Those who are able to give up their freedom in order to gain short-term protection from danger do not deserve freedom or security.
- Benjamin Franklin
This digest is designed to increase the interest of the Community in the issue of privacy, which in the light of recent events is
becoming more relevant than ever.
On the agenda:
- Medium Root CA Certification Authority Introduces OCSP Certificate Verification
- Features of the OCSP protocol: why do you need the Expect-Staple header
- We invite you to the summer Medium Summer Meetup on August 3 - a meeting of enthusiasts interested in information security, privacy on the Internet and the development of the Medium network
Remind me - what is Medium?Medium
- “intermediary”, original slogan - Don’t ask for your privacy. Take it back
; also in English the word medium
means “intermediate”) - a Russian decentralized Internet provider that provides I2P
network access services at no cost basis.
Full name - Medium Internet Service Provider. Initially, the project was conceived as a Mesh network
in the Kolomensky urban district
It was established in April 2019 in the framework of creating an independent telecommunication environment by providing end users with access to I2P network resources using Wi-Fi wireless data technology.
Targets and goals
On May 1, 2019, the incumbent President of the Russian Federation signed Federal Law No. 90- “On Amending the Federal Law“ On Communications ”and the Federal Law“ On Information, Information Technologies and the Protection of Information ”
, also known as the draft law“ On Sovereign Runet ”
“Medium” provides users with free access to I2P
network resources, which makes it impossible to calculate not only the router where the traffic came from (see the basic principles of “garlic” traffic routing
), but also the end user - the Medium subscriber.
When creating a public organization, the community pursued the following goals:
- Draw public attention to privacy
- Increase the total number of transit nodes within the I2P network
- Create your own ecosystem of I2P services that could replace the most common sites from the "clean" Internet
- Create a public key infrastructure within the Medium network to prevent Man-in-the-middle attacks
- Create your own domain name system for more convenient access to I2P services
More information about what “Medium” is can be found in the corresponding article
Medium Root CA Certification Authority Introduces OCSP Certificate Verification
Not so long ago, the Medium Root CA certification center, in addition to the certificate revocation list (CRL), provided network users with the ability to verify certificates using the OCSP protocol.
OCSP (Online Certificate Status Protocol) is an Internet protocol for checking the status of an SSL certificate, which is faster and more reliable than previously done using the Certificate Revocation List (CRL).
The OCSP protocol works as follows: the end user sends a request to the server to obtain information about the SSL certificate, and the latter returns one of the following responses:
- good - SSL certificate is not revoked or blocked,
- revoked - SSL certificate has been revoked,
- unknown - failed to set the status of the SSL certificate, because the server does not know the publisher.
Features of the OCSP protocol: why do you need the Expect-Staple header
Expect-Staple is the HTTP security header. Its purpose is to place a field inside the server’s HTTP response in which you can tell the browser what address to write complaints to if the presence of OCSP Stapling has been declared, but in fact is missing or not available.
This header allows the service operator to configure reception of information about OCSP Stapling's failures.
Setting the header is pretty easy:
Expect-Staple: max-age=31536000; report-uri="https://scotthelme.report-uri.io/r/d/staple"; includeSubDomains; preload
More useful information about OCSP Stapling can be found here
Welcome to the Medium Summer Meetup on August 3Medium Summer Meetup
is a meeting of enthusiasts interested in information security, online privacy and the development of the Medium network
From time to time, we gather to discuss the most important issues regarding projects developed by the Community
, as well as share experiences with fellow enthusiasts.
We invite everyone who is interested in information security and privacy on the Internet to participate. Medium Summer Meetup - new knowledge, the opportunity to meet like-minded people and make many useful contacts. Participation is free upon prior registration
Mitap will be held in the format of an informal discussion of the most pressing issues related to information security, privacy on the Internet and the development of the Medium network
What we will tell:
- “The decentralized Internet provider Medium: educational program on general issues regarding the use of the network and its resources”, Mikhail Podivilov
The speaker will tell what the decentralized Internet provider Medium is and what it is not, as well as demonstrate the capabilities of the network and explain how to properly configure network equipment and use network resources.
- “Security when using the Medium network: why you should use HTTPS when visiting eepsites”, Mikhail Podivilov
A report on why it is necessary to use the HTTPS protocol when using I2P network services when you are connected to the network through an access point provided by the Medium operator.
- “About the HyperSphere project and building self-organizing networks in practice: cases and software”, Alexey Vesnin
The speaker will talk about the HyperSphere project and the cases of using such networks in practice.
The list of performances will be gradually expanded.Do you want to speak? Fill out the form!
What we will discuss:
LokiNet as an additional transport of the Medium network - to be or not to be?
Some time ago, the Community raised the question
of using the LokiNet network as an additional transport of the Medium network. It is necessary to discuss the feasibility of using this network in the project.
Ecosystem of services of the Medium network - the most necessary services and their development
Some time ago, we began to deploy our ecosystem of services within the Medium network
At the moment, we are faced with an important task - to discuss the most necessary and demanded services within the network and their subsequent implementation.Among them
: an email service, a blogging platform, a news portal, a search engine, a hosting service and others.
Long-Term Medium Network Development Plans
All issues, to one degree or another, related to the development of the Medium certification and its resources.
... and other equally interesting questions!
Suggest a topic for discussion in the comments to the publication.
To participate, you must register
.Gathering of participants and registration
: 11:30Mitap start
: 12:00Approximate end of the event
: Moscow, metro Kolomenskaya, park "Kolomenskoye"
Come, we are waiting for you!
Coordination is done on the channel @ medium_summer_meetup_2019
Free Internet in Russia starts with you
You can provide all possible assistance to the establishment of a free Internet in Russia today. We have compiled an exhaustive list of exactly how you can help the network:
- Share the Medium network with your friends and colleagues. Share a link to this article on social networks or a personal blog.
- Take part in the discussion of the technical issues of the Medium network on GitHub
- Take part in the development of the OpenWRT distribution designed to work with the Medium network
- Create your web service on the I2P network and add it to the Medium DNS network
- Raise your Medium Access Point
Previous issues: Medium Weekly Digest # 1 (12 - 19 Jul 2019) Medium Weekly Digest # 2 (19 - 26 Jul 2019)
Read also:Medium is the first decentralized Internet service provider in RussiaDecentralized Internet Service Provider Medium - Three Months LaterWelcome to the Medium Summer Meetup on August 3
We are on Telegram: @medium_isp