WingNews logo WingNews
top | item 20864287

(no title)

maxheadroom | 6 years ago

>Modern IRC servers tend to support TLS on port 6697 and SASL for authentication.

The OC's point was by default, meaning/inferring clear-text is still the modus operandi for generally getting onto IRC services.

>Many applications still aren't encrypted by default, like IRC.

SSL and SASL aren't, precisely, user-friendly implementations with some clients (e.g.: IRSSI[0] - but if you're using IRSSI, you don't want a user-friendly GUI to begin with, so...).

SASL has less to do with the actual encryption mechanism and more to do with the authentication mechanism (think NTLM)[1].

If IRC services dropped clear-text, today, that would go a lot further to standardising (e.g.: making default) encryption but, back to the OC's original point, it is not the default today.

[0] - https://freenode.net/kb/answer/irssi

[1] - https://en.wikipedia.org/wiki/Simple_Authentication_and_Secu...

discuss

order

jchw|6 years ago

This is mostly irrelevant; users using Web IRC gateways, services like IRCCloud or clients like HexChat[1] do not have to configure the server unless it isn’t already present in the list. If they do, they already will have to manually configure either TLS or plaintext. There is no “default.”

I mention SASL because it is relevant to security posture, especially if the user wasn’t connecting via TLS. Although of course the server could allow PLAINTEXT in practice there’s no point in supporting that because IRC already had native plaintext server authentication.

[1]: https://github.com/hexchat/hexchat/blob/3d1d9e1716d66abb6921...