9 .ds CH Default Port for IRC via TLS/SSL
11 .ds RH October 7, 2010
16 .\" 5678901234567 check 72 column width 12345678901234567890123456789012
17 Internet Draft Richard Hartmann
18 Independent Submission
19 Intended status: Informational
20 Expires: April 4, 2011
21 Updates: 1459, 2810, 2811, 2812, 2813
25 Default Port for IRC via TLS/SSL
26 draft-hartmann-default-port-for-irc-via-tls-ssl-06
33 This document describes the established best industry practice of
34 listening on TCP port 6697 for incoming IRC connections encrypted via
40 This Internet-Draft is submitted in full conformance with the
41 provisions of BCP 78 and BCP 79.
43 Internet-Drafts are working documents of the Internet Engineering
44 Task Force (IETF). Note that other groups may also distribute
45 working documents as Internet-Drafts. The list of current
46 Internet-Drafts is at http://datatracker.ietf.org/drafts/current.
48 Internet-Drafts are draft documents valid for a maximum of six
49 months and may be updated, replaced, or obsoleted by other
50 documents at any time. It is inappropriate to use Internet-Drafts
51 as reference material or to cite them other than as
57 Copyright (c) 2010 IETF Trust and the persons identified as the document
58 authors. All rights reserved.
60 This document is subject to BCP 78 and the IETF Trust's Legal Provisions
61 Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect
62 on the date of publication of this document. Please review these documents
63 carefully, as they describe your rights and restrictions with respect to
64 this document. Code Components extracted from this document must
65 include Simplified BSD License text as described in Section 4.e of
66 the Trust Legal Provisions and are provided without warranty as
67 described in the Simplified BSD License.
74 .so draft-hartmann-default-port-for-irc-via-tls-ssl.toc
84 Although system port assignments for both plain text (TCP/UDP port
85 194) and TLS/SSL encrypted (TCP/UDP port 994) IRC traffic exist
86 [IANALIST], it is common practice amongst IRC networks not to use
87 them for reasons of convenience and general availability on systems
88 where no root access is granted or desired.
90 IRC networks have defaulted to listening on TCP port 6667 for plain text
91 connections for considerable time, now. This is covered by the IRCU
92 assignment of TCP/UDP ports 6665-6669.
94 Similar consensus has been reached within the IRC community about
95 listening on TCP port 6697 for incoming IRC connections encrypted via
101 An IRC client connects to an IRC server. Immediately after that,
102 a normal TLS/SSL handshake takes place. Once the TLS/SSL connection
103 has been established, a normal IRC connection is established via the
104 tunnel. Optionally, the IRC server may set a specific umode for
105 the client, marking it as using TLS/SSL. Again optionally, an
106 IRC server might offer the option to create channels in such a way
107 that only clients connected via TLS/SSL may join.
110 3. Security Considerations
112 The lack of a common, well established listening port for IRC via TLS/SSL
113 could lead to end users being unaware of their IRC network of choice
114 supporting TLS/SSL. Thus, they might not use encryption even if they
117 It should be noted that this document merely describes client-to-server
118 encryption. There are still other attack vectors like malicious
119 administrators, compromised servers, insecure server-to-server
120 communication, channels that do not enforce encryption for all channel
121 members, malicious clients or comprised client machines on which logs are
124 Those attacks can by their very nature not be addressed by
125 client-to-server encryption. Additional safe-guards are needed if a
126 user fears any of the threats above.
129 4. IANA Considerations
131 An assignment of TCP port 6697 for IRC via TLS/SSL will be requested.
132 The proposed keyword is "irc" and the description "Internet Relay Chat
136 ircs-u 6697/tcp Internet Relay Chat via TLS/SSL
138 Additionally, a clean-up of the current naming scheme will be requested.
139 The author is trying to get into contact with the assignees.
142 ircs 994/tcp Internet Relay Chat via TLS/SSL
144 ircs 994/udp Internet Relay Chat via TLS/SSL
147 irc-u1 6665/tcp Internet Relay Chat
148 irc-u2 6666/tcp Internet Relay Chat
149 irc-u3 6667/tcp Internet Relay Chat
150 irc-u4 6668/tcp Internet Relay Chat
151 irc-u5 6669/tcp Internet Relay Chat
153 irc-u1 6665/udp Internet Relay Chat
154 irc-u2 6666/udp Internet Relay Chat
155 irc-u3 6667/udp Internet Relay Chat
156 irc-u4 6668/udp Internet Relay Chat
157 irc-u5 6669/udp Internet Relay Chat
162 5. Informative References
165 [IANALIST] http://www.iana.org/assignments/port-numbers , Sep 15, 2010
168 [TOP100] http://irc.netsplit.de/networks/top100.php , Sep 15, 2010
171 [MAVERICK] http://irc.netsplit.de/networks/lists.php?query=maverick , Sep 27, 2010
177 Thanks go to the IRC community at large for reaching a consensus.
179 Special thanks go to the IRC operators who were eager to support port
180 6697 on their respective networks.
183 APPENDIX A: Supporting data
185 As of October 2010, out of the top twenty IRC networks [TOP100],[MAVERICK],
186 ten support TLS/SSL. Only one of those networks does not support TLS/SSL via
187 port 6697 and has no plans to support it. All others supported it already or
188 are supporting it since being contacted by the author. A more detailed
189 analysis is available but does not fit within the scope of this document.
198 Email: richih.mailinglist@gmail.com
199 http://richardhartmann.de
207 01 - fixed [MAVERICK]
209 02 - removed self-reference as RFC
210 added reference to [RFC1700]
212 03 - removed reference to RFC 1700 as per RFC 3232
214 04 - added section "Technical Details"
215 expanded section "Security Considerations"
216 Changed "Intended status" to "Experimental" at RFC authors'
219 05 - Moved "Abstract" to the top of the document
220 Changed "Intended status" back to "Informational"
221 Added renaming suggestions for old assignments
222 Removed section "Comments"
223 Removed ".txt" from document name
224 Removed "Full Copyright Statement"
225 Other minor clean-ups
227 06 - Introduced unique port keys