I-ProHoster > Блог > Ukuphatha > I-Medium Weekly Digest #4 (2 - 9 Aug 2019)

I-Medium Weekly Digest #4 (2 - 9 Aug 2019)

I-Censorship ibheka umhlaba njengohlelo lwe-semantic lapho ulwazi luwukuphela kweqiniso, futhi lokho okungabhalwanga ngakho akukho.

- UMikhail Geller

Le nhlabamkhosi ihloselwe ukukhulisa intshisekelo yoMphakathi odabeni lobumfihlo, okuthi, uma kubhekwa imicimbi yakamuva ibaluleka kakhulu kunangaphambili.

Ku-ajenda:

  • "Medium" ishintshela ngokuphelele I-Yggdrasil
  • "Medium" idala i-DNS yayo ngaphakathi kwenethiwekhi ye-Yggdrasil
  • "Okumaphakathi" kwethula amandla okukhipha izitifiketi ezisayiniwe ngokuzenzakalelayo "Medium Root CA"

I-Medium Weekly Digest #4 (2 - 9 Aug 2019)

Ngikhumbuze - yini i-“Medium”?

Medium (eng. Medium - "umlamuli", isiqubulo sokuqala - Ungabuzi ubumfihlo bakho. Yibuyisele; futhi ngesiNgisi igama naphakathi lisho “okumaphakathi”) - umhlinzeki we-inthanethi ohlukaniswe waseRussia ohlinzeka ngezinsizakalo zokufinyelela kunethiwekhi I-Yggdrasil Mahhala.

Igama eligcwele: Umhlinzeki Wesevisi Ye-inthanethi Omaphakathi. Ekuqaleni iphrojekthi yacatshangelwa njenge Inethiwekhi ye-Mesh в Isifunda sasedolobheni saseKolomna.

Yakheka ngo-April 2019 njengengxenye yokwakhiwa kwendawo yezokuxhumana ezimele ngokunikeza abasebenzisi bokugcina ukufinyelela kuzinsiza zenethiwekhi ye-Yggdrasil ngokusebenzisa ubuchwepheshe bokudluliswa kwedatha okungenantambo kwe-Wi-Fi.

"Medium" ishintshela ngokuphelele ku-Yggdrasil

I-Yggdrasil iwukuzihlela Inethiwekhi ye-Mesh, enekhono lokuxhuma amarutha womabili kumodi yembondela (phezu kwe-inthanethi) futhi aqondane ngokuqondile ngoxhumo olunezintambo noma olwentambo.

I-Yggdrasil iwukuqhubeka kwephrojekthi CjDNS. Umehluko omkhulu phakathi kwe-Yggdrasil ne-CjDNS ukusetshenziswa kwephrothokholi STP (iphrothokholi yesihlahla enwebekayo).

Ngokuzenzakalelayo, wonke amarutha akunethiwekhi asebenzisa ukubethela ngasemaphethelweni ukudlulisa idatha phakathi kwabanye ababambi qhaza.

Isinqumo sokushintsha zonke izindawo zokufinyelela zenethiwekhi Ephakathi ukusuka ku-I2P ukuya ku-Yggdrasil kwaba ngenxa yesidingo sokwandisa isivinini sokuxhuma kanye nethuba lokusebenzisa inethiwekhi ye-Mesh ene-Full-Mesh topology.

I-Medium Weekly Digest #4 (2 - 9 Aug 2019)

"Medium" idala i-DNS yayo ngaphakathi kwenethiwekhi ye-Yggdrasil

Ekuqaleni, inethiwekhi ye-Yggdrasil yayingenayo iseva yegama lesizinda esimaphakathi eyayingavumela ababambiqhaza benethiwekhi ukuthi bafinyelele izinsiza ezivakashelwa kakhulu ngendlela elula nejwayeleke kakhudlwana (ngokungafani nokusebenzisa ikheli le-IPv6 leseva ethile).

Thina eMedium sanquma ukuphefumula impilo kulo mbono - futhi, sibheka phambili kancane, siphumelele!

I-Medium Weekly Digest #4 (2 - 9 Aug 2019)

Ukubhaliswa kwegama lesizinda kwenzeka ngokuzenzakalelayo - udinga nje ukucacisa ikheli le-IPv6 leseva lapho isevisi isebenza khona. Irobhothi lizohlola ukuthi ingabe leli kheli elomuntu ozama ukubhalisa igama lesizinda.

Uma yimpumelelo, igama lesizinda niyozenezelelwa database igama lesizinda phakathi 24 amahora. Uma iseva iyeka ukuphendula irobhothi futhi ingatholakali amahora angaphezu kwangu-72, igama lesizinda lizokhishwa.

Ikhophi yohlu oluphelele lwamagama esizinda esibhalisiwe iyatholakala ku amakhosombe ku-GitHub.

I-Medium Weekly Digest #4 (2 - 9 Aug 2019)

I-"Medium" yethula amandla okukhipha izitifiketi ngokuzenzakalelayo ezisayinwe yi-"Medium Root CA"

Ukudalwa kweseva yegama lesizinda nakho kwakungenxa yesidingo sokuphakelwa kwengqalasizinda yokhiye womphakathi - ukuze kukhishwe isitifiketi, kufanele kube nenkambu ye-CN (Igama Elivamile), okuyigama lesizinda lapho isitifiketi sikhishelwa khona.

Inqubo yokukhipha izitifiketi ezisayinwe isiphathimandla sokunikeza izitifiketi izenzekela - irobhothi lihlola ukulunga nobuqiniso bedatha efakwe umsebenzisi. Uma kuphumelele, i-imeyili ithunyelwa kumsebenzisi wokugcina ehlanganisa nesitifiketi esisayiniwe.

I-Medium Weekly Digest #4 (2 - 9 Aug 2019)

Yini isizathu sokusebenzisa i-HTTPS kunethiwekhi ye-Yggdrasil?

Asikho isidingo sokusebenzisa i-HTTPS ukuze uxhume kumasevisi ewebhu kunethiwekhi ye-Yggdrasil uma uxhuma kuwo ngomzila wenethiwekhi ye-Yggdrasil esebenza endaweni.

Ngempela: Ukuthutha kwe-Yggdrasil kusezingeni umthetho olandelwayo ikuvumela ukuthi usebenzise ngokuphephile izinsiza ngaphakathi kwenethiwekhi ye-Yggdrasil - ikhono lokuqhuba Ukuhlaselwa kwe-MITM kukhishwe ngokuphelele.

Isimo sishintsha kakhulu uma ufinyelela izinsiza ze-intranethi ze-Yggdarsil hhayi ngokuqondile, kodwa nge-node ephakathi nendawo - indawo yokufinyelela yenethiwekhi Emaphakathi, elawulwa u-opharetha wayo.

Kulesi simo, ubani ongafaka engozini idatha oyidluliselayo:

  1. U-opharetha wephoyinti lokufinyelela. Kusobala ukuthi u-opharetha wamanje wendawo yokufinyelela yenethiwekhi Emaphakathi angalalela ithrafikhi engabhaliwe edlula ezintweni zayo.
  2. isigebengu (indoda phakathi). Okumaphakathi kunenkinga efana ne Inkinga yenethiwekhi ye-Tor, kuphela ngokuphathelene namanodi okokufaka kanye namaphakathi.

Lokhu kubukeka kanjaniI-Medium Weekly Digest #4 (2 - 9 Aug 2019)

Isixazululo: ukuze ufinyelele izinsiza zewebhu ngaphakathi kwenethiwekhi ye-Yggdrasil, sebenzisa iphrothokholi ye-HTTPS (izinga lesi-7 Amamodeli we-OSI). Inkinga ukuthi akwenzeki ukukhipha isitifiketi sokuphepha sangempela samasevisi enethiwekhi ye-Yggdrasil ngezindlela ezivamile ezifana Masibhale.

Ngakho-ke, sasungula isikhungo sethu sokunikeza izitifiketi - "Medium Root CA". Zonke izinsiza zenethiwekhi Emaphakathi zisayinwa yisitifiketi sokuphepha esiyizimpande salesi siphathimandla sokunikeza izitifiketi.

Amathuba okuphazamisa isitifiketi sempande yesiphathimandla sesitifiketi, yiqiniso, kucatshangelwe - kodwa lapha isitifiketi sidingeka kakhulu ukuze kuqinisekiswe ubuqotho bokudluliswa kwedatha nokuqeda amathuba okuhlaselwa kwe-MITM.

Amasevisi enethiwekhi amaphakathi avela ku-opharetha abahlukene anezitifiketi zokuphepha ezihlukene, ngandlela thize ezisayinwe yiziphathimandla zokunikeza izitifiketi. Kodwa-ke, opharetha be-Root CA abakwazi ukulalela ithrafikhi ebethelwe kusukela kumasevisi abasayine kuwo izitifiketi zokuphepha (bona "Iyini i-CSR?").

Labo abakhathazeke ngokukhethekile ngokuphepha kwabo bangasebenzisa izindlela ezinjalo njengesivikelo esengeziwe, njenge I-PGP и ezifanayo.

Njengamanje, ingqalasizinda yokhiye womphakathi yenethiwekhi Emaphakathi inamandla okuhlola isimo sesitifiketi kusetshenziswa iphrothokholi I-OCSP noma ngokusebenzisa I-CRL.

I-inthanethi yamahhala e-Russia iqala ngawe

Unganikeza lonke usizo olungenzeka ekusungulweni kwe-inthanethi yamahhala eRussia namuhla. Sihlanganise uhlu olubanzi lokuthi ungasiza kanjani inethiwekhi:

  • Tshela abangani bakho nosebenza nabo mayelana nenethiwekhi ye-Medium. Yabelana ngereferensi kulesi sihloko ezinkundleni zokuxhumana noma ibhulogi yomuntu siqu
  • Bamba iqhaza engxoxweni yezinkinga zobuchwepheshe kunethiwekhi Ephakathi ku-GitHub
  • Dala isevisi yakho yewebhu kunethiwekhi ye-Yggdrasil futhi uyengeze kuyo I-DNS yenethiwekhi Emaphakathi
  • Phakamisa eyakho indawo yokungena kunethiwekhi ye-Medium

Ukukhishwa kwangaphambilini:

I-Medium Weekly Digest #4 (2 - 9 Aug 2019)   I-Medium Weekly Digest #1 (12 - 19 Jul 2019)
I-Medium Weekly Digest #4 (2 - 9 Aug 2019)   I-Medium Weekly Digest #2 (19 - 26 Jul 2019)
I-Medium Weekly Digest #4 (2 - 9 Aug 2019)   I-Medium Weekly Digest #3 (26 Jul - 2 Aug 2019)

Funda futhi:

Sthandwa, sibulala i-inthanethi
Umhlinzeki we-inthanethi omisiwe "Medium" - ezinyangeni ezintathu kamuva
I-"Medium" ingumhlinzeki we-inthanethi wokuqala ohlukaniselwe izwe eRussia

Siku-Telegram: @medium_isp

Abasebenzisi ababhalisiwe kuphela abangabamba iqhaza kuhlolovo. Ngena ngemvume, wamukelekile.

Okunye ukuvota: kubalulekile ngathi ukuthi sazi umbono walabo abangenayo i-akhawunti ephelele ngo-Habré

Bangu-8 abasebenzisi abavotile. Abasebenzisi abangu-3 bayenqaba.

Source: www.habr.com

Engeza amazwana