Those who are able to give up their freedom in order to gain short-term protection from danger do not deserve freedom or security.
- Benjamin Franklin
This digest is designed to increase the interest of the Community in the issue of privacy, which in the light of recent events is becoming more relevant than ever.
Features of the OCSP protocol: why do you need the Expect-Staple header
We invite you to the summer Medium Summer Meetup on August 3 - a meeting of enthusiasts interested in information security, privacy on the Internet and the development of the Medium network
Remind me - what is Medium?
Medium (Eng. Medium - “intermediary”, original slogan - Don’t ask for your privacy. Take it back ; also in English the word medium means “intermediate”) - a Russian decentralized Internet provider that provides I2P network access services at no cost basis.
It was established in April 2019 in the framework of creating an independent telecommunication environment by providing end users with access to I2P network resources using Wi-Fi wireless data technology.
“Medium” provides users with free access to I2P network resources, which makes it impossible to calculate not only the router where the traffic came from (see the basic principles of “garlic” traffic routing ), but also the end user - the Medium subscriber.
When creating a public organization, the community pursued the following goals:
Draw public attention to privacy
Increase the total number of transit nodes within the I2P network
Create your own ecosystem of I2P services that could replace the most common sites from the "clean" Internet
Create a public key infrastructure within the Medium network to prevent Man-in-the-middle attacks
Create your own domain name system for more convenient access to I2P services
More information about what “Medium” is can be found in the corresponding article .
Medium Root CA Certification Authority Introduces OCSP Certificate Verification
Not so long ago, the Medium Root CA certification center, in addition to the certificate revocation list (CRL), provided network users with the ability to verify certificates using the OCSP protocol.
OCSP (Online Certificate Status Protocol) is an Internet protocol for checking the status of an SSL certificate, which is faster and more reliable than previously done using the Certificate Revocation List (CRL).
The OCSP protocol works as follows: the end user sends a request to the server to obtain information about the SSL certificate, and the latter returns one of the following responses:
good - SSL certificate is not revoked or blocked,
revoked - SSL certificate has been revoked,
unknown - failed to set the status of the SSL certificate, because the server does not know the publisher.
Features of the OCSP protocol: why do you need the Expect-Staple header
Expect-Staple is the HTTP security header. Its purpose is to place a field inside the server’s HTTP response in which you can tell the browser what address to write complaints to if the presence of OCSP Stapling has been declared, but in fact is missing or not available.
This header allows the service operator to configure reception of information about OCSP Stapling's failures.
More useful information about OCSP Stapling can be found here .
Welcome to the Medium Summer Meetup on August 3
Medium Summer Meetup is a meeting of enthusiasts interested in information security, online privacy and the development of the Medium network .
From time to time, we gather to discuss the most important issues regarding projects developed by the Community , as well as share experiences with fellow enthusiasts.
We invite everyone who is interested in information security and privacy on the Internet to participate. Medium Summer Meetup - new knowledge, the opportunity to meet like-minded people and make many useful contacts. Participation is free upon prior registration .
Mitap will be held in the format of an informal discussion of the most pressing issues related to information security, privacy on the Internet and the development of the Medium network .
What we will tell:
- “The decentralized Internet provider Medium: educational program on general issues regarding the use of the network and its resources”, Mikhail Podivilov
The speaker will tell what the decentralized Internet provider Medium is and what it is not, as well as demonstrate the capabilities of the network and explain how to properly configure network equipment and use network resources.
- “Security when using the Medium network: why you should use HTTPS when visiting eepsites”, Mikhail Podivilov
A report on why it is necessary to use the HTTPS protocol when using I2P network services when you are connected to the network through an access point provided by the Medium operator.
- “About the HyperSphere project and building self-organizing networks in practice: cases and software”, Alexey Vesnin
The speaker will talk about the HyperSphere project and the cases of using such networks in practice.
The list of performances will be gradually expanded.
LokiNet as an additional transport of the Medium network - to be or not to be?
Some time ago, the Community raised the question of using the LokiNet network as an additional transport of the Medium network. It is necessary to discuss the feasibility of using this network in the project.
Ecosystem of services of the Medium network - the most necessary services and their development
At the moment, we are faced with an important task - to discuss the most necessary and demanded services within the network and their subsequent implementation.
Among them : an email service, a blogging platform, a news portal, a search engine, a hosting service and others.
Long-Term Medium Network Development Plans
All issues, to one degree or another, related to the development of the Medium certification and its resources.
... and other equally interesting questions!
Suggest a topic for discussion in the comments to the publication.
You can provide all possible assistance to the establishment of a free Internet in Russia today. We have compiled an exhaustive list of exactly how you can help the network:
Share the Medium network with your friends and colleagues. Share a link to this article on social networks or a personal blog.
Take part in the discussion of the technical issues of the Medium network on GitHub