I2P Java suggests that users be aware of dev signatures and validate that download of the software. However, the software makes use of third party, community services in order to add function to its tool suite. These include Outproxy, jump services and others.
What are the prerequisites for a service to be included in the official software?
How or where can an end user ensure that they can trust a service - especially an outproxy or jump service?
How is consensus achieved and is it present for how to secure these services and how operators are ensuring end user safety?
I2P Java suggests that users be aware of dev signatures and validate that download of the software. However, the software makes use of third party, community services in order to add function to its tool suite. These include Outproxy, jump services and others.
What are the prerequisites for a service to be included in the official software? How or where can an end user ensure that they can trust a service - especially an outproxy or jump service?
How is consensus achieved and is it present for how to secure these services and how operators are ensuring end user safety?