This site is deprecated; docs have moved to docs.inspircd.org!
In 1.2 of InspIRCd, clients may send STARTTLS before client registration to switch a plaintext socket to GNUTLS mode. After this point, the server expects the TLS handshake. No further plaintext should be sent and there is no way to revert back to plaintext after this point.
To detect STARTTLS capability, the client should implement the CAP extension and check CAP LS for the 'tls' capability. If this is available, then STARTTLS can be used. If it is not available the client must remain plaintext or fall back on a dedicated SSL port.