I based my suggestion mainly around blowfish, for the simple fact that it is already used for many, and there are already decent script/patches for other clients. So the compatibility level is fairly good. (bindings already exist for tcl/php/nix clients/etc)
Just some responses and quiries (im not particularly knowledgable about everything your discussing)
How effective would using a public key and unique per message keys be, i mean it would reqiure interaction with a third party and constant key exchanges? wouldn't that create lag? or do i misunderstand how that works.
6. As far as the current blowfish patched/scripts are concerned the best one (listed below) seems to use a Diffie-Hellman 1080bit key exchange method hashed with sha-256.
8. I think such a feature would just have to be treated in the same manner that SSL is, any dll's would not be included, but if present the options become availible for use. ie; in terms of blowfish if a compatible blowfish dll is not found the feature is simply not availible.
Again suggestion based around blowfish being the default encryption used with the feature because it is already used quite widely on mirc and other clients.
Most of the people i know that communicate over irc (at least on windows) with encryption use a patch/dll that can be found at the following url, or they use Invision which has several types of encryption already scripted in (not sure on its method, probably just a dll or its own scripted encode/decode algorithms).
http://fish.sekure.us/In the end i do agree that a more well rounded feature to dynamically support many types of encryption would be great. But that almost feels like asking to much so i would probably be happy with just the native blowfish (obviously a little more well rounded and bugless than the above example)
