[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

STARTTLS and ircd

To: ircd-users@xxxxxxx
Subject: STARTTLS and ircd
From: Thomas Kuiper <engerim@xxxxxxxxxx>
Date: Tue, 15 Feb 2000 21:03:30 +0100 (MET)
Delivered-to: ircd-users-out@irc.org
Delivered-to: ircd-users@irc.org

Hi,

I write a SSL extension for the ircd using OpenSSL (which is the most
portable and most used SSL Library afaik). Its supposed to be in
/contrib, since its using a non-standard library. Its also going to
be IETF-Draft, so here is a quick overview for you what it does:

A extra file for SSL/TLS, named ircd.tls, where you can put the
ident@host's whom you want to allow the use of SSL/TLS, and which
certificate/rsa-key should be used for those. Client/Server
communication goes like this:

...
C: STLS
S: <start TLS/SSL negotiation>

... At any point during the connection. A fallback to a non-secure
connection is not possible.

There are other examples of such extensions, like:

RFC 2595: Using TLS with IMAP, POP3 and ACAP
RFC 2487: SMTP Service Extension for Secure SMTP over TLS

FTP just showed up a extension as draft, and I want to make sure
IRC gets the same ability to handle SSL/TLS with simple switching.

A working group mailing list is going to be set up.
Please contact me for more details about it.

Engerim
(ported OpenSSL to Netware) :)

Follow-Ups:
- Re: STARTTLS and ircd
  - From: Greg Budai
- Re: STARTTLS and ircd
  - From: Helmut Springer
- Re: STARTTLS and ircd
  - From: Krome Plasma

Prev by Date: Re: your mail
Next by Date: Re: STARTTLS and ircd
Previous by thread: Re: your mail
Next by thread: Re: STARTTLS and ircd
Index(es):
- Date
- Thread