Subject: | Re: WHICH IRC DAEMONS YOU USE AND WHY ?
| Date: | Fri, 6 Aug 2004 15:11:57 -0700
| From: | "David Schwartz" <davids@webmaster.com>
| Newsgroups: | alt.irc
|
"Remco Rijnders" <remco@webconquest.com> wrote in message
news:opscbl4yxf32ljov@news.xs4all.nl...
> You must excuse me for asking this... but what is the hot thing about SSL
> on IRC? You pay a lot of overhead for encrypting conversations in public
> channels,
That's not really true. The overhead is so low that a modern computer
with a 100Mbps network connection can encrypt/decrypt the full 100Mbps
without a problem. My P3-750 can encrypt/decrypt about 250MB per second
(megaBYTES).
> where you have no idea who it is that is present.
Sometimes you do, sometimes you don't. But you may well know who has
access to your physical network, and you may have secrets from them.
> And then the logs are stored in plain text at Joe Bobs computer that also
> has the newest Gator spyware installed.
If Joe Bob is an intended recipient, he can do whatever he wants with
the text he's received. Obviously, you do have to trust the recipients. But
that's the same with everything.
> Same for encrypting between servers... What is the use?
There's plenty of use. The server may be on a shared network with
computers sitting on a shared network segment. The point of encrypted
between servers is to make sure the users choose the recipients.
Another point is that the current way most IRCDs establish their
server-to-server links (bidirectional password authentication with the
passwords sent in the clear) is seriously deficient in many ways. SSL
provides the oppurtunity to authenticate in a way that's spoof-proof and
reliable.
> If you have no doubts about the security of the two servers on each end,
> is it really that realistic to worry about the Cisco routers that are in
> between?
Sure. You probably have much more control over your servers than you do
over the networks between them.
> This is not meant to criticise anyone, but I've never understood why
> anyone would want it?
It's been an absolute requirement for many military and government
applications. It's also been essential in several commercial applications
that had to meet specific regulatory requirements.
DS
|