View Issue Details

IDProjectCategoryView StatusLast Update
0004982unrealircdpublic2017-08-09 14:30
ReporterGottem Assigned Tosyzop  
PrioritylowSeverityfeatureReproducibilityN/A
Status resolvedResolutionfixed 
Fixed in Version4.0.13 
Summary0004982: Strict Transport Security CAP
DescriptionPretty much just a heads-up: people have been working on an STS policy implementation for IRCv3[1], set for v3.3 it looks like. I realise it's still in draft status, hence the low priority and this being just a heads-up. =] You can follow development on Github[2] though.

I'm fairly certain a lot of people would like to see this implemented in Unreal (eventually), as there's little to no use for plaintext connections anymore in this day and age.

For a list of clients and servers that support it as of yet, check references [3] and [4]. Just look for a row with "draft/sts". Sidenote: I also noticed [4] only seems to account for Unreal 3.x, not sure if there's anything you can do to rectify that though.
Additional Information[1] http://ircv3.net/specs/core/sts-3.3.html
[2] https://github.com/ircv3/ircv3-specifications/labels/sts
[3] http://ircv3.net/software/clients.html
[4] http://ircv3.net/software/servers.html
TagsNo tags attached.
3rd party modules

Activities

syzop

2017-08-09 10:14

administrator   ~0019806

Last edited: 2017-08-09 10:16

Yeah, I agree, wish to support this. I use STS on all my websites but IRC has been lacking support for this.. even worse, IRC is used to self-signed certificates which only prevent passive attacks, not active.
Ah well. No need to write more.. the usefulness and purpose is clear :D

syzop

2017-08-09 14:30

administrator   ~0019808

draft/sts support is now added :)

https://github.com/unrealircd/unrealircd/commit/84776eeeb2a8d703e67859bf210e9919d15ba71c
https://github.com/unrealircd/unrealircd/commit/1cc6dd3d5b59622b44b7e41a90ca48973c6d457d
https://github.com/unrealircd/unrealircd/commit/ea651384f84212efa87ad074b3f40678a119219d

Issue History

Date Modified Username Field Change
2017-08-07 20:34 Gottem New Issue
2017-08-09 10:14 syzop Assigned To => syzop
2017-08-09 10:14 syzop Status new => acknowledged
2017-08-09 10:14 syzop Note Added: 0019806
2017-08-09 10:16 syzop Note Edited: 0019806
2017-08-09 14:30 syzop Status acknowledged => resolved
2017-08-09 14:30 syzop Resolution open => fixed
2017-08-09 14:30 syzop Fixed in Version => 4.0.13
2017-08-09 14:30 syzop Note Added: 0019808