On Sat, May 29, 2010 at 7:26 PM, Jason Hill <secrtagnt@gmail.com> wrote:
IRC over SSL is rather pointless for most use cases. It's real benefits are few and far between.
I disagree. If you can trust your irc server/network, ssl provides benefits: I know that content in transit between me and my server cannot be decrypted. That was the _ONLY_ goal of ssl.
An easy example of IRC over SSL being "broken", most web irc clients allow SSL connections to IRC servers over HTTP. The ircd has no idea traffic is really going over unencrypted HTTP and thus would allow you to join an SSL-only channel. BNCs are another example.
This argument is bull. The same could be said of every single other ssl mechanism out there. Bahamut is not trying to be silk. If you want full, end-to-end encrypted chat that addresses all of your concerns, use silk. And for the extra paranoid, run it over tor. We implemented SSL for two reasons: feature parity with other ircds out there, and the client<->server tcpdump snooping prevention. I'll address some of the usability and implementation quirks that have been mentioned in this thread, but the direction this conversation is going is pointless. -epiphani