+It must also be noted that if the client requires absolute security by
+not trusting any of the servers or routers in the SILC Network, this can
+be accomplished by negotiating private keys outside the SILC Network,
+either using SKE or some other key negotiation protocol, or to use some
+other external means for distributing the keys. This applies for all
+messages, private messages and channel messages. It is important to note
+that SILC, like any other security protocol is not full proof system and
+cannot secure from insecure environment; the SILC servers and routers could
+very well be hacked. However, to provide acceptable level of security and
+usability for end user the protocol uses many times session keys or other
+keys generated by the servers to secure the messages. If this is
+unacceptable for the client or end user, the private keys negotiatied
+outside the SILC Network should always be used. In the end it is always
+implementor's choice whether to negotiate private keys by default or
+whether to use the keys generated by the servers.
+
projects / silc.git / commitdiff