I'm pretty much on the same page as Kev with the solution: implement a connection stack with configurable modules and then implement an encryption module. As Kev said, it would actually be nice for us to have that ability for other things. I also agree with his caveat, that we simply don't have any active developers to work on it. If you could find someone to write it, it could certainly be considered. With ircu, like all open source projects, "Will you accept this patch?" and "Will you implement this feature?" are 2 very different questions.
That said, this only answers what you asked for, not what you actually need. If you want to protect your data from eavesdropping by intelligence services (IS) then the nature of how IRC works renders SSL ineffective. SSL is transport layer encryption. The R in IRC stands for Relay, and every time your message is relayed, you are exposed to anyone with access to that device. I think it is safe to say from experience that an IS officer would not have much difficulty socially engineering their way to access to an IRC server. What you actually need, as Kev also pointed out, it message level encryption. The client encrypts the message contents and base64 encodes it, then the receiving client decodes and decrypts it. This can (in fact must) be implemented entirely in the client without a server change. Note that this will only protect the content of your messages, not the metadata (what the NSA got caught collecting.) There is no way to protect the data with IRC. As Kev and Michael both pointed out, the server needs to know where to send the message. The only way around that is some sort of anonymizing proxy, but I wouldn't trust that not to be compromised either. Personally, I'd check if there are any clients that already do message level encryption. I've not looked into it but I'd be a little surprised if someone hadn't already implemented such a feature. -- -Joe / Ghostwolf
_______________________________________________ Coder-com mailing list Coder-com@undernet.org http://undernet.sbg.org/mailman/listinfo/coder-com
