Forums Feature Suggestions DCC SSL

mIRC's got support for SSL server connections and SSL sockets, so why not SSL DCC chat/send? KVIRC already supports this, but I don't know how it does so (DH vs certs). My suggestion is to use a simple DH exchange, so there's no need for either side to have certificates, though it's an option, supposing Khaled implements it.

I'd rather have other aspects of mIRC improved, instead of adding something thats practically useless. mIRC was never intended to be a file sharing program, thus it doesn't need SSL for DCC.

DCC can also be used for chat. I don't use it, but I can see how a secure chat would be preferable.

-genius_at_work

I doubt SSL for DCC really has anything to do with filesharing. A DCC connection is a closed link so it's highly unlikely illegal filesharers would want to use extra CPU resources encrypting a connection that can't easily be traced by copyright holders anyway (I assume that's what you think they'd use it for). Even if we're talking legitimate files, if a file was private enough to be worth encrypting it's unlikely you'd be sending it out via filesharing at all.

Far more likely it'd be used to send the occasional private file (which is what DCC SEND was intended for) or that it'd be used for private DCC CHAT sessions.

SSL for dcc chat sessions would be nice.... a lot of irc bots for example use a dcc chat interface for administration (EM,Eggdrop,regular mirc bots,and many other flavors). It is fairly common for a dcc chat interface to be used for a bot rather than a private message because of the ability to add authentication (if not built in already) with a lot more ease.

As far as SSL goes in general, im still somewhat irritated by the fact that there is no way to overrider the prompts to acceptance on server connection... it can become very annoying having to check the box (to auto accept in future) and click accept EVERY TIME regardless of how many times it has been done in the past. I spent a conciderable amount of time trying to find an inconcistancy with the server side certificates or a concistancy with those that never seem to save with no luck, seems to me that perhaps it is mirc that is not correctly saving them or recognising the saved ones. This is further evident by the fact that if i clear them all, different ones will be saved properly the next time while others that may have been fine before no longer auto accept once they have been told to.

Sorry to go OT, seemed appropriate to mention again and didnt want to make a new thread as its been mentioned in the past.

I love the immediate jump from DCC SSL to OMG PIRACY. If I wanted to share files with leet encryption, I'd use something infinitely better than IRC, such as a torrent on a private tracker. By the by, if mIRC wasn't intended as a file sharing system, then why is the ability to send files, file servers, and remotely trigger file servers built into it? There's even a feature to limit a person to one remotely triggered file server session at a time. But that's off topic for this thread. Anyway, back to the original point of my post. I use DCC for administration of my network's services and for my eggdrops. Passwords for logging in are sent in plain text over the network. Sometimes I have to use hotel or cafe wireless to access things, so the more encryption, the better, even if it's lowly 48bit SSL.

I know this thread is somewhat old, but I'd like to add my vote in for Secure DCC. Since mIRC already has SSL and DCC, I wouldn't think it incredibly difficult to implement. Also: this has nothing to do with filesharing; some of us would simply like the ability to have a private conversation or exchange confidential information in a direct and secure environment. This feature would be greatly appreciated.

i also have to agree, allowing ssl sockets to be created fullstop would be good ie /socklisten, as well as DCC SEND / DCC CHAT, etc.

I'm sorry to bump, but I'm wondering if any further consideration was ever given to this. I was browsing and noticed a couple other clients that now support it, so apparently some kind of standard is in place ("/ctcp DCC SCHAT" seems to be it). As someone who uses DCC regularly, I'd really like to see this in mIRC. Thank you,

Jinx

Don't worry. Actually - thanks for digging it. I fully support it.


No, but it has features that makes it fully capable of being one, so that is actually incorrect.

This idea has my full approvement, since the bot I'm currently writing uses DCC Chat to run a "partyline".

Yeh, I like the idea of "/socklisten -e" :P
(Listening with sockets using SSL)

Glad u dugg it up as well, I've been going to ask for this ever since SSL was first on mIRC. I would go certificates though.

Generally, Someone wanting to use something like this would know how... Kinda like providing your own SSL DLL's.

try having it set up on when u send it it encodes it and when u recieve it it decodes it
like
alias msg.send { msg =$nick $encode($1-,bl6) }
alias msg.recieve { msg =$nick $decode($1-) }
etc.

if u care so much :P

Thats not 'secure'

Yeah, I'm afraid that isn't very secure. Plus, one would have to write an additional script for the other end--say for example, a TCL script for an Eggdrop bot. True, the Eggdrop would need a script (or module) for SSL anyway, but at least this way it would use an already standardized/secure method.

I'm glad there was positive response to my bump. I don't have much precedent for positive response, so I'm really not sure how to act, except to say thank you, and hope that DCC SSL is deemed an important enough (or at least popular enough, if this thread keeps going) feature to implement as soon as possible. Thanks again,

Jinx

Even if DCC SSL wasnt created, but we were givem "socklisten -e" it would work for DCC SSL. We allready have "sockopen -e" if you are connecting to somewhere else, but nothing for incoming connections at this time

BTW, RE: Positive reaction, We didn't do it for you :P We did so because we wanted it. - Good digg though

So... if anyone thought my last bump was late, this will surely top it. Nearly 7 years it has been, and I'm still wondering about DCC SSL.

Apparently both Eggdrop and KVIrc now support it as "SCHAT". Do recent versions of mIRC also support it? Is there any documentation for it? I can't seem to find any in the changelog or on the site. (Is there an easy way to download only the help file?)

Also: was /socklisten -e ever implemented?

Thanks in advance for the information.

Not yet, but I really hope it oneday does.