client ssl

Paul-Andrew Joseph Miseiko esoteric at teardrop.ca
Sat Oct 1 22:01:28 EDT 2005 

I am assuming when you wrote "only counts for the server of that admin" 
that you understood any administrator between source and destination on an 
IRC network could read the data unencrypted.

Also, as you so elegantly pointed out, you don't think that there are many 
rogue admins out there whom would want to log someones conversations; just 
like there are not very many people *period* whom would want to log 
someones conversation...  so in your own argument for SSL you strike one 
against SSL. ;)

Using SSL with a shell provider once again provides a potential point of 
exposure.  The only time SSL can be trusted as both safe and secure 
involves only the target and source as capable of deciphering each others 
message.

--
  .-------------------------------------.
( Biggest security gap -- an open mouth )
  `-------------------------------------'
--
Paul-Andrew Joseph Miseiko

On Thu, 29 Sep 2005, nospam at ofloo.org wrote:

> I wouldn't link one server in ssl while an other isn't all my servers
> are ssl, and the part about rogue administrators .. only counts for the
> server of that admin..
>
> and i don't think that there are to many rogue admins out there like i
> would want to log someones info.. wtf am i gone do with it.. i use ssl
> for shell providers and so forth, internet provider and then yes it is safe
>
> Paul-Andrew Joseph Miseiko schreef:
>
>> There's always been a huge movement against SSL encapsulated IRC
>> sessions and it makes perfect sense, the reasons for and against.
>> Most people think that SSL encrypted IRC sessions means nobody can
>> read there conversations but I'd like to believe most of us on this
>> list are intelligent enough to know that is untrue.  At best SSL
>> encapsulated IRC sessions provide limited exposure of a conversation.
>>
>> Which brings me to the point of my email.
>>
>> It might be wise to inform people that connect to a IRC daemon with
>> SSL enabled, as an SSL client, that avenues of exposure still exist;
>> such as a a rogue administrator, unencrypted routes between servers,
>> and non-SSL enabled targets.
>>
>> Keeping people educated is always a good thing.
>>
>> --
>>  .-------------------------------------.
>> ( Biggest security gap -- an open mouth )
>>  `-------------------------------------'
>> --
>> Paul-Andrew Joseph Miseiko
>>
>> On Wed, 28 Sep 2005, nospam at ofloo.org wrote:
>>
>>> i finaly see that hybrid supports clientssl now i wonder why they left
>>> out channel mode +S where only ssl clients can join this way there is no
>>> real use for ssl except for privmsg
>>>
>
>

More information about the hybrid mailing list