SILC - Secure Internet Live Conferencing
========================================
-[NOTE: SILC is still in middle of development and this package is known
-as Developer's Version which means that the package is in no means stable
-or ready to be in production use. This package is for those who wants
-to test SILC, find bugs and maybe contribute some time and code for the
-SILC project. There is no guarantees that this package even compiles and
-even if it compiles there is no guarantees that it would work, and even
-if it works there is no guarantees that it would work correctly, and even
-if it seems to work correctly it may be just plain luck.]
-
-
-Description
-===========
-
-SILC (Secure Internet Live Conferencing) is a protocol which provides
-secure conferencing services in the Internet over insecure channel.
-SILC is IRC like softwarre although internally they are very different.
-Biggest similarity between SILC and IRC is that they both provide
-conferencing services and that SILC has almost same commands as IRC. Other
-than that they are nothing alike. Biggest differences are that SILC is
-secure what IRC is not in any way. The network model is also entirely
-different compared to IRC.
-
-
-Running SILC
-============
-
-The development version is still preliminary version and requires some
-work to get it working. You should, first of all, check the example
-configuration files in ./doc/ directory. Change them according to your
-needs.
-
-To run SILC client:
-
- cd silc
- ./silc -f <config file>
-
-To run SILC server
-
- cd silcd
- ./silcd -f <config file>
-
-
-SILC Commands
-=============
-
-
- /SERVER [<server>[:<port>]]
-
- Connects to remote SILC server.
-
- /NICK [<nickname>]
-
- Changes/sets nickname. Note that in SILC there can be
- multiple same nicknames. However, the logic on working
- with multiple nicknames on user interface is pretty much
- still missing. Also note that nicknames in SILC are
- case-sensitive.
-
- /JOIN <channel>
-
- Joins to a channel. Channel names start with `#'
- character.
-
- /LEAVE <channel>
-
- Leaves the channel. If /leave * is given the client
- leaves the current channel.
-
- /CMODE <channel> +|-<modes> [{ <arguments>}]
-
- Changes/sets channel mode. Most of the modes require
- special privileges, such as channel operator or channel
- founder privileges to work. The mode is added by adding
- + before the option(s) and removed by adding - before
- the option(s). Following modes are available:
-
- p Set/unset channel as private channel
- s Set/unset channel as secret channel
- k Set/unset that channel uses private channel key
- i Set/unset channel as invite only channel
- t Set/unset that only channel operator or
- founder may set channel topic
- l <limit> Set/unset channel's user limit
- a <passphrase> Set/unset passphrase for channel that must
- be provided when joining to the channel.
- c <cipher> Set/unset channel's cipher
- h <hmac> Set/unset channel's hmac
-
- Multiple modes can be set/unset at once if the modes does not
- require any arguments. If mode requires an argument then only
- one mode can be set at once.
-
- /CUMODE <channel> +|-<modes> <nickname>[@<server>]
-
- Changes/set user's mode on a channel. Most of the modes
- require that the client who changes some client's mode must
- be channel founder or channel operator. Following channel
- user modes are available:
-
- a <nickname>[@<server>]
- Set/unset all modes (cannot be used to set
- both founder and operator rights, can be used
- only to remove both modes at once).
- f <nickname>[@<server>]
- Unset channel founder. Channel founder rights
- cannot be set by user (only by server) so this
- can be used only to unset the mode.
- o <nickname>[@<server>]
- Set/unset channel operator. Requires that
- you are channel operator or channel founder.
-
- /UMODE +|-<modes>
-
- Sets/unsets user mode. Currently none of the modes can
- be set by the user so this command can be merely used to
- unset some mode. Following user modes are available:
-
- a Unset all modes
- s Unset server operator privileges
- r Unset router operator privileges
-
- /MSG <nickname> <message>
-
- Sends private message to remote client. Support for
- handling multiple same nicknames with /MSG command is
- still missing.
-
- /WHOIS <nickname>[@<server>] [<count>]
-
- Gives a little information about a client. Support for
- handling multiple same nicknames with this command is
- still missing.
-
- /WHOWAS <nickname>[@<server>] [<count>]
-
- Gives a little history information about a client.
-
- /INVITE <channel> [<nickname>[@server>]
- [+|-[<nickname>[@<server>[!<username>[@hostname>]]]]]
-
- Invites client to a channel or manages the invite list of
- the channel. The first <nickname> argument is used if an
- client is invited to the channel. The second +|-<nickname>
- argument is used to either add or delete invite from the
- channel's invite list. Wildcards may be used with this
- command.
-
- /BAN <channel> [+|-[<nickname>[@<server>[!<username>[@hostname>]]]]]
-
- Manages the ban list of the channel. Wildcards may be used
- with this command. You must be channel operator to be
- able to use this command.
-
- /KICK <channel> <nickname>[@<server>] [<comment>]
-
- Kicks client from channel. You have to be at least channel
- operator to be able to kick client from channel. Note:
- you cannot kick channel founder even if you are channel
- operator.
-
- /PING [<server>]
-
- Pings server. Only locally connected server may be
- pinged.
-
- /INFO [<server>]
-
- Requests information about a server. If argument is
- not specified current server is used.
-
- /AWAY [<message>]
-
- Sets away message. When private message is received and
- away message is set the client automatically replies to
- the sender with the away message. To remove away message
- give the command without arguments.
-
- /QUIT
-
- Quits session. Connection to remote server is closed.
-
- /CLEAR
-
- Clears current screen.
-
- /VERSION
-
- Shows client version.
-
- /OPER <username> [<public key>]
-
- Obtains server operator privileges.
-
- /SILCOPER <username> [<public key>]
-
- Obtains router operator privileges.
-
- /KILL <nickname> [<comment>]
-
- Router operator can use this command to remove an client
- from the SILC Network temporarily.
-
- /CONNECT <server> [<port>]
-
- Connects to server the remote <server>. You must be
- server operator to be able to do this.
-
-
- /CLOSE <server> [<port>]
-
- Closes connection to the <server>. You must be server
- operator to be able to do this.
-
- /SHUTDOWN
-
- Shutdowns the server. You must be server operator to be
- able to do this.
-
- /MOTD [<server>]
-
- Display the MOTD of the server. If server is not specified
- the current server is used.
-
- /LIST [<channel>]
-
- Lists all channels in the current server, or the channel
- specified. If the channel cannot be found then all
- channels are listed.
+SILC (Secure Internet Live Conferencing) is a modern and secure
+conferencing protocol.
Features
========
-Features to be included into the final release of SILC. [Note that the
-current Developer's Version does not include all of these features, read
-TODO file for more information.]
+SILC provides all the common conferencing services like private messages,
+instant messages, channels and groups, and video and audio conferencing.
+The main difference to other protocols is that SILC has been designed with
+security as its main feature - it is not an add-on or optional plugin -
+and security cannot be turned off.
+
+All SILC connections execute SILC Key Exchange protocol, an authenticated
+Diffie-Hellman key exchange algorithm, to generate a shared secret session
+key. All SILC packets exchanged between SILC clients and servers are
+protected with these keys.
+
+All private messages (instant messages) are protected with private message
+keys established using the SILC Key Exchange protocol over the SILC network.
+Private messages can be read only by the sender and the recipient of the
+message. SILC servers along the way cannot decrypt the messages.
+Optionally, private message key may also be a shared secret, such as
+passphrase, or the SILC Key Exchange may be performed peer-to-peer between
+clients. If all these methods fail the session keys are used as the last
+resort fallback to encrypt private messages.
+
+All channel and group messages are protected with channel specific keys
+generated by the SILC routers and only the members of the channel may read
+the messages. Optionally, channel members may set up a shared secret,
+such as passphrase, as the channel key to exclude SILC routers from knowing
+the key.
- o Normal conferencing services such as private messages, channels,
- channel messages, etc. All traffic is secured and authenticated.
- o No unique nicknames. There can same nicknames in SILC without
- collisions. SILC has unique Client ID's, Server ID's and Channel ID's
- to assure that there are no collisions.
-
- o Secure key exchange and authentication protocol. SILC Key Exchange
- protocol provides key material used in the SILC sessions in secure
- manner. The protocol is immune for example to man-in-the-middle
- attacks. The SILC Authentication protocol provides strong
- authentication. Authentication may be based on passphrase or public
- key (RSA) authentication. For clients there is an option not to
- use authentication when connecting to servers.
+Running SILC
+============
- o All traffic is encrypted and authenticated using the best cryptographic
- algorithms out there. Command messages, private messages and channel
- messages are all protected by encryption. User can set private keys
- for both private message and for channels so that even SILC servers do
- not know the keys. Cipher keys are, by default, 128 bits in length and
- public keys, by default, 1024 bits in length.
+After installing the SILC to the system the SILC client is started by
+giving command:
- o Supports data compression with GZIP to improve performance.
+ silc
- o Supports SOCKS4 and SOCKS5 firewall traversal protocols.
+If you want to run with specific configuration file give -f option.
- o SIM (SILC Module) support. Support for loading of shared objects at
- run-time that provides new and extended features to both SILC client
- and server. These can provide extra ciphers and extra features to
- the software.
+To run the server you should configure the server first. To run the
+server give the command:
- o SILC client can be installed and used without root privileges.
+ silcd
- o SILC client can be configured by system wide configuration files but
- with user specific configuration files as well.
+This will launch the server on to the background.
History
=======
-Even though SILC were just released to the public the idea and the protocol
-itself is quite old. I got the idea about SILC in its current form in
-the year 1996 and first lines of codes were written in early 1997. This
-release is now third rewrite of the SILC. The very first version were
-written in 1997 and it included SILC client and very very preliminary
-SILC server. The server actually weren't usable but the client looked
-pretty much the same as it does now. At that time the SILC also included
-RSA implementation and 3DES implementation. The random number generator
-that exists in this current release is actually based on the RNG written
-in 1997. The RNG written in 1997, on the other hand, were based on
-the SSH's random number generator. The RNG has been rewritten twice
-since the first version.
-
-I stopped writing the SILC later in 1997 when I got busy at school and
-in work. The pause lasted several months. The development resumed in
-1998 when my friend (Juha Räsänen) and I implemented ElGamal algorithm.
-I rewrote some other parts as well. However, for the same reasons as
-previously the development stopped again. I resumed the development
-later in 1998 by doing rewrite of the SILC in C++. This was obviously
-a mistake but at that time it seemed like a good idea. Again, in the
-winter 1999 I got very busy writing my thesis and was forced to stop the
-development again. I also, started a new job in the spring.
-
-Later, in 1999, I decided that this time I'm going to make it the right
-way. C++ was obviously a bad choice so I decided to fall back to plain
-C language. I also decided to do complete rewrite and started doing
-more thorough planning of what the SILC actually should include. I also
-decided that this time it is going to kill me before I stop the
-development. I started writing SILC in the weekends and actually
-everytime I had some spare time. I also started a new job but I didn't
-let that get to my way. The result of this development effort is the
-release now in public.
-
-I've learned a lot by doing the SILC. I guess, when I started it I wasn't
-that good of a C programmer. That alone was a reason why SILC hasn't
-seen the day of light before now. My programming style has also changed
-dramatically during these years. Actually, it has changed couple times
-since this last rewrite as well. However, the code style of current SILC
-release is quite consistent (actually the coding style SILC has been
-written now I've learned in my current job).
-
-There is probably over 85% of new code in this third rewrite. Rest has
-just been copied from the old versions and only minor changes has been
-made (like changed function names and overall coding style). I've
-preserved the dates of the old files (dating back to 1997) that has
-existed in some forms in the old versions. There is a lot of new code but
-already I see a lot that needs rewriting. The development continues.
+SILC was developed between 1996 and 1999 and released to public in 2000.
+SILC was originally developed by Pekka Riikonen.
Contact
=======
-Feedback and comments are welcome. You can reach me in the following
-Address.
+Feedback and comments are welcome. Bug reports should be sent to the
+development mailing list.
-Official SILC project web site is : http://silc.pspt.fi
-FTP archive for SILC project is : ftp://silc.pspt.fi/pub/silc/
-Development mailing list address is : silc-devel@lists.sourceforge.net
+Official SILC project web site : http://silcnet.org/
+FTP archive for SILC project : ftp://ftp.silcnet.org/
+Development mailing list address : silc-devel@lists.silcnet.org
+SILC Server : /server silc.silcnet.org
- Pekka Riikonen <priikone@poseidon.pspt.fi>
projects / silc.git / blobdiff