[Ring] Suggestions for improvement

[ringu . ser]

Hi all,

First I'd like to say that I think GNU Ring is the best VoIP solution  
at present.

However, it being distributed, the more nodes that are running the  
better! Thus I have a few suggestions for increasing the number of  
users and developers of GNU Ring.

In no particular order:

1. Document the protocol. Please write a white-paper or similar  
documenting exactly how OpenDHT interacts with ringd and with the new  
ethereum-based name-server. And how standards such as SIP, TLS, SRTP  
and other cryptographic (or other) protocols are implemented. This  
will allow further technical discussions and contributions. Currently  
I am not sure how to get further information on the protocol itself.  
It is clear that ring has quite a complex structure, so this would  
help a lot!

2. Document how to run a bootstrap node. Tox allows for running of  
bootstrap nodes quite easily, and the program to do so is even  
included in the OpenWRT repository. If this is as simple as running  
the ring daemon, please document this! Currently most clients will be  
connecting to the SFL hosted bootstrap node, which is quite  
problematic to the 'distributed' concept of GNU Ring.

3. Make the security features clear. As I understand it, calls and  
in-call chats are encrypted via SRTP (TLS), while out-of-call chats  
are encrypted using public-key cryptography (the public key being the  
ring address?). Thus forward secrecy is maintained for calls and  
in-call chats, however not for out-of-call chats. Please make this  
clear in the documentation! Further, it would be great to have the  
ability to start a chat-only session (and encrypt using OTR or OMEMO),  
but I think this is more likely to be worked on if the current  
situation is made clear.

4. Please increase commenting in the code. A secure, distributed  
communications program deserves many eyes and contributions on/to the  
code. It would be very beneficial to increase the verbosity of  
comments so new contributers can more easily understand what is going  
on.

5. Release some information on the plan for the iOS port. I can see  
from the gerrit and the tuleap that there is quite a lot of activity  
on this front, however, it would be great to have something public. I  
think the one major flaw at the moment for GNU Ring is the lack of the  
iOS port. I know there are licensing issues regarding GPLv3 and the  
app store, so it would be reassuring to have a blog post about it.

6. Public awareness! This is something that all users can do, not just  
developers. Begin by attaching your ring username to your website or  
email signature, or even business card. More people deserve to know  
about GNU Ring.

7. Continue the great work! I truly think GNU Ring is THE solution to  
sustainable VoIP (and perhaps IM, if the hurdle of offline messaging  
can be resolved without compromising on the distributed nature of the  
network). The ethereum-based name server solves the human memorable  
address, without compromise (not phone number or email address) and  
makes it the best communication software to date.


Thanks for all the time and effort you have spent on SFLphone and now  
GNU Ring, the world is much better for it.


-------------------------------------------------

ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the 
NSA's hands!
$24.95 ONETIME Lifetime accounts with Privacy Features!
15GB disk! No bandwidth quotas!
Commercial and Bulk Mail Options!