7 Network Working Group P. Riikonen
9 draft-riikonen-flags-payloads-04.txt 2 December 2003
13 SILC Message Flag Payloads
14 <draft-riikonen-flags-payloads-04.txt>
18 By submitting this Internet-Draft, each author represents that any
19 applicable patent or other IPR claims of which he or she is aware
20 have been or will be disclosed, and any of which he or she becomes
21 aware will be disclosed, in accordance with Section 6 of BCP 79.
23 Internet-Drafts are working documents of the Internet Engineering
24 Task Force (IETF), its areas, and its working groups. Note that
25 other groups may also distribute working documents as Internet-
26 Drafts. Internet-Drafts are draft documents valid for a maximum of
27 six months and may be updated, replaced, or obsoleted by other
28 documents at any time. It is inappropriate to use Internet-Drafts as
29 reference material or to cite them other than as "work in progress".
31 The list of current Internet-Drafts can be accessed at
32 http://www.ietf.org/1id-abstracts.html
33 The list of Internet-Draft Shadow Directories can be accessed at
34 http://www.ietf.org/shadow.html.
39 This memo describes the data payloads associated with the SILC Message
40 Flags, as defined in the SILC Packet Protocol specification [SILC2]. The
41 purpose of the Message Flags is to augment the function of the Message
42 Payload used to send both private and channel messages, by allowing the
43 sender to tell the receiver what type of data the payload includes, and
44 how the data should be processed. Some of the Message Flags may define
45 additional payloads to be associated with the flag, and this memo
46 describes these payloads.
60 Internet Draft 2 December 2003
65 1 Introduction .................................................. 2
66 1.1 Requirements Terminology .................................. 2
67 2 SILC Message Flags ............................................ 3
68 3 SILC Message Flag Payloads .................................... 3
69 3.1 SILC_MESSAGE_FLAG_REQUEST ................................. 3
70 3.2 SILC_MESSAGE_FLAG_REPLY ................................... 4
71 3.3 SILC_MESSAGE_FLAG_SIGNED .................................. 4
72 3.4 SILC_MESSAGE_FLAG_DATA .................................... 7
73 3.5 SILC_MESSAGE_FLAG_ACK ..................................... 8
74 4 Security Considerations ....................................... 9
75 5 References .................................................... 9
76 6 Author's Address .............................................. 10
77 7 Full Copyright Statement ...................................... 10
82 The Secure Internet Live Conferencing [SILC1] supports sending binary
83 messages between users in the network. To make the data sending, and
84 processing at the receiver's end as simple as possible the SILC defines
85 Message Flags to the Message Payload [SILC2] that is used to send private
86 and channel messages, which can help the receiver to decide how the data
87 is encoded, and how it should be interpreted. Some of the Message Flags
88 may define additional payloads to be associated with the flag, but the
89 [SILC2] does not define them. This memo defines the payloads for those
90 Message Flags that was marked to include additional payloads in [SILC2].
92 By defining the payloads for the Message Flags the Message Payload
93 can be augmented to support any kind of data, which can be easily
94 interpreted at the receiver end. For example, it would be possible to
95 send audio stream, video stream, image files and HTML pages as messages,
96 and the receiver can either choose to ignore the message or to process
97 it, or to perhaps pass the message to some application for processing.
98 Without specific payloads for Message Flags it is almost impossible for
99 the receiver to interpret binary data from the payload.
102 1.1 Requirements Terminology
104 The keywords MUST, MUST NOT, REQUIRED, SHOULD, SHOULD NOT, RECOMMENDED,
105 MAY, and OPTIONAL, when they appear in this document, are to be
106 interpreted as described in [RFC2119].
116 Internet Draft 2 December 2003
121 The Message Flags was added to the SILC protocol for the reason that SILC
122 provides sending binary data as messages between users, and entities in
123 the network, and interpreting pure binary data is almost impossible.
124 With the Message Flags the purpose, the reason, and the method for how
125 the message must be interpreted can be told to the recipient. Other
126 conferencing protocols which are usually ASCII based protocols do not have
127 such problems since they do not generally support sending of binary data
128 at all, or require specific encoding of the data before it can be sent
131 The Message Payload in SILC can have flags that can augment the function
132 of the payload. The flags can tell for example that the message is a
133 request, or a reply to an earlier received request. They can tell that
134 the message is some action that the sender is performing, or they can tell
135 that the message is an auto reply, or that it is explicitly digitally
136 signed by the sender.
138 The problem of Message Flags is that the space for flags mask is only 16
139 bits, so there is a limited number of flags available. For this reason
140 having a flag that defines a generic way of sending any kind of data as
141 a message, and can be easily interpreted at the receiver's end is important.
142 For this reason the flag SILC_MESSAGE_FLAG_DATA was added to the protocol
143 which can represent any data. This memo describe how this flag is used
144 and how the associated payload is constructed and processed. This memo
145 also describes payloads for all the other flags that can have associated
149 3 SILC Message Flag Payloads
151 The [SILC2] defines the flags which may have associated payloads. This
152 section will list these flags and define the payloads.
155 3.1 SILC_MESSAGE_FLAG_REQUEST
157 Currently this flag can be used in the context of application specific,
158 service specific or vendor specific requests, and the data payload type is
159 dependent of this context. Therefore, payload is not defined for this
160 flag in this memo. This flag may also be masked with some other flag in
161 the message payload, including with some other flag that defines
172 Internet Draft 2 December 2003
175 3.2 SILC_MESSAGE_FLAG_REPLY
177 Currently this flag can be used in the context of application specific,
178 service specific or vendor specific replies, and the data payload type is
179 dependent of this context. Therefore, payload is not defined for this
180 flag in this memo. This flag may also be masked with some other flag in
181 the message payload, including with some other flag that defines
185 3.3 SILC_MESSAGE_FLAG_SIGNED
187 This flag is used to tell the recipient that the sent message is
188 digitally signed by the sender, and that the recipient should verify
189 the signature to verify the true authenticity of the received message.
190 All message payloads in SILC provides message authentication code (MAC)
191 which can be used to verify that the sender produced and sent the message.
192 Even so, signing messages digitally can be used to verify the authenticity
193 of the message when recipient trusts the sender and to provide
196 This flag defines a payload which is used to deliver the actual message,
197 sender's public key and the digital signature. The payload for
198 SILC_MESSAGE_FLAG_SIGNED is as follows:
200 (*) indicates that the field is not encrypted.
228 Internet Draft 2 December 2003
232 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
233 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
235 ~ Start of Message Payload ~
237 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
239 ~ Public Key Payload * ~
241 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
242 | Signature Data Length * | |
243 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
247 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
251 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
255 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
257 Figure 1: SILC_MESSAGE_FLAG_SIGNED Payload
260 o Start of Message Payload (variable length) - This is the
261 start of the Message Payload without the IV and MAC fields,
262 since those fields are appended at the end of this payload.
264 o Public Key Payload (variable length) - This includes the
265 Public Key Payload [SILC2] which can be used to deliver the
266 sender's public key (or certificate). It also indicates the
267 type of the public key (or certificate) which the recipient
268 use to identify how the signature must be verified. This
269 payload must always be present but it is not required to
270 include the public key data. The Public Key Type field in
271 the Public Key Payload MUST be set to the correct type of
272 the key, even if the actual public key data is not included.
273 This field is not encrypted but is authenticated.
275 o Signature Data Length (2 bytes) - Indicates the length of
276 the Signature Data field not including any other field.
277 This field is not encrypted but is authenticated.
284 Internet Draft 2 December 2003
287 o Signature Data (variable length) - Includes the actual
288 signature data. The signature computation and encoding
289 is key type specific. See [SILC3] for all key types, and
290 their respective references for how to compute and encode
291 the signature. This field is not encrypted but is
294 o Initial Vector (variable length) - the IV of the Message
295 Payload as defined in [SILC2]. This field is not encrypted
296 but is authenticated.
298 o MAC (variable length) - the MAC of the Message Payload as
299 defined in [SILC2]. The MAC is computed after encryption
300 and after signature computation. All data in the Message
301 Payload and this payload, including the IV field are
302 included in the MAC computation. This field is not
305 How the data is processed before it is signed is key type specific.
306 The actual data that to be signed MUST be the plaintext message
307 payload before encryption. The data to be signed is concatenation
308 of the Start of Message Payload field and the Public Key Payload,
309 in that order. Any other fields are not included for signature data.
310 Before signing, the data is always processed, usually hashed. The
311 hash function to be used is defined in the key type specific
312 definitions. See the key type specific references in [SILC3].
314 If the public key of the sender is included in the payload the
315 recipient SHOULD verify it before accepting the public key. Recipient
316 SHOULD verify the signature before accepting and caching the public key.
317 With certificates the certificate verification may be done before
318 verifying the signature. If the signature verification fails the
319 message should still be displayed. The end user should also be
320 notified about the result of the signature verification.
322 To make the packet size smaller implementations may not want to
323 include the actual public key in all signed messages. Sending the
324 public key in the first message is usually sufficient. Subsequent
325 messages may include empty Public Key Payload with an indication of
328 Implementations that do not support this flag can still process the
329 message payload in normal manner. These implementations merely parse
330 the decrypted payload in normal manner and ignore the extra data in
331 the payload. They can do this by extracting the MAC and the IV from
332 the end of the data buffer and thus ignoring the data between start of
333 the Message Payload and the Initial Vector field.
340 Internet Draft 2 December 2003
343 This flag MAY be masked with any other Message Flag including those that
344 define additional payloads. As long as the defined payload resides in
345 the data area of the message payload this flag may be masked with the
349 3.4 SILC_MESSAGE_FLAG_DATA
351 This flag is used to represent any data as a message in the way that it
352 can be easily interpreted by the recipient. This flag is used to send
353 MIME objects as messages from the sender to the receiver. The MIME as
354 defined in [RFC2045], [RFC2046], [RFC2047], [RFC2048] and [RFC2049] is
355 well established protocol for sending different kind of data with many
356 applications and protocols. It support dozens of different media types
357 and encodings, and for this reason is ideal for sending data in SILC
358 message payloads as well.
360 When the receiver has checked that the message payload includes the
361 SILC_MESSAGE_FLAG_DATA flag, it may then start parsing the MIME header.
362 It would also be possible to pass the message to some application which
363 can already interpret MIME objects. If the receiver does not support the
364 media type received in the MIME header, it SHOULD be treated as
365 "application/octet-stream". The receiver MAY also ignore and discard
366 messages that it does not support.
368 The MIME header MUST be at the start of the data area of the Message
369 Payload. The MIME header received in the data area of the payload SHOULD
370 have the MIME-Version field at first and then Content-Type field. The
371 MIME-Version field is not required to be present in each body part of
372 multipart entity. Additionally the header MAY also include any other
373 MIME compliant headers. The character encoding for the MIME Header
374 strings inside the message payload is US-ASCII, as defined in [RFC2045].
375 The actual MIME object may define additional character sets or encodings
376 for the data it delivers.
378 Hence, the MIME Header in the message payload may be as follows:
380 MIME-Version: 1.0\r\n
381 Content-Type: discrete/composite\r\n
382 Content-Transfer-Encoding: binary\r\n
385 The Content-Transfer-Encoding field behaves as defined in [RFC2045] and
386 defines the encoding of the data in the MIME object. The preferred data
387 encoding with SILC is "binary". However, many MIME media types defines
388 their preferred encoding and they may be used if binary encoding is not
396 Internet Draft 2 December 2003
399 When sending large amounts of traffic or large files as MIME objects the
400 limits of the SILC Packet needs to be taken into consideration. The
401 maximum length of SILC Packet is 2^16 bytes, and larger messages would
402 need to be fragmented. MIME provides way of fragmenting and reassembling
403 messages, and it is to be done with SILC as defined in [RFC2046]. The
404 MIME fragmentation is defined for gateway usage, but in case of SILC the
405 sender (for example, a client) may also start sending fragmented MIME
408 This flag SHOULD NOT be masked with some other Message Flag that defines
409 payloads for message data. Generally this sort of setting would be
410 impossible for the receiver to interpret. However, flags that does not
411 define any specific payloads MAY be masked with this flag as well. For
412 example, this flag could be masked also with SILC_MESSAGE_FLAG_REQUEST flag.
413 It also can be masked with SILC_MESSAGE_FLAG_SIGNED flag since it does not
414 define data specific payload.
417 3.5 SILC_MESSAGE_FLAG_ACK
419 This flag is used to send acknowledgement messages. When sender of a
420 message requires the recipient to acknowledge the received message, the
421 sender MUST set the SILC_MESSAGE_FLAG_ACK and MUST NOT set the
422 SILC_MESSAGE_FLAG_NOREPLY. When a message with this flag set is received
423 an acknowledgement message MUST be sent back. In the acknowledgement
424 message the sender MUST set the SILC_MESSAGE_FLAG_ACK,
425 SILC_MESSAGE_FLAG_AUTOREPLY and SILC_MESSAGE_FLAG_NOREPLY flags. The
426 receiver MUST NOT acknowledge the acknowledgement message. This flag
427 MUST NOT be used with channel messages, and MUST be ignored if received
428 in a channel message.
430 The construction of the acknowledgement reply message is normal Message
431 Payload where the Message Data field includes a computed MAC of the
432 original received Message Payload MAC. Hence, the MAC is computed as
435 ack_mac = mac(key, MAC);
437 Where the 'key' is the MAC key used to compute MACs for the Message
438 Payload, and the 'MAC' is the MAC taken from the received Message Payload.
439 The 'ack_mac' is placed in the Message Data field in a new Message
440 Payload, and the payload is encrypted in normal manner. After this the
441 message is sent back to the original sender of the message.
443 The receiver of the acknowledgement reply message SHOULD verify the MAC
444 from the Message Data field to assure that acknowledgement was received to
445 an earlier sent message. Implementation needs to keep the old message
446 MACs stored until acknowledgement is received. It is left for
452 Internet Draft 2 December 2003
455 implementation to decide any possible retransmission strategy if
456 acknowledgement messages are not received.
459 4 Security Considerations
461 In case of SILC_MESSAGE_FLAG_DATA the implementors should pay special
462 attention to the security implications of any media type that can cause
463 the remote execution of any actions in the receiver's environment. The
464 [RFC2046] and [RFC2048] discusses more MIME specific security
465 considerations. Even though SILC provides secured messages, in case of
466 MIME which can be used to transfer files and documents which are stored in
467 the receiver's local environment, securing separately the MIME object may
468 be desired. For example, augmenting the MIME support in SILC messages to
469 support S/MIME may be desired in some implementations.
474 [SILC1] Riikonen, P., "Secure Internet Live Conferencing (SILC),
475 Protocol Specification", Internet Draft, June 2003.
477 [SILC2] Riikonen, P., "SILC Packet Protocol", Internet Draft,
480 [SILC3] Riikonen, P., "SILC Key Exchange and Authentication
481 Protocols", Internet Draft, June 2003.
483 [RFC2045] Freed, N., et al., "Multipurpose Internet Mail Extensions
484 (MIME) Part One: Format of Internet Message Bodies",
485 Standards Track, RFC 2045, November 1996.
487 [RFC2046] Freed, N., et al., "Multipurpose Internet Mail Extensions
488 (MIME) Part Two: Media Types", Standards Track, RFC 2045,
491 [RFC2047] Moore K., "MIME (Multipurpose Internet Mail Extensions)
492 Part Three: Message Header Extensions for Non-ASCII Text"
493 Standards Track, RFC 2047, November 1996.
495 [RFC2048] Freed, N., et al., "Multipurpose Internet Mail Extensions
496 (MIME) Part Four: Registration Procedures", Standards
497 Track, RFC 2048, November 1996.
499 [RFC2049] Freed, N., et al., "Multipurpose Internet Mail Extensions
500 (MIME) Part Five: Conformance Criteria and Examples",
501 Standards Track, RFC 2049, November 1996.
508 Internet Draft 2 December 2003
511 [RFC2119] Bradner, S., "Key Words for use in RFCs to Indicate
512 Requirement Levels", BCP 14, RFC 2119, March 1997.
519 Snellmaninkatu 34 A 15
523 EMail: priikone@iki.fi
527 7 Full Copyright Statement
529 Copyright (C) The Internet Society (2007).
531 This document is subject to the rights, licenses and restrictions
532 contained in BCP 78, and except as set forth therein, the authors
533 retain all their rights.
535 This document and the information contained herein are provided on an
536 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
537 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
538 ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
539 INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
540 INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
541 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.