diff --git a/ISSUE_TEMPLATE.md b/ISSUE_TEMPLATE.md new file mode 100644 index 00000000..874b405d --- /dev/null +++ b/ISSUE_TEMPLATE.md @@ -0,0 +1,12 @@ +# Expected Behavior + +# Actual Behavior + +# Steps to Reproduce + +# Version Information +Onionr: +OS: +Python: +Tor: +I2P: diff --git a/docs/onionr-draft.md b/docs/onionr-draft.md index 6f0387b9..26fbf18f 100644 --- a/docs/onionr-draft.md +++ b/docs/onionr-draft.md @@ -4,9 +4,6 @@ A social network/microblogging platform for Tor & I2P Draft Dec 25 2017 -notes: -Use Blowfish in addition with AES? - # Overview Onionr is an encrypted microblogging & mailing system designed in the spirit of Twitter. @@ -33,7 +30,7 @@ Clients MUST use HTTP(s) to communicate with one another to maintain compatibili ## Connections When a node first comes online, it attempts to bootstrap using a default list provided by a client. When two peers connect, they exchange PGP public keys and then generate a shared AES-SHA3-512 HMAC token. These keys are stored in a peer database until expiry. - HMAC tokens are regenerated either every X many communications with a peer or every X minutes. Every 10 communications or every 24 hours is a recommended default. + HMAC tokens are regenerated either every X many communications with a peer or every X minutes. Every 10MB or every 2 hours is a recommended default. All valid requests with HMAC should be recorded until used HMAC's expiry to prevent replay attacks. Peer Types * Friends: @@ -64,7 +61,7 @@ Clients MUST use HTTP(s) to communicate with one another to maintain compatibili ◦ Posts MUST be PGP signed, and MUST NOT use any encryption. ## Private Messages - Private messages are messages that can have attached images. They MUST be encrypted via AES256-HMAC-SHA256 and PGP signed (signed before encryption) and time stamped to prevent replaying. A temporary RSA key for use in every message is exchanged every X many configured messages (or posts), for use in addition with PGP and the HMAC. + Private messages are messages that can have attached images. They MUST be encrypted via AES256-HMAC-SHA256 and PGP signed (signed before encryption) and time stamped to prevent replaying. A temporary EdDSA key for use in every message is exchanged every X many configured messages (or posts), for use in addition with PGP and the HMAC. When both peers are online messages SHOULD be dispatched directly between peers. All messages must be verified prior to being displayed.