client ssl

Paul-Andrew Joseph Miseiko esoteric at
Wed Sep 28 13:58:40 EDT 2005

There's always been a huge movement against SSL encapsulated IRC sessions 
and it makes perfect sense, the reasons for and against.  Most people 
think that SSL encrypted IRC sessions means nobody can read there 
conversations but I'd like to believe most of us on this list are 
intelligent enough to know that is untrue.  At best SSL encapsulated IRC 
sessions provide limited exposure of a conversation.

Which brings me to the point of my email.

It might be wise to inform people that connect to a IRC daemon with SSL 
enabled, as an SSL client, that avenues of exposure still exist; such as a 
a rogue administrator, unencrypted routes between servers, and non-SSL 
enabled targets.

Keeping people educated is always a good thing.

( Biggest security gap -- an open mouth )
Paul-Andrew Joseph Miseiko

On Wed, 28 Sep 2005, nospam at wrote:

> i finaly see that hybrid supports clientssl now i wonder why they left
> out channel mode +S where only ssl clients can join this way there is no
> real use for ssl except for privmsg

More information about the hybrid mailing list