you are absolutely correct afaict. DH1080 does not protect you against MITM attacks for the reasons you have mentioned. If you want to be 100% sure that you are not being spied on you would still have to exchange keys over a secure channel outside of IRC. (Not a big deal IMHO). DH1080 is useful when you aren't suspecting to be actively tracked or that a man in the middle is intercepting all DH1080 key exchanges. I still think DH1080 is useful when you don't require absolute security but rather want to make sure that you're not piping plain text through an irc server.

There have been attempts to implement pgp style key exchanges over IRC (i know mouser of mircryption had something like that) but it wasn't all that user-friendly and therefor didn't end up to be a success story.

Edeit: It seems Blowfish-EBC and DH1080 are pretty much the community-driven and self-established standard now. There have also been attempts (proposals) to standardize the encryption but i don't think that went anywhere. There's a nice proposal at http://www.bjrn.se/ircsrp/ircsrp.2.0.txt but i guess noone cared enough yet.

Last edited by trashcan; 28/05/10 11:32 AM.