client ssl

Joan Touzet joant at ieee.org
Thu Sep 29 13:06:30 EDT 2005 

One often overlooked use of client SSL connections is in the context
of a private IRC network, such as those run by companies and NGOs.  If
you know and trust all of the servers on the network, then client SSL
solves the very real problem of how to communicate in a secure
fashion, without having to give up the familiarity and pleasure of
working in the traditiona IRC paradigm.

In other words, client SSL isn't a complete wash.

On 9/29/05, nospam at ofloo.org <nospam at ofloo.org> wrote:
> I wouldn't link one server in ssl while an other isn't all my servers
> are ssl, and the part about rogue administrators .. only counts for the
> server of that admin..
>
> and i don't think that there are to many rogue admins out there like i
> would want to log someones info.. wtf am i gone do with it.. i use ssl
> for shell providers and so forth, internet provider and then yes it is safe
>
> Paul-Andrew Joseph Miseiko schreef:
>
> > There's always been a huge movement against SSL encapsulated IRC
> > sessions and it makes perfect sense, the reasons for and against.
> > Most people think that SSL encrypted IRC sessions means nobody can
> > read there conversations but I'd like to believe most of us on this
> > list are intelligent enough to know that is untrue.  At best SSL
> > encapsulated IRC sessions provide limited exposure of a conversation.
> >
> > Which brings me to the point of my email.
> >
> > It might be wise to inform people that connect to a IRC daemon with
> > SSL enabled, as an SSL client, that avenues of exposure still exist;
> > such as a a rogue administrator, unencrypted routes between servers,
> > and non-SSL enabled targets.
> >
> > Keeping people educated is always a good thing.
> >
> > --
> >  .-------------------------------------.
> > ( Biggest security gap -- an open mouth )
> >  `-------------------------------------'
> > --
> > Paul-Andrew Joseph Miseiko
> >
> > On Wed, 28 Sep 2005, nospam at ofloo.org wrote:
> >
> >> i finaly see that hybrid supports clientssl now i wonder why they left
> >> out channel mode +S where only ssl clients can join this way there is no
> >> real use for ssl except for privmsg
> >>
>
>
>
>

More information about the hybrid mailing list