Halaman ini terakhir diperbarui pada s2020-07 dan akurat untuk router versi 0.9.46.

Ikhtisar

I2P ships with a generic naming library and a base implementation designed to work off a local name to destination mapping, as well as an add-on application called the address book. I2P also supports Base32 hostnames similar to Tor's .onion addresses.

The address book is a web-of-trust driven secure, distributed, and human readable naming system, sacrificing only the call for all human readable names to be globally unique by mandating only local uniqueness. While all messages in I2P are cryptographically addressed by their destination, different people can have local address book entries for "Alice" which refer to different destinations. People can still discover new names by importing published address books of peers specified in their web of trust, by adding in the entries provided through a third party, or (if some people organize a series of published address books using a first come first serve registration system) people can choose to treat these address books as name servers, emulating traditional DNS.

CATATAN: untuk penjelasan tentang logika di balik sistem penamaan di I2P, argumentasi yang melawannya, dan beberapa kemungkinan alternatif silakan lihat halaman naming discussion.

Komponen Sistem Penamaan

Tidak ada otoritas utama penamaan di I2P. Semua nama host diatur secara lokal di setiap komputer pengguna.

Sistem penamaan cukup sederhana dan sebagian besar diterapkan di aplikasi di luar router, tapi disertakan di distribusi I2P. Komponen-komponennya adalah:

  1. Servis penamaan lokal yang melakukan pencarian juga menangani Base32 hostnames.
  2. HTTP proxy meminta router untuk mencari host dan mengarahkan pengguna kepada remote jump service jika pencarian host gagal.
  3. formulir host-add HTTP membuat pengguna dapat menambah host ke dalam hosts.txt
  4. HTTP jump services menyediakan pencarian dan pengalihan host.
  5. The address book application which merges external host lists, retrieved via HTTP, with the local list.
  6. The SusiDNS application which is a simple web front-end for address book configuration and viewing of the local host lists.

Naming Services

All destinations in I2P are 516-byte (or longer) keys. (To be more precise, it is a 256-byte public key plus a 128-byte signing key plus a 3-or-more byte certificate, which in Base64 representation is 516 or more bytes. Non-null Certificates are in use now for signature type indication. Therefore, certificates in recently-generated destinations are more than 3 bytes.

Jika sebuah aplikasi (i2ptunnel atau proxy HTTP) ingin mengakses sebuah destinasi dengan menggunakan nama destinasinya, router melaksanakan pencarian sangat sederhana secara lokal untuk menemukan nama host tersebut.

Servis Penamaan Host.txt

Servis Penamaan Host.txt melaksanakan pencarian sederhana dan linier terhadap file teks. Servis penamaan ini adalah standar sampai rilis 0.8.8 yang mana diganti oleh Blockfile Naming Service. Format hosts.txt menjadi lambat setelah ukuran file-nya menjadi ribuan entri.

Ini melakukan pencarian linier terhadap tiga file lokal, secara berturut-turut, untuk mencari nama host dan mengubahnya menjadi sebuah 516-byte destination key. Setiap file adalah file pengaturan berformat sederhana, dengan satu hostname=base64 per baris. File-filenya adalah:

  1. privatehosts.txt
  2. userhosts.txt
  3. hosts.txt

Blockfile Naming Service

The Blockfile Naming Service stores multiple "address books" in a single database file named hostsdb.blockfile. This Naming Service is the default since release 0.8.8.

A blockfile is simply on-disk storage of multiple sorted maps (key-value pairs), implemented as skiplists. The blockfile format is specified on the Blockfile page. It provides fast Destination lookup in a compact format. While the blockfile overhead is substantial, the destinations are stored in binary rather than in Base 64 as in the hosts.txt format. In addition, the blockfile provides the capability of arbitrary metadata storage (such as added date, source, and comments) for each entry to implement advanced address book features. The blockfile storage requirement is a modest increase over the hosts.txt format, and the blockfile provides approximately 10x reduction in lookup times.

Pada saat dia dibuat, servis penamaan mengimpor entri dari ketiga file yang digunakan oleh Servis Penamaan hosts.txt. Blockfile meniru penerapan sebelumnya dengan mempertahankan ketiga maps yang dicari secara berurutan, yang bernama privatehosts.txt, userhosts.txt dan hosts.txt. Dia juga mempertahankan reverse-lookup map untuk menerapkan reverse lookup yang cepat.

Fasilitas Lain untuk Servis Penamaan

Lookup-nya case-insensitive atau besar kecil huruf tidak dianggap berbeda. Kesamaan pertama digunakan, lalu konflik tidak terdeteksi. Tidak ada pemaksaan aturan penamaan di lookups. Lookup disimpan ke dalam cache selama beberapa menit. Base 32 resolution dijelaskandi bawah ini. Untuk keterangan lengkap tentang Naming Service API, baca Naming Service Javadocs. API ini ditingkatkan secara signifikan di rilis 0.8.7 untuk menambahkan dan mengurangi penyimpanan dengan arbitrary properties dengan hostname dan fitur lain.

Alternatif dan Servis Penamaan Eksperimental

Servis penamaan ini dispesifikasikan dengan configuration property i2p.naming.impl=class. Implementasi yang lain dimungkinkan. Sebagai contoh, ada fasilitas eksperimental untuk pencarian real-time (seperti DNS) melalui jaringan di dalam router. Untuk informasi lebih lanjut lihat alternatif di halaman diskusi.

The HTTP proxy does a lookup via the router for all hostnames ending in '.i2p'. Otherwise, it forwards the request to a configured HTTP outproxy. Thus, in practice, all HTTP (I2P Site) hostnames must end in the pseudo-Top Level Domain '.i2p'.

Kami telahmemesan top level domai .i2p prosedur berikut ini dijelaskan diRFC 6761.

Jika router gagal untuk mencari nama host, proxy HTTP menampilkan halaman kesalahan pengguna dengan link ke beberapa "jump" service. Lihat di bawah ini untuk detailnya.

Address Book

Subskripsi dan Merging yang Akan Datang

The address book application periodically retrieves other users' hosts.txt files and merges them with the local hosts.txt, after several checks. Naming conflicts are resolved on a first-come first-served basis.

Berlangganan ke hosts.txt file milik pengguna lain berarti memberikan kepercayaan kepada mereka. Anda tidak ingin mereka, misalnya, 'membajak' situs baru dengan secara cepat memasukkan kunci mereka sendiri untuk situs baru sebelum melewati entri host kunci baru kepada Anda.

For this reason, the only subscription configured by default is http://i2p-projekt.i2p/hosts.txt (http://udhdrtrcetjm5sxzskjyr5ztpeszydbh4dpl3pl4utgqqw2v4jna.b32.i2p/hosts.txt), which contains a copy of the hosts.txt included in the I2P release. Users must configure additional subscriptions in their local address book application (via subscriptions.txt or SusiDNS).

Some other public address book subscription links:

Operator dari layanan ini mungkin memiliki berbagai kebijakan untuk daftar host. Kehadiran daftar ini tidak menyiratkan endorsement.

Aturan Penamaan

While there are hopefully not any technical limitations within I2P on host names, the address book enforces several restrictions on host names imported from subscriptions. It does this for basic typographical sanity and compatibility with browsers, and for security. The rules are essentially the same as those in RFC2396 Section 3.2.2. Any hostnames violating these rules may not be propagated to other routers.

Aturan Penamaan:

  • Nama diubah menjadi huruf kecil pada saat diimpor.
  • Nama-nama baru diperiksa apakah konflik dengan nama-nama yang sudah ada di userhosts.txt di hosts.txt yang sudah ada (tapi bukan di privatehosts.txt) setelah konversi ke huruf kecil.
  • Hanya boleh berisi [a-z] [0-9] '.' dan '-' setelah konversi ke huruf kecil.
  • Tidak boleh dimulai dengan '.' or '-'.
  • Harus diakhiri '.i2p'.
  • 67 karakter maksimum, termasuk '.i2p'.
  • Tidak boleh mengandung '... '.
  • Tidak boleh mengandung '.-' atau '-.' (seperti dari 0.6.1.33).
  • Tidak boleh mengandung '--' kecuali di 'xn--' untuk IDN.
  • Nama host Base32 (*.b32.i2p) dipesan untuk penggunaan base 32 use sehingga tidak boleh diimpor.
  • Beberapa nama host yang dipesan untuk penggunaan proyek tidak diperbolehkan (proxy.i2p, router.i2p, console.i2p, *.proxy.i2p, *.router.i2p, *.console.i2p, dan lainnya)
  • Key diperiksa untuk validitas base64.
  • Keys diperiksa apakah ada konflik di key yang sudah ada di hosts.txt (bukan di privatehosts.txt).
  • Panjang minimum key adalah 516 byte.
  • Panjang maksimum key adalah 616 bytes (untuk menampung sertifikat sebesar maksimum 100 bytes).

Nama-nama host yang diterima lewat langganan yang lolos semua pemeriksaan akan ditambahkan melalui local naming service.

Note that the '.' symbols in a host name are of no significance, and do not denote any actual naming or trust hierarchy. If the name 'host.i2p' already exists, there is nothing to prevent anybody from adding a name 'a.host.i2p' to their hosts.txt, and this name can be imported by others' address book. Methods to deny subdomains to non-domain 'owners' (certificates?), and the desirability and feasibility of these methods, are topics for future discussion.

International Domain Names (IDN) juga berfungsi di i2p (menggunakan format punycode 'xn--'). Untuk dapat melihat nama domain IDN .i2p dapat ditampilkan dengan baik di Firefox, tambahkan 'network.IDN.whitelist.i2p (boolean) = true' di about:config.

As the address book application does not use privatehosts.txt at all, in practice this file is the only place where it is appropriate to place private aliases or "pet names" for sites already in hosts.txt.

Format Feed Langganan Lanjutan

As of release 0.9.26, subscription sites and clients may support an advanced hosts.txt feed protocol that includes metadata including signatures. This format is backwards-compatible with the standard hosts.txt hostname=base64destination format. See the specification for details.

Langganan Keluar

Address Book will publish the merged hosts.txt to a location (traditionally hosts.txt in the local I2P Site's home directory) to be accessed by others for their subscriptions. This step is optional and is disabled by default.

Hosting and HTTP Transport Issues

The address book application, together with eepget, saves the Etag and/or Last-Modified information returned by the web server of the subscription. This greatly reduces the bandwidth required, as the web server will return a '304 Not Modified' on the next fetch if nothing has changed.

Namun seluruh hosts.txt diunduh jika itu telah berubah. Lihat di bawah ini untuk diskusi isu ini.

Hosts yang menyediakan file hosts.txt statis atau aplikasi CGI yang sebanding dengannya sangat disarankan untuk menyediakan Content-Length header, sekaligus Etag atau Last-Modified header. Juga pastikan server menampilkan '304 Not Modified' ketika diperlukan. Ini akan banyak mengurangi bandwidth jaringan dan mengurangi kemungkinan data korup.

Host Add Services

Host add service adalah aplikasi CGI yang menggunakan hostname dan a Base64 key debagai parameter dan menambahkannya ke dalam hosts.txt lokal. Jika router lain berlangganan hosts.txt itu, hostname/kunci baru akan disebarluaskan melalui jaringan.

It is recommended that host add services impose, at a minimum, the restrictions imposed by the address book application listed above. Host add services may impose additional restrictions on hostnames and keys, for example:

  • Batasan jumlah 'subdomains'.
  • Otorisasi 'subdomains' melalui banyak metode.
  • Hashcash atau signed certificate.
  • Review editor terhadap host names dan/atau isi.
  • Categorization of hosts by content.
  • Reservation or rejection of certain host names.
  • Restrictions on the number of names registered in a given time period.
  • Delays between registration and publication.
  • Requirement that the host be up for verification.
  • Expiration and/or revocation.
  • IDN spoof rejection.

Jump Services

A jump service is a simple CGI application that takes a hostname as a parameter and returns a 301 redirect to the proper URL with a ?i2paddresshelper=key string appended. The HTTP proxy will interpret the appended string and use that key as the actual destination. In addition, the proxy will cache that key so the address helper is not necessary until restart.

Note that, like with subscriptions, using a jump service implies a certain amount of trust, as a jump service could maliciously redirect a user to an incorrect destination.

To provide the best service, a jump service should be subscribed to several hosts.txt providers so that its local host list is current.

SusiDNS

SusiDNS is simply a web interface front-end to configuring address book subscriptions and accessing the four address book files. All the real work is done by the 'address book' application.

Currently, there is little enforcement of address book naming rules within SusiDNS, so a user may enter hostnames locally that would be rejected by the address book subscription rules.

Base32 Names

I2P supports Base32 hostnames similar to Tor's .onion addresses. Base32 addresses are much shorter and easier to handle than the full 516-character Base64 Destinations or addresshelpers. Example: ukeu3k5oycgaauneqgtnvselmt4yemvoilkln7jpvamvfx7dnkdq.b32.i2p

In Tor, the address is 16 characters (80 bits), or half of the SHA-1 hash. I2P uses 52 characters (256 bits) to represent the full SHA-256 hash. The form is {52 chars}.b32.i2p. Tor has a proposal to convert to an identical format of {52 chars}.onion for their hidden services. Base32 is implemented in the naming service, which queries the router over I2CP to lookup the LeaseSet to get the full Destination. Base32 lookups will only be successful when the Destination is up and publishing a LeaseSet. Because resolution may require a network database lookup, it may take significantly longer than a local address book lookup.

Base32 addresses can be used in most places where hostnames or full destinations are used, however there are some exceptions where they may fail if the name does not immediately resolve. I2PTunnel will fail, for example, if the name does not resolve to a destination.