[IRCServices Coding] 2 feature requests

Martin Pels martinpels at hotmail.com
Thu Jul 24 03:02:41 PDT 2003


Hello,

On our network we're currently taking a look on how we can make things more
secure. And while doiung that we came up with a couple of ideas to improve
IRCServices.

One of the things we did is link all of our servers through SSL, and gave
clients the option to connect through SSL as well. Now the only thing on our
net that isn't connected through SSL is Services.
Are there any plans to add this to IRCServices? I didn't see anything about
it in the TODO.

The second idea is about the encrypted passwords. As stated in the
IRCServices documentation SENDPASS and GETPASS won't work with encryption
enabled because of the way md5 works.
This introduces the problem that users will have to contact an Oper in case
they lose their password.
Would it be possible to, when encryption is enabled, change the behaviour of
SENDPASS so that it won't send the user's password (because this is not
possible), but generate a new random password for the user and send that to
the user's e-mail address instead?

Grtz,
Rodecker