Using IRC for Electronic Meetings? 67
paenguin asks: "Our Linux User Group sometimes needs to hold Exec meetings, electronically. We have used IRC in the past, but it leaves us with a problem: there is no easy or built-in way to prove who is who. Do Slashdot readers know of a way to provide non-repudiation over IRC, or of another open source method of holding group electronic meetings where we can verify that everyone is who they say they are?" Wouldn't a private IRC server, with a combination of suitable IRC services (ala NickServ and ChanServe) and fairly restrictive policies, be one solution to this problem? How would you set up such a system? For those willing to brave the setup hassles, might some form of secure IRC also be an option?
Don't you have OSS IM software? (Score:5, Insightful)
The IM server is responsible for authentication, so you just add your buddies and then start chatting. Seems simple.
Re:Don't you have OSS IM software? (Score:4, Informative)
Jabber also supports SSL and is extensible (so can support things like group-conference room logging).
Re:Don't you have OSS IM software? (Score:2, Informative)
OP: Here is a solution. (Score:3, Funny)
Re:OP: Here is a solution. (Score:2)
There is room for a killer app in the avatar based chat scene, and SWG might just be it.
Re:OP: Here is a solution. (Score:1)
uhh - other IM services? (Score:4, Insightful)
Re:uhh - other IM services? (Score:4, Insightful)
Re:uhh - other IM services? (Score:2)
Ustjay alktay inway igpay atinlay!
Video Conferencing (Score:1, Insightful)
Why not use Video Conferencing software? There would then be no question as to who is who
Identification in IRC (Score:3, Insightful)
Years ago... (Score:3, Informative)
I was quite active on Austnet. They had NickOp which was used for registerring a nickname and for
logging in. They had Chanop which was for maintaining channels etc. They had noteop for sending messages. So, to answer your question, I'd either use Austnet, or build a private IRC server with similar funcationality. Then, create a channel via chanop, and set access to every registerred person so that Chanop ops them. Why do this? Well, you have 120 seconds to enter your password when you use a registerred nick. Chanop will not op you until you are logged in. So if somebody comes on using a nick they shouldn't, they won't be opped. When they have the @ next to their name, they've logged in, and you know who you're talking to.
Re:Years ago... (Score:2)
Re:Years ago... (Score:1)
While not on-topic, I'm geniunely curious every time I see a sig such as yours;
Can I ask you why it is you feel this way? Would you, for example, M2 "unfair" a "Flamebait" or "Troll" moderation on a Goatse, ASCII art penis, or other trite?
What is it about the threshold system that doesn't satisfy you to the point where you have taken such an extreme viewpoint?
Not looking to start any kind of argument or anything; I
Re:Years ago... (Score:2)
Thank you for taking the time to ask, I appreciate it. I doubt I'll impress you a wohle lot, but at least know that I have a lot of respect for you for asking instead of judging right away.
"Would you, for example, M2 "unfair" a "Flamebait" or "Troll" moderation on a Goatse, ASCII art penis, or other trite?"
Heh, not really, it depends. I'm just going to be up-front. I'm mad at how du
hmm... (Score:1)
umm... yes. I host such a service from my DSL line, and as there's only about 10 people on at any one time, it's plenty fast enough. Perhaps set up nickserv with their usernames and passwords beforehand, then email them to the appropriate users?
Re:hmm... (Score:2)
< plug shameless=true > Here's what we've come up with. [merseine.nu] <
Oh god no. (Score:2)
Re:Oh god no. (Score:2)
Re:Oh god no. (Score:2)
Verifying users on IRC (Score:3, Informative)
I'm considering proposing an IRC network across our group for real-time multi-person chatting -- rather than Messenger or ICQ. There are so many nice things about the very mature IRC system that gets drowned out by all the pre-teens on public IRC networks, it's worth exploring.
Re:Verifying users on IRC (Score:1)
http://www.egghelp.org/ [egghelp.org]
Re:Verifying users on IRC (Score:2)
There is at least once channel on a irc network that I'm aware of which will redirect you to the channel #please_register if you are not registered with nickserv.
Does IM allow proof of identity? (Score:2)
My immediate thought is that perhaps what's needed is not a technological solution, but one that relies on personal knowledge of other participants. "Your mother's maiden name" is probably too obvious, but "the name of the stripper that we saw last Friday" would work.
Services (Score:3, Informative)
Yes, to elaborate further in the comment in the story, the best way to establish this kind of 'identity' scheme is to make use of a set of services. Andy Church makes a very good IRC Services package which is available at http://www.ircservices.za.net [za.net] which is more than capable for performing the task at hand.
You'll need an IRC daemon which is also able to be tightly integrated with services, and for that task, I recommend using Bahamut (available at http://bahamut.dal.net [dal.net]. As the URL implies, it's the same IRCd that DALnet uses. In particular, you're looking for a channel mode which restricts channel access to registered clients only. In Bahamut, this is the +R channel mode (which is different from +r.)
Services has a channel option known as 'RESTRICTED' which will only allow people who are on that channel's access list into the channel. Everyone else will be kicked and banned automatically by services. Thus, you can have reasonable assurance that everyone who's in the channel has A) identified to their registered nick with services, and B) is supposed to be in the channel, since they're on that channel's access list. Furthermore, the status of someone's identity can be checked by doing '/MSG NickServ STATUS ', where is the nickname you want to know the status of. NickServ will then tell you if the nickname is identified to properly (i.e. via a password.)
Some of the more advanced IRC options include replacing the ancient 'ident' system with something more modern. On IRC, anyone who isn't 'identified' has a tilde (~) prefixed to their username. However, since almost anyone can put anything in the ident reply these days, this has become practically useless (it used to be that you could tell, with reasonable assurance, what user was coming from what Unix box with ident -- not so anymore.) Instead, it's possible to setup an authorization scheme that makes use of IRC's 'PASS' command to also 'identify' to a unique username.
My Synchronet IRCd (http://www.synchro.net/docs/ircd.txt [synchro.net]) makes use of this scheme by letting users be 'identified' whenever they provide the correct password and username that corresponds to the local BBS account (Synchronet is a very nice piece of BBS software for Linux/Win32/BSD/etc.) That way, a user coming online from a certain BBS without a tilde in their username is an indicator that they've identified correctly to their local BBS account. That's just one of the ways ident can be replaced to provide something more useful.
services/nickserv (Score:2)
Silc? (Score:1, Interesting)
Again, MOOs work for this sort of thing. (Score:4, Interesting)
However, I have to say that it satisfies all of your requirements and provides a great deal of flexibility for the future as well. It has its own internal programming language (affectionately but not officially known as C&) which allows you to modify basically everything without requiring a restart. It has full support for TCP/IP and file IO, and though the binary support leaves something to be desired, it is quite possible to write a fully functional HTTP server [www.moo.ca] for example.
Re:Again, MOOs work for this sort of thing. (Score:2)
Re:Again, MOOs work for this sort of thing. (Score:5, Funny)
You are in a board room. Its long, polished oval table and leatherette chairs are quite intimidating. A filter coffee machine bubbles quietly in the corner.
A Board Member is here.
A Chairman is here.
An Executive Directory is here.
An Axe is on the floor.
Re:Again, MOOs work for this sort of thing. (Score:2)
You are in a board room. Its long, polished oval table and leatherette chairs are quite intimidating. A filter coffee machine bubbles quietly in the corner.
A Board Member is here.
A Chairman is here.
An Executive Directory is here.
An Axe is on the floor.
Your PHB has entered the room and taken a seat at the table.
> Kill PHB
Kill a PHB?!! With what? Your bare hands?
> Yes
Congratulations, you have just vanquished a PHB with your bare hands!
A w
Java based bot. (Score:2)
Is it really so difficult? (Score:3, Interesting)
Use your PGP key to sign something that the mod's post. Voilla. Non-repudiation.
If you're an established group, you must have already exchanged your public keys, right?
Re:Is it really so difficult? (Score:2)
Re:Is it really so difficult? (Score:1)
Re:Is it really so difficult? (Score:2)
Send a short message to channel op signed with PGP Signature.
ChanOp verifies and invites to +i channel.
ChanOp send email to everyone on a lest, they decrypt with PGP the password for the channel then join a limited number channel.
PKE (Score:1)
solution (Score:2, Informative)
Re:solution (Score:1)
Profit!!?!?!
SILC? (Score:2, Informative)
IRC is probably not what you want (Score:3, Interesting)
After that you could use PGP to have everyone sign a newly created message with their private key, thus proving that they are who they are. However, this doesn't prevent eavesdropping, message insertion, or denial of service. If you want protection from any of these, IRC is definitely not what you want.
Re:IRC is probably not what you want (Score:3, Insightful)
Re:IRC is probably not what you want (Score:3, Informative)
Re:IRC is probably not what you want (Score:2)
redundant.
Re:IRC is probably not what you want (Score:1)
identity and security in im/conferencing clients (Score:2, Insightful)
Jabber is seconded (Score:1)
I have a simpler suggestion (Score:3, Insightful)
Lily (Score:2, Informative)
IRC for meetings? I can see where that will go. (Score:3, Funny)
* Boss sets mode +b IT_Guy012*!*@*.*
* IT_Guy012 has been kicked by Boss (YOU'RE FIRED)
Teamspeak (Score:1)
My Puzzle Pirates crew uses it, it freakin' rocks!
http://www.teamspeak.org
Private IRC server (Score:3, Informative)
Of course, then we started writing bots to emulate our presence on the channel when we were gone ("How's the new release looking?") and the company went bankrupt, but that's beside the point. :P
Consider WASTE (Score:2)
Channel key (Score:2)
Run the server yourself (Score:3, Interesting)
If you need to allow people outside the company internal network in, find out what IP address your employees will be connecting from ahead of time, make certain you are opered (/oper [ircop name] [oper password]) and check their IP address when they connect.
If it gives you a non-numerical address, use the
If the person claiming to be Bob Smith emailed you ahead of time saying he was going to use that IP, then it's him. If it's nowhere close, then it's not.
-
use jabber! (Score:1)
jabber has built-in SASL/TLS support, is proven to work just great in intranets, and is free as in beer and speech.
there's also a variety of clients for linux, windows and mac os x, <shameless ad> the best being psi [affinix.com]
You need to be a little more specific (Score:1)
If you are simply trying to keep outside people from getting into the channel set a channel password and send that out via email...internal memo...fax whatever works for you and your company.
If you need to know that each user is who they say they are find a bot/scrip