[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SSL patch for 2.11 ircd

To: Grega <grega@xxxxxxxxxx>
Subject: Re: SSL patch for 2.11 ircd
From: Kurt Roeckx <kurt@xxxxxxxxx>
Date: Fri, 13 Jan 2006 14:52:59 +0100
Cc: ircd-users@xxxxxxx
Delivered-to: ircd-users-out@irc.org
Delivered-to: ircd-users@irc.org
In-reply-to: <53189.10.0.0.67.1137110335.squirrel@www.execve.org>
References: <53189.10.0.0.67.1137110335.squirrel@www.execve.org>
Sender: owner-ircd-users@xxxxxxx
User-agent: Mutt/1.4.2.1i

On Fri, Jan 13, 2006 at 12:58:55AM +0100, Grega wrote:
> Hello people!
> 
> I'd like to announce the first public release of the SSL patch
> for the 2.11.1p1 IRCnet ircd. Please test it and report errors.

 From the documentation, it says:
Another way to force SSL are O and N P:line flags.
N - means SSL not allowed
O - means only SSL allowed

So this mean you need an other port to be able to use SSL?

Why don't you use something as STARTTLS to initiate an ssl
connection?  I really have no idea what other clients/servers do.

I haven't looked at the code yet, so I have no idea.  But I have
a few questions.

It doesn't mention anything about servers or C/N lines.  Can you
let server authenticate using a certificate instead of a
password?

Can I connect on a normal connection and still authenticate to
become oper?  Like use a STARTTLS after I'm already connected.
And maybe even stop the ssl some point later, and then no
longer be an oper?

Kurt

Follow-Ups:
- Re: SSL patch for 2.11 ircd
  - From: Grega

References:
- SSL patch for 2.11 ircd
  - From: Grega

Prev by Date: SSL patch for 2.11 ircd
Next by Date: Re: SSL patch for 2.11 ircd
Previous by thread: SSL patch for 2.11 ircd
Next by thread: Re: SSL patch for 2.11 ircd
Index(es):
- Date
- Thread