Create 2017-07-24-keynote-live-dn.md

[irc/freenode/web-7.0.git] / content / kb / connect / chat.md

diff --git a/content/kb/connect/chat.md b/content/kb/connect/chat.md
index d70a78d2cc4e9758efbfbc8c6d99e389b567012f..a58ed734850c9f160b834770a1c77d0953a9de04 100644 (file)
--- a/content/kb/connect/chat.md
+++ b/content/kb/connect/chat.md
@@ -7,7 +7,8 @@ webchat](//webchat.freenode.net) or using an IRC client such as irssi, WeeChat,
 ERC, HexChat, Smuxi, Quassel or mIRC.
 
 You can connect to freenode by pointing your IRC client at `chat.freenode.net`
-on ports 6665-6667 and 8000-8002.
+on ports 6665-6667 and 8000-8002 for plain-text connections, or ports 6697, 7000
+and 7070 for SSL-encrypted connections.
 
 ## Accessing freenode Via SSL
 
@@ -32,7 +33,7 @@ that leads to freenode.
 
 For most clients this should be sufficient. If not, you can download the root
 certificate from
-[IdenTrust](https://www.identrust.com/certificates/trustid/root-download-x3.html).
+[LetsEncrypt](https://letsencrypt.org/certificates/).
 
 Client SSL certificates are also supported, and may be used for identification
 to services. See [this kb article](kb/using/certfp). If you have connected with
@@ -62,6 +63,8 @@ If you haven't set up the requisite SASL authentication, we recommend SASL
 EXTERNAL. You'll need to generate a client certificate and add that to your
 NickServ account. This is documented [in our knowledge base](kb/using/certfp).
 
+Connecting using SASL EXTERNAL requires that you connect using SSL encryption.
+
 Note that due to the SSL certificates not matching the hidden service, you
 might have to disable the verification in your client. If your client supports
 *key* pinning, you can verify our Tor server's public key fingerprint: