GNUnet

GNUnet 0.16.1 This is a bugfix release for gnunet 0.16.0. Download links http://ftpmirror.gnu.org/gnunet/gnunet-0.16.1.tar.gz http://ftpmirror.gnu.org/gnunet/gnunet-0.16.1.tar.gz.sig ... [More] The GPG key used to sign is: 3D11063C10F98D14BD24D1470B0998EF86F59B6A Note that due to mirror synchronization, not all links may be functional early after the release. For direct access try http://ftp.gnu.org/gnu/gnunet/ Noteworthy changes in 0.16.1 (since 0.16.0) GNS : There was a bug where private records were published. NAMESTORE : CLI now handles Tombstones better. There is also a warning for problematically short relative expiration times (<15 minutes) when adding new records. Buildsystem : Fix libsodium detection. #7153 Fix for facilitating autoreconf with the released tarball. A detailed list of changes can be found in the ChangeLog and the 0.16.1 bugtracker . [Less]

GNUnet 0.16.0 released We are pleased to announce the release of GNUnet 0.16.0. This is a new major release. It breaks protocol compatibility with the 0.15.x versions. Please be aware that Git master is thus henceforth ... [More] (and has been for a while) INCOMPATIBLE with the 0.15.x GNUnet network, and interactions between old and new peers will result in issues. 0.15.x peers will be able to communicate with Git master or 0.16.x peers, but some services - in particular GNS - will not be compatible. In terms of usability, users should be aware that there are still a number of known open issues in particular with respect to ease of use, but also some critical privacy issues especially for mobile users. Also, the nascent network is tiny and thus unlikely to provide good anonymity or extensive amounts of interesting information. As a result, the 0.16.0 release is still only suitable for early adopters with some reasonable pain tolerance . Download links gnunet-0.16.0.tar.gz ( signature ) gnunet-gtk-0.16.0.tar.gz ( signature ) gnunet-fuse-0.16.0.tar.gz ( signature ) The GPG key used to sign is: 3D11063C10F98D14BD24D1470B0998EF86F59B6A Note that due to mirror synchronization, not all links might be functional early after the release. For direct access try http://ftp.gnu.org/gnu/gnunet/ Noteworthy changes in 0.16.0 (since 0.15.3) GNS : New record flag: CRITICAL. For records that must be processed otherwise resolution must fail. #7169 Deletion of records and reduction of expiration times is now properly handled with respect to monotonically increasing expiratin times. #7170 VPN tunnel establishment is moved out of the GNS resolver to be handled by applications (such as the DNS2GNS service). #7171 Introduces new record type REDIRECT which replaces the previous (ab)use of CNAME records. #7172 The specification has been updated to reflect the changes. LSD0001 DHT : Routes can now be signed. #4164 Changed distance metric to a more traditional XOR. #7136 The specification has been updated to reflect the changes. LSD0004 RECLAIM : Added some preliminary support for Decentralized Identifier (DID) and Verifiable Credentials (VCs). UTIL : Add Clause-Schnorr blind signatures. For use in Taler . BUILD : Building from git now requires recutils . The bootstrap will generate up-to-date header files from GANA . A detailed list of changes can be found in the ChangeLog and the bug tracker . Known Issues There are known major design issues in the TRANSPORT, ATS and CORE subsystems which will need to be addressed in the future to achieve acceptable usability, performance and security. There are known moderate implementation limitations in CADET that negatively impact performance. There are known moderate design issues in FS that also impact usability and performance. There are minor implementation limitations in SET that create unnecessary attack surface for availability. The RPS subsystem remains experimental. Some high-level tests in the test-suite fail non-deterministically due to the low-level TRANSPORT issues. In addition to this list, you may also want to consult our bug tracker at bugs.gnunet.org which lists about 190 more specific issues. Thanks This release was the work of many people. The following people contributed code and were thus easily identified: Christian Grothoff, Tristan Schwieren, Alessio Vanni, Florian Dold, Thien-Thi Nguyen, t3sserakt, Lucien Heuzeveldt, Gian Demarmels, madmurphy, TheJackiMonster and Martin Schanzenbach. [Less]

GNUnet 0.16.0 released We are pleased to announce the release of GNUnet 0.16.0. GNUnet is an alternative network stack for building secure, decentralized and privacy-preserving distributed applications. Our goal is to ... [More] replace the old insecure Internet protocol stack. Starting from an application for secure publication of files, it has grown to include all kinds of basic protocol components and applications towards the creation of a GNU internet. This is a new major release. It breaks protocol compatibility with the 0.15.x versions. Please be aware that Git master is thus henceforth (and has been for a while) INCOMPATIBLE with the 0.15.x GNUnet network, and interactions between old and new peers will result in issues. 0.15.x peers will be able to communicate with Git master or 0.16.x peers, but some services - in particular GNS - will not be compatible. In terms of usability, users should be aware that there are still a number of known open issues in particular with respect to ease of use, but also some critical privacy issues especially for mobile users. Also, the nascent network is tiny and thus unlikely to provide good anonymity or extensive amounts of interesting information. As a result, the 0.16.0 release is still only suitable for early adopters with some reasonable pain tolerance . Download links gnunet-0.16.0.tar.gz ( signature ) gnunet-gtk-0.16.0.tar.gz ( signature ) gnunet-fuse-0.16.0.tar.gz ( signature ) The GPG key used to sign is: 3D11063C10F98D14BD24D1470B0998EF86F59B6A Note that due to mirror synchronization, not all links might be functional early after the release. For direct access try http://ftp.gnu.org/gnu/gnunet/ Noteworthy changes in 0.16.0 (since 0.15.3) GNS : New record flag: CRITICAL. For records that must be processed otherwise resolution must fail. #7169 Deletion of records and reduction of expiration times is now properly handled with respect to monotonically increasing expiratin times. #7170 VPN tunnel establishment is moved out of the GNS resolver to be handled by applications (such as the DNS2GNS service). #7171 Introduces new record type REDIRECT which replaces the previous (ab)use of CNAME records. #7172 The specification has been updated to reflect the changes. LSD0001 DHT : Routes can now be signed. #4164 Changed distance metric to a more traditional XOR. #7136 The specification has been updated to reflect the changes. LSD0004 RECLAIM : Added some preliminary support for Decentralized Identifier (DID) and Verifiable Credentials (VCs). UTIL : Add Clause-Schnorr blind signatures. For use in Taler . BUILD : Building from git now requires recutils . The bootstrap will generate up-to-date header files from GANA . A detailed list of changes can be found in the ChangeLog and the bug tracker . Known Issues There are known major design issues in the TRANSPORT, ATS and CORE subsystems which will need to be addressed in the future to achieve acceptable usability, performance and security. There are known moderate implementation limitations in CADET that negatively impact performance. There are known moderate design issues in FS that also impact usability and performance. There are minor implementation limitations in SET that create unnecessary attack surface for availability. The RPS subsystem remains experimental. Some high-level tests in the test-suite fail non-deterministically due to the low-level TRANSPORT issues. In addition to this list, you may also want to consult our bug tracker at bugs.gnunet.org which lists about 190 more specific issues. Thanks This release was the work of many people. The following people contributed code and were thus easily identified: Christian Grothoff, Tristan Schwieren, Alessio Vanni, Florian Dold, Thien-Thi Nguyen, t3sserakt, Lucien Heuzeveldt, Gian Demarmels, madmurphy, TheJackiMonster and Martin Schanzenbach. [Less]

GNS Technical Specification Call for Reviews We are happy to announce that our GNS specification is currently under review by the Independent Stream Editor (ISE). We have already received feedback from the ISE and made ... [More] significant, mostly editorial changes to the specification. We are inviting anyone reading this to review and provide feedback to the draft and send it to [email protected] . Even better, you could write an implementation in your favourite programming language. In other news, we are currently also working on the specification of the GNUnet DHT . IETF: Datatracker Link to TXT version Link to HTML version This work was generously funded by NLnet as part of their Search and discovery fund . [Less]

GNS Technical Specification Call for Reviews We are happy to announce that our GNS specification is currently under review by the IETF Independent Stream Editor (ISE). We have already received feedback from the ISE and made ... [More] significant, mostly editorial changes to the specification. We are inviting anyone reading this to review and provide feedback to the draft and send it to [email protected] . Even better, you could write an implementation in your favourite programming language. In other news, we are currently also working on the specification of the GNUnet DHT . IETF: Datatracker Link to TXT version Link to HTML version This work was generously funded by NLnet as part of their Search and discovery fund . [Less]

GNUnet 0.15.0 released We are pleased to announce the release of GNUnet 0.15.0. This is a new major release. It breaks protocol compatibility with the 0.14.x versions. Please be aware that Git master is thus henceforth ... [More] INCOMPATIBLE with the 0.14.x GNUnet network, and interactions between old and new peers will result in issues. 0.14.x peers will be able to communicate with Git master or 0.14.x peers, but some services - in particular GNS - will not be compatible. The MESSENGER service goes out of experimental to be used by libraries and applications as dependency. It handles decentralized messaging in flexible groups by using the CADET service and messages can be signed with your ego from the IDENTITY service. The service is still in an early stage, so its protocol (currently version 0.1) will likely adapt or change in future releases to some degree. In terms of usability, users should be aware that there are still a number of known open issues in particular with respect to ease of use, but also some critical privacy issues especially for mobile users. Also, the nascent network is tiny and thus unlikely to provide good anonymity or extensive amounts of interesting information. As a result, the 0.15.0 release is still only suitable for early adopters with some reasonable pain tolerance . Download links gnunet-0.15.0.tar.gz ( signature ) gnunet-gtk-0.15.0.tar.gz ( signature ) gnunet-fuse-0.15.0.tar.gz ( signature ) The GPG key used to sign is: 3D11063C10F98D14BD24D1470B0998EF86F59B6A Note that due to mirror synchronization, not all links might be functional early after the release. For direct access try http://ftp.gnu.org/gnu/gnunet/ Noteworthy changes in 0.15.0 (since 0.14.1) GNS : First-come-first-served GNUnet top-level domain ".pin" zone key and website updated a. Register here. #6832 New EDKEY zone keys . SCALARPRODUCT : Crypto ported to libsodium improving performance. #6818 RECLAIM : Added support for BBS+ blind signature credentials for selective disclosure. UTIL : Swap gnunet-config's default behaviour for the rewrite flag. Config file is not not always written Introduced new TIME helper functions SETU : Implemented set union subsystem along with technical specification LSD0003 . MESSENGER : New messenger component moved out of experimental. A detailed list of changes can be found in the ChangeLog and the bug tracker . Known Issues There are known major design issues in the TRANSPORT, ATS and CORE subsystems which will need to be addressed in the future to achieve acceptable usability, performance and security. There are known moderate implementation limitations in CADET that negatively impact performance. There are known moderate design issues in FS that also impact usability and performance. There are minor implementation limitations in SET that create unnecessary attack surface for availability. The RPS subsystem remains experimental. Some high-level tests in the test-suite fail non-deterministically due to the low-level TRANSPORT issues. In addition to this list, you may also want to consult our bug tracker at bugs.gnunet.org which lists about 190 more specific issues. Thanks This release was the work of many people. The following people contributed code and were thus easily identified: Christian Grothoff, Daniel Golle, Alessio Vanni, Thien-Thi Nguyen, Elias Summermatter, t3sserakt, TheJackiMonster and Martin Schanzenbach. [Less]

DISSENS: Decentralized Identities for Self-sovereign End-users (NGI TRUST) Since mid 2020, a consortium between Taler Systems S.A. , the Bern University of Applied Sciences and Fraunhofer AISEC ... [More] has been working on bringing privacy-friendly payments using GNU Taler and self-sovereign identity using GNUnet's re:claimID together in an e-commerce framework. Content Registrations of accounts prior to receiving services online is the standard process for commercial offerings on the Internet which depend on two corner stones of the Web: Payment processing and digital identities. The use of third-party identity provider services (IdPs) is practical as it delegates the task of verifying and storing personal information. The use of payment processors is convenient for the customer as it provides one-click payments. However, the quasi-oligopoly of services providers in those areas include Google and Facebook for identities and PayPal or Stripe for payment processing. Those corporations are not only based in privacy-unfriendly jurisdictions, but also exploit private data for profit. DISSENS makes the case that what is urgently needed are fundamentally different, user-centric and privacy-friendly alternatives to the above. Self-sovereign identity (SSI) management is the way to replace IdPs with a user-centric, decentralized mechanism where data and access control is fully under the control of the data subject. In combination with a privacy-friendly payment system, DISSENS aims to achieve the same one-click user experience that is currently achieved by privacy-invasive account-based Web shops, but without the users having to setup accounts. To achieve this, DISSENS integrates re:claimID with the GNU Taler payment system in a pilot in order to demonstrate the practical feasibility and benefits of privacy enhancing technologies for users and commercial service providers. DISSENS also implements a reference scenario which includes credentials issued by the partners Fraunhofer AISEC and BFH for employees and students, respectively. Users are able to access and use a pilot service developed by Taler Systems S.A. while being able to claim specific discounts for students and researchers. This approach offers significant benefits over existing solutions built using other SSI systems such as Sovrin or serto (formerly uPort): No gatekeepers; No vendor lock-in: The approach is completely open to issuers and does not impose any registration restrictions (such as registration fees) in order to define domain specific credentials. Further, the system does not impose a consortium-based governance model — which tend to eventually be driven by commercial interests and not consumer interests. The design enables all participants in the ecosystem to participate without prior onboarding while at the same time being offered full transparency and control regarding their personal data and processes involved. Support for non-interactive business processes: At the same time, unlike the SSI systems cited above, re:claimID offers a way to access user information without online interaction with the user. Offline access of shared identity data is a crucial requirement in almost any business process as such processes often occur after direct interaction with the user. For example, customer information such as billing addresses are required in — possibly recurring — back office billing processes which occur well after interaction with a customer. Scalability and sustainability: Finally, both re:claimID as the SSI system as well as Taler do not suffer from the usual predicament Blockchain-based systems find themselves in: Both systems do not require a decentralized, public ledger. This eliminates the need for consensus mechanisms, which do not scale and are ecologically unsustainable. In fact, DISSENS employs decentralization only where it provides the most value and use more efficient technology stacks where needed: re:claimID builds on top of the GNU Name System , which makes use of a DHT, an efficient (O(log n)) peer-to-peer data structure. For payments, GNU Taler uses centralized infrastructure operated by audited and regulated exchange providers and facilitates account-less end-to-end interactions between customers and services where all parties have O(1) transaction costs. The result of DISSENS will provide businesses and credential issuers with ready-to-use and standards-compliant templates to build privacy-friendly services in the Web. The aim of the DISSENS project was to design a technology stack which combines privacy-friendly online payments with self-sovereign personal data management. The result enables users to be in complete control over their digital identity and personal information while at the same time being able to selectively share information necessary to use commercial services. The pilot demonstrates a sustainable, user-centric, standard-compliant and accessible use case for public service employees and students in the domain of commercial food delivery. It serves as an easy-to-adapt template for the integration of other scenarios and use cases. Future work GNUnet is working on the underlying components mature to the point that Taler+re:claimID can be recommended to operators to enable for account-less shopping with or without verified credentials. This will also require the continuation of our work on the low-level transport rewrite as it is a core component of GNS which in turn is what makes re:claimID spin. Links Mid-project demonstration video (~7 MB). The paper (also accepted for publication without appendix at the Open Identity Summit 2021 ) Taler WooCommerce plugin (wordpress.org) The privacy credential library libpabc (github.com). Setup scripts and installation documentation for a Taler + re:claimID + WooCommerce service (taler.net). Slide deck . This work is generously funded by the EC's Next Generation Internet (NGI) initiative as part of their NGI TRUST programme. [Less]

GNUnet 0.14.1 Continuing to "release early / release often", we present GNUnet 0.14.1. This is a bugfix release for gnunet 0.14.0. Download links http://ftpmirror.gnu.org/gnunet/gnunet-0.14.1.tar.gz ... [More] http://ftpmirror.gnu.org/gnunet/gnunet-0.14.1.tar.gz.sig The GPG key used to sign is: 3D11063C10F98D14BD24D1470B0998EF86F59B6A Note that due to mirror synchronization, not all links may be functional early after the release. For direct access try http://ftp.gnu.org/gnu/gnunet/ Noteworthy changes in 0.14.1 (since 0.14.0) TNG : Various improvements to communicators. #6361 , #5550 GNS : Use autogenerated records header file from GANA. FS : Improve modularity of FS structs. #6743 SETU : Various improvements as part of the ongoing work on LSD0003 . IDENTITY : Fix wrong key construction for anonymous ECDSA identity. RPS : Code cleanup mostly addressing warnings. UTIL : Added a Base32 en/decoded CLI gnunet-base32 . Use timeflakes as UUIDs. #6716 Buildsystem : Fix libunistring detection. #6485 A detailed list of changes can be found in the ChangeLog and the 0.14.1 bugtracker . Thanks This release was the work of many people. The following people contributed code and were thus easily identified: Christian Grothoff, Florian Dold, t3sserakt, TheJackiMonster, Elias Summermatter, Julius Bünger and Thien-Thi Nguyen. [Less]

No GSoC projects in 2021 For 2021, GNU has not been selected as a GSoC organization . This also means that GNUnet GSoC projects will not be offered through the GSoC programme. Thanks to all of those ... [More] interested in our proposed projects and their efforts in preparing proposals, including preliminary discussions with us. If you are still interested in tackling any of the proposed open issues, you are very welcome to do so. [Less]

GNUnet 0.14.0 released We are pleased to announce the release of GNUnet 0.14.0. This is a new major release. It breaks protocol compatibility with the 0.13.x versions. Please be aware that Git master is thus henceforth ... [More] INCOMPATIBLE with the 0.13.x GNUnet network, and interactions between old and new peers will result in issues. 0.13.x peers will be able to communicate with Git master or 0.13.x peers, but some services - in particular GNS - will not be compatible. In terms of usability, users should be aware that there are still a large number of known open issues in particular with respect to ease of use, but also some critical privacy issues especially for mobile users. Also, the nascent network is tiny and thus unlikely to provide good anonymity or extensive amounts of interesting information. As a result, the 0.14.0 release is still only suitable for early adopters with some reasonable pain tolerance . Download links http://ftpmirror.gnu.org/gnunet/gnunet-0.14.0.tar.gz http://ftpmirror.gnu.org/gnunet/gnunet-0.14.0.tar.gz.sig http://ftpmirror.gnu.org/gnunet/gnunet-gtk-0.14.0.tar.gz http://ftpmirror.gnu.org/gnunet/gnunet-gtk-0.14.0.tar.gz.sig http://ftpmirror.gnu.org/gnunet/gnunet-fuse-0.14.0.tar.gz http://ftpmirror.gnu.org/gnunet/gnunet-fuse-0.14.0.tar.gz.sig The GPG key used to sign is: 3D11063C10F98D14BD24D1470B0998EF86F59B6A Note that due to mirror synchronization, not all links might be functional early after the release. For direct access try http://ftp.gnu.org/gnu/gnunet/ Noteworthy changes in 0.14.0 (since 0.13.3) GNS : Aligned with specification LSD001 . Crypto agility: The GNS protocol now supports other zone types besides ECDSA-based PKEYs. However, the alternative EdDSA-based EDKEY crypto is not yet implemented. #6485 PKEY zones: ECDSA zone record sets are now encrypted using AES-CTR. #6487 IDENTITY : Identities can now be created either as ECDSA (default) or EdDSA key pairs. POSTGRESQL : Allow NULL value returns and fix test cases. #6524 UTIL : String time conversion functions no longer localized to preserve reversibility. #6615 Buildsystem : README updates to clarify runtime/compile/optional dependencies (NEW) MESSENGER : New messenger component (experimental) A detailed list of changes can be found in the ChangeLog and the 0.14.0 bugtracker . Known Issues There are known major design issues in the TRANSPORT, ATS and CORE subsystems which will need to be addressed in the future to achieve acceptable usability, performance and security. There are known moderate implementation limitations in CADET that negatively impact performance. There are known moderate design issues in FS that also impact usability and performance. There are minor implementation limitations in SET that create unnecessary attack surface for availability. The RPS subsystem remains experimental. Some high-level tests in the test-suite fail non-deterministically due to the low-level TRANSPORT issues. In addition to this list, you may also want to consult our bug tracker at bugs.gnunet.org which lists about 190 more specific issues. Thanks This release was the work of many people. The following people contributed code and were thus easily identified: Christian Grothoff, Daniel Golle, t3sserakt, TheJackiMonster and Martin Schanzenbach. [Less]