.ds RF FORMFEED[Page %]
.ds CF
.ds LH Internet Draft
-.ds RH 27 June 2000
-.ds CH Secure Internet Live Conferencing
+.ds RH 28 June 2000
+.ds CH
.na
.hy 0
.in 0
.nf
Network Working Group P. Riikonen
Internet-Draft
-draft-riikonen-silc-spec-00.txt 27 June 2000
-Expires: 27 Jan 2001
+draft-riikonen-silc-spec-00.txt 28 June 2000
+Expires: 28 Jan 2001
.in 3
-.ce 2
+.ce 3
Secure Internet Live Conferencing (SILC),
Protocol Specification
+<draft-riikonen-silc-spec-00.txt>
.ti 0
Status of this Memo
-This document is an Internet-Draft. Internet-Drafts are working
-documents of the Internet Engineering Task Force (IETF), its areas,
-and its working groups. Note that other groups may also distribute
-working documents as Internet-Drafts.
+This document is an Internet-Draft and is in full conformance with
+all provisions of Section 10 of RFC 2026. Internet-Drafts are
+working documents of the Internet Engineering Task Force (IETF), its
+areas, and its working groups. Note that other groups may also
+distribute working documents as Internet-Drafts.
-Internet-Drafts are draft documents valid for a maximum of six
-months and may be updated, replaced, or obsoleted by other
-documents at any time. It is inappropriate to use Internet-Drafts
-as reference material or to cite them other than as
-``work in progress.''
+Internet-Drafts are draft documents valid for a maximum of six months
+and may be updated, replaced, or obsoleted by other documents at any
+time. It is inappropriate to use Internet-Drafts as reference
+material or to cite them other than as "work in progress."
-To learn the current status of any Internet-Draft, please check the
-``1id-abstracts.txt'' listing contained in the Internet-Drafts
-Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe),
-munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or
-ftp.isi.edu (US West Coast).
+The list of current Internet-Drafts can be accessed at
+http://www.ietf.org/ietf/1id-abstracts.txt
-The distribution of this memo is unlimited.
+The list of Internet-Draft Shadow Directories can be accessed at
+http://www.ietf.org/shadow.html
+
+The distribution of this memo is unlimited.
.ti 0
3 SILC Specification ............................................ 7
3.1 Client .................................................... 7
3.1.1 Client ID ........................................... 8
- 3.2 Server .................................................... 8
+ 3.2 Server .................................................... 9
3.2.1 Server's Local ID List .............................. 9
3.2.2 Server ID ........................................... 10
- 3.2.3 SILC Server Ports ................................... 10
+ 3.2.3 SILC Server Ports ................................... 11
3.3 Router .................................................... 11
3.3.1 Router's Local ID List .............................. 11
3.3.2 Router's Global ID List ............................. 12
- 3.3.3 Router's Server ID .................................. 12
- 3.4 Channels .................................................. 12
- 3.4.1 Channel ID .......................................... 13
+ 3.3.3 Router's Server ID .................................. 13
+ 3.4 Channels .................................................. 13
+ 3.4.1 Channel ID .......................................... 14
3.5 Operators ................................................. 14
- 3.6 SILC Commands ............................................. 14
+ 3.6 SILC Commands ............................................. 15
3.7 SILC Packets .............................................. 15
- 3.8 Packet Encryption ......................................... 15
+ 3.8 Packet Encryption ......................................... 16
3.8.1 Determination of the Source and the Destination ..... 16
- 3.8.2 Client To Client .................................... 16
- 3.8.3 Client To Channel ................................... 17
- 3.8.4 Server To Server .................................... 18
- 3.9 Key Exchange And Authentication ........................... 18
+ 3.8.2 Client To Client .................................... 17
+ 3.8.3 Client To Channel ................................... 18
+ 3.8.4 Server To Server .................................... 19
+ 3.9 Key Exchange And Authentication ........................... 19
3.10 Algorithms ............................................... 19
3.10.1 Ciphers ............................................ 19
3.10.2 Public Key Algorithms .............................. 20
3.10.3 MAC Algorithms ..................................... 20
- 3.10.4 Compression Algorithms ............................. 20
+ 3.10.4 Compression Algorithms ............................. 21
3.11 SILC Public Key .......................................... 21
-4 SILC Procedures ............................................... 23
- 4.1 Creating Client Connection ................................ 23
- 4.2 Creating Server Connection ................................ 24
- 4.3 Joining to a Channel ...................................... 25
- 4.4 Channel Key Generation .................................... 26
+4 SILC Procedures ............................................... 24
+ 4.1 Creating Client Connection ................................ 24
+ 4.2 Creating Server Connection ................................ 25
+ 4.3 Joining to a Channel ...................................... 26
+ 4.4 Channel Key Generation .................................... 27
4.5 Private Message Sending and Reception ..................... 27
- 4.6 Private Message Key Generation ............................ 27
- 4.7 Channel Message Sending and Reception ..................... 28
- 4.8 Session Key Regeneration .................................. 28
+ 4.6 Private Message Key Generation ............................ 28
+ 4.7 Channel Message Sending and Reception ..................... 29
+ 4.8 Session Key Regeneration .................................. 29
4.9 Command Sending and Reception ............................. 29
-5 SILC Commands ................................................. 29
- 5.1 SILC Commands Syntax ...................................... 29
- 5.2 SILC Commands List ........................................ 31
+5 SILC Commands ................................................. 30
+ 5.1 SILC Commands Syntax ...................................... 30
+ 5.2 SILC Commands List ........................................ 32
5.3 SILC Command Status Types ................................. 53
5.3.1 SILC Command Status Payload ......................... 53
5.3.2 SILC Command Status List ............................ 54
-6 Security Considerations ....................................... 58
-7 References .................................................... 58
-8 Author's Address .............................................. 59
+6 Security Considerations ....................................... 59
+7 References .................................................... 59
+8 Author's Address .............................................. 60
.ti 0
This document describes a Secure Internet Live Conferencing (SILC)
protocol which provides secure conferencing services over insecure
network channel. SILC is IRC [IRC] like protocol, however, it is
-not equivalent to IRC and does not support IRC. Strong cryptographic
-methods are used to protect SILC packets inside SILC network. Two
-other Internet Drafts relates very closely to this memo; SILC Packet
-Protocol [SILC2] and SILC Key Exchange and Authentication Protocols
-[SILC3].
+not equivalent to IRC and does not support IRC.
+
+Strong cryptographic methods are used to protect SILC packets inside
+SILC network. Two other Internet Drafts relates very closely to this
+memo; SILC Packet Protocol [SILC2] and SILC Key Exchange and
+Authentication Protocols [SILC3].
The protocol uses extensively packets as conferencing protocol
requires message and command sending. The SILC Packet Protocol is
SILC network is a cellular network as opposed to tree style network
topology. The rationale for this is to have servers that can perform
specific kind of tasks what other servers cannot perform. This leads
-to two kinds of servers; normal SILC servers and SILC routers.
+to two kinds of servers; normal SILC servers and SILC routers.
+
A difference between normal server and router server is that routers
knows everything about everything in the network. They also do the
actual routing of the messages to the correct receiver. Normal servers
This, on the other hand, leads to cellular like network, where routers
are in the centrum on the cell and servers are connected to the router.
+
Following diagram represents SILC network topology.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
.in 8
.nf
---- ---- ---- ---- ---- ----
are delivered from one router to the other router.
-
-
-
.ti 0
2.4 Channel Communication
Normal server also keeps information about locally created channels and
their Channel ID's.
+
+
+
+
+
+
+
Hence, local list for normal server includes:
.in 6
o Sending key
o Receiving key
-
-
channel list - All channels in server
o Channel name
o Channel ID
since these are not needed by the router. Router keeps only information
that it needs.
+
+
+
+
Hence, local list for router includes:
.in 6
o Server ID
o Router's Server ID
+
client list - All clients in SILC
o Client ID
Client usually sends the commands and server replies by sending a reply
packet to the command. Server may also send commands usually to serve
the original client's request. However, server may not send command
-to client and there are some commands that server must not send.
+to client and there are some commands that server must not send. Server
+is also able to send the forwarded command packets. For example,
+SILC_COMMAND_JOIN is always forwarded packet. See [SILC2] for more
+about packet forwarding.
Note that the command reply is usually sent only after client has sent
the command request but server is allowed to send command reply packet
SILC packets.
+
+
.ti 0
3.8 Packet Encryption
definition of how it must be done. SILC has a mandatory algorithm that
must be supported in order to be compliant with this protocol.
+
+
+
+
+
Following ciphers are defined in SILC protocol:
.in 6
same name format as above.
-
-
-
-
.ti 0
3.10.2 Public Key Algorithms
(MAC) of the packet data. See [SILC2] for details how to compute the
MAC.
+
+
+
+
Following MAC algorithms are defined in SILC protocol:
.in 6
The format of the SILC Public Key is as follows:
+
+
+
+
+
.in 5
.nf
1 2 3
also distributed to the router and to all clients on the channel.
If the channel does not exist in the local list the command must be
-sent to the router which will then perform the actual joining
+fowarded to the router which will then perform the actual joining
procedure. When server receives the reply to the command from the
router it must be distributed to the client who sent the command
originally. Server will also receive the channel key from the server
normal session keys established by SILC Key Exchange protocol.
+
+
.ti 0
4.7 Channel Message Sending and Reception
command replies. The number of argument is marked in parentheses
before the actual argument.
+
+
+
+
.in 6
Example: Arguments: (1) <nickname> (2) <username@host>
.in 3
argument for all command replies and for this reason it is not
described in the command reply descriptions.
+
+
Status messages:
SILC_STATUS_OK
Reply messages to the command:
- Max Arguments: 3
- Arguments: (1) <Status Payload> (2) <channel>
- (3) <topic>
+ Max Arguments: 4
+ Arguments: (1) <Status Payload> (2) <Channel ID>
+ (3) <channel> (4) <topic>
This command may reply with several command reply messages to form
a list of results. In this case the status payload will include
the last reply to indicate the end of the list. If there are only
one reply the status is set to normal STATUS_OK.
- This command replies with channel name and the topic of the
+ This command replies with Channel ID, name and the topic of the
channel. If the channel is private channel the <topic> includes
"*private*" string.
8 SILC_COMMAND_INVITE
Max Arguments: 2
- Arguments: (1) <Client ID> (2) <channel>
+ Arguments: (1) <Client ID> (2) <Channel ID>
This command is used to invite other clients to join to the
- channel. There is no requirement that the channel the target
- client is being invited to must exist or be a valid channel.
- The <Client ID> argument is the target client's ID that is being
- invited.
+ channel. The <Client ID> argument is the target client's ID that
+ is being invited. The <Channel ID> is the Channel ID of the
+ requested channel. The sender of this command must be on the
+ channel. This command must fail if the requested channel does
+ not exist, the requested client is already on the channel or if
+ the channel is invite only channel and the caller of this command
+ does not have at least channel operator privileges.
Reply messages to the command:
Status messages:
SILC_STATUS_OK
- SILC_STATUS_ERR_NOT_ON_CHANNEL
- SILC_STATUS_ERR_WILDCARDS
SILC_STATUS_ERR_NOT_REGISTERED
SILC_STATUS_ERR_NOT_ENOUGH_PARAMS
- SILC_STATUS_ERR_NO_SUCH_CLIENT_ID
SILC_STATUS_ERR_TOO_MANY_PARAMS
- SILC_STATUS_ERR_NO_RECIPIENT
- SILC_STATUS_ERR_USER_ON_CHANNEL
+ SILC_STATUS_ERR_NO_SUCH_CLIENT_ID
SILC_STATUS_ERR_NO_CLIENT_ID
+ SILC_STATUS_ERR_NO_SUCH_CHANNEL_ID
+ SILC_STATUS_ERR_NO_CHANNEL_ID
+ SILC_STATUS_ERR_NOT_ON_CHANNEL
+ SILC_STATUS_ERR_USER_ON_CHANNEL
9 SILC_COMMAND_QUIT
SILC_STATUS_ERR_NO_CLIENT_ID
+
+
+
11 SILC_COMMAND_INFO
Max Arguments: 1
SILC_STATUS_ERR_NO_SUCH_SERVER
-
-
12 SILC_COMMAND_CONNECT
Max Arguments: 2
This command replies only with Status Payload.
+
+
Status messages:
SILC_STATUS_OK
Max Arguments: 1
Arguments: (1) <Server ID>
- This command is used by clients to test the communication
- channel to its server if client suspects that the communication
- is not working correctly. The <Server ID> is the ID of the
- server the client is connected to.
+ This command is used by client and server to test the communication
+ channel to its server if one suspects that the communication is not
+ working correctly. The <Server ID> is the ID of the server the
+ sender is connected to.
Reply messages to the command:
SILC_STATUS_OK
SILC_STATUS_ERR_NOT_ENOUGH_PARAMS
SILC_STATUS_ERR_TOO_MANY_PARAMS
- SILC_STATUS_ERR_NO_SUCH_SERVER_ID
+ SILC_STATUS_ERR_NO_SERVER_ID
+ SILC_STATUS_ERR_NO_SUCH_SERVER
SILC_STATUS_ERR_NOT_REGISTERED
Join to channel/create new channel. This command is used to
join to a channel. If the channel does not exist the channel is
- created on the server receiving the join request. The channel
- may be protected with passphrase. If this is the case the
- passphrase must be sent along the join command.
+ created. If server is normal server this command must be forwarded
+ to router who will create the channel. The channel may be protected
+ with passphrase. If this is the case the passphrase must be sent
+ along the join command.
The name of the <channel> must not include any spaces (` '),
non-printable characters, commas (`,') or any wildcard characters.
This command replies with the changed client mode mask that
the client is required to keep locally.
+
Status messages:
SILC_STATUS_OK
all clients on the channel by sending SILC_COMMAND_CMODE command
reply packet.
+
Reply messages to the command:
Max Arguments: 2
SILC_STATUS_ERR_NO_CLIENT_ID
+
+
19 SILC_COMMAND_KICK
Max Arguments: 3
This command replies only with Status Payload.
+
+
Status messages:
SILC_STATUS_OK
This command replies only with Status Payload.
+
+
Status messages:
SILC_STATUS_OK
Reply messages to the command:
+
+
Max Arguments: 1
Arguments: (1) <Status Payload>
Reply messages to the command:
- Max Arguments: 2
- Arguments: (1) <Status Payload> (2) <name list>
+ Max Arguments: 3
+ Arguments: (1) <Status Payload> (2) <Channel ID>
+ (3) <name list>
This command replies with the comma separated list of users on
- the channel.
+ the channel and the Channel ID of the channel requested.
Status messages:
"No Channel ID given". Channel ID were expected as command
parameter but were not found.
- 19 SILC_STATUS_ERR_BAD_CLIENT_ID
+ 19 SILC_STATUS_ERR_NO_SERVER_ID
+
+ "No Serve ID given". Server ID were expected as command
+ parameter but were not found.
+
+ 20 SILC_STATUS_ERR_BAD_CLIENT_ID
"Bad Client ID". Client ID provided were erroneous.
- 20 SILC_STATUS_ERR_BAD_CHANNEL_ID
+ 21 SILC_STATUS_ERR_BAD_CHANNEL_ID
"Bad Channel ID". Channel ID provided were erroneous.
- 21 SILC_STATUS_ERR_NO_SUCH_CLIENT_ID
+ 22 SILC_STATUS_ERR_NO_SUCH_CLIENT_ID
"No such Client ID". Client ID provided does not exist.
-
- 22 SILC_STATUS_ERR_NO_SUCH_CHANNEL_ID
+ 23 SILC_STATUS_ERR_NO_SUCH_CHANNEL_ID
"No such Channel ID". Channel ID provided does not exist.
- 23 SILC_STATUS_ERR_NICKNAME_IN_USE
+ 24 SILC_STATUS_ERR_NICKNAME_IN_USE
"Nickname already exists". Nickname created could not be
registered because number of same nicknames were already set to
maximum. This is not expected to happen in real life but is
possible to occur.
- 24 SILC_STATUS_ERR_NOT_ON_CHANNEL
+ 25 SILC_STATUS_ERR_NOT_ON_CHANNEL
"You are not on that channel". The command were specified for
client user is not currently on.
- 25 SILC_STATUS_ERR_USER_ON_CHANNEL
+ 26 SILC_STATUS_ERR_USER_ON_CHANNEL
"User already on channel". User were invited on channel they
already are on.
- 26 SILC_STATUS_ERR_NOT_REGISTERED
+ 27 SILC_STATUS_ERR_NOT_REGISTERED
"You have not registered". User executed command that requires
the client to be registered on the server before it may be
executed.
- 27 SILC_STATUS_ERR_NOT_ENOUGH_PARAMS
+ 28 SILC_STATUS_ERR_NOT_ENOUGH_PARAMS
"Not enough parameters". Command requires more parameters
than provided.
- 28 SILC_STATUS_ERR_TOO_MANY_PARAMS
+ 29 SILC_STATUS_ERR_TOO_MANY_PARAMS
"Too many parameters". Too many parameters were provided
for the command.
- 29 SILC_STATUS_ERR_PERM_DENIED
+ 30 SILC_STATUS_ERR_PERM_DENIED
"Your host is not among the privileged". The client tried to
register on server that does not allow this host to connect.
- 30 SILC_STATUS_ERR_BANNED_FROM_SERVER
+ 31 SILC_STATUS_ERR_BANNED_FROM_SERVER
"You are banned from this server". The client tried to register
on server that has explicitly denied this host to connect.
- 31 SILC_STATUS_ERR_BAD_PASSWORD
+ 32 SILC_STATUS_ERR_BAD_PASSWORD
"Cannot join channel. Incorrect password". Password provided for
channel were not accepted.
- 32 SILC_STATUS_ERR_CHANNEL_IS_FULL
+ 33 SILC_STATUS_ERR_CHANNEL_IS_FULL
"Cannot join channel. Channel is full". The channel is full
and client cannot be joined to it.
- 33 SILC_STATUS_ERR_NOT_INVITED
+ 34 SILC_STATUS_ERR_NOT_INVITED
"Cannot join channel. You have not been invited". The channel
is invite only channel and client has not been invited.
- 34 SILC_STATUS_ERR_BANNED_FROM_CHANNEL
+ 35 SILC_STATUS_ERR_BANNED_FROM_CHANNEL
"Cannot join channel. You have been banned". The client has
been banned from the channel.
- 35 SILC_STATUS_ERR_UNKNOWN_MODE
+ 36 SILC_STATUS_ERR_UNKNOWN_MODE
"Unknown mode". Mode provided by the client were unknown to
the server.
- 36 SILC_STATUS_ERR_NOT_YOU
+ 37 SILC_STATUS_ERR_NOT_YOU
"Cannot change mode for other users". User tried to change
someone else's mode.
- 37 SILC_STATUS_ERR_NO_CHANNEL_PRIV
+ 38 SILC_STATUS_ERR_NO_CHANNEL_PRIV
"Permission denied. You are not channel operator". Command may
be executed only by channel operator.
- 38 SILC_STATUS_ERR_NO_SERVER_PRIV
+ 39 SILC_STATUS_ERR_NO_SERVER_PRIV
"Permission denied. You are not server operator". Command may
be executed only by server operator.
- 39 SILC_STATUS_ERR_NO_ROUTER_PRIV
+ 40 SILC_STATUS_ERR_NO_ROUTER_PRIV
"Permission denied. You are not SILC operator". Command may be
executed only by router (SILC) operator.
- 40 SILC_STATUS_ERR_BAD_NICKNAME
+ 41 SILC_STATUS_ERR_BAD_NICKNAME
"Bad nickname". Nickname requested contained illegal characters
or were malformed.
- 41 SILC_STATUS_ERR_BAD_CHANNEL
+ 42 SILC_STATUS_ERR_BAD_CHANNEL
"Bad channel name". Channel requested contained illegal characters
or were malformed.
- 42 SILC_STATUS_ERR_AUTH_FAILED
+ 43 SILC_STATUS_ERR_AUTH_FAILED
"Authentication failed". The authentication data sent as
argument were wrong and thus authentication failed.
considerations permeate the specification.
+
+
+
.ti 0
7 References
Authentication", RFC 2104, February 1997.
+
.ti 0
8 Author's Address
Finland
EMail: priikone@poseidon.pspt.fi
+
+This Internet-Draft expires 28 Jan 2001