X-Git-Url: http://git.silcnet.org/gitweb/?a=blobdiff_plain;f=README;h=7c06e9c43d9dd5e06bee051332fd54379ca1fe3d;hb=refs%2Fheads%2Fsilc.1.1.branch;hp=f37377ac669adbe8ba05199805ef02746635b58e;hpb=bb1973faaa81ead23b3d5e05b45cddd8a47d51f7;p=silc.git diff --git a/README b/README index f37377ac..7c06e9c4 100644 --- a/README +++ b/README @@ -1,269 +1,73 @@ SILC - Secure Internet Live Conferencing ======================================== -[NOTE: SILC is still in middle of development and this package is known -as Developer's Version which means that the package is in no means stable -or ready to be in production use. This package is for those who wants -to test SILC, find bugs and maybe contribute some time and code for the -SILC project. There is no guarantees that this package even compiles and -even if it compiles there is no guarantees that it would work, and even -if it works there is no guarantees that it would work correctly, and even -if it seems to work correctly it may be just plain luck.] - - -Description -=========== - -SILC (Secure Internet Live Conferencing) is a protocol which provides -secure conferencing services in the Internet over insecure channel. -SILC is IRC like softwarre although internally they are very different. -Biggest similarity between SILC and IRC is that they both provide -conferencing services and that SILC has almost same commands as IRC. Other -than that they are nothing alike. Biggest differences are that SILC is -secure what IRC is not in any way. The network model is also entirely -different compared to IRC. - - -Running SILC -============ - -The development version is still preliminary version and requires some -work to get it working. You should, first of all, check the example -configuration files in ./doc/ directory. Change them according to your -needs. - -To run SILC client: - - cd silc - ./silc -f - -To run SILC server - - cd silcd - ./silcd -f - - -Working Commands -================ - -Following commands has been, at least partly, implemented: - - - /SERVER [[:]] - - Connects to remote SILC server. - - /NICK [] - - Changes/sets nickname. Note that in SILC there can be - multiple same nicknames. However, the logic on working - with multiple nicknames on user interface is pretty much - still missing. Also note that nicknames in SILC are - case-sensitive. - - /JOIN - - Joins to a channel. Channel names start with `#' - character. - - /LEAVE - - Leaves the channel. If /leave * is given the client - leaves the current channel. - - /CMODE +|- [{ }] - - Changes/sets channel mode. Most of the modes require - special privileges, such as channel operator or channel - founder privileges to work. The mode is added by adding - + before the option(s) and removed by adding - before - the option(s). Following modes are available: - - p Set/unset channel as private channel - s Set/unset channel as secret channel - k Set/unset that channel uses private channel key - i Set/unset channel as invite only channel - t Set/unset that only channel operator or - founder may set channel topic - l Set/unset channel's user limit - a Set/unset passphrase for channel that must - be provided when joining to the channel. - b - Add client to/remove client from ban list - I - Add client to/remove client from invite list - c [:] - Set/unset channel's cipher - - Multiple modes can be set/unset at once if the modes does not - require any arguments. If mode requires an argument then only - one mode can be set at once. - - /CUMODE +|- [@] - - Changes/set user's mode on a channel. Most of the modes - require that the client who changes some client's mode must - be channel founder or channel operator. Following channel - user modes are available: - - a [@] - Set/unset all modes (cannot be used to set - both founder and operator rights, can be used - only to remove both modes at once). - f [@] - Unset channel founder. Channel founder rights - cannot be set by user (only by server) so this - can be used only to unset the mode. - o [@] - Set/unset channel operator. Requires that - you are channel operator or channel founder. - - /MSG - - Sends private message to remote client. Support for - handling multiple same nicknames with /MSG command is - still missing. - - /WHOIS [@] [] - - Gives a little information about a client. Support for - handling multiple same nicknames with this command is - still missing. - - /PING [] - - Pings server. Only locally connected server may be - pinged. - - /INFO [] - - Requests information about a server. If argument is - not specified current server is used. - - /AWAY [] - - Sets away message. When private message is received and - away message is set the client automatically replies to - the sender with the away message. To remove away message - give the command without arguments. - - /QUIT - - Quits session. Connection to remote server is closed. - - /CLEAR - - Clears current screen. - - /VERSION - - Shows client version. +SILC (Secure Internet Live Conferencing) is a modern and secure +conferencing protocol. Features ======== -Features to be included into the final release of SILC. [Note that the -current Developer's Version does not include all of these features, read -TODO file for more information.] - - o Normal conferencing services such as private messages, channels, - channel messages, etc. All traffic is secured and authenticated. +SILC provides all the common conferencing services like private messages, +instant messages, channels and groups, and video and audio conferencing. +The main difference to other protocols is that SILC has been designed with +security as its main feature - it is not an add-on or optional plugin - +and security cannot be turned off. + +All SILC connections execute SILC Key Exchange protocol, an authenticated +Diffie-Hellman key exchange algorithm, to generate a shared secret session +key. All SILC packets exchanged between SILC clients and servers are +protected with these keys. + +All private messages (instant messages) are protected with private message +keys established using the SILC Key Exchange protocol over the SILC network. +Private messages can be read only by the sender and the recipient of the +message. SILC servers along the way cannot decrypt the messages. +Optionally, private message key may also be a shared secret, such as +passphrase, or the SILC Key Exchange may be performed peer-to-peer between +clients. If all these methods fail the session keys are used as the last +resort fallback to encrypt private messages. + +All channel and group messages are protected with channel specific keys +generated by the SILC routers and only the members of the channel may read +the messages. Optionally, channel members may set up a shared secret, +such as passphrase, as the channel key to exclude SILC routers from knowing +the key. - o No unique nicknames. There can same nicknames in SILC without - collisions. SILC has unique Client ID's, Server ID's and Channel ID's - to assure that there are no collisions. - o Secure key exchange and authentication protocol. SILC Key Exchange - protocol provides key material used in the SILC sessions in secure - manner. The protocol is immune for example to man-in-the-middle - attacks. The SILC Authentication protocol provides strong - authentication. Authentication may be based on passphrase or public - key (RSA) authentication. For clients there is an option not to - use authentication when connecting to servers. +Running SILC +============ - o All traffic is encrypted and authenticated using the best cryptographic - algorithms out there. Command messages, private messages and channel - messages are all protected by encryption. User can set private keys - for both private message and for channels so that even SILC servers do - not know the keys. Cipher keys are, by default, 128 bits in length and - public keys, by default, 1024 bits in length. +After installing the SILC to the system the SILC client is started by +giving command: - o Supports data compression with GZIP to improve performance. + silc - o Supports SOCKS4 and SOCKS5 firewall traversal protocols. +If you want to run with specific configuration file give -f option. - o SIM (SILC Module) support. Support for loading of shared objects at - run-time that provides new and extended features to both SILC client - and server. These can provide extra ciphers and extra features to - the software. +To run the server you should configure the server first. To run the +server give the command: - o SILC client can be installed and used without root privileges. + silcd - o SILC client can be configured by system wide configuration files but - with user specific configuration files as well. +This will launch the server on to the background. History ======= -Even though SILC were just released to the public the idea and the protocol -itself is quite old. I got the idea about SILC in its current form in -the year 1996 and first lines of codes were written in early 1997. This -release is now third rewrite of the SILC. The very first version were -written in 1997 and it included SILC client and very very preliminary -SILC server. The server actually weren't usable but the client looked -pretty much the same as it does now. At that time the SILC also included -RSA implementation and 3DES implementation. The random number generator -that exists in this current release is actually based on the RNG written -in 1997. The RNG written in 1997, on the other hand, were based on -the SSH's random number generator. The RNG has been rewritten twice -since the first version. - -I stopped writing the SILC later in 1997 when I got busy at school and -in work. The pause lasted several months. The development resumed in -1998 when my friend (Juha Räsänen) and I implemented ElGamal algorithm. -I rewrote some other parts as well. However, for the same reasons as -previously the development stopped again. I resumed the development -later in 1998 by doing rewrite of the SILC in C++. This was obviously -a mistake but at that time it seemed like a good idea. Again, in the -winter 1999 I got very busy writing my thesis and was forced to stop the -development again. I also, started a new job in the spring. - -Later, in 1999, I decided that this time I'm going to make it the right -way. C++ was obviously a bad choice so I decided to fall back to plain -C language. I also decided to do complete rewrite and started doing -more thorough planning of what the SILC actually should include. I also -decided that this time it is going to kill me before I stop the -development. I started writing SILC in the weekends and actually -everytime I had some spare time. I also started a new job but I didn't -let that get to my way. The result of this development effort is the -release now in public. - -I've learned a lot by doing the SILC. I guess, when I started it I wasn't -that good of a C programmer. That alone was a reason why SILC hasn't -seen the day of light before now. My programming style has also changed -dramatically during these years. Actually, it has changed couple times -since this last rewrite as well. However, the code style of current SILC -release is quite consistent (actually the coding style SILC has been -written now I've learned in my current job). - -There is probably over 85% of new code in this third rewrite. Rest has -just been copied from the old versions and only minor changes has been -made (like changed function names and overall coding style). I've -preserved the dates of the old files (dating back to 1997) that has -existed in some forms in the old versions. There is a lot of new code but -already I see a lot that needs rewriting. The development continues. +SILC was developed between 1996 and 1999 and released to public in 2000. +SILC was originally developed by Pekka Riikonen. Contact ======= -Feedback and comments are welcome. You can reach me in the following -Address. +Feedback and comments are welcome. Bug reports should be sent to the +development mailing list. -Official SILC project web site is : http://silc.pspt.fi -FTP archive for SILC project is : ftp://silc.pspt.fi/pub/silc/ -Development mailing list address is : silc-devel@lists.sourceforge.net +Official SILC project web site : http://silcnet.org/ +FTP archive for SILC project : ftp://ftp.silcnet.org/ +Development mailing list address : silc-devel@lists.silcnet.org +SILC Server : /server silc.silcnet.org - Pekka Riikonen