+Thu Oct 4 23:29:06 EEST 2000 Pekka Riikonen <priikone@poseidon.pspt.fi>
+
+ * Fixed protocol error handling in client library. It should now
+ cope even if the SKE fails for some reason.
+
+ * Made new protocol specification drafts for submitting to IETF.
+
+ * Implemented TOPIC command to server in silcd/command.c.
+
+ * Added two new notify types into lib/silccore/silcnotify.h:
+ SILC_NOTIFY_TYPE_NICK_CHANGE and SILC_NOTIFY_TYPE_TOPIC_SET to
+ notify nickname change and topic setting/change on a channel.
+
+ * API change of command_reply operation in client library. The
+ application gets now the status type received from server as well.
+
Sat Sep 30 16:57:42 EEST 2000 Pekka Riikonen <priikone@poseidon.pspt.fi>
* Removed the function just added to lib/silcutil/silcschedule.[ch].
.ds LF Riikonen
.ds RF FORMFEED[Page %]
.ds CF
-.ds LH INTERNET-DRAFT
-.ds RH 13 September 2000
+.ds LH Internet-Draft
+.ds RH 6 October 2000
.ds CH
.na
.hy 0
.nf
Network Working Group P. Riikonen
Internet-Draft
-draft-riikonen-silc-ke-auth-01.txt 13 September 2000
-Expires: 13 May 2001
+draft-riikonen-silc-ke-auth-01.txt 6 October 2000
+Expires: 6 Jun 2001
.in 3
This memo describes two protocols used in the Secure Internet Live
Conferencing (SILC) protocol specified in the Secure Internet Live
-Conferencing, Protocol Specification internet-draft [SILC1]. The
+Conferencing, Protocol Specification Internet-Draft [SILC1]. The
SILC Key Exchange (SKE) protocol provides secure key exchange between
two parties resulting into shared secret key material. The protocol
is based on Diffie Hellman key exchange algorithm and its functionality
+
.in 5
.nf
1 2 3
+
.ti 0
2.3 Processing the Key Material
.in 6
0 SILC_SKE_STATUS_OK
- Protocol were exeucted succesfully.
+ Protocol were executed successfully.
1 SILC_SKE_STATUS_ERROR
0 SILC_AUTH_OK
- Protocol was executed succesfully.
+ Protocol was executed successfully.
1 SILC_AUTH_FAILED
Key Management Protocol (ISAKMP)", RFC 2408, November
1998.
-[IKE] Harkins D., and Carrel D., "The Internet Key Exhange
+[IKE] Harkins D., and Carrel D., "The Internet Key Exchange
(IKE)", RFC 2409, November 1998.
[HMAC] Krawczyk, H., "HMAC: Keyed-Hashing for Message
EMail: priikone@poseidon.pspt.fi
-This Internet-Draft expires 13 May 2001
+This Internet-Draft expires 6 Jun 2001
.ds RF FORMFEED[Page %]
.ds CF
.ds LH Internet Draft
-.ds RH 13 September 2000
+.ds RH 6 October 2000
.ds CH
.na
.hy 0
.nf
Network Working Group P. Riikonen
Internet-Draft
-draft-riikonen-silc-pp-01.txt 13 September 2000
-Expires: 13 May 2001
+draft-riikonen-silc-pp-01.txt 6 October 2000
+Expires: 6 Jun 2001
.in 3
2.2 SILC Packet Header ........................................ 5
2.3 SILC Packet Types ......................................... 7
2.3.1 SILC Packet Payloads ................................ 15
- 2.3.2 Generic paylods .....................................
- 2.3.2.1 ID Payload ..................................
- 2.3.2.2 Argument Payload ............................
- 2.3.3 Disconnect Payload .................................. 15
- 2.3.4 Success Payload ..................................... 16
- 2.3.5 Failure Payload ..................................... 16
- 2.3.6 Reject Payload ...................................... 17
- 2.3.7 Notify Payload ...................................... 17
- 2.3.8 Error Payload ....................................... 18
- 2.3.9 Channel Message Payload ............................. 19
- 2.3.10 Channel Key Payload ................................ 20
- 2.3.11 Private Message Payload ............................ 23
- 2.3.12 Private Message Key Payload ........................ 24
- 2.3.13 Command Payload .................................... 25
- 2.3.14 Command Reply Payload .............................. 26
- 2.3.15 Connection Auth Request Payload .................... 27
- 2.3.16 New ID Payload ..................................... 28
- 2.3.17 New ID List Payload ................................ 29
- 2.3.18 New Client Payload ................................. 29
- 2.3.19 New Server Payload ................................. 31
- 2.3.20 New Channel Payload ................................ 31
- 2.3.21 New Channel User Payload ........................... 32
- 2.3.22 New Channel List Payload ........................... 33
- 2.3.23 New Channel User List Payload ...................... 34
- 2.3.24 Replace ID Payload ................................. 34
- 2.3.25 Remove ID Payload .................................. 35
- 2.3.26 Remove Channel User Payload ........................
- 2.4 SILC ID Types ............................................. 36
- 2.5 Packet Encryption And Decryption .......................... 37
- 2.5.1 Normal Packet Encryption And Decryption ............. 37
- 2.5.2 Channel Message Encryption And Decryption ........... 37
- 2.5.3 Private Message Encryption And Decryption ........... 38
- 2.6 Packet MAC Generation ..................................... 39
- 2.7 Packet Padding Generation ................................. 39
- 2.8 Packet Compression ........................................ 40
- 2.9 Packet Sending ............................................ 40
- 2.10 Packet Reception ......................................... 41
- 2.11 Packet Routing ........................................... 42
- 2.12 Packet Forwarding ........................................
- 2.13 Packet Broadcasting ...................................... 41
- 2.14 Packet Tunneling ......................................... 42
-3 Security Considerations ....................................... 43
-4 References .................................................... 43
-5 Author's Address .............................................. 44
+ 2.3.2 Generic payloads .................................... 16
+ 2.3.2.1 ID Payload .................................. 16
+ 2.3.2.2 Argument Payload ............................ 16
+ 2.3.3 Disconnect Payload .................................. 17
+ 2.3.4 Success Payload ..................................... 18
+ 2.3.5 Failure Payload ..................................... 18
+ 2.3.6 Reject Payload ...................................... 19
+ 2.3.7 Notify Payload ...................................... 20
+ 2.3.8 Error Payload ....................................... 21
+ 2.3.9 Channel Message Payload ............................. 22
+ 2.3.10 Channel Key Payload ................................ 24
+ 2.3.11 Private Message Payload ............................ 26
+ 2.3.12 Private Message Key Payload ........................ 27
+ 2.3.13 Command Payload .................................... 28
+ 2.3.14 Command Reply Payload .............................. 29
+ 2.3.15 Connection Auth Request Payload .................... 29
+ 2.3.16 New ID Payload ..................................... 30
+ 2.3.17 New ID List Payload ................................ 31
+ 2.3.18 New Client Payload ................................. 31
+ 2.3.19 New Server Payload ................................. 32
+ 2.3.20 New Channel Payload ................................ 33
+ 2.3.21 New Channel User Payload ........................... 34
+ 2.3.22 New Channel List Payload ........................... 35
+ 2.3.23 New Channel User List Payload ...................... 36
+ 2.3.24 Replace ID Payload ................................. 36
+ 2.3.25 Remove ID Payload .................................. 37
+ 2.3.26 Remove Channel User Payload ........................ 38
+ 2.4 SILC ID Types ............................................. 39
+ 2.5 Packet Encryption And Decryption .......................... 39
+ 2.5.1 Normal Packet Encryption And Decryption ............. 39
+ 2.5.2 Channel Message Encryption And Decryption ........... 40
+ 2.5.3 Private Message Encryption And Decryption ........... 41
+ 2.6 Packet MAC Generation ..................................... 41
+ 2.7 Packet Padding Generation ................................. 42
+ 2.8 Packet Compression ........................................ 42
+ 2.9 Packet Sending ............................................ 43
+ 2.10 Packet Reception ......................................... 43
+ 2.11 Packet Routing ........................................... 44
+ 2.12 Packet Forwarding ........................................ 44
+ 2.13 Packet Broadcasting ...................................... 45
+ 2.14 Packet Tunneling ......................................... 45
+3 Security Considerations ....................................... 46
+4 References .................................................... 46
+5 Author's Address .............................................. 47
.ti 0
List of Figures
.nf
Figure 1: Typical SILC Packet
Figure 2: SILC Packet Header
-Figure 3: Disconnect Payload
-Figure 4: Success Payload
-Figure 5: Failure Payload
-Figure 6: Reject Payload
-Figure 7: Notify Payload
-Figure 8: Error Payload
-Figure 9: Channel Message Payload
-Figure 10: Channel Key Payload
-Figure 11: Private Message Payload
-Figure 12: Private Message Key Payload
-Figure 13: Command Payload
-Figure 15: Connection Auth Request Payload
-Figure 16: New ID Payload
+Figure 3: ID Payload
+Figure 4: Argument Payload
+Figure 5: Disconnect Payload
+Figure 6: Success Payload
+Figure 7: Failure Payload
+Figure 8: Reject Payload
+Figure 9: Notify Payload
+Figure 10: Error Payload
+Figure 11: Channel Message Payload
+Figure 12: Channel Key Payload
+Figure 13: Private Message Payload
+Figure 14: Private Message Key Payload
+Figure 15: Command Payload
+Figure 16: Connection Auth Request Payload
Figure 17: New Client Payload
Figure 18: New Server Payload
Figure 19: New Channel Payload
Figure 20: New Channel User Payload
Figure 21: Replace ID Payload
-Figure 22: Remove ID Payload
-Figure 23: Remove Channel User Payload
+Figure 22: Remove Channel User Payload
.ti 0
Following flags are reserved for this field:
-
-
No flags 0x00
In this case the field is ignored.
packet types may be forwarded. Receiver of packet
with this flag set must not forward the packet any
further. See section 2.12 Packet Forwarding for
- desribtion of packet forwarding.
+ description of packet forwarding.
Broadcast 0x04
Source ID field in the header, not including this or any
other fields.
-
-
o Destination ID Length (2 bytes) - Indicates the length of the
Destination ID field in the header, not including this or
any other fields.
the disconnection is sent inside the packet payload. Client
usually does not send this packet.
- Payload of the packet: See section 2.3.2 Disconnect Payload
+ Payload of the packet: See section 2.3.3 Disconnect Payload
2 SILC_PACKET_SUCCESS
This packet is sent upon successful execution of some protocol.
The status of the success is sent in the packet.
- Payload of the packet: See section 2.3.3 Success Payload
+ Payload of the packet: See section 2.3.4 Success Payload
3 SILC_PACKET_FAILURE
This packet is sent upon failure of some protocol. The status
of the failure is sent in the packet.
- Payload of the packet: See section 2.3.4 Failure Payload
+ Payload of the packet: See section 2.3.5 Failure Payload
4 SILC_PACKET_REJECT
This packet may be sent upon rejection of some protocol.
The status of the rejection is sent in the packet.
- Payload of the packet: See section 2.3.5 Reject Payload
+ Payload of the packet: See section 2.3.6 Reject Payload
5 SILC_PACKET_NOTIFY
packet may ignore the packet if it chooses so. However, it
should not be ignored.
- Payload of the packet: See section 2.3.6 Notify Payload.
+ Payload of the packet: See section 2.3.7 Notify Payload.
6 SILC_PACKET_ERROR
most likely to take action anyway. This packet may be sent
to entity that is indirectly connected to the sender.
- Payload of the packet: See section 2.3.7 Error Payload.
+ Payload of the packet: See section 2.3.8 Error Payload.
7 SILC_PACKET_CHANNEL_MESSAGE
by channel specific keys. Channel Keys are distributed by
SILC_PACKET_CHANNEL_KEY packet.
- Payload of the packet: See section 2.3.8 Channel Message
+ Payload of the packet: See section 2.3.9 Channel Message
Payload
may send this packet. This packet may be sent to entity
that is indirectly connected to the sender.
- Payload of the packet: See section 2.3.9 Channel Key Payload
+ Payload of the packet: See section 2.3.10 Channel Key Payload
9 SILC_PACKET_PRIVATE_MESSAGE
used as well if both of the client knows it, however, it needs
to be agreed outside SILC. See more of this in [SILC1].
- Payload of the packet: See section 2.3.10 Private Message
+ Payload of the packet: See section 2.3.11 Private Message
Payload
default or to use normal session keys by default, is
implementation specific issue. See more of this in [SILC1].
- Payload of the packet: See section 2.3.11 Private Message
+ Payload of the packet: See section 2.3.12 Private Message
Key Payload
This packet may be sent to entity that is indirectly connected
to the sender.
- Payload of the packet: See section 2.3.12 Command Payload
+ Payload of the packet: See section 2.3.13 Command Payload
12 SILC_PACKET_COMMAND_REPLY
The contents of this packet is command specific. This packet
maybe sent to entity that is indirectly connected to the sender.
- Payload of the packet: See section 2.3.13 Command Reply
- Payload and section 2.3.12 Command
+ Payload of the packet: See section 2.3.14 Command Reply
+ Payload and section 2.3.13 Command
Payload
The party receiving this payload must respond with the same
packet including the mandatory authentication method.
- Payload of the packet: See section 2.3.14 Connection Auth
+ Payload of the packet: See section 2.3.15 Connection Auth
Request Payload
distributed by this packet. Only server may send this packet,
however, client must be able to receive this packet.
- Payload of the packet: See section 2.3.15 New ID Payload
+ Payload of the packet: See section 2.3.16 New ID Payload
19 SILC_PACKET_NEW_ID_LIST
type except that it may include several ID's. Client must
not send this packet.
- Payload of the packet: See section 2.3.16 New ID List
+ Payload of the packet: See section 2.3.17 New ID List
Payload
authentication protocols has been completed. Client sends
various information about itself in this packet.
- Payload of the packet: See section 2.3.17 New Client Payload
+ Payload of the packet: See section 2.3.18 New Client Payload
21 SILC_PACKET_NEW_SERVER
its Server ID and other information in this packet.
Client must not send or receive this packet.
- Payload of the packet: See section 2.3.18 New Server Payload
+ Payload of the packet: See section 2.3.19 New Server Payload
22 SILC_PACKET_NEW_CHANNEL
This packet is used to remove user from a channel. This is
used by router to notify other routers in the network that a
- client has leaved a channel. This packet maybe sent to entity
+ client has left a channel. This packet maybe sent to entity
that is indirectly connected to the sender.
Payload of the packet: See section 2.3.26 Remove Channel User
not have a payload.
- 31 - 254
+ 31 - 199
Currently undefined commands.
+ 200 - 254
+
+ These packet types are reserved for private use and they will not
+ be defined by this document.
+
+
255 SILC_PACKET_MAX
This type is reserved for future extensions and currently it
.ti 0
-2.3.2 Generic paylods
+2.3.2 Generic payloads
This section describes generic payloads that are not associated to any
specific packet type. They can be used for example inside some other
the Disconnect Payload.
+
+
+
+
+
.in 5
.nf
1 2 3
.in 3
.ce
-Figure 3: Disconnect Payload
+Figure 5: Disconnect Payload
.in 3
.ce
-Figure 4: Success Payload
+Figure 6: Success Payload
.in 6
.in 3
.ce
-Figure 5: Failure Payload
+Figure 7: Failure Payload
.in 6
.in 3
.ce
-Figure 6: Reject Payload
+Figure 8: Reject Payload
.in 6
.in 3
.ce
-Figure 7: Notify Payload
+Figure 9: Notify Payload
.in 6
This type includes three arguments: nickname, server name and
Channel ID. The Channel ID is sent inside ID Payload.
+
+5 SILC_NOTIFY_TYPE_TOPIC_SET
+
+ Sent when topic is set/changed on a channel.
+
+ This type includes three arguments: Channel ID, topic, nickname and
+ hostname. The Channel ID is sent inside ID Payload.
+
+6 SILC_NOTIFY_TYPE_NICK_CHANGE
+
+ Sent when client changes nick on a channel.
+
+ This type includes three arguments: nickname and Channel ID.
+ The Channel ID is sent inside ID Payload.
.in 3
Notify types starting from 16384 are reserved for private notify
.in 3
.ce
-Figure 8: Error Payload
+Figure 10: Error Payload
.in 6
(*) indicates that the field is not encrypted.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
.in 5
.nf
.in 3
.ce
-Figure 9: Channel Message Payload
+Figure 11: Channel Message Payload
.in 6
Channel Key Payload is used to distribute channel keys to all
clients on the particular channel. Channel keys are sent when
the channel is created, when new user joins to the channel and
-whenever a user leaves a channel. Server creates the new
+whenever a user has left a channel. Server creates the new
channel key and distributes it to the clients by encrypting this
payload with the session key shared between the server and
the client. After that, client starts using the key received
are not encrypted using channel keys, they are encrypted using
normal session keys between two routers. Inside a cell, all
channel traffic is encrypted with the specified channel key.
-Channel key should expire peridiocally, say, in one hour, in
+Channel key should expire periodically, say, in one hour, in
which case new channel key is created and distributed.
The payload may only be sent with SILC_PACKET_CHANNEL_KEY packet.
represents the Channel Key Payload.
+
+
+
+
+
+
+
+
+
+
+
.in 5
.nf
1 2 3
.in 3
.ce
-Figure 10: Channel Key Payload
+Figure 12: Channel Key Payload
.in 3
.ce
-Figure 11: Private Message Payload
+Figure 13: Private Message Payload
.in 6
.in 3
.ce
-Figure 12: Private Message Key Payload
+Figure 14: Private Message Key Payload
.in 3
.ce
-Figure 13: Command Payload
+Figure 15: Command Payload
.in 6
.in 3
.ce
-Figure 15: Connection Auth Request Payload
+Figure 16: Connection Auth Request Payload
.in 6
This payload is also used when server tells its router that new client
has registered to the SILC network. In this case the server sends
-the Client ID of the client to the router. Similiary when router
+the Client ID of the client to the router. Similary when router
distributes information to other routers about the client in the SILC
network this payload is used.
the New Client Payload.
+
.in 5
.nf
1 2 3
the New Server Payload.
+
+
+
.in 5
.nf
1 2 3
represents the New Channel Payload.
+
+
.in 5
.nf
1 2 3
diagram represents the New Channel User Payload.
+
+
+
+
.in 5
.nf
1 2 3
-
-
-
-
-
-
.in 5
.nf
1 2 3
Remove Channel User payload is used to remove a user from a channel network
wide. This is used by routers to notify other routers that a user has
-leaved a channel. As routers keep information about users on channels a
+left a channel. As routers keep information about users on channels a
user leaving channel must be removed from all routers. Normal server may
send this payload as well. Client must not send this payload.
represents the Remove Payload Payload.
+
+
+
.in 5
.nf
1 2 3
.in 3
.ce
-Figure 23: Remove Channel User Payload
+Figure 22: Remove Channel User Payload
.in 6
.in 3
+
.ti 0
2.4 SILC ID Types
server or router en route must not decompress the packet.
+
.ti 0
2.9 Packet Sending
2.10 Packet Reception
On packet reception the receiver must check that all fields in the
-SILC Packet Header are valid sain. It must check the flags of the
+SILC Packet Header are valid. It must check the flags of the
header and act accordingly. It must also check the MAC of the packet
and if it is to be failed the packet must be discarded. Also if the
header of the packet includes any bad fields the packet must be
Key Management Protocol (ISAKMP)", RFC 2408, November
1998.
-[IKE] Harkins D., and Carrel D., "The Internet Key Exhange
+[IKE] Harkins D., and Carrel D., "The Internet Key Exchange
(IKE)", RFC 2409, November 1998.
[HMAC] Krawczyk, H., "HMAC: Keyed-Hashing for Message
Authentication", RFC 2104, February 1997.
+
+
+
+
.ti 0
5 Author's Address
EMail: priikone@poseidon.pspt.fi
-This Internet-Draft expires 13 May 2001
+This Internet-Draft expires 6 Jun 2001
.ds RF FORMFEED[Page %]
.ds CF
.ds LH Internet Draft
-.ds RH 13 September 2000
+.ds RH 6 October 2000
.ds CH
.na
.hy 0
.nf
Network Working Group P. Riikonen
Internet-Draft
-draft-riikonen-silc-spec-01.txt 13 September 2000
-Expires: 13 May 2001
+draft-riikonen-silc-spec-01.txt 6 October 2000
+Expires: 6 Jun 2001
.in 3
2.2 Communication Inside a Cell ............................... 5
2.3 Communication in the Network .............................. 6
2.4 Channel Communication ..................................... 7
-3 SILC Specification ............................................ 7
- 3.1 Client .................................................... 7
- 3.1.1 Client ID ........................................... 8
- 3.2 Server .................................................... 9
- 3.2.1 Server's Local ID List .............................. 9
- 3.2.2 Server ID ........................................... 10
+ 2.5 Router Connections ........................................ 7
+3 SILC Specification ............................................ 8
+ 3.1 Client .................................................... 8
+ 3.1.1 Client ID ........................................... 9
+ 3.2 Server .................................................... 10
+ 3.2.1 Server's Local ID List .............................. 10
+ 3.2.2 Server ID ........................................... 11
3.2.3 SILC Server Ports ................................... 11
- 3.3 Router .................................................... 11
- 3.3.1 Router's Local ID List .............................. 11
- 3.3.2 Router's Global ID List ............................. 12
+ 3.3 Router .................................................... 12
+ 3.3.1 Router's Local ID List .............................. 12
+ 3.3.2 Router's Global ID List ............................. 13
3.3.3 Router's Server ID .................................. 13
- 3.4 Channels .................................................. 13
- 3.4.1 Channel ID .......................................... 14
- 3.5 Operators ................................................. 14
+ 3.4 Channels .................................................. 14
+ 3.4.1 Channel ID .......................................... 15
+ 3.5 Operators ................................................. 15
3.6 SILC Commands ............................................. 15
- 3.7 SILC Packets .............................................. 15
+ 3.7 SILC Packets .............................................. 16
3.8 Packet Encryption ......................................... 16
- 3.8.1 Determination of the Source and the Destination ..... 16
+ 3.8.1 Determination of the Source and the Destination ..... 17
3.8.2 Client To Client .................................... 17
- 3.8.3 Client To Channel ................................... 18
+ 3.8.3 Client To Channel ................................... 19
3.8.4 Server To Server .................................... 19
- 3.9 Key Exchange And Authentication ........................... 19
- 3.10 Algorithms ............................................... 19
- 3.10.1 Ciphers ............................................ 19
- 3.10.2 Public Key Algorithms .............................. 20
- 3.10.3 MAC Algorithms ..................................... 20
- 3.10.4 Compression Algorithms ............................. 21
- 3.11 SILC Public Key .......................................... 21
+ 3.9 Key Exchange And Authentication ........................... 20
+ 3.10 Algorithms ............................................... 20
+ 3.10.1 Ciphers ............................................ 20
+ 3.10.2 Public Key Algorithms .............................. 21
+ 3.10.3 MAC Algorithms ..................................... 21
+ 3.10.4 Compression Algorithms ............................. 22
+ 3.11 SILC Public Key .......................................... 22
3.12 SILC Version Detection ................................... 24
-4 SILC Procedures ............................................... 24
- 4.1 Creating Client Connection ................................ 24
- 4.2 Creating Server Connection ................................ 25
- 4.3 Joining to a Channel ...................................... 26
- 4.4 Channel Key Generation .................................... 27
- 4.5 Private Message Sending and Reception ..................... 27
- 4.6 Private Message Key Generation ............................ 28
- 4.7 Channel Message Sending and Reception ..................... 29
- 4.8 Session Key Regeneration .................................. 29
- 4.9 Command Sending and Reception ............................. 29
-5 SILC Commands ................................................. 30
- 5.1 SILC Commands Syntax ...................................... 30
- 5.2 SILC Commands List ........................................ 32
- 5.3 SILC Command Status Types ................................. 53
- 5.3.1 SILC Command Status Payload ......................... 53
- 5.3.2 SILC Command Status List ............................ 54
-6 Security Considerations ....................................... 59
-7 References .................................................... 59
-8 Author's Address .............................................. 60
+4 SILC Procedures ............................................... 25
+ 4.1 Creating Client Connection ................................ 25
+ 4.2 Creating Server Connection ................................ 26
+ 4.3 Joining to a Channel ...................................... 27
+ 4.4 Channel Key Generation .................................... 28
+ 4.5 Private Message Sending and Reception ..................... 29
+ 4.6 Private Message Key Generation ............................ 29
+ 4.7 Channel Message Sending and Reception ..................... 30
+ 4.8 Session Key Regeneration .................................. 30
+ 4.9 Command Sending and Reception ............................. 30
+5 SILC Commands ................................................. 31
+ 5.1 SILC Commands Syntax ...................................... 31
+ 5.2 SILC Commands List ........................................ 33
+ 5.3 SILC Command Status Types ................................. 56
+ 5.3.1 SILC Command Status Payload ......................... 56
+ 5.3.2 SILC Command Status List ............................ 57
+6 Security Considerations ....................................... 61
+7 References .................................................... 61
+8 Author's Address .............................................. 62
.ti 0
Figure 1: SILC Network Topology
Figure 2: Communication Inside cell
Figure 3: Communication Between Cells
-Figure 4: SILC Public Key
-Figure 5: SILC Command Status Payload
+Figure 4: Router Connections
+Figure 5: SILC Public Key
+Figure 6: SILC Command Status Payload
.ti 0
keep global information up to date at all time.
This, on the other hand, leads to cellular like network, where routers
-are in the centrum on the cell and servers are connected to the router.
+are in the center of the cell and servers are connected to the router.
Following diagram represents SILC network topology.
server in the cell and is talking on channel to other client connected
to other server in the same cell, will have its messages delivered from
its local server first to the router of the cell, and from the router
-to the other server in the cell. Following diagram represents this
-scenario.
+to the other server in the cell.
+
+Following diagram represents this scenario:
.in 25
local clients on the channel.
+.ti 0
+2.5 Router Connections
+
+Router connections play very important role in making the SILC like
+network topology to work. For example, sending broadcast packets in
+SILC network require special connections between routers; routers must
+be connected in specific way.
+
+Every router has their primary route which is a connection to another
+router in the network. Unless there is only two routers in the network
+must not routers use each other as their primary routes. The router
+connections in the network must form a circular.
+
+Example with three routers in the network:
+
+
+
+
+
+
+
+.in 16
+.nf
+ S/R1 - > - > - > - > - > - > - S/R2
+ \\ /
+ v v
+ \\ - < - < - S/R3 - < - < - /
+.in 3
+
+
+.ce
+Figure 4: Router Connections
+
+
+Example: Network with three routers. Router 1. uses Router 2. as its
+ primary router. Router 2. uses Router 3. as its primary router,
+ and Router 3. uses Router 1. as its primary router. There may
+ be other direct connections between the routers but they must
+ not be used as primary routes.
+
+The above example is applicable to any amount of routers in the network
+except for two routers. If there are only two routers in the network both
+routers must be able to handle situation where they use each other as their
+primary routes.
+
+The issue of router connections are very important especially with SILC
+broadcast packets. Usually all router wide information in the network is
+distributed by SILC broadcast packets.
+
+
.ti 0
3. SILC Specification
Servers are the most important parts of the SILC network. They form the
basis of the SILC, providing a point to which clients may connect to.
There are two kinds of servers in SILC; normal servers and router servers.
-This section focuses on the normal server and router server is described
+This section focus on the normal server and router server is described
in the section 3.3 Router.
Normal servers may not directly connect to other normal server. Normal
their Channel ID's.
-
-
-
-
-
-
Hence, local list for normal server includes:
.in 6
o Receiving key
o Public key
+
+
+
client list - All clients in server
o Nickname
o Username@host
o IP address of the server - This is the real IP address of
the server.
-o Port - This is the port the server is binded to.
+o Port - This is the port the server is bound to.
o Random number - This is used to further randomize the Server ID.
.in 3
Collisions are not expected to happen in any conditions. The Server ID
-is always created by the server itself and server is resposible of
+is always created by the server itself and server is responsible of
distributing it to the router.
that it needs.
-
-
-
Hence, local list for router includes:
.in 6
client list - All clients in the cell
o Client ID
+
channel list - All channels in the cell
o Channel ID
o Client ID's on channel
A channel is a named group of one or more clients which will all receive
messages addressed to that channel. The channel is created when first
client requests JOIN command to the channel, and the channel ceases to
-exist when the last client leaves it. When channel exists, any client
+exist when the last client has left it. When channel exists, any client
can reference it using the name of the channel.
Channel names are unique although the real uniqueness comes from 64 bit
-
.ti 0
3.8 Packet Encryption
definition of how it must be done. SILC has a mandatory algorithm that
must be supported in order to be compliant with this protocol.
-
-
-
-
-
Following ciphers are defined in SILC protocol:
.in 6
-blowfish-cbc Blowfish in CBC mode (mandatory)
+aes-cbc AES in CBC mode (mandatory)
twofish-cbc Twofish in CBC mode (optional)
+blowfish-cbc Blowfish in CBC mode (optional)
rc6-cbc RC6 in CBC mode (optional)
rc5-cbc RC5 in CBC mode (optional)
mars-cbc Mars in CBC mode (optional)
(MAC) of the packet data. See [SILC2] for details how to compute the
MAC.
-
-
-
-
Following MAC algorithms are defined in SILC protocol:
.in 6
The format of the SILC Public Key is as follows:
-
-
-
-
-
.in 5
.nf
1 2 3
.in 3
.ce
-Figure 4: SILC Public Key
+Figure 5: SILC Public Key
.in 6
The version detection of both client and server is performed at the
connection phase while executing the SILC Key Exchange protocol. The
-version identifier is exchanged between intiator and responder. The
+version identifier is exchanged between initiator and responder. The
version identifier is of following format:
.in 6
Software version may provide major, minor and build version. The
software version may be freely set and accepted.
+
Thus, the version string could be, for example:
.in 6
.ti 0
4.1 Creating Client Connection
-This section descibres the procedure when client connects to SILC server.
+This section describes the procedure when client connects to SILC server.
When client connects to server the server must perform IP address lookup
and reverse IP address lookup to assure that the origin host really is
who it claims to be. Client, host, connecting to server must have
also distributed to the router and to all clients on the channel.
If the channel does not exist in the local list the command must be
-fowarded to the router which will then perform the actual joining
+forwarded to the router which will then perform the actual joining
procedure. When server receives the reply to the command from the
router it must be distributed to the client who sent the command
originally. Server will also receive the channel key from the server
In this case the key is created from scratch by taking enough randomness
from the random number generator. After that the key is distributed to
all clients on the channel. However, channel keys are cell specific thus
-the key is created only on the cell where the client, who leaved the
+the key is created only on the cell where the client, who left the
channel, exists. While the server or router is creating the new channel
key, no other client may join to the channel. Messages that are sent
while creating the new key are still processed with the old key. After
If the sender of a private message does not know the receiver's Client
ID, it must resolve it from server. There are two ways to resolve the
-client ID from server; it is recommended that client ipmlementations
+client ID from server; it is recommended that client implementations
send SILC_COMMAND_IDENTIFY command to receive the Client ID. Client
may also send SILC_COMMAND_WHOIS command to receive the Client ID.
If the sender has received earlier a private message from the receiver
Header's Client ID. The nickname in the payload is merely provided
to be displayed for end user.
-See [SILC2] for describtion of private message encryption and decryption
+See [SILC2] for description of private message encryption and decryption
process.
distribute the message to all clients on the channel by sending the
channel message destined explicitly to a client on the channel.
-See [SILC2] for describtion of channel message encryption and decryption
+See [SILC2] for description of channel message encryption and decryption
process.
.ti 0
4.8 Session Key Regeneration
-Session keys should be regenerated peridiocally, say, once in an hour.
+Session keys should be regenerated periodically, say, once in an hour.
The re-key process is started by sending SILC_PACKET_REKEY packet to
other end, to indicate that re-key must be performed.
Every command replies with Status Payload. This payload tells the
-sender of the command whether the command was completed succefully or
+sender of the command whether the command was completed successfully or
whether there was an error. If error occured the payload includes the
error type. In the next section the Status Payload is not described
as it is common to all commands and has been described here. Commands
The numbers in parentheses are the argument specific numbers
that specify the type of the argument in Command Argument Payload.
The receiver always knows that, say, argument number two (2) is
-<message> argument, regardles of the ordering of the arguments in
+<message> argument, regardless of the ordering of the arguments in
the Command Payload.
Reply messages to the command:
STATUS_OK.
The command replies include the Client ID of the nickname,
- nickname and servername, username and hostnamea and users real
+ nickname and servername, username and hostname and users real
name. Client should process these replies only after the last
reply has been received with the STATUS_LIST_END status. If the
<count> option were defined in the query there will be only
SILC_STATUS_ERR_TOO_MANY_PARAMS
+
+
2 SILC_COMMAND_WHOWAS
Max Arguments: 2
SILC_STATUS_ERR_TOO_MANY_PARAMS
+
+
+
+
5 SILC_COMMAND_LIST
Max Arguments: 2
6 SILC_COMMAND_TOPIC
Max Arguments: 2
- Arguments: (1) <Channel ID> (2) [<server>]]
+ Arguments: (1) <Channel ID> (2) [<topic>]]
This command is used to change or view the topic of a channel.
The topic for channel <Channel ID> is returned if there is no
-
-
10 SILC_COMMAND_INFO
Max Arguments: 1
This command is used by operators to force a server to try to
establish a new connection to another router (if the connecting
- server is normal server) or server (if the conneceting server is
+ server is normal server) or server (if the connecting server is
router server). Operator may specify the server/router to be
connected by setting <remote server> argument. The separator
between <remote server address> and <port> is whitespace (` ').
This command replies only with Status Payload. Server returns
SILC_STATUS_OK in Status Payload if pinging was successful.
+
+
Status messages:
SILC_STATUS_OK
SILC_STATUS_ERR_AUTH_FAILED
+
+
+
14 SILC_COMMAND_JOIN
Max Arguments: 3
Channel is private channel. Private channels are shown
in the channel list listed with SILC_COMMAND_LIST command
- with indicatioin that the channel is private. Also,
+ with indication that the channel is private. Also,
client on private channel will no be detected to be on
the channel as the channel is not shown in the client's
currently joined channel list. Channel founder and
This command replies only with Status Payload.
-
-
Status messages:
SILC_STATUS_OK
SILC_STATUS_ERR_NO_SERVER_PRIV
+
+
+
20 SILC_COMMAND_CLOSE
Max Arguments: 1
This command replies only with Status Payload.
-
-
Status messages:
SILC_STATUS_OK
SILC_STATUS_ERR_NOT_ON_CHANNEL
- 25 - 254
+ 25 - 199
Currently undefined commands.
- 255 SILC_COMMAND_MAX
+ 200 - 254
+
+ These commands are reserved for private use and will not be defined
+ in this document.
+
+
+ 255 SILC_COMMAND_MAX
Reserved command. This must not be sent.
.in 3
represents the Command Status Payload (field is always in MSB order).
+
+
+
.in 21
.nf
1
.in 3
.ce
-Figure 5: SILC Command Status Payload
+Figure 6: SILC Command Status Payload
.in 6
End of the list. There were several command replies and this
reply is the last of the list. There won't be other replies
- beloning to this list after this one.
+ belonging to this list after this one.
3 - 9
considerations permeate the specification.
-
-
-
.ti 0
7 References
Key Management Protocol (ISAKMP)", RFC 2408, November
1998.
-[IKE] Harkins D., and Carrel D., "The Internet Key Exhange
+[IKE] Harkins D., and Carrel D., "The Internet Key Exchange
(IKE)", RFC 2409, November 1998.
[HMAC] Krawczyk, H., "HMAC: Keyed-Hashing for Message
EMail: priikone@poseidon.pspt.fi
-This Internet-Draft expires 13 May 2001
+This Internet-Draft expires 6 Jun 2001
projects / silc.git / commitdiff