Sync Protocol (NNTP)

Article Format

MonopartMessage without images can be sent without delimiting the message.

Content-Type: text/plain; charset=UTF-8Content-Transfer-Encoding: 8bitFrom: anonymous Date: Thu, 02 May 2013 12:16:44 +0000Message-ID: Newsgroups: overchan.testSubject: noneReferences: Path: hschan.anoX-Sage: optional

some visible message text

MultipartThis is necessary for posting files.

Mime-Version: 1.0Content-Type: multipart/mixed; boundary="abcdEFGH-1234"From: anonymous Date: Thu, 02 May 2013 12:16:44 +0000Message-ID: Newsgroups: overchan.testSubject: noneReferences: Path: hschan.anoX-Sage: optional

This is a multi-part message in MIME format.--abcdEFGH-1234Content-Type: text/plain; charset=UTF-8Content-Transfer-Encoding: 8bit

some visible message text

--abcdEFGH-1234Content-Type: image/jpeg; name="RosenFessel_LM_030-lg.jpg"Content-Transfer-Encoding: base64Content-Disposition: attachment; filename="RosenFessel_LM_030-lg.jpg"

/9j/4AAQSkZJRgABAQAAAQABAAD//gA8Q1JFQVRPUjogZ2QtanBlZyB2MS4wICh1c2luZyBJSkcgSlBFRyB2NjIpLCBxdWFsaXR5ID0gMTAwCv/bAEMAAQEBAQEBAQEBAQEBAQEBAQEBAQEB[..]e3ykVkO1lOwlSMkfvDngbSOmRuqaDQo2Kqi5yUwfKPXkk8kAjIA5B4wPUVi8TKblJ1Oy969rea8+nXc6I4WnFLROMVZRai1L4bK+vdfM/9k=--abcdEFGH-1234--

Content-Typeboundary="$IDENTIFIER"where identif ier should be a rather long random string (at least 0-9, a-z, A-Z, - are allowed). The identif ier should not occur in the message text itself, so it usuallybegins with multiple - characters because these will never occur in base64. The content type multipart/mixed allows to have different parts inside a message body. Thefirst part would be the actual message, the second part could be a Base64 encoded picture. See also: MIME

In 2013 we can send UTF-8 messages, although this is not part of the old testament.

DateIt is recommend to use UTC (+0000) as timezone for new messages. If a received message is not already in UTC, the date may be converted to UTC for display purposes.

Message-ID: (see RFC 3977)A message-id MUST begin with, and MUST NOT contain the latter except at the end.A message-id MUST be between 3 and 250 octets in length.A message-id MUST NOT contain octets other than printable US-ASCII characters.a possible valid message-id could be in the format ${random}${timestamp}@${frontend}[1] where:

${random} == a random 10 char ascii value${timestamp} == the current unix_timestamp${frontend} == web.hschan.ano

Which would result in jbUdn73KxN1369733675@web.hschan.ano[2] This format makes it easier to block massive spam/inapropiate content based on the frontend and atimespan.

ReferencesIf reference is not given or empty, the message is considered an original (root) post.

X-SageIf X-Sage is given, the message shall not bump the corresponding thread.

transport FormatNNTP requires line endings with (CRLF)for sending: if a line in the message body starts with . in needs another . prepended.the last line must be a single .for receiving: if a line in the message body starts with . but is not .the . needs to be removed.

FrontendPostnumbers

I propose the first ten characters of a sha1sum of field message-id. The probability for a unique post number (at time of generation) on a board with a maximum of 30kmessages is:

(1-(1/16^10))^30000 = 0.99999997271515937221Fair enough! In case of several message forgers exhaust obscure post numbers, it will become much more likely for a quote to be shadowed.

QuotesQuotes reference postnumbers and work across all boards on overchan. The comment field may contain serveral lines such as:

>>postnumberto quote someone.

Valid quotes match this regex: >+ ?[0-9a-f]{10}

Optional: Resolve quotes to corresponding articles and append them to references - this will aid newsreaders. Optional: Parse message IDs as quotes

ImplementationsBecause of the decentralized nature of Overchan, many different entry points to using the service can exist. In the following we discuss different implementations allserving from the newsgroup overchan.

negromancy.anonegromancy.ano uses breaking-news, a web frontend compiler for imageboards, pastebins, etc.

breaking-news consists of an Happstack application and a daemon that will generate static html from NNTP files. It depends on InterNetNews (INN[3]) and a loadbalancer that can distinguish between POST and GET, preferably nginx[4]. Furthermore it relies on imagemagick (mogrify) for generation of thumbnails. Hchloride arebindings to libsodium[5] in haskell that breaking-news uses for singing messages.

It utilizes blaze-html for fast Html templating and happstack-lite for serving POST requests.

You can visit

http://boards.negromancy.ano/for browsing the imageboard and

git clone git://boards.negromancy.ano/breaking-newsgit clone git://boards.negromancy.ano/hchloridefor source.

GET requestnginx will serve a static html from dir.

POST requestnginx will reverse to the happstack web application which generates and sends a NNTP message to a local INN daemon. INN[6]d will place the new article in dir and feed itto its configured peers. Pictures are encoded in base64 or base91a. Root posting will not work without attaching an image.

Generation of HtmlThe daemon will poll for new articles in dir. If new files are found, it generates 10 main pages ranging from 0.html to 9.html and a html each for any altered threads. Foreach new article the corresponding thread, starting with the original post, will be bumped to the first page (0.html). For new posts, corresponding pictures are created andthumbnailed through mogrify.

overchan.sfor.anooverchan.sfor.ano uses SRNd[7], a complete NNTP server implemented in Python.

It provides a plugin interface (among other hook possibilities) which loads plug-in overchan and postman. Plug-in overchan is notified about new messages in overchan.*and creates static HTML files. Plug-in postman receives new messages via HTTP POST request and adds those messages to SRNd where they are send to configuredoutfeeds. It depends on a reverse proxy like nginx[8] which delivers generated HTML files and proxies POST requests back to postman.

You can visit

http://overchan.sfor.anofor browsing the imageboard and

git clone git://git.sfor.ano/SRNd.gitfor source.

GET requestnginx will serve a static html or image from dir.

POST requestnginx will proxy to postman which generates and delivers a NNTP message to SRNd which then will notify overchan plugin about the new message and also deliver it toits configured NNTP peers (which can run SRNd or another NNTPd software like INN). Pictures are encoded in base64.

Generation of HtmlPlugin overchan is notified by SRNd about new articles and (re)generates thread-$id.html and its parent board with up to 10 root posts for each site. For each new articlewithout X-sage header the corresponding thread will be bumped to the first page. For new posts, corresponding pictures are created and thumbnailed.

NNTP News reader applicationsThrough the use of the standard MIME format, news reader applications like Mozilla Thunderbird can also read and post directly to the chan newsserver. Each chan willappear as a root post, while additional posts will appear as replies directly to the root post.

News readers have some features the chan software may not have: multiple attachments, non-image attachments, subject, posts referencing non-root posts, HTML text.Open question: how should this be handled by the chan software for viewing?

Extension: Control suggestionA control suggestion is a single message containing lines with commands, message ID and extra information separated by spaces.

Commandssticky: sticky this threaddelete-x-all: delete all attachments from this articledelete: delete the whole article

FormatContent-Type: text/plain; charset=UTF-8Content-Transfer-Encoding: 8bitFrom: anonymous Date: Thu, 02 May 2013 12:16:44 +0000Message-ID: Newsgroups: ctlSubject: nonePath: censorship.fleetX-Sage: optional

delete-x-all delete

delete Messages to control are separated by at least one line break.

Examples:delete-x-all : Delete all attachments from message with ID message-IDsticky unix_timestamp 1380000000: Please sticky thread with OP message-ID till UNIX timestamp 1380000000

ConventionWe send control suggestions to newsgroup ctl. Full deletion of a root post results in removal of corresponding thread.

SignaturesAs users give their secret key to the frontend they expect every form field to be verified on all ends. This includes the comment field and headers. In the following wesuggest a protocol to sign optional headers.

We sign a SHA512 hash of the message body using primitive Ed25519[9] as defined by SUPERCOP[10] and libsodium[11]. Therefore this system does not inherit anycollision resilience from Ed25519[12], a hash collision is a signature collision.

Comparison: Signing M vs. Signing H(M)METHOD SPACE TIMES(M) O(n) O(n)S(H(M)) O(1) O(n)

S: SignH: HashM: Message

Input for block based hashing algorithms like SHA-512 can be streamed, only keeping a fixed blocked size in memory instead of all blocks. In case of SHA-512 thesemessage blocks are 1024 bit and the hash to sign 512 bit. Optimized S(H(M)) implementations require a constant amount memory as opposed to a linear requirement inS(M).

Format for signing messages (RFC 822)Outer headers start with Content-Type: message/rfc822 when there are signed headers or at least an attachment,which requires Content-Type: multipart/mixed to be signed as well as an inner header.Otherwise you can use Content-Type: text/plain, in which case you just sign the body.Outer headers include X-pubkey-ed25519 and X-signature-ed25519-sha512, inner headers need verification.X-pubkey-ed25519 is 64 characters long, 32 byte public key in base 16: Base16(PK)X-signature-ed25519-sha512 is 128 characters long, 64 byte signature in base 16: Base16(S(SK,H(M)))The signed message equals body of the outer message. It begins at first inner header (in this example Content-Type: text/plain) and includes the inner body. Lines areseparated by CRLF.Please include a Content-Type header in the inner message as suggested by RFC822.

SYMBOL FUNCTIONBase16 function that will take an arbitrary amount of octets and encode them to Base 16 with character set 0123456789abcdefSK 64 bytes secret keyPK 32 bytes public key, can be generated from signSeedKeypair(take32(SK))M message bodyH function that will hash an arbitrary amount of octets using SHA-512, returning 64 bytes

mailto:$%7Brandom%7D$%7Btimestamp%7D@$%7Bfrontend%7D1.mailto:jbudn73kxn1369733675@web.hschan.ano2.http://yaiaqf3te6khr3nd.onion/INN3.http://yaiaqf3te6khr3nd.onion/nginx4.http://yaiaqf3te6khr3nd.onion/NaCl5.http://yaiaqf3te6khr3nd.onion/INN6.http://yaiaqf3te6khr3nd.onion/SRNd7.http://yaiaqf3te6khr3nd.onion/nginx8.http://ed25519.cr.yp.to/9.http://yaiaqf3te6khr3nd.onion/NaCl10.http://yaiaqf3te6khr3nd.onion/libsodium11.http://ed25519.cr.yp.to/12.

SYMBOL FUNCTIONS(SK,M) function that will sign an arbitrary amount of octets M using Ed25519 with secret key SK, returning only the first 64

bytestake32 function that takes any amount of binary data and returns the first 32 bytes

In the following an example:

Content-Type: message/rfc822; charset=UTF-8Content-Transfer-Encoding: 8bitFrom: anonymous Date: Thu, 02 May 2013 12:16:44 +0000Message-ID: Newsgroups: ctlSubject: nonePath: censorship.fleetX-pubkey-ed25519: 37c16fa40c2bade813b53b65107a064d02becfa5635acf3241003a61cb137ea3X-signature-ed25519-sha512: a850ccd788d71ed19de8dfa061b9f1f4f506810a01ed1391433e893a3e6305b4944168760d97f2517bcfe786aef1ccfc34fb7bb1b7753182aebf2bdd0303150f

Content-Type: text/plain; charset=UTF-8Date: Thu, 02 May 2013 12:16:44 +0000

delete-x-all delete

delete In this example header Date needs verification, too.The following part is signed:

Content-Type: text/plain; charset=UTF-8Date: Thu, 02 May 2013 12:16:44 +0000

delete-x-all delete

delete Above example in octets:Content-Type: text/plain; charset=UTF-8\r\nDate: Thu, 02 May 2013 12:16:44 +0000\r\n\r\ndelete-x-all \r\ndelete \r\n\r\ndelete

Glossaryroot post = original postOP = original postthread = a collection of messages starting with the original post followed by messages referencing it ordered by datebump = newest post will be shown first with corresponding threadsticky = thread is temporarily bumped by the frontend and sticks there regardless of newer posts