From 39362f01a70063cf20473fc9238d37bfcefae12f Mon Sep 17 00:00:00 2001 From: Pekka Riikonen Date: Tue, 24 Jul 2001 12:04:25 +0000 Subject: [PATCH] updates. --- distributions | 2 +- doc/draft-riikonen-silc-spec-03.nroff | 16 ++++++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/distributions b/distributions index db2df8f8..9ad23920 100644 --- a/distributions +++ b/distributions @@ -16,7 +16,7 @@ # _DISTLABEL Preprocessor label # _EXTRA_DIST List of extra files or directories # -# DISTRBUTIONS= +# DISTRIBUTIONS= # # The _SUBDIRS define all the subdirectories that the Makefile should # traverse. The SUBDIRS_ defines all subdirectories in the diff --git a/doc/draft-riikonen-silc-spec-03.nroff b/doc/draft-riikonen-silc-spec-03.nroff index 19e8127c..7c5c72fa 100644 --- a/doc/draft-riikonen-silc-spec-03.nroff +++ b/doc/draft-riikonen-silc-spec-03.nroff @@ -1945,6 +1945,22 @@ is required by the server and router administrator prior acceptance to the SILC Network. The clients must be able to trust the servers they are using. +It must also be noted that if the client requires absolute security by +not trusting any of the servers or routers in the SILC Network, this can +be accomplished by negotiating private keys outside the SILC Network, +either using SKE or some other key negotiation protocol, or to use some +other external means for distributing the keys. This applies for all +messages, private messages and channel messages. It is important to note +that SILC, like any other security protocol is not full proof system and +cannot secure from insecure environment; the SILC servers and routers could +very well be hacked. However, to provide acceptable level of security and +usability for end user the protocol uses many times session keys or other +keys generated by the servers to secure the messages. If this is +unacceptable for the client or end user, the private keys negotiatied +outside the SILC Network should always be used. In the end it is always +implementor's choice whether to negotiate private keys by default or +whether to use the keys generated by the servers. + It is also recommended that router operators in the SILC Network would form a joint forum to discuss the router and SILC Network management issues. Also, router operators along with the cell's server operators -- 2.24.0