Guys, thank you, but due to Michaels hostility towards non Amercians who enjoy their privacy, and with no chance of SSL in ircu, we took our vote a few hours ago, and at 0000UTC changed ircd's
Noel: I know for a fact that Mirc has SSL enabled, as does ChatZilla, one of our admins has said there is a fork of epic called epic-ssl, maybe give that a try? Not sure about that network you tried but ours is working, I will email you off list our net if you would like to connect and try out xchat and bitchx, as i'm in Hong Kong, we are only one hour behind you, so do not be shy, and say hi. Thank you to Kevin, who detailed some interesting information about the challenges. Given our move away from ircu, I will know unsubscribe from list, thank you again, and good-bye. Loz On Tue, Jul 23, 2013 at 10:48 AM, Ian Kumlien <po...@vapor.com> wrote: > On Mon, Jul 22, 2013 at 07:24:36AM -0400, Michael Poole wrote: > > On Jul 22, 2013 2:30 AM, "Noel Butler" <noel.but...@ausics.net> wrote: > > > > > > On Fri, 2013-07-19 at 08:15 -0400, Michael Poole wrote: > > > > > >> > > >> The only thing that US law has to do with anything is that the US > --like > > 40 other countries, including > > >> most of those already mentioned has implemented export controls under > > the Wassenaar Arrangement > > > > > > > > > The Wassenaar Arrangement is that, only an agreement, not being a > treaty > > it is unenforceable by those who don't want to honour it > > > > Maybe true at a national level -- but the same is true of many treaties > -- > > but absolutely irrelevant at the citizen level. You are subject to your > > country's laws whether they are enacted under, say, the Geneva > Conventions, > > the Wassenaar Arrangement, or the Rudd/Gillard Whim. > > > >> Everyone else who has mailed on this thread so far is affected > > >> by similar export controls. > > > > > > > > > Complied with by a simple notice on ftp servers, and, funnily enough, > > inside the package you need to open and read before building, when was > the > > last time you saw such a notice before downloading httpd, or postfix etc > > > > I can't say for sure how the law is interpreted in Australia, but I > rather > > suspect it is like the US -- where there must be more significant efforts > > to prevent unauthorized exports. I haven't seen that kind of notice in a > > long time, because laws relaxed after the Wassenaar Arrangement was > > adopted, and now mostly the servers will just refuse to download files to > > IP addresses from NoKo, Iran, etc. > > > > >> > > >> Anyone who feels outraged by "PRISM" type programs should read up on > > >> their own local laws about mandatory key disclosure, lawful intercept > > >> requirements, and the like; US law provides slightly more protections > > > > > > > > > Luckily in Australia, one can not currently be forced to hand over > keys, > > and no intercept may take place without a specific named target in a > court > > order (I used to action such requests for a service provider over here), > of > > course the nannies running the country want to, and this year even tried > > to, change this to bring in mandatory data retention, but the public > outcry > > and pending federal election has put a, at least temporary, stop on that > > idea. It's recently been rumoured though that the defence signals > > directorate (watered down NSA/GCHQ) has of course questionably obtained > > information from NSA on locals under the "eyes of five" BS > > > > Wikipedia and Electronic Frontiers Australia both disagree with you about > > the requirement to hand over keys in Australia, and both of them cite the > > Cybercrime Act of 2001 as the legislation that requires individuals to > > disclose cryptographic keys or face prison time (even if the disclosure > > would incriminate the person). > > > > Argument by "of course" is not very convincing when it's made by someone > > who shows so little understanding of the things he writes about. > > > > Michael > > > _______________________________________________ > > Coder-com mailing list > > Coder-com@undernet.org > > http://undernet.sbg.org/mailman/listinfo/coder-com > Hi, > > Just thought I'd chime in, as Kev and Entrope knows I was looking in to > adding cyrpto to ircu... A few times and so on and so forth... > > But I always hit a wall in the fact that keys will have to be > regenerated and handled in a secure manner - doing all this in a single > process without threading was a bit of a show stopper but I also felt > that there are way too many cornercases wrt SSL and security. > > Basically, if I do this and don't do a good job, then we're back to the > good old "false sence of security". > > However, my plan was to add a special "userflag" to all users connecting > using ssl. This userflag would carry over encrypted links but not over > cleartext ones. > > Then you could specify that this channel is "secure" (ie no user on a > non-secure link or being routed via a non secure server <-> server link > could join the channel) > > Anyway, the project was abandoned and the source is lost - if someone > hacks up the ssl bit i might start looking in to it again. > > Oh, and SSL becomes a problem in places like France where all crypto > keys should be filed with the government (or has that law been changed?) > _______________________________________________ > Coder-com mailing list > Coder-com@undernet.org > http://undernet.sbg.org/mailman/listinfo/coder-com >
_______________________________________________ Coder-com mailing list Coder-com@undernet.org http://undernet.sbg.org/mailman/listinfo/coder-com
