Medium Weekly Digest # 3 (26 Jul - 2 Aug 2019)

Those who are able to give up their freedom in order to gain short-term protection from danger do not deserve freedom or security.

- Benjamin Franklin

This digest is designed to increase the interest of the Community in the issue of privacy, which in the light of recent events is becoming more relevant than ever.

On the agenda:

Remind me - what is Medium?

Medium (Eng. Medium - “intermediary”, original slogan - Don’t ask for your privacy. Take it back ; also in English the word medium means “intermediate”) - a Russian decentralized Internet provider that provides I2P network access services at no cost basis.

Full name - Medium Internet Service Provider. Initially, the project was conceived as a Mesh network in the Kolomensky urban district .

It was established in April 2019 in the framework of creating an independent telecommunication environment by providing end users with access to I2P network resources using Wi-Fi wireless data technology.

Targets and goals

On May 1, 2019, the incumbent President of the Russian Federation signed Federal Law No. 90- “On Amending the Federal Law“ On Communications ”and the Federal Law“ On Information, Information Technologies and the Protection of Information ” , also known as the draft law“ On Sovereign Runet ” .

“Medium” provides users with free access to I2P network resources, which makes it impossible to calculate not only the router where the traffic came from (see the basic principles of “garlic” traffic routing ), but also the end user - the Medium subscriber.

When creating a public organization, the community pursued the following goals:

More information about what “Medium” is can be found in the corresponding article .

Medium Root CA Certification Authority Introduces OCSP Certificate Verification

Not so long ago, the Medium Root CA certification center, in addition to the certificate revocation list (CRL), provided network users with the ability to verify certificates using the OCSP protocol.

OCSP (Online Certificate Status Protocol) is an Internet protocol for checking the status of an SSL certificate, which is faster and more reliable than previously done using the Certificate Revocation List (CRL).

The OCSP protocol works as follows: the end user sends a request to the server to obtain information about the SSL certificate, and the latter returns one of the following responses:

Features of the OCSP protocol: why do you need the Expect-Staple header

Expect-Staple is the HTTP security header. Its purpose is to place a field inside the server’s HTTP response in which you can tell the browser what address to write complaints to if the presence of OCSP Stapling has been declared, but in fact is missing or not available.

This header allows the service operator to configure reception of information about OCSP Stapling's failures.

Setting the header is pretty easy:

Expect-Staple: max-age=31536000; report-uri=""; includeSubDomains; preload 

More useful information about OCSP Stapling can be found here .

Welcome to the Medium Summer Meetup on August 3

Medium Summer Meetup is a meeting of enthusiasts interested in information security, online privacy and the development of the Medium network .

From time to time, we gather to discuss the most important issues regarding projects developed by the Community , as well as share experiences with fellow enthusiasts.

We invite everyone who is interested in information security and privacy on the Internet to participate. Medium Summer Meetup - new knowledge, the opportunity to meet like-minded people and make many useful contacts. Participation is free upon prior registration .

Mitap will be held in the format of an informal discussion of the most pressing issues related to information security, privacy on the Internet and the development of the Medium network .

What we will tell:

- “The decentralized Internet provider Medium: educational program on general issues regarding the use of the network and its resources”, Mikhail Podivilov

The speaker will tell what the decentralized Internet provider Medium is and what it is not, as well as demonstrate the capabilities of the network and explain how to properly configure network equipment and use network resources.

- “Security when using the Medium network: why you should use HTTPS when visiting eepsites”, Mikhail Podivilov

A report on why it is necessary to use the HTTPS protocol when using I2P network services when you are connected to the network through an access point provided by the Medium operator.

- “About the HyperSphere project and building self-organizing networks in practice: cases and software”, Alexey Vesnin

The speaker will talk about the HyperSphere project and the cases of using such networks in practice.

The list of performances will be gradually expanded.

Do you want to speak? Fill out the form!

What we will discuss:

LokiNet as an additional transport of the Medium network - to be or not to be?

Some time ago, the Community raised the question of using the LokiNet network as an additional transport of the Medium network. It is necessary to discuss the feasibility of using this network in the project.

Ecosystem of services of the Medium network - the most necessary services and their development

Some time ago, we began to deploy our ecosystem of services within the Medium network .

At the moment, we are faced with an important task - to discuss the most necessary and demanded services within the network and their subsequent implementation.

Among them : an email service, a blogging platform, a news portal, a search engine, a hosting service and others.

Long-Term Medium Network Development Plans

All issues, to one degree or another, related to the development of the Medium certification and its resources.

... and other equally interesting questions!

Suggest a topic for discussion in the comments to the publication.

To participate, you must register .

Gathering of participants and registration : 11:30
Mitap start : 12:00
Approximate end of the event : 15:00
Address : Moscow, metro Kolomenskaya, park "Kolomenskoye"

Come, we are waiting for you!

Coordination is done on the channel @ medium_summer_meetup_2019 in Telegram.

Free Internet in Russia starts with you

You can provide all possible assistance to the establishment of a free Internet in Russia today. We have compiled an exhaustive list of exactly how you can help the network:

Previous issues:

Medium Weekly Digest # 1 (12 - 19 Jul 2019)
Medium Weekly Digest # 2 (19 - 26 Jul 2019)

Read also:

Medium is the first decentralized Internet service provider in Russia
Decentralized Internet Service Provider Medium - Three Months Later
Welcome to the Medium Summer Meetup on August 3

We are on Telegram: @medium_isp


All Articles