It's not correct to say that HTTPS strictly uses SSL.
A secure (web) server will not support SSLv2 nor SSLv3, because these are vulnerable to attacks like POODLE and DROWN.
In the case of having a server that uses SSL and not TLS you now have the problem of vulnerabilities, web browser security warnings, and outdated cipher suites.
My point is not to discourage any coder from trying new things or to dissuade basic Internet privacy and security measures. My point is that SSL is not secure, it is deprecated by IETF for its vulnerabilities and therefore lack of security, and TLS should be used instead.
Looking around at using SSL in standard listening sockets in C++ doesn't look like it's a huge burden either.
Writing an SSL/TLS implementation using only the standard C++ library (with Windows API) would be a massive undertaking, even if it is susceptible to vulnerabilities. There is at least one reason why Khaled is using the OpenSSL library for SSL/STARTTLS. If you think it's not a huge burden, then write your own DLL and use that for mIRC.
I can only imagine that SSL is still supported in mIRC for legacy reasons, and Khaled is working to fully implement TLS if he hasn't already put this into his plans.
So the thought for me isn't "Why not allow /socklisten for SSL," because that's out of the question. What I wonder instead is "Why not do full server/client TLS support for sockets in mIRC, since the IETF basically prohibits SSL now?"
So if you're a C++ programmer, take a look at this minimal TLS server
, where OpenSSL has already done most of the work for you, but note that this code uses SSLv23_server_method(), so you should actually fix that by reading this documentation