[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
ANN: Mixminion 0.0.4rc1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
"A plain man cannot stand against the anger of a king, who if he
swallow his displeasure now, will yet nurse revenge till he has
wreaked it. Consider, therefore, whether or no you will protect me."
-- The Illiad, Book I
Four servers are up. I just got a test message. It's release
canidate time.
The first release candidate for Mixminion 0.0.4 is available. This
release adds many new features, but breaks backward compatibility with
0.0.3. For this reason, if you're playing with Mixminion, you should
upgrade now.
Source:
http://mixminion.net/dist/Mixminion-0.0.4rc1.tar.gz
Signature:
http://mixminion.net/dist/Mixminion-0.0.4rc1.tar.gz.asc
Release notes:
http://mixminion.net/dist/README-0.0.4rc1
If you're running a server, you will need to follow the upgrade
instructions in the README. There's no more need to email me a
ServerDesc; the procedure has changed.
If you run into any problems with this release candidate, let me know;
I'll try to address them before the real release.
NEW IN VERSION 0.0.4rc1: (From the README)
First steps toward directory automation:
- Servers generate new keys and server descriptors when the old ones
are close to expiring. (~2 weeks)
- Servers also regenerate server descriptors when their configuration
changes.
- When a set of keys expires, a server rotates to the next set
automatically (with some overlap).
- Servers can upload their descriptors to a directory server
automatically.
- There's a trivial directory backend that accepts signed updates
automatically, and queues new servers.
- Directories now include a list of which servers are believed to be
working correctly. Right now, this list is still manually
configured.
- There's a cron job that regenerates the directory every so often.
Packet format overhaul:
- Server RSA keys are now 2048 bits long.
- The header representation is more compact now, so we don't pay in
space for the increased key length.
MMTP improvements:
- The certificate regime has changed so that key rotation is now
possible: instead of authenticating servers based on their TLS
keys, we authenticate based on their identity keys, which never
change.
- Packets sent from a server to itself no longer hit the network.
- When relaying messages, a server never opens more than 1 connection
at a time to the same server.
- MMTP clients now recognize a 'REJECTED' reply that a server can use
to refuse messages when under high load.
Other server improvements:
- Servers can (optionally) track the number of packets received,
relayed successfully, dropped, and so on.
- Servers can recognize and advertise whether they are configured
'securely.'
- The deliver/retry logic has been largely rewritten. It should
freak out and die less frequently now. In any case, it also prints
better debugging messages, and thrashes the disk less.
Minor changes:
- We now use real OpenPGP-style ASCII-armor. Accept no substitutes!
Numerous UI Improvements:
- There are saner error messages for many common cases.
- Support for multiple SURB keys to prevent identity-blending attack.
- There's a new (temporary) 'mixminion ping' command that you can use
to tell whether a server is accepting connections. It's potentially
dangerous (if you go pinging all the servers in your path), and has
a banner saying so.
- The path selection syntax has changed to be more flexible. (You can
now specify a single random hop, or N random hops.)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+1tepzgimHDtOLu4RAjuaAKCMMFl1B35V8OYHwA2H7NGANCh5VwCff2yL
aplCSmnZjUUMwfsu0L1pGAM=
=ydzG
-----END PGP SIGNATURE-----