Conclave works on a trusted-Trent system. In the secured-channel protocol design of Conclave, a bot, which we will name Trent, becomes the distributor of a group of chatters’s symmetric key.
When a user on IRC (we will name her Alice) wishes to gain access to a group’s symmetric key (we will use #Talk), she tells Trent who she is and asks for #Talk’s key, encrypted to her by her public key, say 0xABCDEFAB.. Trent verifies 0xABCDEFAB’s access to #Talk based on some list list, encrypts the symmetric key with Alice’s public key, and sends Alice the resulting encrypted file. Alice then decrypts the file, and uses that symmetric key when encrypting/decrypting discussion in #Talk.
The key that a group or channel uses could be cycled every so often.
Certain sensitive commands such as adding new users for a channel or generating a new channel key may be sent to Trent through digitally-signed messages. Trent verifies the signatures on these messages and checks for the user that made the signature in an internal list to see if that user is allowed to perform the requested action. Measures could be taken to disallow replay attacks.