client ssl

ongeboren xxx.coder at gmail.com
Thu Sep 29 17:48:42 EDT 2005


Client SSL is a good thing for the cases when you don't trust your ISP
and/or your local traffic inside the ISP can be sniffed. This is the
only and most important use of client SSL I can think of.


On 9/29/05, Joan Touzet <joant at ieee.org> wrote:
> One often overlooked use of client SSL connections is in the context
> of a private IRC network, such as those run by companies and NGOs.  If
> you know and trust all of the servers on the network, then client SSL
> solves the very real problem of how to communicate in a secure
> fashion, without having to give up the familiarity and pleasure of
> working in the traditiona IRC paradigm.
>
> In other words, client SSL isn't a complete wash.
>
> On 9/29/05, nospam at ofloo.org <nospam at ofloo.org> wrote:
> > I wouldn't link one server in ssl while an other isn't all my servers
> > are ssl, and the part about rogue administrators .. only counts for the
> > server of that admin..
> >
> > and i don't think that there are to many rogue admins out there like i
> > would want to log someones info.. wtf am i gone do with it.. i use ssl
> > for shell providers and so forth, internet provider and then yes it is safe
> >
> > Paul-Andrew Joseph Miseiko schreef:
> >
> > > There's always been a huge movement against SSL encapsulated IRC
> > > sessions and it makes perfect sense, the reasons for and against.
> > > Most people think that SSL encrypted IRC sessions means nobody can
> > > read there conversations but I'd like to believe most of us on this
> > > list are intelligent enough to know that is untrue.  At best SSL
> > > encapsulated IRC sessions provide limited exposure of a conversation.
> > >
> > > Which brings me to the point of my email.
> > >
> > > It might be wise to inform people that connect to a IRC daemon with
> > > SSL enabled, as an SSL client, that avenues of exposure still exist;
> > > such as a a rogue administrator, unencrypted routes between servers,
> > > and non-SSL enabled targets.
> > >
> > > Keeping people educated is always a good thing.
> > >
> > > --
> > >  .-------------------------------------.
> > > ( Biggest security gap -- an open mouth )
> > >  `-------------------------------------'
> > > --
> > > Paul-Andrew Joseph Miseiko
> > >
> > > On Wed, 28 Sep 2005, nospam at ofloo.org wrote:
> > >
> > >> i finaly see that hybrid supports clientssl now i wonder why they left
> > >> out channel mode +S where only ssl clients can join this way there is no
> > >> real use for ssl except for privmsg
> > >>
> >
> >
> >
> >
>
>


--
Evlogi Petrov - ongeboren at UniBG




More information about the hybrid mailing list