DALnet have recently added SSL (secure socket layer) connection capabilities to all their servers. The rolling upgrade was one of the reasons why DALnet servers were behaving so oddly a month or so ago. They had to be taken off-line one by one to have the code patches installed.
SSL is meant to provide end to end encryption of all sessions between your IRC client and server which reduces the risk of having passwords or other confidential information stolen. DALnet have also added both a new user mode +S to indicate that an SSL connection is in use, and a new optional channel mode +S for channels that require all users to be SSL connected as a condition of entry.
I wanted to test the new SSL facilities with my default IRC client MacIrssi which is basically a Cocoa GUI version of the well known Unix terminal Irssi client. There is plenty of documentation about using Irssi, but very little about MacIrssi, so I was curious to see how well this would play.
Establishing a connection to an SSL socket on a DALnet server turned out to be simple enough:
/connect -SSL irc.dal.net 6697
This asks the normal DALnet random server to redirect you to an available server using the TCP port 6697 which is mandatory for SSL connections on DALnet. (Other IRC networks may use different port numbers for SSL). The normal MOTD and connection scroll appears on screen in your console window, and a quick check on /whois nick returns an extra line of information confirming that you are using a secure connection.
So far so good.
The snag turned out to be that DCC CHAT commands no longer worked, even though my firewall and NAT router were correctly set, and DCC CHAT worked without difficulty on a non-SSL connection. It seems that the SSL connection module used in MacIrssi is hard-coded to offer only *secure* DCC chat connections which requires the creation and exchange of information between clients to validate self-written SSL authentication certificates. The only quick way of getting a DCC CHAT session to work with an unsecured peer over an SSL server connection at my end was to use the reverse DCC mode
/ctcp <nick> chat
This prompts the target nick to offer you a DCC CHAT which you then accept with
/dcc chat <nick>
After which everything else works normally inside the MacIrssi Cocoa interface.
(N.B. If you are using a different IRC client you will need to consult documentation, and in the case of mIRC, you will have to download and install an extra Open SSL code plug-in to make use of secure connections on DALnet. see http://www.mirc.com/ssl.html)