client ssl
Alan LeVee
alan.levee at prometheus-designs.net
Thu Sep 29 20:38:21 EDT 2005
Well in my personal opinion, and this isn't meant to offend or insult
anyone, but paranoia about your ISP sniffing your packets is pretty much a
moot point, at least in the United States. The privacy act prevents ISPs
from doing such activity. However I can understand the paranoia at the
work place but then again people should be working, not utilising
corporate bandwidth for personal business on company time and money. Most
of the companies I worked for pretty much banned all forms of internet
activity outside of the corporate intranet such as IM, web, IRC, etc.
ongeboren said:
> Client SSL is a good thing for the cases when you don't trust your ISP
> and/or your local traffic inside the ISP can be sniffed. This is the
> only and most important use of client SSL I can think of.
>
>
> On 9/29/05, Joan Touzet <joant at ieee.org> wrote:
>> One often overlooked use of client SSL connections is in the context
>> of a private IRC network, such as those run by companies and NGOs. If
>> you know and trust all of the servers on the network, then client SSL
>> solves the very real problem of how to communicate in a secure
>> fashion, without having to give up the familiarity and pleasure of
>> working in the traditiona IRC paradigm.
>>
>> In other words, client SSL isn't a complete wash.
>>
>> On 9/29/05, nospam at ofloo.org <nospam at ofloo.org> wrote:
>> > I wouldn't link one server in ssl while an other isn't all my servers
>> > are ssl, and the part about rogue administrators .. only counts for
>> the
>> > server of that admin..
>> >
>> > and i don't think that there are to many rogue admins out there like i
>> > would want to log someones info.. wtf am i gone do with it.. i use ssl
>> > for shell providers and so forth, internet provider and then yes it is
>> safe
>> >
>> > Paul-Andrew Joseph Miseiko schreef:
>> >
>> > > There's always been a huge movement against SSL encapsulated IRC
>> > > sessions and it makes perfect sense, the reasons for and against.
>> > > Most people think that SSL encrypted IRC sessions means nobody can
>> > > read there conversations but I'd like to believe most of us on this
>> > > list are intelligent enough to know that is untrue. At best SSL
>> > > encapsulated IRC sessions provide limited exposure of a
>> conversation.
>> > >
>> > > Which brings me to the point of my email.
>> > >
>> > > It might be wise to inform people that connect to a IRC daemon with
>> > > SSL enabled, as an SSL client, that avenues of exposure still exist;
>> > > such as a a rogue administrator, unencrypted routes between servers,
>> > > and non-SSL enabled targets.
>> > >
>> > > Keeping people educated is always a good thing.
>> > >
>> > > --
>> > > .-------------------------------------.
>> > > ( Biggest security gap -- an open mouth )
>> > > `-------------------------------------'
>> > > --
>> > > Paul-Andrew Joseph Miseiko
>> > >
>> > > On Wed, 28 Sep 2005, nospam at ofloo.org wrote:
>> > >
>> > >> i finaly see that hybrid supports clientssl now i wonder why they
>> left
>> > >> out channel mode +S where only ssl clients can join this way there
>> is no
>> > >> real use for ssl except for privmsg
>> > >>
>> >
>> >
>> >
>> >
>>
>>
>
>
> --
> Evlogi Petrov - ongeboren at UniBG
>
>
--
Alan LeVee
More information about the hybrid
mailing list