Closed ThomasWaldmann closed 8 years ago
AmauryCarrade
commented
8 years ago I totally support this.
It would also be useful to add an option to the embed URLs, like https://kiwiirc.com/client/chat.freenode.net:6697/?ssl#borgbackup.
I need such an option to be able to provide a direct connexion link to an IRC server through SSL. I can use other methods (like telling the users to check the case), but this would really be useful for user experience and security.
prawnsalad
commented
8 years ago You can specify SSL/TLS by using the standard + in front of the port which is used in most places. example: https://kiwiirc.com/client/irc.network.org:+6697
However, note that on kiwiirc.com, when network admins register their network they can override the connection details that all users connecting to their network uses. Example, irc.example.net may be a registered network on kiwiirc.com and has it set so that all connections go to irc.example.net:+6697. That's with SSL/TLS. That's why despite not having the SSL option selected for some network it will always connect using it anyway.
With all the networks out there using kiwiirc so far, almost all networks support the standard non-ssl/tls port of 6667 while only about half of them support SSL/TLS on port 6697. So we can't default the port to the SSL/TLS port for non-registered networks as yet unfortunately.
ThomasWaldmann
commented
8 years ago Interesting, is this documented somewhere?
Also, can you please make it transparent to the user whether his connection to irc server is encrypted or not?
prawnsalad
commented
8 years ago The TLS option in the address isn't mentioned in the docs as it's very standard but I could put it on https://kiwiirc.com/embedding for completion.
As for the registered networks, that's mentioned when admins register their networks so they know what will happen.
If one creates a link to kiwiirc service via https://kiwiirc.com/embedding , it looks like this:
It uses TLS (https) to your website, which is good.
But: if one follows that link and clicks on "server and network" on the target page, "SSL" is not checked in the settings.
Does that mean that your service does not use TLS ("SSL") to talk to the freenode irc server?
I think this should be on by default. Or at least there should be a way to create a link that enables this settings automatically.
And the setting should be called "TLS" nowadays, "SSL" was not used as protocol name after SSL v3 (which is unsecure and hopefully not used by you).