public organization, the community pursued the following goals:
- Draw public attention to the issue of privacy
- Increase the total number of transit nodes within the I2P network
- Create your own ecosystem of I2P services that could replace the most common sites from the "clean" Internet
- Create a public key infrastructure inside the Medium network to eliminate the possibility of man-in-the-middle attacks
- Create your own domain name system for easier access to I2P services
More information about what "Medium" is can be found in .
Certificate Authority "Medium Root CA" introduces verification of certificates using the OCSP protocol
Not so long ago, the certification authority "Medium Root CA" in addition to the list of revoked certificates (CRL) provided network users with the ability to check certificates using the OCSP protocol.
OCSP (Online Certificate Status Protocol) is an Internet protocol for checking the status of an SSL certificate, which is faster and more reliable than previously done with CRLs (Certificate Revocation List).
The OCSP protocol works as follows: the end user sends a request to the server for information about the SSL certificate, and the latter returns one of the following responses:
- good – SSL certificate has not been revoked or blocked,
- revoked – SSL certificate has been revoked,
- unknown - Failed to set the status of the SSL certificate because the server does not know the issuer.
Features of the OCSP protocol: why the Expect-Staple header is needed
Expect-Staple is an HTTP security header. Its purpose is to place a field inside the server's HTTP response in which you can tell the browser which address to write complaints to if the presence of OCSP Stapling is declared, but in fact it is absent or unavailable.
This header allows the service operator to configure the reception of OCSP Stapling failure information.
Setting the header is fairly simple:
Expect-Staple: max-age=31536000; report-uri="https://scotthelme.report-uri.io/r/d/staple"; includeSubDomains; preloadMore useful information about OCSP Stapling can be found .
We invite you to the Summer Medium Summer Meetup on August 3
Medium Summer Meetup is a meeting of enthusiasts interested in information security, privacy on the Internet and development .
Periodically, we meet to discuss the most important issues regarding projects being developed , as well as exchange experience with the same enthusiasts.
We invite everyone who is interested in information security and privacy on the Internet to participate. Medium Summer Meetup - new knowledge, an opportunity to meet like-minded people and make many useful contacts. Participation is free of charge .
Meetup will be held in the format of an informal discussion of the most pressing issues related to information security, privacy on the Internet and development .
What will we tell:
- "Decentralized Internet provider "Medium": educational program on general issues regarding the use of the network and its resources", Mikhail Podivilov
The speaker will tell what is and what is not a decentralized Internet provider "Medium", as well as demonstrate the capabilities of the network and explain how to properly configure network equipment and use network resources.
— “Security when using the Medium network: why you should use HTTPS when visiting eepsites”, Mikhail Podivilov
A report on why it is necessary to use the HTTPS protocol when using I2P network services when you are connected to the network through an access point provided by the Medium operator.
— “About the HyperSphere project and building self-organizing networks in practice: cases and software”, Alexey Vesnin
The speaker will talk about the HyperSphere project and cases of using such networks in practice.
The list of performances will be gradually supplemented.
Do you want to perform?
What will we discuss:
as an additional transport of the "Medium" network - to be or not to be?
Some time ago in the Community there was on the use of the LokiNet network as an additional transport of the Medium network. It is necessary to discuss the feasibility of using this network in the project.
Ecosystem of services of the "Medium" network - the most necessary services and their development
Some time ago we .
At the moment, we are faced with an important task - to discuss the most necessary and demanded services within the network and their subsequent implementation.
Among them: mail service, blogging platform, news portal, search engine, hosting service and others.
Long-term plans for the development of the "Medium" network
All questions, in one way or another, related to the development of the “Medium” certificate and its resources.
… and other equally interesting questions!
You can suggest a topic for discussion in the comments to the publication.
To participate you need .
Gathering of participants and registration: 11: 30
Meetup start: 12: 00
Approximate end of the event: 15: 00
Address: Moscow, metro station Kolomenskaya, Kolomenskoye park
Come, we are waiting for you!
Coordination is done on the channel in Telegram.
Free Internet in Russia starts with you
You can render all possible assistance in establishing a free Internet in Russia today. We have compiled a comprehensive list of how you can help the network:
- Tell your friends and colleagues about the Medium network. Share to this article in social networks or personal blog
- Take part in the discussion of technical issues of the Medium network
- Take part in designed to work with the "Medium" network
- Create your web service on I2P network and add it to
- Raise your to the Medium network
Previous releases:
See also:
We are on Telegram:
Only registered users can participate in the survey. , you are welcome.
Alternative voting: it is important for us to know the opinion of those who do not have a full account on Habré
-
↑
-
↓
6 users voted. 2 users abstained.
Source: habr.com