[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: STARTTLS and ircd
On Tue, Feb 15, 2000 at 09:03:30PM +0100, Thomas Kuiper wrote:
> Hi,
>
> I write a SSL extension for the ircd using OpenSSL (which is the most
> portable and most used SSL Library afaik). Its supposed to be in
> /contrib, since its using a non-standard library. Its also going to
> be IETF-Draft, so here is a quick overview for you what it does:
>
> A extra file for SSL/TLS, named ircd.tls, where you can put the
> ident@host's whom you want to allow the use of SSL/TLS, and which
> certificate/rsa-key should be used for those. Client/Server
> communication goes like this:
>
> ...
> C: STLS
> S: <start TLS/SSL negotiation>
>
> ... At any point during the connection. A fallback to a non-secure
> connection is not possible.
>
> There are other examples of such extensions, like:
>
> RFC 2595: Using TLS with IMAP, POP3 and ACAP
> RFC 2487: SMTP Service Extension for Secure SMTP over TLS
>
> FTP just showed up a extension as draft, and I want to make sure
> IRC gets the same ability to handle SSL/TLS with simple switching.
>
> A working group mailing list is going to be set up.
> Please contact me for more details about it.
>
> Engerim
> (ported OpenSSL to Netware) :)
>
>
Good idea, clap clap. :)
--
PGP Public Keys:
- (finger://fusion.unit.cc/krome)
- (hkp://horowitz.surfnet.nl/krome@xxxxxxx)
Krome Plasma [krome@xxxxxxx]