communi-sailfish icon indicating copy to clipboard operation
communi-sailfish copied to clipboard

Published 20 hours ago verified publisher icon communi

SASL is "secure, encrypted authentication with the server"

Open Mikaela opened this issue 10 years ago • 4 comments

SASL (PLAIN (https://github.com/communi/libcommuni/issues/23)) is not any more secure/encrypted than any other way to identify and if you want it to be encrypted, you also use SSL connection and check server certificates (communi doesn't do this as far as I know).

Mikaela avatar Feb 11 '15 05:02 Mikaela

I don't understand, what exactly is the issue here?

Venemo avatar Aug 18 '15 11:08 Venemo

That the "Use SASL" checkbox misleadingly calls it as "secure, encrypted authentication with the server". In reality IRC SASL doesn't have encryption (unless you use SSL/TLS) and isn't more secure than any other way to identify to services.

More proper message would be that "SASL automatically identifies you to NickServ before you join channels", which is simplification, but everyone would understand what it does.

Mikaela avatar Aug 18 '15 14:08 Mikaela

@Mikaela So if I understand correctly, there isn't an actual problem with SASL, just the wording that is on the UI is not clear enough, right?

Venemo avatar Aug 21 '15 16:08 Venemo

Yes, the only issue is misleading wording.

Mikaela avatar Aug 21 '15 16:08 Mikaela