.ds RF FORMFEED[Page %]
.ds CF
.ds LH Internet Draft
-.ds RH 22 July 2001
+.ds RH 21 August 2001
.ds CH
.na
.hy 0
.nf
Network Working Group P. Riikonen
Internet-Draft
-draft-riikonen-silc-commands-01.txt 22 July 2001
-Expires: 22 January 2002
+draft-riikonen-silc-commands-01.txt 21 August 2001
+Expires: 21 February 2002
.in 3
as operator. The <authentication payload> is the data that the
client is authenticated against. It may be passphrase prompted
for user on client's screen or it may be public key or certificate
- authentication data (data signed with private key).
+ authentication data (data signed with private key). The public
+ key that server will use to verify the signature found in the
+ payload should be verified. It is recommended that the public
+ key is saved locally in the server and server would not use
+ any public keys received during the SKE.
After changing the mode the server MUST send the notify type
SILC_NOTIFY_TYPE_UMODE_CHANGE to its primary router.
method is public key authentication the server MUST NOT
save the authentication data from the payload as the
data is different on all authentications. In this case the
- server only saves the authentication method.
+ server only saves the authentication method. However,
+ server MUST verify the sent authentication payload and
+ set the mode only if the verification was successful.
Note that this mode is effective only in the current server.
The client MUST connect to the same server later to be able
SILC_STATUS_ERR_NO_CHANNEL_PRIV
SILC_STATUS_ERR_UNKNOWN_MODE
SILC_STATUS_ERR_NO_SUCH_CLIENT_ID
+ SILC_STATUS_ERR_AUTH_FAILED
18 SILC_COMMAND_CUMODE
However, if the SILC_CMODE_FOUNDER_AUTH channel mode has
been set, the client can claim channel founder privileges
by providing the <auth payload> that the server will use
- to authenticate the client. The client MAY remove this
- mode at any time.
+ to authenticate the client. The public key that server will
+ use to verify the <auth payload> must the same public key
+ that was saved when the SILC_CMODE_FOUNDER_AUTH channel
+ mode was set. The client MAY remove this mode at any time.
0x0002 SILC_CUMODE_OPERATOR
as operator. The <authentication payload> is the data that the
client is authenticated against. It may be passphrase prompted
for user on client's screen or it may be public key or certificate
- authentication data (data signed with private key).
+ authentication data (data signed with private key). The public
+ key that router will use to verify the signature found in the
+ payload should be verified. It is recommended that the public
+ key is saved locally in the router and router would not use
+ any public keys received during the SKE.
Difference between router operator and server operator is that
router operator is able to handle cell level properties while
Max Arguments: 3
Arguments: (1) <Status Payload> (2) <ID Payload>
- (3) <Public Key Payload>
+ (3) [<Public Key Payload>]
This command replies with the client's or server's ID and with
the <Public Key Payload>.
EMail: priikone@silcnet.org
-This Internet-Draft expires 25 October 2001
+This Internet-Draft expires 21 February 2002
+
projects / silc.git / blobdiff