--- /dev/null
+<b>About SILC</b>
+<font size="2">
+<p>
+SILC (Secure Internet Live Conferencing) is a protocol which provides secure conferencing services in the Internet over insecure channel. SILC is IRC like software although internally they are very different. Biggest similarity between SILC and IRC is that they both provide conferencing services and that SILC has almost same commands as IRC. Other than that they are nothing alike. Biggest differences are that SILC is secure what IRC is not in any way. The network model is also entirely different compared to IRC.
+<p>
+SILC provides security services that any other conferencing protocol does not offer today. The most popular conferencing service, IRC, is entirely insecure. If you need secure place to talk to some people or to group of people over the Internet, IRC or any other conferencing service, for that matter, cannot be used. Anyone can see the messages and their contents in the IRC network. And the most worse case, some people is able to change the contents of the messages. Also, all the authentication data, such as, passwords are sent plaintext.
+<p>
+SILC is a lot more than just about `encrypting the traffic'. That is easy enough to do with IRC, SSL and some ad hoc scripts, and even then the entire network cannot be secured, only part of it. SILC provides security services, such as, sending private messages entirely secure; no one can see the message except you and the real receiver of the message. SILC also provides same functionality for channels; no one except those clients joined to the channel may see the messages destined to the channel. Communication between client and server is also secured with session keys, and all commands, authentication data (such as passwords etc.) and other traffic is entirely secured. The entire network, and all parts of it, is secured. This is something that cannot be done currently with any other conferencing protocol, even when using the ad hoc scripts. :)
+<p>
+SILC has secure key exchange protocol that is used to create the session keys for each connection. SILC also provides strong authentication based on either passwords or public key authentication. All authentication data is always encrypted in the SILC network. All connections has their own session keys, all channels has channel specific keys, and all private messages can be secured with private message specific keys.
+<p>
+SILC is an open source (or freeware) project and it has been released under the GNU General Public Licence. The SILC is free to use and everyone is free to distribute and change the SILC under the terms of the GNU GPL. While there is no guarantee for the product SILC has been tried make as secure as possible. The fact that the software and the protocol is open for public analysis is a good thing for end user.
+<p>
+Protocol specification of SILC protocol is available for anyone to look at. There exists four Internet Drafts that has been submitted to <a href="http://www.ietf.org">IETF</a>. See <a href="index.php?page=docs">documentation page</a> for more information.
+<p></font>
+<b>Contact</b>
+<font size="2">
+<p>
+Feedback and comments are welcome. You can reach me in the following Address.
+<p>
+Pekka Riikonen<br>
+priikone at poseidon.pspt.fi
+<p>
--- /dev/null
+<b>Contributing</b>
+<font size="2">
+<p>
+Developers are needed in SILC project. Everyone who has the time and
+ability is welcome to come and join the project. We need C coders,
+technical writers (to write documentation) and web administrator to take
+over these web pages. Feel free to start narrowing down the TODO
+list.
+<p>
+Interested people are also welcome to give new ideas to the SILC protocol
+that is still in its draft phase. You should probably go and read the
+SILC protocol specification Internet Drafts to get the idea about what
+SILC actually is. The current software version might not give the
+whole picture of the SILC. The Internet Drafts are available in
+<a href="index.php?page=docs">documentation page.</a>
+<p>
+Who wants to send code to the project should read the <a
+href="docs/CodingStyle">CodingStyle</a>
+documentation. New code must comply with the coding style conventions
+described in that document.
+<p>
+There is anonymous CVS acccess for those who want to participate the
+development process. Go see the <a href="index.php?page=cvs">CVS page.</a>
+</font><p>
--- /dev/null
+<b>GNU GENERAL PUBLIC LICENSE<br>
+Version 2, June 1991</b>
+<font size="2">
+<p>
+Copyright (C) 1989, 1991 Free Software Foundation, Inc.<br>
+59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+<p>
+Everyone is permitted to copy and distribute verbatim copies<br>
+of this license document, but changing it is not allowed.
+<p>
+<b>Preamble</b>
+<P>
+ The licenses for most software are designed to take away your
+freedom to share and change it. By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users. This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it. (Some other Free Software Foundation software is covered by
+the GNU Library General Public License instead.) You can apply it to
+your programs, too.
+<P>
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+<P>
+ To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+<P>
+ For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have. You must make sure that they, too, receive or can get the
+source code. And you must show them these terms so they know their
+rights.
+<P>
+ We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+<P>
+ Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software. If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+<P>
+ Finally, any free program is threatened constantly by software
+patents. We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary. To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+<P>
+ The precise terms and conditions for copying, distribution and
+modification follow.
+<p>
+<b>TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION</b>
+<P>
+<STRONG>0.</STRONG>
+ This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License. The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language. (Hereinafter, translation is included without limitation in
+the term "modification".) Each licensee is addressed as "you".
+<P>
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope. The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+<P>
+<STRONG>1.</STRONG>
+ You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+<P>
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+<P>
+<STRONG>2.</STRONG>
+ You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+<P>
+<UL>
+<LI><STRONG>a)</STRONG>
+ You must cause the modified files to carry prominent notices
+ stating that you changed the files and the date of any change.
+<P>
+<LI><STRONG>b)</STRONG>
+ You must cause any work that you distribute or publish, that in
+ whole or in part contains or is derived from the Program or any
+ part thereof, to be licensed as a whole at no charge to all third
+ parties under the terms of this License.
+<P>
+<LI><STRONG>c)</STRONG>
+ If the modified program normally reads commands interactively
+ when run, you must cause it, when started running for such
+ interactive use in the most ordinary way, to print or display an
+ announcement including an appropriate copyright notice and a
+ notice that there is no warranty (or else, saying that you provide
+ a warranty) and that users may redistribute the program under
+ these conditions, and telling the user how to view a copy of this
+ License. (Exception: if the Program itself is interactive but
+ does not normally print such an announcement, your work based on
+ the Program is not required to print an announcement.)
+</UL>
+These requirements apply to the modified work as a whole. If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works. But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+<P>
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+<P>
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+<P>
+<STRONG>3.</STRONG>
+ You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+<UL>
+<LI><STRONG>a)</STRONG>
+ Accompany it with the complete corresponding machine-readable
+ source code, which must be distributed under the terms of Sections
+ 1 and 2 above on a medium customarily used for software interchange; or,
+<P>
+<LI><STRONG>b)</STRONG>
+ Accompany it with a written offer, valid for at least three
+ years, to give any third party, for a charge no more than your
+ cost of physically performing source distribution, a complete
+ machine-readable copy of the corresponding source code, to be
+ distributed under the terms of Sections 1 and 2 above on a medium
+ customarily used for software interchange; or,
+<P>
+<LI><STRONG>c)</STRONG>
+ Accompany it with the information you received as to the offer
+ to distribute corresponding source code. (This alternative is
+ allowed only for noncommercial distribution and only if you
+ received the program in object code or executable form with such
+ an offer, in accord with Subsection b above.)
+</UL>
+The source code for a work means the preferred form of the work for
+making modifications to it. For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable. However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+<P>
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+<P>
+<STRONG>4.</STRONG>
+ You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License. Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+<P>
+<STRONG>5.</STRONG>
+ You are not required to accept this License, since you have not
+signed it. However, nothing else grants you permission to modify or
+distribute the Program or its derivative works. These actions are
+prohibited by law if you do not accept this License. Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+<P>
+<STRONG>6.</STRONG>
+ Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions. You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+<P>
+<STRONG>7.</STRONG>
+ If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all. For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+<P>
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+<P>
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices. Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+<P>
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+<P>
+<STRONG>8.</STRONG>
+ If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded. In such case, this License incorporates
+the limitation as if written in the body of this License.
+<P>
+<STRONG>9.</STRONG>
+ The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time. Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+<P>
+Each version is given a distinguishing version number. If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation. If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+<P>
+<STRONG>10.</STRONG>
+ If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission. For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this. Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+<P>
+<STRONG>NO WARRANTY</STRONG>
+<P>
+<STRONG>11.</STRONG>
+ BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+<P>
+<STRONG>12.</STRONG>
+ IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+<P>
+<b>END OF TERMS AND CONDITIONS</b>
+</font><p>
--- /dev/null
+<b>Anonymous CVS access</b>
+<font size="2">
+<p>
+Anonymous CVS access is now available to SILC CVS repository. The
+repository includes everything related to SILC project; source codes,
+documentation and even these web pages. The CVS access is of course public
+but it is intended for developers. After you have checked out the SILC
+source tree you should read README.CVS file from the source tree or rest
+of this web page.
+<p>
+Also note that this is the closest to real time development you can get
+thus you cannot expect that the source tree would work or even compile.
+While it is our intention that the trunk would always at least compile
+there might be situations when it will not.
+
+<p><br>
+
+<b>Browsing the Source Tree</b>
+<p>
+If you want to browse the source tree using web browser before checking
+out the tree with CVS use following link:
+<p>
+<a href="cvs/source/">Web Access to CVS repository
+</a>
+<p>
+Note that this is not real-time access to the CVS repository. It is
+updated once a day. If you want real-time access then checkout the CVS
+repository.
+
+<p><br>
+
+<b>Howto Checkout The Source Tree</b>
+<p>
+The repository can be checked out by using anonymous pserver with CVS.
+<p>
+For those who are using sh/ksh/bash the check out is done as follows:
+<p>
+<font size="3">
+<tt>
+export CVSROOT=:pserver:silc@silc.pspt.fi:/storage/silc/CVS
+<p>
+cvs login<br>
+cvs co silc<br>
+</tt>
+</font>
+
+<p>
+For those who are using csh/tcsh the check out is done as follows:
+<p>
+<font size="3">
+<tt>
+setenv CVSROOT :pserver:silc@silc.pspt.fi:/storage/silc/CVS
+<p>
+cvs login<br>
+cvs co silc<br>
+</tt>
+</font>
+<p>
+If you don't want to set $CVSROOT environment variable you can set the
+path to the cvs as command line options:
+<p>
+<font size="3">
+<tt>
+cvs -d:pserver:silc@silc.pspt.fi:/storage/silc/CVS login<br>
+cvs -d:pserver:silc@silc.pspt.fi:/storage/silc/CVS co silc
+</tt>
+</font>
+<p>
+What ever method you decide to use, after you have done cvs login you will
+be prompted for password:
+<p>
+<b>CVS password: </b>silc
+<p>
+Type the password "silc" and press Enter.
+<p>
+The actual SILC source tree is checked out using the cvs co silc command,
+described above. This command will fetch the source tree and save it into
+directory named silc. SILC CVS repository currently does not have any
+branches thus this will check out the trunk. The size of the trunk is
+currently about 11 MB but will grow in the future.
+
+<p><br>
+
+<b>What SILC Source Tree Includes</b>
+<p>
+SILC Source tree includes a lot more stuff that appears in public
+distribution. The source tree includes, for example, internal scripts,
+configuration files, SILC webpages etc. These never appear on a public
+distribution.
+<p>
+Following directories currently exist in SILC source tree.
+<p>
+<font size="3">
+<tt>
+doc/
+<ul>
+Includes all the SILC documentation. Some of the documentation
+are generated when distribution is generated. The automatically
+generated files must never be commited to CVS.
+</ul>
+includes/
+<ul>
+Includes SILC include files.
+</ul>
+lib/
+<ul>
+Includes SILC libraries. There maybe libraries on the CVS that
+does not appear on public distribution.
+</ul>
+public_html/
+<ul>
+Includes the official SILC web pages and everything that relates
+to them. This directory never appears on public distribution.
+</ul>
+silc/
+<ul>
+Includes SILC client. There can be some extra files that will
+never appear in public distribution, such as, configuration files.
+</ul>
+silcd/
+<ul>
+Includes SILC server. There can be some extra files that will
+never appear in public distribution, such as, configuration files.
+</ul>
+</tt>
+</font>
+
+<p><br>
+
+<b>Howto Compile SILC Source Tree</b>
+<p>
+After checkout from CVS the SILC source tree must be prepared for
+configuration and compilation. To compile the source tree, give,
+<p>
+<font size="3">
+<tt>
+./prepare<br>
+./configure --enable-debug<br>
+make
+</tt>
+</font>
+<p>
+
+The ./prepare script is included in to the source tree and it never
+appears in public distribution. The script prepares the source tree
+by creating configuration scripts and Makefiles. The prepare must be
+run every time you make some changes to configuration scripts (however,
+making changes to Makefile.am's does not require running ./prepare).
+<p>
+As a developer you should read the ./configure script's help by
+giving ./configure --help and study all of its different options. Also,
+you should configure the script with --enable-debug option as it
+compiles SILC with -g (debugging) option and it enables the
+SILC_LOG_DEBUG* scripts. Warning is due here: The debugging produced
+by both cilent and server is very heavy, thus it is common to test
+the programs as follows:
+<p>
+<font size="3">
+<tt>
+./silc -d -f configfile 2>log<br>
+./silcd -d -f configfile 2>log
+</tt>
+</font>
+
+<p><br>
+
+<b>Howto Clean SILC Source Tree</b>
+<p>
+To entirely clear the source tree to the state after it was checked out
+from CVS, give,
+<p>
+<font size="3">
+<tt>
+./prepare-clean
+</tt>
+</font><p>
+
+This calls `make distclean' plus removes automatically generated files
+by hand. It also removes *.log files. However, it will not remove
+any other files you might have created.
+
+<p><br>
+
+<b>Makefiles and configuration files</b>
+<p>
+Developers should never directly write a Makefile. All Makefiles are
+always automatically generated by ./prepare and later by ./configure
+scripts. Instead, developers must write Makefile.am files. There
+are plenty of examples what they should look like. If you change
+Makefile.am during development you don't have to run ./prepare, just
+run normal make.
+<p>
+Configuration files are the files that ./prepare automatically generates
+and what will be included into public distribution. ./prepare creates
+for example the ./configure script that is not commited to the CVS.
+`configure.in' is the file that developers must edit to change ./configure
+script. After changing one must run ./prepare.
+</font><p>
--- /dev/null
+<b>SILC Documentation</b>
+<font size="2">
+<p>
+Currently the SILC documentation is under work and the software does not
+have that much of a documentation.
+<p>
+README file from the software: <a href="docs/README">README</a>
+<br>
+Coding Style in SILC source tree: <a href="docs/CodingStyle">CodingStyle</a>
+<p>
+<i>Coming later: Software manual, SILC Library Reference manual</i>
+
+<p><br>
+
+</font>
+<b>SILC Protocol Internet Drafts</b>
+<p>
+<font size="2">
+SILC Protocol is documented and four Internet Drafts exists. These
+Internet Drafts are also available from
+<a href="http://www.ietf.org">IETF</a>.
+<p>
+
+<li>Secure Internet Live Conferencing (SILC), Protocol Specification
+<p>
+Abstract
+<p>
+ This memo describes a Secure Internet Live Conferencing (SILC)
+ protocol which provides secure conferencing services over insecure
+ network channel. SILC is IRC [IRC] like protocol, however, it is
+ not equivalent to IRC and does not support IRC. Strong cryptographic
+ methods are used to protect SILC packets inside the SILC network.
+ Three other Internet Drafts relates very closely to this memo;
+ SILC Packet Protocol [SILC2], SILC Key Exchange and Authentication
+ Protocols [SILC3] and SILC Commands [SILC4].
+<p>
+<a href="docs/draft-riikonen-silc-spec-02.txt">
+draft-riikonen-silc-spec-02.txt</a>
+<p><br>
+
+<li>SILC Packet Protocol
+<p>
+Abstract
+<p>
+ This memo describes a Packet Protocol used in the Secure Internet Live
+ Conferencing (SILC) protocol, specified in the Secure Internet Live
+ Conferencing, Protocol Specification Internet Draft [SILC1]. This
+ protocol describes the packet types and packet payloads which defines
+ the contents of the packets. The protocol provides secure binary packet
+ protocol that assures that the contents of the packets are secured and
+ authenticated.
+<p>
+<a href="docs/draft-riikonen-silc-pp-02.txt">
+draft-riikonen-silc-pp-02.txt</a>
+<p><br>
+
+<li>SILC Key Exchange and Authentication Protocols
+<p>
+Abstract
+<p>
+ This memo describes two protocols used in the Secure Internet Live
+ Conferencing (SILC) protocol, specified in the Secure Internet Live
+ Conferencing, Protocol Specification internet-draft [SILC1]. The
+ SILC Key Exchange (SKE) protocol provides secure key exchange between
+ two parties resulting into shared secret key material. The protocol
+ is based on Diffie-Hellman key exchange algorithm and its functionality
+ is derived from several key exchange protocols. SKE uses best parts
+ of the SSH2 Key Exchange protocol, Station-To-Station (STS) protocol
+ and the OAKLEY Key Determination protocol [OAKLEY].
+<p>
+ The SILC Connection Authentication protocol provides user level
+ authentication used when creating connections in SILC network. The
+ protocol is transparent to the authentication data which means that it
+ can be used to authenticate the user with, for example, passphrase
+ (pre-shared-secret) or public key (and certificate).
+<p>
+<a href="docs/draft-riikonen-silc-ke-auth-02.txt">
+draft-riikonen-silc-ke-auth-02.txt</a>
+<p><br>
+
+<li>SILC Commands
+<p>
+Abstract
+<p>
+ This memo describes the commands used in the Secure Internet Live
+ Conferencing (SILC) protocol, specified in the Secure Internet Live
+ Conferencing, Protocol Specification Internet Draft [SILC1]. The
+ SILC Commands are very important part of the SILC protocol. Usually
+ the commands are used by SILC clients to manage the SILC session, but
+ also SILC servers may use the commands. This memo specifies detailed
+ command messages and command reply messages.
+<p>
+<a href="docs/draft-riikonen-silc-commands-00.txt">
+draft-riikonen-silc-commands-00.txt</a>
+<p><br>
+
+</font><p>
--- /dev/null
+<b>Download SILC</b>
+<font size="2">
+<p>
+The latest SILC release is version <?php echo $latest; ?>. Please, read
+the README
+and INSTALL files after downloading for instructions how to install and
+use SILC.
+<p>
+<b>
+This version has the functional server and router linking
+support. People who is running SILC servers and are interested to get the
+server linked to the new router on silc.pspt.fi contact
+<a href="mailto:priikone.NOSPAM@poseidon.pspt.fi">me</a> now.</b>
+<p>
+<b>Main Download</b>
+<p>
+Sources HTTP:
+<a href="silc-<?php echo $latest; ?>.tar.gz">
+tar.gz</a> (<?php echo
+div(FileSize($FTPRoot."silc-".$latest.".tar.gz"),1024); ?> KB),
+<a href="silc-<?php echo $latest; ?>.tar.bz2">
+tar.bz2</a> (<?php echo
+div(FileSize($FTPRoot."silc-".$latest.".tar.bz2"),1024); ?> KB)
+<br>
+Sources FTP: <a href="ftp://silc.pspt.fi/pub/silc/">tar.gz and tar.bz2</a>
+<p>
+<b>Other packages</b>
+<p>
+Mandrake: <a
+href="ftp://ftp.free.fr/pub/Distributions_Linux/Mandrake-devel/cooker/contrib/RPMS">
+i586</a>,
+<a
+href="ftp://ftp.free.fr/pub/Distributions_Linux/Mandrake-devel/cooker/contrib/SRPMS">
+src</a>
+<br>
+Debian: <a href="http://master.debian.org/~pa/silc/">deb</a>
+<p>
+<b>CVS Snapshots</b>
+<p>
+Daily CVS snapshots are available. These are generated 22:00 GMT every
+night. Read the <a href="index.php?page=cvs">CVS page</a> for more
+information.
+<p>
+HTTP: <a href="silc.tar.gz">CVS Snapshot</a>
+<p>
+<b>Portability</b>
+<p>
+The SILC has been reported to work on, at least:
+<p><ul>
+<li>Linux
+<li>FreeBSD
+<li>NetBSD
+<li>OpenBSD
+<li>HP-UX
+<li>Solaris
+</ul>
+</font><p>
--- /dev/null
+<b>Frequently Asked Questions</b>
+<font size="2">
+<p>
+<font color="#2f486f">Q: What is SILC?</font><br>
+A: SILC (Secure Internet Live Conferencing) is a protocol which provides secure conferencing services in the Internet over insecure channel. SILC is IRC like although internally they are very different. Biggest similarity between SILC and IRC is that they both provide conferencing services and that SILC has almost same commands as IRC. Other than that they are nothing alike.
+<p>
+Biggest differences are that SILC is secure what IRC is not in any way. The network model is also entirely different compared to IRC.
+<p>
+<font color="#2f486f">Q: Why SILC in the first place?</font><br>
+A: Simply for fun, nothing more. An actually for need back then when it was started. SILC has been very interesting and educational project.
+<p>
+<font color="#2f486f">Q: When will SILC be completed?</font><br>
+A: SILC still has a lot things to do. The time of completion is much related to how many interested people is willing to join the effort. It will be ready when it is ready. The reason for release of the current development version is just to get it out and people aware that something like this exist. SILC is not ready for production use so it is not expected that there is that much of a hype around SILC. I don't have to hurry... :)
+<p>
+<font color="#2f486f">Q: Why use SILC? Why not IRC with SSL?</font><br>
+A: Sure, that is possible, although, does that secure the entire IRC network? And does that increase or decrease the lags and splits in the IRC network? Does that provide user based security where some specific private message are secured? Does that provide security where some specific channel messages are secured? Security is not just about applying encryption to traffic and SILC is not just about `encrypting the traffic`. You cannot make insecure protocol suddenly secure just by encrypting the traffic. SILC is not meant to be IRC replacement. IRC is good for some things, SILC is good for same and some other things.
+<p>
+<font color="#2f486f">Q: Can I use SILC with IRC client? What about can I use IRC with SILC client?</font><br>
+A: Answer for both question is no. IRC client is in no way compatible with SILC server. SILC client cannot currently use IRC but this may change in the future if IRC support is added to the SILC client. After that one could use both SILC and IRC with the same client. Although, even then one cannot talk from SILC network to IRC network. That just is not possible.
+<p>
+<font color="#2f486f">Q: Why client/server protocol is based on IRC? Would it be more interesting to implement something extensible and more powerful?</font><br>
+A: They are not, not the least. Have you read the protocol specification? The client superficially resembles IRC client but everything that happens under the hood is nothing alike IRC. SILC could *never* support IRC because the entire network toppology is different (hopefully more scalable and powerful). So no, SILC protocol (client or server) is not based on IRC. Instead, I've taken good things from IRC and leaved all the bad things behind and not even tried to burden myself with the IRC caveats that will burden IRC and future IRC projects til the end. SILC client resembles IRC client because it is easier for new users to start using SILC when they already know all the commands.
+<p>
+<font color="#2f486f">Q: Why SILC? Why not IRC3?</font><br>
+A: Question that is justified no doubt of that. I didn't start doing SILC to be replacement for IRC. SILC was something that didn't exist in 1996 or even today except that SILC is now released. However, I did check out the IRC3 project in 1997 when I started coding and planning the SILC protocol.
+<p>
+But, IRC3 is problematic. Why? Because it still doesn't exist. The project is at the same spot where it was in 1997 when I checked it out. And it was old project back then as well. Couple of months ago I checked it again and nothing were happening. That's the problem of IRC3 project. The same almost happened to SILC as well as I wasn't making real progress over the years. I talked to the original author of IRC, Jarkko Oikarinen, in 1997 and he directed me to the IRC3 project, although he said that IRC3 is a lot of talking and not that much of anything else. I am not trying to put down the IRC3 project but its problem is that no one in the project is able to make a decision what is the best way to go about making the IRC3 and I wasn't going to be part of that. The fact is that if I would've gone to IRC3 project, nor IRC3 or SILC would exist today. I think IRC3 could be something really great if they just would get their act together and start coding the thing.
+<p>
+<font color="#2f486f">Q: How secure SILC really is?</font><br>
+A: A good question which I don't have a answer. SILC has been tried to make as secure as possible. However, there is no security protocol or security software that has not been vulnerable to some sort of attacks. SILC is in no means different from this. So, it is suspected that there are security holes in the SILC. These holes just needs to be found so that they can be fixed.
+<p>
+But to give you some parameters of security SILC uses the most secure crytographic algorithms such as Blowfish, RC5, Twofish, etc. SILC does not have DES or 3DES as DES is insecure and 3DES is just too slow. SILC also uses cryptographically strong random number generator when it needs random numbers. Public key cryptography uses RSA and Diffie Hellman algorithms. Key lengths for ciphers are initially set to 128 bits but many algorithm supports longer keys. For public key algorithms the starting key length is 1024 bits.
+<p>
+But the best answer for this question is that SILC is as secure as its weakest link. SILC is open and the protocol is open and in public thus open for security analyzes.
+<p>
+To give a list of attacks that are ineffective against SILC:
+<p>
+<li>Man-in-the-middle attacks are ineffective if proper public key infrastructure is used. SILC is vulnerable to this attack if the public keys used in the SILC are not verified to be trusted.
+<li>IP spoofing is ineffective (because of encryption and trusted keys).
+<li>Attacks that change the contents of the data or add extra data to the packets are ineffective (because of encryption and integrity checks).
+<li>Passive attacks (listenning network traffic) are ineffective (because of encryption). Everything is encrypted including authentication data such as passwords when they are needed.
+<li>Any sort of cryptanalytic attacks are tried to make ineffective by using the best cryptographic algorithms out there.
+<p>
+<i>More to come later...</i>
+</font><p>
--- /dev/null
+<b>Features</b>
+<font size="2">
+<p>
+<b>Features to be included into the final release of SILC.</b>
+<p>
+<li> Normal conferencing services such as private messages, channels, channel messages, etc. All traffic is secured and authenticated.
+<p>
+<li> No unique nicknames. There can be same nicknames in SILC without collisions. SILC has unique Client ID's, Server ID's and Channel ID's to assure that there are no collisions. The maximum length of the nickname is 128 characters. The maximum length of the channel name is 256 characters.
+<p>
+<li> Channels can have channel operators and a channel founder which is the client who created the channel. Channel founder privileges supersedes the channel operator privileges. Also, channel founder privileges may be regained even if the founder leaves the channel. The requirement for this is that the client is connected to the same server it was originally connected. The channel founder cannot be removed from the channel by force.
+<p>
+<li> Channel messages are protected by channel key, generated by the server. The key is re-generated once in an hour. It is possible to set a private key for the channel so that even the servers does not know the key. Actually, it is possible to set several private keys so that only specific users on the channel may decrypt some specific messages. Adding the private key significantly increases the security as nobody else but the users on the channel knows the key.
+<p>
+<li> Private messages are protected using the session keys, generated when connecting to the server. This means that the private messages are decrypted and re-encrypted enroute to the true receiver of the message. However, it is possible to set a private key between two clients and protect the private messages with that key. In this case no server enroute can decrypt the message since they don't have the key. The SILC protocol provides an automatic key negotiation between two clients using the SKE protocol. This makes it very easy to negotiate a shared secret key with another client in the network.
+<p>
+<li> All the other traffic, like commands between client and the server are protected using the session keys. Session keys are re-generated once in an hour. The re-key may be done with or without the PFS (Perfect Forward Secrecy).
+<p>
+<li> Secure key exchange and authentication protocol. SILC Key Exchange (SKE) protocol provides key material used in the SILC sessions in secure manner. The protocol is immune for example to man-in-the-middle attacks and is based on the Diffie-Hellman key exchange algorithm. The SILC Authentication protocol provides strong authentication. Authentication may be based on passphrase or public key (RSA) authentication. For clients there is an option not to use authentication when connecting to servers.
+<p>
+<li> All traffic is encrypted and authenticated using the best cryptographic algorithms out there. Cipher keys are, by default, 256 bits in length and public keys, by default, 1024 bits in length.
+<p>
+<li> Supports the following ciphers: AES, Twofish, Blowfish, Mars, Cast-256, RC5 and RC6. Supports the following hash functions: MD5 and SHA1. Supports the PKCS #1 (RSA) for public key cryptography.
+<p>
+<li> Supports data compression with GZIP to improve performance.
+<p>
+<li> SIM (SILC Module) support. Support for loading of shared objects at run-time that provides new and extended features to both SILC client and server. These can provide extra ciphers and extra features to the software.
+<p>
+<li> SILC client can be installed and used without root privileges.
+<p>
+<li> SILC client can be configured by system wide configuration files but with user specific configuration files as well.
+</font><p>
--- /dev/null
+<b>History</b>
+<font size="2">
+<p>
+Even though SILC were released in summer 2000 to the public the idea and the protocol itself is quite old. I got the idea about SILC in its current form in the year 1996 and first lines of codes were written in early 1997. This release is now third rewrite of the SILC. The very first version were written in 1997 and it included SILC client and very very preliminary SILC server. The server actually weren't usable but the client looked pretty much the same as it does now. At that time the SILC also included RSA implementation and 3DES implementation. The random number generator that exists in this current release is actually based on the RNG written in 1997. The RNG written in 1997, on the other hand, were based on the SSH's random number generator. The RNG has been rewritten twice since the first version.
+<p>
+I stopped writing the SILC later in 1997 when I got busy at school and in work. The pause lasted several months. The development resumed in 1998 when my friend (Juha Räsänen) and I implemented ElGamal algorithm. I rewrote some other parts as well. However, for the same reasons as previously the development stopped again. I resumed the development later in 1998 by doing rewrite of the SILC in C++. This was obviously a mistake but at that time it seemed like a good idea. Again, in the winter 1999 I got very busy writing my thesis and was forced to stop the development again. I also, started a new job in the spring.
+<p>
+Later, in 1999, I decided that this time I'm going to make it the right way. C++ was obviously a bad choice so I decided to fall back to plain C language. I also decided to do complete rewrite and started doing more thorough planning of what the SILC actually should include. I also decided that this time it is going to kill me before I stop the development. I started writing SILC in the weekends and actually everytime I had some spare time. I also started a new job but I didn't let that get to my way. The result of this development effort is the release now in public.
+<p>
+I've learned a lot by doing the SILC. I guess, when I started it I wasn't that good of a C programmer. That alone was a reason why SILC hasn't seen the day of light before now. My programming style has also changed dramatically during these years. Actually, it has changed couple times since this last rewrite as well. However, the code style of current SILC release is quite consistent (actually the coding style SILC has been written now I've learned in my current job).
+<p>
+There is probably over 85% of new code in this third rewrite. Rest has just been copied from the old versions and only minor changes has been made (like changed function names and overall coding style). I've preserved the dates of the old files (dating back to 1997) that has existed in some forms in the old versions. There is a lot of new code but already I see a lot that needs rewriting. The development continues.
+</font><p>
--- /dev/null
+<html>
+<head>
+ <title> SILC Secure Internet Live Conferencing </title>
+<style TYPE="text/css">
+<!--
+ A:link { text-decoration: none }
+ A:visited { text-decoration: none }
+ A:active { text-decoration: none }
+-->
+</style>
+</head>
+<body bgcolor="#aaaaaa" text="#000000" link="#2f486f" alink="#2f486f" vlink="#2f486f">
+
+<br>
+<center>
+<table width="700" bgcolor="#000000" cellpadding="1" cellspacing="0" border="0">
+ <tr>
+ <td>
+ <table width="100%" bgcolor="#ffffff" cellpadding="0" cellspacing="0" border="0">
+ <tr>
+ <td bgcolor="#e2e2e2">
+ <br><a href="index.php?page=news"><img src="img/silc.gif" width="700" height="100" alt=" SILC Secure Internet Live Conferencing " border="0"></a>
+ </td>
+ </tr>
+ <tr><td bgcolor="#000000" height="1"><img src="img/pixel.gif" alt="" height="1"></td></tr>
+ <tr>
+ <td>
+ <center>
+ <table cellspacing="0" cellpadding="10" border="0"><tr><td>
+ <font size="2" face="Helvetica,Arial,Sans-serif">
+ <li><a href="index.php?page=about">About the SILC</a>
+ <li><a href="index.php?page=faq">The SILC FAQ</a>
+ <li><a href="index.php?page=docs">SILC Documentation</a>
+ <li><a href="index.php?page=history">History</a>
+ </font>
+ </td><td>
+ <font size="2" face="Helvetica,Arial,Sans-serif">
+ <li><a href="index.php?page=download">Download SILC</a>
+ <li><a href="index.php?page=features">SILC Features</a>
+ <li><a href="changes.txt">ChangeLog</a>
+ <li><a href="todo.txt">TODO</a>
+ </font>
+ </td><td>
+ <font size="2" face="Helvetica,Arial,Sans-serif">
+ <li><a href="index.php?page=lists">SILC Mailing Lists</a>
+ <li><a href="index.php?page=contribute">Contributing</a>
+ <li><a href="index.php?page=cvs">Anonymous CVS Access</a>
+ <li><a href="index.php?page=copying">The General Public License (GPL)</a>
+ </font>
+ </td></tr></table>
+ </center>
+ </td>
+ <tr>
+ <tr><td bgcolor="#000000" height="1"><img src="img/pixel.gif" alt="" height="1"></td></tr>
+ <tr>
+ <td>
+ <table width="100%" bgcolor="#e2e2e2" cellpadding="10" cellspacing="0" border="0">
+ <tr><td><font face="Helvetica,Arial,Sans-serif">
+<?php
+
+// directory where SILC FTP files are located
+$FTPRoot = "/home/ftp/pub/silc/";
+
+// directory where SILC HTML documents are located
+$DocRoot = "/home/priikone/public_html/silc/silc/";
+
+// remove dangerous characters, only alphanumerical characters are passed
+$SecurityFilter = $DocRoot.EReg_Replace('([^a-zA-Z0-9])*','',$page).".php";
+
+// read latest release version
+if (File_Exists($DocRoot."LATEST")) {
+ $fp = FOpen($DocRoot."LATEST","r");
+ $latest = EReg_Replace('([^a-zA-Z0-9.])*','',FGetS($fp,255));
+ FClose($fp);
+}
+
+function div($a,$b) {
+return (int) ($a/$b);
+}
+
+// read document, if it is not valid then read first page
+if (Is_File($SecurityFilter))
+ require $SecurityFilter;
+else
+ require $DocRoot."news.php";
+
+?>
+ </font>
+ </td></tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+</table>
+<font size="1" face="Helvetica,Arial,Sans-serif">webpage by <a href="mailto:salo at Xtrmntr.org">salo at Xtrmntr.org</a></font>
+</center>
+
+</body>
+</html>
--- /dev/null
+<b>Public SILC Mailing Lists</b>
+<font size="2">
+<p>
+<b>Available since: Sat Jul 22 17:23:48 EEST 2000</b>
+<p>
+There is currently one mailing list available. The mailing list is the main SILC development mailing list. To subscribe to the mailing list visit the following link and follow the instructions on the web page.
+<p>
+<a href="http://lists.sourceforge.net/lists/listinfo/silc-devel">SILC-devel mailing list</a>
+<p>
+After you have subscribed as instructed on the web site you will receive email for further instructions. To send email to the list the email must be destined to: silc-devel at lists.sourceforge.net address.
+</font><p>
--- /dev/null
+<b>SILC <?php echo $latest; ?> Is Now Available!</b>
+<font size="2"><p>
+The new Beta version <?php echo $latest; ?> of SILC is available for testing.
+Read the README and INSTALL files after downloading for instructions how
+to compile and use SILC. Report bugs to the
+<a href="index.php?page=lists">SILC development mailing list</a>.
+<p>
+This version has the functional server and router linking support.
+People who is running SILC servers and are interested to get the server
+linked to the new router on silc.pspt.fi contact
+<a href="mailto:priikone.NOSPAM@poseidon.pspt.fi">me</a> now.
+<p>
+Download: <a href="index.php?page=download">SILC <?php echo $latest; ?>
+Beta Version</a>
+<br>
+Changes: <a href="changes.txt">SILC <?php echo $latest; ?> Changes</a>
+</font>
+
+<p><br>
+
+<b>SILC Server Available For Testing</b>
+<font size="2"><p>
+There is SILC server up and running that can be tested. Just give command
+<font color="#2f486f">/server silc.pspt.fi</font> to connect to the server. There may be some action
+on channel #silc (unless everybody is sleeping) so you might want to give
+command <font color="#2f486f">/join #silc</font>.
+<p>
+Available servers: silc.pspt.fi on port 706 is SILC Router and
+silc.pspt.fi on port 707 is normal SILC server connected to the router.
+Both are available for free use.
+</font>
+
+<p><br>
+
+<b>Developers Wanted For SILC Project</b>
+<font size="2"><p>
+SILC Project needs developers who would like to contribute their time,
+skills and ideas to the project. SILC still has a long road ahead before
+the first official stable release.
+<p>
+If You would like to contribute to SILC project please contact me at:
+<a href="mailto:priikone.NOSPAM@poseidon.pspt.fi">priikone at poseidon.pspt.fi</a>
+<p>
projects / silc.git / commitdiff
