<b>About SILC</b>
<font size="2">
-<p>
+<br><br>
SILC (Secure Internet Live Conferencing) is a protocol which provides
secure conferencing services in the Internet over insecure channel. SILC
is IRC like software although internally they are very different. Biggest
they are nothing alike. Biggest differences are that SILC is secure what
IRC is not in any way. The network model is also entirely different
compared to IRC.
-<p>
+<br><br>
SILC provides security services that any other conferencing protocol does
not offer today. The most popular conferencing service, IRC, is entirely
insecure. If you need secure place to talk to some people or to group of
people over the Internet, IRC or any other conferencing service, for that
matter, cannot be used. Anyone can see the messages and their contents in the IRC network. And the most worse case, some people is able to change the contents of the messages. Also, all the authentication data, such as, passwords are sent plaintext.
-<p>
+<br><br>
SILC is a lot more than just about `encrypting the traffic'. That is easy
enough to do with IRC, SSL and some ad hoc scripts, and even then the
entire network cannot be secured, only part of it. SILC provides security
etc.) and other traffic is entirely secured. The entire network, and all
parts of it, is secured. We are not aware of any other conferencing
protocol providing same features at the present time.
-<p>
+<br><br>
SILC has secure key exchange protocol that is used to create the session
keys for each connection. SILC also provides strong authentication based
on either passwords or public key authentication. All authentication data
is always encrypted in the SILC network. All connections has their own
session keys, all channels has channel specific keys, and all private
messages can be secured with private message specific keys.
-<p>
+<br><br>
SILC is an open source (or freeware) project and it has been released
under the GNU General Public Licence. The SILC is free to use and
everyone is free to distribute and change the SILC under the terms of the
GNU GPL. While there is no guarantee for the product SILC has been tried
make as secure as possible. The fact that the software and the protocol
is open for public analysis is a good thing for end user.
-<p>
+<br><br>
Protocol specification of SILC protocol is available for anyone to look
at. There exists four Internet Drafts that has been submitted to <a
href="http://www.ietf.org">IETF</a>. See <a
href="index.php?page=docs">documentation page</a> for more information.
-<p></font>
+<br><br></font>
<b>Contact</b>
<font size="2">
-<p>
+<br><br>
Feedback and comments are welcome. You can reach me in the following Address.
-<p>
+<br><br>
Pekka Riikonen<br>
priikone at poseidon.pspt.fi
-<p>
+</font>
+<br><br>
<b>Contributing</b>
<font size="2">
-<p>
+<br><br>
Developers are needed in SILC project. Everyone who has the time and
ability is welcome to come and join the project. We need C coders and
technical writers (to write documentation). Feel free to start narrowing
down the TODO list.
-<p>
+<br><br>
Interested people are also welcome to give new ideas to the SILC protocol
that is still in its draft phase. You should probably go and read the
SILC protocol specification Internet Drafts to get the idea about what
SILC actually is. The current software version might not give the
whole picture of the SILC. The Internet Drafts are available in
<a href="index.php?page=docs">documentation page.</a>
-<p>
+<br><br>
Who wants to send code to the project should read the <a
href="docs/CodingStyle">CodingStyle</a>
documentation. New code must comply with the coding style conventions
described in that document.
-<p>
+<br><br>
There is anonymous CVS acccess for those who want to participate the
development process. Go see the <a href="index.php?page=cvs">CVS page.</a>
-</font><p>
+</font>
+<br><br>
<b>GNU GENERAL PUBLIC LICENSE<br>
Version 2, June 1991</b>
<font size="2">
-<p>
+<br><br>
Copyright (C) 1989, 1991 Free Software Foundation, Inc.<br>
59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
-<p>
+<br><br>
Everyone is permitted to copy and distribute verbatim copies<br>
of this license document, but changing it is not allowed.
-<p>
+<br><br>
<b>Preamble</b>
-<P>
+<br><br>
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
using it. (Some other Free Software Foundation software is covered by
the GNU Library General Public License instead.) You can apply it to
your programs, too.
-<P>
+<br><br>
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
-<P>
+<br><br>
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
-<P>
+<br><br>
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
-<P>
+<br><br>
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
-<P>
+<br><br>
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
-<P>
+<br><br>
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
-<P>
+<br><br>
The precise terms and conditions for copying, distribution and
modification follow.
-<p>
+<br><br>
<b>TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION</b>
-<P>
-<STRONG>0.</STRONG>
+<br><br>
+<strong>0.</strong>
This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
-<P>
+<br><br>
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
-<P>
-<STRONG>1.</STRONG>
+<br><br>
+<strong>1.</strong>
You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
-<P>
+<br><br>
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
-<P>
-<STRONG>2.</STRONG>
+<br><br>
+<strong>2.</strong>
You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
-<P>
-<UL>
-<LI><STRONG>a)</STRONG>
+<br><br>
+<strong>a)</strong>
You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
-<P>
-<LI><STRONG>b)</STRONG>
+<br><br>
+<strong>b)</strong>
You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
-<P>
-<LI><STRONG>c)</STRONG>
+<br><br>
+<strong>c)</strong>
If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
-</UL>
+<br><br>
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
-<P>
+<br><br>
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
-<P>
+<br><br>
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
-<P>
-<STRONG>3.</STRONG>
+<br><br>
+<strong>3.</strong>
You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
-<UL>
-<LI><STRONG>a)</STRONG>
+<br><br>
+<strong>a)</strong>
Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
-<P>
-<LI><STRONG>b)</STRONG>
+<br><br>
+<strong>b)</strong>
Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
-<P>
-<LI><STRONG>c)</STRONG>
+<br><br>
+<strong>c)</strong>
Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
-</UL>
+<br><br>
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
-<P>
+<br><br>
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
-<P>
-<STRONG>4.</STRONG>
+<br><br>
+<strong>4.</strong>
You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
-<P>
-<STRONG>5.</STRONG>
+<br><br>
+<strong>5.</strong>
You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
-<P>
-<STRONG>6.</STRONG>
+<br><br>
+<strong>6.</strong>
Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
-<P>
-<STRONG>7.</STRONG>
+<br><br>
+<strong>7.</strong>
If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
-<P>
+<br><br>
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
-<P>
+<br><br>
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
-<P>
+<br><br>
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
-<P>
-<STRONG>8.</STRONG>
+<br><br>
+<strong>8.</strong>
If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
-<P>
-<STRONG>9.</STRONG>
+<br><br>
+<strong>9.</strong>
The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
-<P>
+<br><br>
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
-<P>
-<STRONG>10.</STRONG>
+<br><br>
+<strong>10.</strong>
If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
-<P>
-<STRONG>NO WARRANTY</STRONG>
-<P>
-<STRONG>11.</STRONG>
+<br><br>
+<strong>NO WARRANTY</strong>
+<br><br>
+<strong>11.</strong>
BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
-<P>
-<STRONG>12.</STRONG>
+<br><br>
+<strong>12.</strong>
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
-<P>
+<br><br>
<b>END OF TERMS AND CONDITIONS</b>
-</font><p>
+</font>
+<br><br>
<b>Anonymous CVS access</b>
<font size="2">
-<p>
+<br><br>
Anonymous CVS access is now available to SILC CVS repository. The
repository includes everything related to SILC project; source codes,
documentation and even these web pages. The CVS access is of course public
but it is intended for developers. After you have checked out the SILC
source tree you should read README.CVS file from the source tree or rest
of this web page.
-<p>
+<br><br>
Also note that this is the closest to real time development you can get
thus you cannot expect that the source tree would work or even compile.
While it is our intention that the trunk would always at least compile
there might be situations when it will not.
-<p><br>
+<br><br><br>
<b>Browsing the Source Tree</b>
-<p>
+<br><br>
If you want to browse the source tree using web browser before checking
out the tree with CVS use following link:
-<p>
+<br><br>
<a href="cvs/source/">Web Access to CVS repository
</a>
-<p>
+<br><br>
Note that this is not real-time access to the CVS repository. It is
updated once a day. If you want real-time access then checkout the CVS
repository.
-<p><br>
+<br><br><br>
<b>Howto Checkout The Source Tree</b>
-<p>
+<br><br>
The repository can be checked out by using anonymous pserver with CVS.
-<p>
+<br><br>
For those who are using sh/ksh/bash the check out is done as follows:
-<p>
+<br><br>
<font size="3">
<tt>
-export CVSROOT=:pserver:silc@silc.pspt.fi:/storage/silc/CVS
-<p>
+export CVSROOT=:pserver:cvs@cvs.silcnet.org:/cvs/silc
+<br><br>
cvs login<br>
cvs co silc<br>
</tt>
</font>
-<p>
+<br><br>
For those who are using csh/tcsh the check out is done as follows:
-<p>
+<br><br>
<font size="3">
<tt>
-setenv CVSROOT :pserver:silc@silc.pspt.fi:/storage/silc/CVS
-<p>
+setenv CVSROOT :pserver:cvs@cvs.silcnet.org:/cvs/silc
+<br><br>
cvs login<br>
cvs co silc<br>
</tt>
</font>
-<p>
+<br><br>
If you don't want to set $CVSROOT environment variable you can set the
path to the cvs as command line options:
-<p>
+<br><br>
<font size="3">
<tt>
-cvs -d:pserver:silc@silc.pspt.fi:/storage/silc/CVS login<br>
-cvs -d:pserver:silc@silc.pspt.fi:/storage/silc/CVS co silc
+cvs -d:pserver:cvs@cvs.silcnet.org:/cvs/silc login<br>
+cvs -d:pserver:cvs@cvs.silcnet.org:/cvs/silc co silc
</tt>
</font>
-<p>
+<br><br>
What ever method you decide to use, after you have done cvs login you will
be prompted for password:
-<p>
+<br><br>
<b>CVS password: </b>silc
-<p>
+<br><br>
Type the password "silc" and press Enter.
-<p>
+<br><br>
The actual SILC source tree is checked out using the cvs co silc command,
described above. This command will fetch the source tree and save it into
directory named silc. SILC CVS repository currently does not have any
branches thus this will check out the trunk. The size of the trunk is
-currently about 11 MB but will grow in the future.
+currently about 13 MB but will grow in the future.
-<p><br>
+<br><br><br>
<b>What SILC Source Tree Includes</b>
-<p>
+<br><br>
SILC Source tree includes a lot more stuff that appears in public
distribution. The source tree includes, for example, internal scripts,
configuration files, SILC webpages etc. These never appear on a public
distribution.
-<p>
+<br><br>
Following directories currently exist in SILC source tree.
-<p>
+<br><br>
<font size="3">
<tt>
doc/
-<ul>
+<br><br>
Includes all the SILC documentation. Some of the documentation
are generated when distribution is generated. The automatically
generated files must never be commited to CVS.
-</ul>
+<br><br>
includes/
-<ul>
+<br><br>
Includes SILC include files.
-</ul>
+<br><br>
lib/
-<ul>
+<br><br>
Includes SILC libraries. There maybe libraries on the CVS that
does not appear on public distribution.
-</ul>
+<br><br>
public_html/
-<ul>
+<br><br>
Includes the official SILC web pages and everything that relates
to them. This directory never appears on public distribution.
-</ul>
+<br><br>
silc/
-<ul>
+<br><br>
Includes SILC client. There can be some extra files that will
never appear in public distribution, such as, configuration files.
-</ul>
+<br><br>
silcd/
-<ul>
+<br><br>
Includes SILC server. There can be some extra files that will
never appear in public distribution, such as, configuration files.
-</ul>
</tt>
</font>
-<p><br>
+<br><br><br>
<b>Howto Compile SILC Source Tree</b>
-<p>
+<br><br>
After checkout from CVS the SILC source tree must be prepared for
configuration and compilation. To compile the source tree, give,
-<p>
+<br><br>
<font size="3">
<tt>
./prepare<br>
make
</tt>
</font>
-<p>
+<br><br>
The ./prepare script is included in to the source tree and it never
appears in public distribution. The script prepares the source tree
by creating configuration scripts and Makefiles. The prepare must be
run every time you make some changes to configuration scripts (however,
making changes to Makefile.am's does not require running ./prepare).
-<p>
+<br><br>
As a developer you should read the ./configure script's help by
giving ./configure --help and study all of its different options. Also,
you should configure the script with --enable-debug option as it
SILC_LOG_DEBUG* scripts. Warning is due here: The debugging produced
by both cilent and server is very heavy, thus it is common to test
the programs as follows:
-<p>
+<br><br>
<font size="3">
<tt>
./silc -d -f configfile 2>log<br>
</tt>
</font>
-<p><br>
+<br><br><br>
<b>Howto Clean SILC Source Tree</b>
-<p>
+<br><br>
To entirely clear the source tree to the state after it was checked out
from CVS, give,
-<p>
+<br><br>
<font size="3">
<tt>
./prepare-clean
</tt>
-</font><p>
+</font><br><br>
This calls `make distclean' plus removes automatically generated files
by hand. It also removes *.log files. However, it will not remove
any other files you might have created.
-<p><br>
+<br><br><br>
<b>Makefiles and configuration files</b>
-<p>
+<br><br>
Developers should never directly write a Makefile. All Makefiles are
always automatically generated by ./prepare and later by ./configure
scripts. Instead, developers must write Makefile.am files. There
are plenty of examples what they should look like. If you change
Makefile.am during development you don't have to run ./prepare, just
run normal make.
-<p>
+<br><br>
Configuration files are the files that ./prepare automatically generates
and what will be included into public distribution. ./prepare creates
for example the ./configure script that is not commited to the CVS.
`configure.in' is the file that developers must edit to change ./configure
script. After changing one must run ./prepare.
-</font><p>
+</font>
+<br><br>
<b>SILC Documentation</b>
<font size="2">
-<p>
+<br><br>
Currently the SILC documentation is under work and the software does not
have that much of a documentation.
-<p>
+<br><br>
README file from the software: <a href="docs/README">README</a>
<br>
Coding Style in SILC source tree: <a href="docs/CodingStyle">CodingStyle</a>
-<p>
+<br><br>
<i>Coming later: Software manual, SILC Library Reference manual</i>
-<p><br>
+<br><br><br>
</font>
<b>SILC Protocol Internet Drafts</b>
-<p>
+<br><br>
<font size="2">
SILC Protocol is documented and four Internet Drafts exists. These
Internet Drafts are also available from
<a href="http://www.ietf.org">IETF</a>.
-<p>
+<br><br>
-<li>Secure Internet Live Conferencing (SILC), Protocol Specification
-<p>
+<b>Secure Internet Live Conferencing (SILC), Protocol Specification</b>
+<br><br>
Abstract
-<p>
+<br><br>
This memo describes a Secure Internet Live Conferencing (SILC)
protocol which provides secure conferencing services over insecure
network channel. SILC is IRC [IRC] like protocol, however, it is
Three other Internet Drafts relates very closely to this memo;
SILC Packet Protocol [SILC2], SILC Key Exchange and Authentication
Protocols [SILC3] and SILC Commands [SILC4].
-<p>
+<br><br>
<a href="docs/draft-riikonen-silc-spec-02.txt">
draft-riikonen-silc-spec-02.txt</a>
-<p><br>
+<br><br><br>
-<li>SILC Packet Protocol
-<p>
+<b>SILC Packet Protocol</b>
+<br><br>
Abstract
-<p>
+<br><br>
This memo describes a Packet Protocol used in the Secure Internet Live
Conferencing (SILC) protocol, specified in the Secure Internet Live
Conferencing, Protocol Specification Internet Draft [SILC1]. This
the contents of the packets. The protocol provides secure binary packet
protocol that assures that the contents of the packets are secured and
authenticated.
-<p>
+<br><br>
<a href="docs/draft-riikonen-silc-pp-02.txt">
draft-riikonen-silc-pp-02.txt</a>
-<p><br>
+<br><br><br>
-<li>SILC Key Exchange and Authentication Protocols
-<p>
+<b>SILC Key Exchange and Authentication Protocols</b>
+<br><br>
Abstract
-<p>
+<br><br>
This memo describes two protocols used in the Secure Internet Live
Conferencing (SILC) protocol, specified in the Secure Internet Live
Conferencing, Protocol Specification internet-draft [SILC1]. The
is derived from several key exchange protocols. SKE uses best parts
of the SSH2 Key Exchange protocol, Station-To-Station (STS) protocol
and the OAKLEY Key Determination protocol [OAKLEY].
-<p>
+<br><br>
The SILC Connection Authentication protocol provides user level
authentication used when creating connections in SILC network. The
protocol is transparent to the authentication data which means that it
can be used to authenticate the user with, for example, passphrase
(pre-shared-secret) or public key (and certificate).
-<p>
+<br><br>
<a href="docs/draft-riikonen-silc-ke-auth-02.txt">
draft-riikonen-silc-ke-auth-02.txt</a>
-<p><br>
+<br><br><br>
-<li>SILC Commands
-<p>
+<b>SILC Commands</b>
+<br><br>
Abstract
-<p>
+<br><br>
This memo describes the commands used in the Secure Internet Live
Conferencing (SILC) protocol, specified in the Secure Internet Live
Conferencing, Protocol Specification Internet Draft [SILC1]. The
the commands are used by SILC clients to manage the SILC session, but
also SILC servers may use the commands. This memo specifies detailed
command messages and command reply messages.
-<p>
+<br><br>
<a href="docs/draft-riikonen-silc-commands-00.txt">
draft-riikonen-silc-commands-00.txt</a>
-<p><br>
-
-</font><p>
+<br>
+</font>
+<br><br>
<b>Download SILC</b>
<font size="2">
-<p>
+<br><br>
The latest SILC release is version <?php echo $latest; ?>. Please, read
the README
and INSTALL files after downloading for instructions how to install and
use SILC.
-<p>
+<br><br>
<b>
This version has the functional server and router linking
support. People who is running SILC servers and are interested to get the
server linked to the new router on silc.pspt.fi contact
<a href="mailto:priikone.NOSPAM@poseidon.pspt.fi">me</a> now.</b>
-<p>
+<br><br>
<b>Main Download</b>
-<p>
+<br><br>
Sources HTTP:
<a href="silc-<?php echo $latest; ?>.tar.gz">
tar.gz</a> (<?php echo
tar.bz2</a> (<?php echo
div(FileSize($FTPRoot."silc-".$latest.".tar.bz2"),1024); ?> KB)
<br>
-Sources FTP: <a href="ftp://silc.pspt.fi/pub/silc/">tar.gz and tar.bz2</a>
-<p>
+Sources FTP: <a href="ftp://silcnet.org/pub/silc/">tar.gz and tar.bz2</a>
+<br><br>
<b>Other packages</b>
-<p>
+<br><br>
Mandrake: <a
href="ftp://ftp.free.fr/pub/Distributions_Linux/Mandrake-devel/cooker/contrib/RPMS">
i586</a>,
src</a>
<br>
Debian: <a href="http://master.debian.org/~pa/silc/">deb</a>
-<p>
+<br><br>
<b>CVS Snapshots</b>
-<p>
+<br><br>
Daily CVS snapshots are available. These are generated 22:00 GMT every
night. Read the <a href="index.php?page=cvs">CVS page</a> for more
information.
-<p>
+<br><br>
HTTP: <a href="silc.tar.gz">CVS Snapshot</a>
-<p>
+<br><br>
<b>Portability</b>
-<p>
+<br><br>
The SILC has been reported to work on, at least:
-<p><ul>
-<li>Linux
-<li>FreeBSD
-<li>NetBSD
-<li>OpenBSD
-<li>HP-UX
-<li>Solaris
-<li>Windows (cygwin)
-</ul>
-</font><p>
+<br><br>
+ - Linux<br>
+ - FreeBSD<br>
+ - NetBSD<br>
+ - OpenBSD<br>
+ - HP-UX<br>
+ - Solaris<br>
+ - Windows (cygwin)
+</font><br><br>
<b>Frequently Asked Questions</b>
<font size="2">
-<p>
+<br><br>
<font color="#2f486f">Q: What is SILC?</font><br>
A: SILC (Secure Internet Live Conferencing) is a protocol which provides
secure conferencing services in the Internet over insecure channel. SILC
similarity between SILC and IRC is that they both provide conferencing
services and that SILC has almost same commands as IRC. Other than that
they are nothing alike.
-<p>
+<br><br>
Biggest differences are that SILC is secure what IRC is not in any way.
The network model is also entirely different compared to IRC.
-<p>
+<br><br>
<font color="#2f486f">Q: Why SILC in the first place?</font><br>
A: Simply for fun, nothing more. An actually for need back then when it
was started. SILC has been very interesting and educational project.
-<p>
+<br><br>
<font color="#2f486f">Q: Why use SILC? Why not IRC with SSL?</font><br>
A: Sure, that is possible, although, does that secure the entire IRC
network? And does that increase or decrease the lags and splits in the IRC network? Does that provide user based security where some specific private message are secured? Does that provide security where some specific channel messages are secured? Security is not just about applying encryption to traffic and SILC is not just about `encrypting the traffic`. You cannot make insecure protocol suddenly secure just by encrypting the traffic. SILC is not meant to be IRC replacement. IRC is good for some things, SILC is good for same and some other things.
-<p>
+<br><br>
<font color="#2f486f">Q: Can I use SILC with IRC client? What about can I use IRC with SILC client?</font><br>
A: Answer for both question is no. IRC client is in no way compatible
with SILC server. SILC client cannot currently use IRC but this may
that one could use both SILC and IRC with the same client. Although, even
then one cannot talk from SILC network to IRC network. That just is not
possible.
-<p>
+<br><br>
<font color="#2f486f">Q: Why client/server protocol is based on IRC? Would it be more interesting to implement something extensible and more powerful?</font><br>
A: They are not, not the least. Have you read the protocol specification?
The client superficially resembles IRC client but everything that happens
burden IRC and future IRC projects til the end. SILC client resembles IRC
client because it is easier for new users to start using SILC when they
already know all the commands.
-<p>
+<br><br>
<font color="#2f486f">Q: Why SILC? Why not IRC3?</font><br>
A: Question that is justified no doubt of that. I didn't start doing SILC to be replacement for IRC. SILC was something that didn't exist in 1996 or even today except that SILC is now released. However, I did check out the IRC3 project in 1997 when I started coding and planning the SILC protocol.
-<p>
+<br><br>
But, IRC3 is problematic. Why? Because it still doesn't exist. The
project is at the same spot where it was in 1997 when I checked it out.
And it was old project back then as well. Couple of months ago I checked
if I would've gone to IRC3 project, nor IRC3 or SILC would exist today. I
think IRC3 could be something really great if they just would get their
act together and start coding the thing.
-<p>
+<br><br>
<font color="#2f486f">Q: How secure SILC really is?</font><br>
A: A good question which I don't have a answer. SILC has been tried to
make as secure as possible. However, there is no security protocol or
SILC is in no means different from this. So, it is suspected that there
are security holes in the SILC. These holes just needs to be found so
that they can be fixed.
-<p>
+<br><br>
But to give you some parameters of security SILC uses the most secure
crytographic algorithms such as AES, Twofish, Blowfish, RC5, etc. SILC
does not have DES or 3DES as DES is insecure and 3DES is just too slow.
needs random numbers. Public key cryptography uses RSA (PKCS #1) and
Diffie Hellman algorithms. Key lengths for ciphers are initially set to
256. For public key algorithms the starting key length is 1024 bits.
-<p>
+<br><br>
But the best answer for this question is that SILC is as secure as its
weakest link. SILC is open and the protocol is open and in public thus
open for security analyzes.
-<p>
+<br><br>
To give a list of attacks that are ineffective against SILC:
-<p>
-<li>Man-in-the-middle attacks are ineffective if proper public key
+<br><br>
+- Man-in-the-middle attacks are ineffective if proper public key
infrastructure is used. SILC is vulnerable to this attack if the public
keys used in the SILC are not verified to be trusted (as any other
-protocol for that matter).
-<li>IP spoofing is ineffective (because of encryption and trusted keys).
-<li>Attacks that change the contents of the data or add extra data to the
-packets are ineffective (because of encryption and integrity checks).
-<li>Passive attacks (listenning network traffic) are ineffective (because
+protocol for that matter).<br>
+- IP spoofing is ineffective (because of encryption and trusted keys).<br>
+- Attacks that change the contents of the data or add extra data to the
+packets are ineffective (because of encryption and integrity checks).<br>
+- Passive attacks (listenning network traffic) are ineffective (because
of encryption). Everything is encrypted including authentication data
-such as passwords when they are needed.
-<li>Any sort of cryptanalytic attacks are tried to make ineffective by
-using the best cryptographic algorithms out there.
-<p>
+such as passwords when they are needed.<br>
+- Any sort of cryptanalytic attacks are tried to make ineffective by
+using the best cryptographic algorithms out there.<br>
+<br><br>
<i>More to come later...</i>
-</font><p>
+</font>
+<br><br>
<b>Features</b>
<font size="2">
-<p>
+<br><br>
<b>Features to be included into the final release of SILC.</b>
-<p>
-<li> Normal conferencing services such as private messages, channels, channel messages, etc. All traffic is secured and authenticated.
-<p>
-<li> No unique nicknames. There can be same nicknames in SILC without collisions. SILC has unique Client ID's, Server ID's and Channel ID's to assure that there are no collisions. The maximum length of the nickname is 128 characters. The maximum length of the channel name is 256 characters.
-<p>
-<li> Channels can have channel operators and a channel founder which is the client who created the channel. Channel founder privileges supersedes the channel operator privileges. Also, channel founder privileges may be regained even if the founder leaves the channel. The requirement for this is that the client is connected to the same server it was originally connected. The channel founder cannot be removed from the channel by force.
-<p>
-<li> Channel messages are protected by channel key, generated by the server. The key is re-generated once in an hour. It is possible to set a private key for the channel so that even the servers does not know the key. Actually, it is possible to set several private keys so that only specific users on the channel may decrypt some specific messages. Adding the private key significantly increases the security as nobody else but the users on the channel knows the key.
-<p>
-<li> Private messages are protected using the session keys, generated when connecting to the server. This means that the private messages are decrypted and re-encrypted enroute to the true receiver of the message. However, it is possible to set a private key between two clients and protect the private messages with that key. In this case no server enroute can decrypt the message since they don't have the key. The SILC protocol provides an automatic key negotiation between two clients using the SKE protocol. This makes it very easy to negotiate a shared secret key with another client in the network.
-<p>
-<li> All the other traffic, like commands between client and the server are protected using the session keys. Session keys are re-generated once in an hour. The re-key may be done with or without the PFS (Perfect Forward Secrecy).
-<p>
-<li> Secure key exchange and authentication protocol. SILC Key Exchange (SKE) protocol provides key material used in the SILC sessions in secure manner. The protocol is immune for example to man-in-the-middle attacks and is based on the Diffie-Hellman key exchange algorithm. The SILC Authentication protocol provides strong authentication. Authentication may be based on passphrase or public key (RSA) authentication. For clients there is an option not to use authentication when connecting to servers.
-<p>
-<li> All traffic is encrypted and authenticated using the best cryptographic algorithms out there. Cipher keys are, by default, 256 bits in length and public keys, by default, 1024 bits in length.
-<p>
-<li> Supports the following ciphers: AES, Twofish, Blowfish, Mars, Cast-256, RC5 and RC6. Supports the following hash functions: MD5 and SHA1. Supports the PKCS #1 (RSA) for public key cryptography.
-<p>
-<li> Supports data compression with GZIP to improve performance.
-<p>
-<li> Supports SOCKS4 and SOCKS5 firewall traversal protocols.
-<p>
-<li> SIM (SILC Module) support. Support for loading of shared objects at run-time that provides new and extended features to both SILC client and server. These can provide extra ciphers and extra features to the software.
-<p>
-<li> SILC client can be installed and used without root privileges.
-<p>
-<li> SILC client can be configured by system wide configuration files but with user specific configuration files as well.
-</font><p>
+<br><br>
+- Normal conferencing services such as private messages, channels, channel messages, etc. All traffic is secured and authenticated.
+<br><br>
+- No unique nicknames. There can be same nicknames in SILC without collisions. SILC has unique Client ID's, Server ID's and Channel ID's to assure that there are no collisions. The maximum length of the nickname is 128 characters. The maximum length of the channel name is 256 characters.
+<br><br>
+- Channels can have channel operators and a channel founder which is the client who created the channel. Channel founder privileges supersedes the channel operator privileges. Also, channel founder privileges may be regained even if the founder leaves the channel. The requirement for this is that the client is connected to the same server it was originally connected. The channel founder cannot be removed from the channel by force.
+<br><br>
+- Channel messages are protected by channel key, generated by the server. The key is re-generated once in an hour. It is possible to set a private key for the channel so that even the servers does not know the key. Actually, it is possible to set several private keys so that only specific users on the channel may decrypt some specific messages. Adding the private key significantly increases the security as nobody else but the users on the channel knows the key.
+<br><br>
+- Private messages are protected using the session keys, generated when connecting to the server. This means that the private messages are decrypted and re-encrypted enroute to the true receiver of the message. However, it is possible to set a private key between two clients and protect the private messages with that key. In this case no server enroute can decrypt the message since they don't have the key. The SILC protocol provides an automatic key negotiation between two clients using the SKE protocol. This makes it very easy to negotiate a shared secret key with another client in the network.
+<br><br>
+- All the other traffic, like commands between client and the server are protected using the session keys. Session keys are re-generated once in an hour. The re-key may be done with or without the PFS (Perfect Forward Secrecy).
+<br><br>
+- Secure key exchange and authentication protocol. SILC Key Exchange (SKE) protocol provides key material used in the SILC sessions in secure manner. The protocol is immune for example to man-in-the-middle attacks and is based on the Diffie-Hellman key exchange algorithm. The SILC Authentication protocol provides strong authentication. Authentication may be based on passphrase or public key (RSA) authentication. For clients there is an option not to use authentication when connecting to servers.
+<br><br>
+- All traffic is encrypted and authenticated using the best cryptographic algorithms out there. Cipher keys are, by default, 256 bits in length and public keys, by default, 1024 bits in length.
+<br><br>
+- Supports the following ciphers: AES, Twofish, Blowfish, Mars, Cast-256, RC5 and RC6. Supports the following hash functions: MD5 and SHA1. Supports the PKCS #1 (RSA) for public key cryptography.
+<br><br>
+- Supports data compression with GZIP to improve performance.
+<br><br>
+- Supports SOCKS4 and SOCKS5 firewall traversal protocols.
+<br><br>
+- SIM (SILC Module) support. Support for loading of shared objects at run-time that provides new and extended features to both SILC client and server. These can provide extra ciphers and extra features to the software.
+<br><br>
+- SILC client can be installed and used without root privileges.
+<br><br>
+- SILC client can be configured by system wide configuration files but with user specific configuration files as well.
+</font>
+<br><br>
<b>History</b>
<font size="2">
-<p>
+<br><br>
Even though SILC were released in summer 2000 to the public the idea and
the protocol itself is quite old. I got the idea about SILC in its
current form in the year 1996 and first lines of codes were written in
the RNG written in 1997. The RNG written in 1997, on the other hand, were
based on the SSH's random number generator. The RNG has been rewritten
twice since the first version.
-<p>
+<br><br>
I stopped writing the SILC later in 1997 when I got busy at school and in
work. The pause lasted several months. The development resumed in 1998
when my friend (Juha Räsänen) and I implemented ElGamal algorithm. I
but at that time it seemed like a good idea. Again, in the winter 1999 I
got very busy writing my thesis and was forced to stop the development
again. I also, started a new job in the spring.
-<p>
+<br><br>
Later, in 1999, I decided that this time I'm going to make it the right
way. C++ was obviously a bad choice so I decided to fall back to plain C
language. I also decided to do complete rewrite and started doing more
everytime I had some spare time. I also started a new job but I didn't
let that get to my way. The result of this development effort is the
release now in public.
-<p>
+<br><br>
I've learned a lot by doing the SILC. I guess, when I started it I wasn't
that good of a C programmer. That alone was a reason why SILC hasn't seen
the day of light before now. My programming style has also changed
since this last rewrite as well. However, the code style of current SILC
release is quite consistent (actually the coding style SILC has been
written now I've learned in my current job).
-<p>
+<br><br>
There is probably over 85% of new code in this third rewrite. Rest has
just been copied from the old versions and only minor changes has been
made (like changed function names and overall coding style). I've
preserved the dates of the old files (dating back to 1997) that has
existed in some forms in the old versions. There is a lot of new code but
already I see a lot that needs rewriting. The development continues.
-</font><p>
+</font>
+<br><br>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title> SILC Secure Internet Live Conferencing </title>
-<style TYPE="text/css">
-<!--
- A:link { text-decoration: none }
- A:visited { text-decoration: none }
- A:active { text-decoration: none }
--->
-</style>
+ <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
+ <style TYPE="text/css">
+ <!--
+ body { color: #000000; background: #aaaaaa; font-family: Helvetica, Arial, Sans-serif; }
+ a:link { text-decoration: none; color: #2f486f; }
+ a:visited { text-decoration: none;color: #2f486f; }
+ a:active { text-decoration: none; color: #2f486f; }
+ -->
+ </style>
</head>
+
<body bgcolor="#aaaaaa" text="#000000" link="#2f486f" alink="#2f486f" vlink="#2f486f">
<br>
-<center>
+<div align="center">
<table width="700" bgcolor="#000000" cellpadding="1" cellspacing="0" border="0">
<tr>
<td>
<tr><td bgcolor="#000000" height="1"><img src="img/pixel.gif" alt="" height="1"></td></tr>
<tr>
<td>
- <center>
- <table cellspacing="0" cellpadding="10" border="0"><tr><td>
+ <div align="center">
+ <table cellspacing="3" cellpadding="10" border="0"><tr><td>
<font size="2" face="Helvetica,Arial,Sans-serif">
- <li><a href="index.php?page=about">About the SILC</a>
- <li><a href="index.php?page=history">History</a>
- <li><a href="index.php?page=lists">SILC Mailing Lists</a>
- <li><a href="index.php?page=docs">SILC Documentation</a>
+ o <a href="index.php?page=about">About the SILC</a><br>
+ o <a href="index.php?page=history">History</a><br>
+ o <a href="index.php?page=lists">SILC Mailing Lists</a><br>
+ o <a href="index.php?page=docs">SILC Documentation</a><br>
</font>
</td><td>
<font size="2" face="Helvetica,Arial,Sans-serif">
- <li><a href="index.php?page=download">Download SILC</a>
- <li><a href="index.php?page=faq">SILC FAQ</a>
- <li><a href="index.php?page=features">SILC Features</a>
- <li><a href="changes.txt">ChangeLog</a>
+ o <a href="index.php?page=download">Download SILC</a><br>
+ o <a href="index.php?page=faq">The SILC FAQ</a><br>
+ o <a href="index.php?page=features">SILC Features</a><br>
+ o <a href="changes.txt">ChangeLog</a><br>
</font>
</td><td>
<font size="2" face="Helvetica,Arial,Sans-serif">
- <li><a href="index.php?page=todo">TODO</a>
- <li><a href="index.php?page=contribute">Contributing</a>
- <li><a href="index.php?page=cvs">Anonymous CVS Access</a>
- <li><a href="index.php?page=copying">The General Public License (GPL)</a>
+ o <a href="index.php?page=todo">TODO list</a><br>
+ o <a href="index.php?page=contribute">Contributing</a><br>
+ o <a href="index.php?page=cvs">Anonymous CVS Access</a><br>
+ o <a href="index.php?page=copying">The General Public License (GPL)</a><br>
</font>
</td></tr></table>
- </center>
+ </div>
</td>
- <tr>
<tr><td bgcolor="#000000" height="1"><img src="img/pixel.gif" alt="" height="1"></td></tr>
<tr>
<td>
</td>
</tr>
</table>
-<font size="1" face="Helvetica,Arial,Sans-serif">webpage by <a
-href="mailto:salo at Xtrmntr.org">salo at Xtrmntr.org</a></font>
-<br>
-<font size="1" color="#2f486f">
-<? virtual("./counter.shtml"); ?>
-</center>
+<font size="1" face="Helvetica,Arial,Sans-serif">webpage by
+<a href="mailto:salo at Xtrmntr.org">salo at Xtrmntr.org</a> |
+<b><font color="#2f486f"><? require $DocRoot."counter.php"; ?></font></b> |
+<a href="http://validator.w3.org/check/referer">W3C HTML 4.01 compliant</a>
+</font>
+</div>
</body>
</html>
<b>Public SILC Mailing Lists</b>
<font size="2">
-<p>
+<br><br>
<b>Available since: Sat Jul 22 17:23:48 EEST 2000</b>
-<p>
+<br><br>
There is currently one mailing list available. The mailing list is the
main SILC development mailing list. To subscribe to the mailing list
visit the following link and follow the instructions on the web page.
-<p>
+<br><br>
<a href="http://lists.sourceforge.net/lists/listinfo/silc-devel">
SILC-devel mailing list</a>
-<p>
+<br><br>
After you have subscribed as instructed on the web site you will receive
email for further instructions. To send email to the list the email must
be destined to: <font color="#2f486f">silc-devel at
lists.sourceforge.net</font> address.
-</font><p>
+</font>
+<br><br>
<b>SILC <?php echo $latest; ?> Is Now Available!</b>
<br><font size="1" color="#2f486f"><?php echo $latest_date ?></font>
-<font size="2"><p>
+<font size="2">
+<br><br>
The new Beta version <?php echo $latest; ?> of SILC is available for testing.
Read the README and INSTALL files after downloading for instructions how
to compile and use SILC. Report bugs to the
<a href="index.php?page=lists">SILC development mailing list</a>.
-<p>
+<br><br>
This version has the functional server and router linking support.
People who is running SILC servers and are interested to get the server
linked to the new router on silc.pspt.fi contact
<a href="mailto:priikone.NOSPAM@poseidon.pspt.fi">me</a> now.
-<p>
+<br><br>
Download: <a href="index.php?page=download">SILC <?php echo $latest; ?>
Beta Version</a>
<br>
Changes: <a href="changes.txt">SILC <?php echo $latest; ?> Changes</a>
</font>
-<p><br>
+<br><br><br>
<b>SILC Server Available For Testing</b>
-<font size="2"><p>
+<font size="2">
+<br><br>
There is SILC server up and running that can be tested. Just give command
<font color="#2f486f">/server silc.pspt.fi</font> to connect to the server. There may be some action
on channel #silc (unless everybody is sleeping) so you might want to give
command <font color="#2f486f">/join #silc</font>.
-<p>
+<br><br>
Available servers: silc.pspt.fi on port 706 is SILC Router and
silc.pspt.fi on port 707 is normal SILC server connected to the router.
Both are available for free use.
</font>
-<p><br>
+<br><br><br>
<b>New Web Pages</b>
-<font size="2"><p>
+<font size="2">
+<br><br>
As you all can see the SILC Project has a new web page layout. Enjoy!
</font>
-<p><br>
+<br><br><br>
<b>Developers Wanted For SILC Project</b>
-<font size="2"><p>
+<font size="2">
+<br><br>
SILC Project needs developers who would like to contribute their time,
skills and ideas to the project. SILC still has a long road ahead before
the first official stable release.
-<p>
+<br><br>
If You would like to contribute to SILC project please contact me at:
<a href="mailto:priikone.NOSPAM@poseidon.pspt.fi">priikone at poseidon.pspt.fi</a>
-<p>
+</font>
+<br><br>
-<pre>
-<font face=courier size=3>
-<?php
-require $DocRoot.EReg_Replace('([^a-zA-Z0-9])*','',todo).".txt"
+<br>
+<tt>
+<font face="courier" size="3">
+<?php
+
+if (File_exists($DocRoot."todo.txt"))
+ if ($fp = @FOpen($DocRoot."todo.txt", "r")) {
+
+ while($line = FGets($fp, 255)) {
+ $newline = Ereg_Replace("^[ ]{2,4}"," ",$line);
+ $line = Ereg_Replace("^([\t]|[ ][\t])"," ",$newline);
+ printf("%s", nl2br($line));
+ }
+
+ FClose($fp);
+ }
?>
</font>
-<p>
+</tt>
+<br>
projects / silc.git / commitdiff