align=center>
<tr>
<td>
+<font face="Arial,Helvetica,Sans-serif">
<p>
<font size=4>
<h1>About SILC</h1>
SILC (Secure Internet Live Conferencing) is a protocol which provides
secure conferencing services in the Internet over insecure channel.
SILC is IRC like software although internally they are very different.
-Biggest similiarity between SILC and IRC is that they both provide
+Biggest similarity between SILC and IRC is that they both provide
conferencing services and that SILC has almost same commands as IRC. Other
than that they are nothing alike. Biggest differences are that SILC is
secure what IRC is not in any way. The network model is also entirely
Feedback and comments are welcome. You can reach me in the following
Address.
<p>
-[Note that generally bug reports should not be sent just yet as the
-Developer's Version is full of them and the bug hunt has not even started
-yet.]
-<p>
Pekka Riikonen<br>
priikone@poseidon.pspt.fi
<p>
align=center>
<tr>
<td>
+<font face="Arial,Helvetica,Sans-serif">
<p>
<font size=4>
<h1>Contributing</h1>
documentation. New code must comply with the coding style conventions
described in that document.
<p>
-There will be anonymous CVS access as soon as I get around to set it up.
-It will be available any day now.
+There is anonymous CVS acccess for those who want to participate the
+development process. Go see the <a href="cvs.html">CVS page.</a>
</td>
</tr>
</table>
<table width="70%" border="0" cellspacing="0" cellpadding="1" align=center>
<tr>
<td>
+<font face="Arial,Helvetica,Sans-serif">
<br><br>
<h1>GNU GENERAL PUBLIC LICENSE</h1>
--- /dev/null
+<html>
+<style TYPE="text/css"><!-- A:link {text-decoration: none}A:visited{text-decoration:none}A:active{text-decoration:none}--></style>
+<body bgcolor="#ffffff">
+<p><br>
+<a href="index.html"><img src="silc2.jpg" border=0></a>
+<table width="70%" border="0" cellspacing="0" cellpadding="1"
+align=center>
+<tr>
+<td>
+<font face="Arial,Helvetica,Sans-serif">
+<p>
+<font size=4>
+<h1>Anonymous CVS Access</h1>
+<p>
+Anonymous CVS access is now available to SILC CVS repository. The
+repository includes everything related to SILC project; source codes,
+documentation and even these web pages. The CVS access is of course public
+but it is intended for developers. After you have checked out the SILC
+source tree you should read README.CVS file from the source tree or rest
+of this web page.
+
+<p>
+Also note that this is the closest to real time development you can get
+thus you cannot expect that the source tree would work or even compile.
+While it is our intention that the trunk would always at least compile
+there might be situations when it will not.
+
+<p><br>
+<h1>Browsing the Source Tree</h1>
+<p>
+If you want to browse the source tree using web browser before checking
+out the tree with CVS use following link:
+<p>
+<a href="http://silcnet.org/cvs/source/">Web Access to CVS repository
+</a>
+<p>
+Note that this is not real-time access to the CVS repository. It is
+updated once a day. If you want real-time access then checkout the CVS
+repository.
+
+<p><br>
+<h1>Howto Checkout The Source Tree</h1>
+<p>
+The repository can be checked out by using anonymous pserver with CVS.
+<p>
+For those who are using sh/ksh/bash the check out is done as follows:
+<p>
+<dd><b>
+export CVSROOT=:pserver:silc@silc.pspt.fi:/storage/silc/CVS
+</b>
+<dd><b>cvs login</b>
+<dd><b>cvs co silc</b>
+
+<p>
+For those who are using csh/tcsh the check out is done as follows:
+<p>
+<dd><b>
+setenv CVSROOT :pserver:silc@silc.pspt.fi:/storage/silc/CVS
+</b>
+<dd><b>cvs login</b>
+<dd><b>cvs co silc</b>
+
+<p>
+If you don't want to set $CVSROOT environment variable you can set the
+path to the cvs as command line options:
+<p>
+<dd><b>
+cvs -d:pserver:silc@silc.pspt.fi:/storage/silc/CVS login
+</b>
+<dd><b>
+cvs -d:pserver:silc@silc.pspt.fi:/storage/silc/CVS co silc
+</b>
+
+<p>
+What ever method you decide to use, after you have done cvs login you will
+be prompted for password:
+<p>
+<dd><b>CVS password: </b>silc
+<p>
+Type the password "silc" and press Enter.
+
+<p>
+The actual SILC source tree is checked out using the cvs co silc command,
+described above. This command will fetch the source tree and save it into
+directory named silc. SILC CVS repository currently does not have any
+branches thus this will check out the trunk. The size of the trunk is
+currently about 11 MB but will grow in the future.
+
+<p><br>
+<h1>What SILC Source Tree Includes</h1>
+<p>
+SILC Source tree includes a lot more stuff that appears in public
+distribution. The source tree includes, for example, internal scripts,
+configuration files, SILC webpages etc. These never appear on a public
+distribution.
+<p>
+Following directories currently exist in SILC source tree.
+<p>
+<font size=3>
+<pre>
+ doc/
+
+ Includes all the SILC documentation. Some of the documentation
+ are generated when distribution is generated. The automatically
+ generated files must never be commited to CVS.
+
+ includes/
+
+ Includes SILC include files.
+
+ lib/
+
+ Includes SILC libraries. There maybe libraries on the CVS that
+ does not appear on public distribution.
+
+ public_html/
+
+ Includes the official SILC web pages and everything that relates
+ to them. This directory never appears on public distribution.
+
+ silc/
+
+ Includes SILC client. There can be some extra files that will
+ never appear in public distribution, such as, configuration files.
+
+ silcd/
+
+ Includes SILC server. There can be some extra files that will
+ never appear in public distribution, such as, configuration files.
+</pre>
+
+<font size=4>
+
+<p><br>
+<h1>Howto Compile SILC Source Tree</h1>
+<p>
+After checkout from CVS the SILC source tree must be prepared for
+configuration and compilation. To compile the source three, give,
+<p>
+<font size=3>
+<pre>
+ ./prepare
+ ./configure --enable-debug
+ make
+</pre>
+<font size=4>
+
+The ./prepare script is included in to the source tree and it never
+appears in public distribution. The script prepares the source tree
+by creating configuration scripts and Makefiles. The prepare must be
+run every time you make some changes to configuration scripts (however,
+making changes to Makefile.am's does not require running ./prepare).
+
+<p>
+As a developer you should read the ./configure script's help by
+giving ./configure --help and study all of its different options. Also,
+you should configure the script with --enable-debug option as it
+compiles SILC with -g (debugging) option and it enables the
+SILC_LOG_DEBUG* scripts. Warning is due here: The debugging produced
+by both cilent and server is very heavy, thus it is common to test
+the programs as follows:
+<p>
+<font size=3>
+<pre>
+ ./silc -f configfile 2>log
+ ./silcd -f configfile 2>log
+</pre>
+<font size=4>
+
+<p><br>
+<h1>Howto Clean SILC Source Tree</h1>
+<p>
+To entirely clear the source tree to the state after it was checked out
+from CVS, give,
+<font size=3>
+<pre>
+ ./prepare-clean
+</pre>
+<font size=4>
+
+This calls `make distclean' plus removes automatically generated files
+by hand. It also removes *.log files. However, it will not remove
+any other files you might have created.
+
+<p><br>
+<h1>Makefiles and configuration files</h1>
+<p>
+Developers should never directly write a Makefile. All Makefiles are
+always automatically generated by ./prepare and later by ./configure
+scripts. Instead, developers must write Makefile.am files. There
+are plenty of examples what they should look like. If you change
+Makefile.am during development you don't have to run ./prepare, just
+run normal make.
+<p>
+Configuration files are the files that ./prepare automatically generates
+and what will be included into public distribution. ./prepare creates
+for example the ./configure script that is not commited to the CVS.
+`configure.in' is the file that developers must edit to change ./configure
+script. After changing one must run ./prepare.
+<p><br>
+</td>
+</tr>
+</table>
+</body>
+</html>
align=center>
<tr>
<td>
+<font face="Arial,Helvetica,Sans-serif">
<p>
<font size=4>
<h1>SILC Documentation</h1>
Protocol [SILC2] and SILC Key Exchange and Authentication Protocols
[SILC3].
<p>
-<a href="docs/draft-riikonen-silc-spec-00.txt">
-draft-riikonen-silc-spec-00.txt</a>
+<a href="docs/draft-riikonen-silc-spec-01.txt">
+draft-riikonen-silc-spec-01.txt</a>
<p><br>
<li>SILC Packet Protocol
protocol that assures that the contents of the packets are secured and
authenticated.
<p>
-<a href="docs/draft-riikonen-silc-pp-00.txt">
-draft-riikonen-silc-pp-00.txt</a>
+<a href="docs/draft-riikonen-silc-pp-01.txt">
+draft-riikonen-silc-pp-01.txt</a>
<p><br>
<li>SILC Key Exchange and Authentication Protocols
can be used to authenticate the user with, for example, passphrase
(pre-shared- secret) or public key (and certificate).
<p>
-<a href="docs/draft-riikonen-silc-ke-auth-00.txt">
-draft-riikonen-silc-ke-auth-00.txt</a>
+<a href="docs/draft-riikonen-silc-ke-auth-01.txt">
+draft-riikonen-silc-ke-auth-01.txt</a>
<p><br>
</td>
align=center>
<tr>
<td>
+<font face="Arial,Helvetica,Sans-serif">
<p>
<font size=4>
<h1>Download SILC</h1>
<p>
-Currently only available version is 06072000 Development Version that is
-meant for testing only. Please, read the README and INSTALL files after
-downloading for instructions how to install and use SILC.
+<h3>Main Download</h3>
<p>
-HTTP: <a href="http://silc.pspt.fi/silc-06072000.tar.gz">
-silc-06072000.tar.gz (1.1 MB)</a>
+The latest SILC release is version 20010222. Please, read the README
+and INSTALL files after downloading for instructions how to install and
+use SILC.
+<p>
+HTTP: <a href="http://silcnet.org/silc-20010222.tar.gz">
+silc-20010222.tar.gz (1.6 MB)</a>
<br>
-FTP: <a href="ftp://silc.pspt.fi/pub/silc/snapshots/silc-06072000.tar.gz">
-silc-06072000.tar.gz (1.1 MB)</a>
+FTP: <a href="ftp://silc.pspt.fi/pub/silc/snapshots/">
+silc-20010222.tar.gz (1.6 MB)</a>
+<p>
+Release changes: <a href="changes.txt">Changes</a>
+<p>
+<h3>
+This version has the functional server and router linking
+support. People who is running SILC servers and are interested to get the
+server linked to the new router on silc.pspt.fi contact
+<a href="mailto:priikone@poseidon.pspt.fi">me</a> now.</h3>
+
+<p>
+<h3>Debian</h3>
+<p>
+For Debian packages, following site is available, which works with the
+Debian APT lines (thanks to <a href="mailto:zur@edu.lahti.fi">P.A.
+Knuutila</a>):
<p>
-SILC has been coded and tested under Linux. It has not been tested on
-any other Unix platform just yet.
+<a href="http://master.debian.org/~pa/silc/">
+http://master.debian.org/~pa/silc/</a>
+<p>
+
+<p>
+<h3>Mandrake</h3>
+<p>
+Mandrake RPM packages are available as well
+(thanks to <a href="mailto:l.cartier@gmx.net">Lenny Cartier</a>):
+<p>
+<a
+href="ftp://ftp.free.fr/pub/Distributions_Linux/Mandrake-devel/cooker/contrib/RPMS">
+RPM packages</a>
+<br>
+<a
+href="ftp://ftp.free.fr/pub/Distributions_Linux/Mandrake-devel/cooker/contrib/SRPMS">
+SRPM packages</a>
<p>
-Daily snapshots will be available a bit later (after the anonymous CVS
-repository has been set up).
</td>
</tr>
</table>
align=center>
<tr>
<td>
+<font face="Arial,Helvetica,Sans-serif">
<p>
<font size=4>
<h1>Frequently Asked Questions</h1>
A: SILC (Secure Internet Live Conferencing) is a protocol which provides
secure conferencing services in the Internet over insecure channel.
SILC is IRC like although internally they are very different. Biggest
- similiarity between SILC and IRC is that they both provide conferencing
+ similarity between SILC and IRC is that they both provide conferencing
services and that SILC has almost same commands as IRC. Other than
that they are nothing alike.
<p>
<i>Q: Why client/server protocol is based on IRC? Would it be more
interesting to implement something extensible and more powerful?</i><br>
-A: They are not, none the least. Have you read the protocol specification?
+A: They are not, not the least. Have you read the protocol specification?
The client superficially resembles IRC client but everything that
happens under the hood is nothing alike IRC. SILC could *never*
support IRC because the entire network toppology is different
align=center>
<tr>
<td>
+<font face="Arial,Helvetica,Sans-serif">
<font size=4>
<p>
<h1>Features</h1>
align=center>
<tr>
<td>
+<font face="Arial,Helvetica,Sans-serif">
<p>
<font size=4>
<h1>History</h1>
<p>
-Even though SILC were just released to the public the idea and the protocol
-itself is quite old. I got the idea about SILC in its current form in
+Even though SILC were released in summer 2000 to the public the idea and
+the protocol itself is quite old. I got the idea about SILC in its
+current form in
the year 1996 and first lines of codes were written in early 1997. This
release is now third rewrite of the SILC. The very first version were
written in 1997 and it included SILC client and very very preliminary
</table>
</body>
</html>
-
<center>
<p><br>
<img src="silc.jpg" border=0 ALT="SILC Logo">
+<font face="Arial,Helvetica,Sans-serif">
<h1>SILC - Secure Internet Live Conferencing</h1>
<h3>Welcome to the Secure Internet Live Conferencing project homepage</h3>
<table>
<tr>
<td>
+<font face="Arial,Helvetica,Sans-serif">
<ul>
<li><a href="about.html">About the SILC</a>
<li><a href="history.html">History</a>
<li><a href="faq.html">The SILC FAQ</a>
+ <li><a href="lists.html">SILC Mailing Lists</a>
<li><a href="docs.html">SILC Documentation</a>
<li><a href="features.html">SILC Features</a>
</ul>
</td>
<td>
+<font face="Arial,Helvetica,Sans-serif">
<ul>
<li><a href="download.html">Download SILC</a>
- <li><a href="todo.html">TODO</a>
+ <li><a href="todo.txt">TODO</a>
+ <li><a href="changes.txt">ChangeLog</a>
<li><a href="contribute.html">Contributing</a>
- <li>Anonymous CVS access [coming]
+ <li><a href="cvs.html">Anonymous CVS Access</a>
<li><a href="copying.html">The General Public License (GPL)</a>
</ul>
</td>
<tr><td align=center>
<table width="80%" cellspacing=0 cellpadding=0 border=0 bgcolor="#FFFFFF">
-<tr><td bgcolor="#EEEEFF"> <tr><td> </td></tr>
-<tr><td>
-<div style="margin-left: 20px">
-<center><h1>SILC 06072000 Development Version Available</h1></center>
-<center>
-<font size=4>
-The Developer's version 06072000 of SILC is available for testing. Note
-that developer's versions are preliminary versions of the software and
-they may not compile or work. However, these releases are tested and
-they have compiled and worked. Read the README and INSTALL files after
-downloading on instructions how to compile and use SILC.
-<p>
-Download: <a href="download.html">SILC 06072000 Development Version</a>
-<br>
-Changes: <a href="changes.txt">SILC 06072000 Changes</a>
-<p>
-</center>
-<p><br>
-</div>
-</td></tr>
-<tr><td bgcolor="#EEEEFF"> <tr><td> </td></tr>
+<tr><td bgcolor="#EEDDFF"> <tr><td> </td></tr>
<tr><td>
+<font face="Arial,Helvetica,Sans-serif">
<div style="margin-left: 20px">
-<center><h1>Official Port For SILC Has Been Assigned</h1></center>
+<center><h1>SILC 20010222 Development Version Available</h1></center>
<center>
<font size=4>
-<p>
-<a href="http://www.iana.org">IANA</a> has assigned on 06.07.2000 official
-port for SILC protocol. The port is TCP 706 and the latest release already
-supports this port.
+The new Developer's version 20010222 of SILC is available for testing.
+Read the README and INSTALL files after downloading for instructions how
+to compile and use SILC. Report bugs to the
+<a href="lists.html">SILC development mailing list.</a>
+<p>
+<h3>
+This version has the functional server and router linking
+support. People who is running SILC servers and are interested to get the
+server linked to the new router on silc.pspt.fi contact
+<a href="mailto:priikone@poseidon.pspt.fi">me</a> now.</h3>
+<p>
+Download: <a href="download.html">SILC 20010222 Development Version</a>
+<br>
+Changes: <a href="changes.txt">SILC 20010222 Changes</a>
<p>
</center>
<p><br>
</div>
</td></tr>
-<tr><td bgcolor="#EEEEFF"> <tr><td> </td></tr>
+<tr><td bgcolor="#EEDDFF"> <tr><td> </td></tr>
<tr><td>
+<font face="Arial,Helvetica,Sans-serif">
<div style="margin-left: 20px">
<center><h1>SILC Server Available For Testing</h1></center>
<center>
<p>
There is SILC server up and running that can be tested. Just give command
/server silc.pspt.fi to connect to the server. There may be some action
-on channel #silc so you might want to give command /join #silc. To get
-into action just say hello.
+on channel #silc (unless everybody is sleeping) so you might want to give
+command /join #silc.
<p>
-Note the old server on port 334 is not running anymore. The new server
-is running on port 706, please update your SILC client.
+Available servers: silc.pspt.fi on port 706 is SILC Router and
+silc.pspt.fi on port 707 is normal SILC server connected to the router.
+Both are available for free use.
<p>
</center>
<p><br>
</div>
</td></tr>
-<tr><td bgcolor="#EEEEFF"> <tr><td> </td></tr>
+<tr><td bgcolor="#EEDDFF"> <tr><td> </td></tr>
<tr><td>
+<font face="Arial,Helvetica,Sans-serif">
<div style="margin-left: 20px">
<center><h1>Developers Wanted For SILC Project</h1></center>
<center>
<font size=4>
SILC Project needs developers who would like to contribute their time,
skills and ideas to the project. SILC still has a long road ahead before
-the first official stable release. We need C coders, technical writers
-(to write documentation) and web administrator to take over these web pages.
-Feel free to start narrowing down the TODO list.
+the first official stable release.
<p>
If You would like to contribute to SILC project please contact me at:
<a href="mailto:priikone@poseidon.pspt.fi">priikone@poseidon.pspt.fi</a>
</div>
</td></tr>
-<tr><td bgcolor="#EEEEFF"> <tr><td> </td></tr>
-<tr><td>
-<div style="margin-left: 20px">
-<center><h1>SILC Project Started</h1></center>
-<center>
-<font size=4>
-The Press release:
-<p>
-New Open Source project called Secure Internet Live Conferencing (SILC)
-has been started. Initial development version of the software is
-available for testing.
-<p>
-SILC (Secure Internet Live Conferencing) is a protocol which provides
-secure conferencing services in the Internet over insecure channel.
-SILC is IRC like software although internally they are very different.
-Biggest similiarity between SILC and IRC is that they both provide
-conferencing services and that SILC has almost same commands as IRC.
-Other
-than that they are nothing alike. Biggest differences are that SILC is
-secure what IRC is not in any way. The network model is also entirely
-different compared to IRC.
-<p>
-SILC is an open source (or freeware) project and it has been released
-under the GNU General Public Licence. The SILC is free to use and
-everyone
-is free to distribute and change the SILC under the terms of the GNU GPL.
-While there is no guarantee for the product SILC has been tried make
-as secure as possible. Developers are needed and everyone is free to
-contribute their time, skills and ideas for the project.
-<p>
-Official SILC Project home page:
-<a href="http://silc.pspt.fi">http://silc.pspt.fi</a>
-<p>
-SILC Development Version is available for download from following addresses:
-<p>
-HTTP: <a href="http://silc.pspt.fi/silc-28062000.tar.gz">
-silc-28062000.tar.gz (1.1 MB)</a>
-<br>
-FTP: <a href="ftp://silc.pspt.fi/pub/silc/snapshots/silc-28062000.tar.gz">
-silc-28062000.tar.gz (1.1 MB)</a>
-<p>
-The SILC protocol specification is available from following addresses:
-<p>
-HTTP: <a href="http://silc.pspt.fi/docs.html">
-http://silc.pspt.fi/docs.html</a>
-<br>
-FTP: <a href="ftp://silc.pspt.fi/pub/silc/">
-ftp://silc.pspt.fi/pub/silc/</a>
-<p>
-Author's contact information:
-<p>
-Pekka Riikonen <a href="mailto:priikone@poseidon.pspt.fi">
-priikone@poseidon.pspt.fi</a>
-<br>
-Home page: <a href="http://poseidon.pspt.fi/~priikone/english/">
-http://poseidon.pspt.fi/~priikone/english/</a>
-<p>
-</center>
-<p><br>
-</div>
-</td></tr>
-
</table>
<p>
<hr width="80%">
<font size=2>
<center>
+<font face="Arial,Helvetica,Sans-serif">
Webpage by Pekka Riikonen <a href="mailto:priikone@poseidon.pspt.fi">
priikone@poseidon.pspt.fi</a><br>
Logos automagically generated with GIMP<br>
[ <!--#exec cgi="/cgi-bin/textcounter/counter.cgi"--> ] hits since June 12 2000<br>
-Last updated:
-Thu Jul 6 12:51:08 EEST 2000
</center>
</font>
</body>
--- /dev/null
+<html>
+<style TYPE="text/css"><!-- A:link {text-decoration: none}A:visited{text-decoration:none}A:active{text-decoration:none}--></style>
+<body bgcolor="#ffffff">
+<p><br>
+<a href="index.html"><img src="silc2.jpg" border=0></a>
+<table width="70%" border="0" cellspacing="0" cellpadding="1"
+align=center>
+<tr>
+<td>
+<font face="Arial,Helvetica,Sans-serif">
+<p>
+<font size=4>
+<h1>Public SILC Mailing Lists</h1>
+<p>
+<font size=2>Available since: Sat Jul 22 17:23:48 EEST 2000
+<p>
+<font size=4>
+There is currently one mailing list available. The mailing list is the
+main SILC development mailing list. To subscribe to the mailing list visit
+the following link and follow the instructions on the web page.
+<p>
+<a href="http://lists.sourceforge.net/mailman/listinfo/silc-devel">
+SILC-devel mailing list</a>
+
+<p>
+After you have subscribed as instructed on the web site you will receive
+email for further instructions. To send email to the list the email must
+be destined to: silc-devel@lists.sourceforge.net address.
+
+<p><br>
+</td>
+</tr>
+</table>
+</body>
+</html>
align=center>
<tr>
<td>
+<font face="Arial,Helvetica,Sans-serif">
<p>
<font size=4>
<h1>TODO</h1>
<p>
<pre>
+
TODO
====
Currently there cannot be private keys for channels. Normal channel
keys (generated by server) are used. This is required by the protocol.
- o Public and private key generation is now done everytime the program
- is run. Now, this is only for testing period as I've been lazy to
- do it any better for now. This must be fixed.
-
o I guess, public key authentication (when connecting to a server)
is not working currently. It is just matter of loading the keys
from file and using them (see corresponding code in server, it should
be implemented (See corresponding code from server). Error handling
in the KE protocol is also in pretty bad shape in client.
- o Configuration file loading from global and from local dirs. This
- is currently missing and I guess the global is only used. Old SILC
- version (in 1997) had ~./silc directory that I guess should be done
- now as well. The code for handling those exists but not in current
- source tree.
-
o Configuration file format - could be better.
o Write help files for commands. Nice format for the help files should
own resolver stuff (through scheduler, if possible without writing
too much own stuff) or use threads.
- o Lenght of the packet processing timeouts needs to be checked whether
+ o Length of the packet processing timeouts needs to be checked whether
they are too short or too long. I haven't really tested whether they
are suitable. They should be tested on high load which I haven't done
at all yet.
o INVITE command must set the channel's invite list if channel is
invite-only channel.
- o Public and private key generation is now done everytime the program
- is run. Now, this is only for testing period as I've been lazy to
- do it any better for now. This must be fixed.
-
o Server says that it is able to listen on multiple ports but currently
that is bogus. It can, but internals are for single server.
- o Command lagging must implemented. Those commands (all currently) that
- has the LAG flag set they must not be allowed to be executed more than
- once, say, in 2 seconds.
-
o Command flag usage in general is not implemented yet.
o Client history must be implemented. Protocol says that server must
o Protocol execution timeouts are hard coded, should be configurable.
- o Channel message sending routines uses a lot of common code. Should
- create a common function for those instead of writing the same code
- again everytime, as done now.
-
o serverutil.c I guess should be created for util-like functions that
now resides in server.c, which is getting too big.
TODO In SILC Libraries
======================
- o Public key verification in SKE (SILC Key Exchange) protocol is missing,
- thus currently we trust on all public keys. This probably doesn't cause
- bad problems but the mechanism of verifying it from local database
- (from files) needs to be done (it can open man-in-the-middle-attacks).
-
o Implement PFS (Perfect Forward Secrecy) flag in SKE (and in client and
server, actually). If PFS is set, re-key must cause new key exchange.
This is required by the SILC protocol.
I've done now is bad and should be removed as soon as possible (or
the protocol should then state the method of how they should be done).
- o SILC public key file type is bad. I'd like to see PEM encoded files.
- I have public domain code for base64 encoding but it needs to be
- rewritten.
-
o Slow ciphers should be removed. I think we don't need more than
the AES finalists plus blowfish and RC5.
(silclog.[ch] in core). The actual output of logs should be done
by callback function in the application not in lib.
- o I don't like the ID cache system currenly implemented. Ugly and
- not so good. Must be rewritten very soon.
-
o All allocations and freeing needs to be checked for memory leaks.
o silc_buffer_[un]format() needs to be made more stable as it may
projects / silc.git / commitdiff