Errrm SSL?

GutsMan.EXE

Well-Known Member
OP
Member
Joined
Sep 3, 2009
Messages
123
Trophies
0
XP
175
Country
Blood Fetish said:
I am pretty sure the IRC protocol does not support Transport Layer Security.
I would beg to differ and i know 100% it does
laugh.gif
proof:
http://en.wikipedia.org/wiki/Comparison_of_IRC_daemons#Technology
http://www.mirc.com/ssl.html
Plus why would i even bother to mention something if it was BS, i'd look like an idiot
rofl.gif
?
 

Blood Fetish

Quis custodiet ipsos custodes?
Member
Joined
Nov 3, 2002
Messages
1,100
Trophies
2
Age
44
Website
Visit site
XP
1,243
Country
United States
Thank you for the link, I stand corrected. Not sure if the SSL support is part of the IRC protocol or just a wrapper, but good to know.

As for the certs, they don't all cost money. If you buy one from a CA such as Verisign you'll pay, but you can just as easily create a self-signed certificate at no cost.
 

GutsMan.EXE

Well-Known Member
OP
Member
Joined
Sep 3, 2009
Messages
123
Trophies
0
XP
175
Country
Rydian said:
Why does it need SSL? Certs cost money.

What benefit would it give the Temp's IRC (which isn't even used by a majority of forum-goers) that would make up for the money spent on it?
Self sign your own certs and don't spend a cent
wink.gif
.
 

Rydian

Resident Furvert™
Member
Joined
Feb 4, 2010
Messages
27,880
Trophies
0
Age
36
Location
Cave Entrance, Watching Cyan Write Letters
Website
rydian.net
XP
9,111
Country
United States
Blood Fetish said:
reate a self-signed certificate at no cost.
Those sort of defeat the point of SSL in the first place.

http://www.ietf.org/rfc/rfc2459.txt
Section 3.3, Revocation.

If the key is compromised, the CA can just revoke it... but if it's self-signed there's not a CA involved watching from "higher up" in the security chain, so if the key's compromised then data can be injected and falsified while everybody thinks it's still safe and secure and is trusting it.

Apache even says they should be used for testing, not production environments.\



Now, WHY does it need SSL? That's just more stuff to deal with, even if you do decide to self-sign (for example the IRC client needs to support it, and the server might need modifying or upgdating as well). What's the benefit in exchange for the hassle?
 

GutsMan.EXE

Well-Known Member
OP
Member
Joined
Sep 3, 2009
Messages
123
Trophies
0
XP
175
Country
Rydian said:
*Snip*
Now, WHY does it need SSL? That's just more stuff to deal with, even if you do decide to self-sign (for example the IRC client needs to support it, and the server might need modifying or upgdating as well). What's the benefit in exchange for the hassle?
So no one can eavesdrop or tamper with anything your doing, for extra security.
 

Blood Fetish

Quis custodiet ipsos custodes?
Member
Joined
Nov 3, 2002
Messages
1,100
Trophies
2
Age
44
Website
Visit site
XP
1,243
Country
United States
Rydian said:
Blood Fetish said:
reate a self-signed certificate at no cost.
Those sort of defeat the point of SSL in the first place.

http://www.ietf.org/rfc/rfc2459.txt
Section 3.3, Revocation.

If the key is compromised, the CA can just revoke it... but if it's self-signed there's not a CA involved watching from "higher up" in the security chain, so if the key's compromised then data can be injected and falsified while everybody thinks it's still safe and secure and is trusting it.
Revocation is one of the functions of PKI, but certainly not the only one. The primary function of SSL/TLS/SSH is confidentiality.
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    AncientBoi @ AncientBoi: lol Syl +1