Reseed server without valid certificates

[lgillis]

How to deal with reseed servers without valid certificates?

The following excerpt is taken from the configuration of I2Pd (I2Pd via GitHub/i2pd/contrib/i2pd.conf -> /etc/i2pd/i2pd.conf):
#+begin_src conf
[reseed]
## Options for bootstrapping into I2P network, aka reseeding
## Enable reseed data verification (default: true)
verify = true
## URLs to request reseed data from, separated by comma
## Default: "mainline" I2P Network reseeds
# urls = https://reseed.i2p-projekt.de/,https:// ... b.i2p2.no/
#+end_src

The very first address is classified as incorrect by the Firefox web browser:
SSL_ERROR_BAD_CERT_DOMAIN (Owner name: de.yoyoy.ggff.net)

The second address is not accepted by the Firefox web browser:
Error: Secured connection failed.

The third address is for sale.

Here are the addresses from the configuration to click on:
- https://reseed.i2p-projekt.de/
- https://i2p.mooo.com/netDb/
- https://netdb.i2p2.no/

[lgillis]

The problem has been known for a year. I have already adjusted my configurations and route all requests via Tor. Done.

[anikey]

Do you really need to route reseed requests via Tor? I think it's excessive (unless you are in a strict country). And reseed servers might limit requests per IP - so you should really think about whether you need it.

[lgillis]

I had declared the issue closed for me because there was obviously no interest in it. I wrote that the wrong addresses have been known for a year. What I deliberately didn't write was that I found the responses from those responsible astonishing. Because they play down the issue and accuse the users of misconduct! And that's why I haven't written anything further on the subject here, because on Thursday morning the counter for this thread already stood at 114 (!) viewings and 0 (!) replies. And now you come along, my young friend anikey, and disagree with my answer, even though nobody has to accept it. You don't respond to my request at all and take the same path as the developers before you.

You say that the use of Tor is only appropriate in strict countries. Well, please explain what you mean by that. I live in one of those countries with a so-called representative and defensive democracy. Defensive because it doesn't allow itself to be overly exploited, especially by people who want to use legitimized freedoms to undermine or abolish democracy. In view of the “freer societies” that exist in reality, as we also find them on the darknet, I assume that every law enforcement agency in all democracies keeps a watchful eye on what is happening in and around anonymizing networks. Strangely enough, you can only access the I2P network via the services of open servers, which are usually located on the Internet.

Another thought I had was to what extent I trust the developers. We are in a security-relevant environment, as I'm sure you know. Instead of quickly exchanging the addresses addressed and adding a generally understandable explanation, they publicly declare their users to be too stupid to use their great software. I will not anticipate, it is up to the other users to decide whether this is a lack of social competence or willful misdirection. In my opinion, the interests of the users should be paramount. But perhaps studying the source code before using the software is a requirement? Anyone who wants to spend the time and has the necessary knowledge will certainly do so.

[zzz]

I don't think i2pd devs check this forum. Please report as an issue on their github or IRC.

[lgillis]

Yesterday I mentioned here next door, how personality analyses can be used to create profiles. And the vast majority of people are aware of this. As a result, the more often people negotiate some nonsense on the Internet in relation to I2P, the more they censor themselves in the censorship-free space.

If I don't express myself clearly or my translation into English is inadequate, just say so or ask.