<li>Normal conferencing services such as private messages, channels,
channel messages, etc. All traffic is secured and authenticated.
<p>
-<li>No unique nicknames. There can same nicknames in SILC without
+<li>No unique nicknames. There can be same nicknames in SILC without
collisions. SILC has unique Client ID's, Server ID's and Channel ID's
- to assure that there are no collisions.
+ to assure that there are no collisions. The maximum length of the
+ nickname is 128 characters. The maximum length of the channel name
+ is 256 characters.
+<p>
+<li>Channels can have channel operators and a channel founder which is the
+ client who created the channel. Channel founder privileges supersedes
+ the channel operator privileges. Also, channel founder privileges
+ may be regained even if the founder leaves the channel. The
+ requirement for this is that the client is connected to the same
+ server it was originally connected. The channel founder cannot
+ be removed from the channel by force.
+<p>
+<li>Channel messages are protected by channel key, generated by the
+ server. The key is re-generated once in an hour. It is
+ possible to set a private key for the channel so that even the
+ servers does not know the key. Actually, it is possible to set
+ several private keys so that only specific users on the channel may
+ decrypt some specific messages. Adding the private key significantly
+ increases the security as nobody else but the users on the channel
+ knows the key.
+<p>
+<li>Private messages are protected using the session keys, generated
+ when connecting to the server. This means that the private messages
+ are decrypted and re-encrypted enroute to the true receiver of the
+ message. However, it is possible to set a private key between two
+ clients and protect the private messages with that key. In this case
+ no server enroute can decrypt the message since they don't have
+ the key. The SILC protocol provides an automatic key negotiation
+ between two clients using the SKE protocol. This makes it very
+ easy to negotiate a shared secret key with another client in the
+ network.
+<p>
+<li>All the other traffic, like commands between client and the server
+ are protected using the session keys. Session keys are re-generated
+ once in an hour. The re-key may be done with or without the PFS
+ (Perfect Forward Secrecy).
<p>
<li>Secure key exchange and authentication protocol. SILC Key Exchange
- protocol provides key material used in the SILC sessions in secure
- manner. The protocol is immune for example to man-in-the-middle
- attacks. The SILC Authentication protocol provides strong
+ (SKE) protocol provides key material used in the SILC sessions in
+ secure manner. The protocol is immune for example to man-in-the-middle
+ attacks and is based on the Diffie-Hellman key exchange algorithm. The
+ SILC Authentication protocol provides strong
authentication. Authentication may be based on passphrase or public
key (RSA) authentication. For clients there is an option not to
use authentication when connecting to servers.
<p>
<li>All traffic is encrypted and authenticated using the best cryptographic
- algorithms out there. Command messages, private messages and channel
- messages are all protected by encryption. User can set private keys
- for both private message and for channels so that even SILC servers do
- not know the keys. Cipher keys are, by default, 128 bits in length and
+ algorithms out there. Cipher keys are, by default, 256 bits in length and
public keys, by default, 1024 bits in length.
<p>
<li>Supports the following ciphers: AES, Twofish, Blowfish, Mars,
projects / silc.git / blobdiff