[IRCServices Coding] 2 feature requests
Yusuf Iskenderoglu
uhc0 at rz.uni-karlsruhe.de
Thu Jul 24 03:32:24 PDT 2003
Hi,
Link your services using 127.0.0.1; no packet is sent to the network, no
additional CPU time will be required to encrypt/decrypt via ssl.
Fast. Efficient.
Regards;
yusuf
On Thu, 2003-07-24 at 12:02, Martin Pels wrote:
> Hello,
>
> On our network we're currently taking a look on how we can make things more
> secure. And while doiung that we came up with a couple of ideas to improve
> IRCServices.
>
> One of the things we did is link all of our servers through SSL, and gave
> clients the option to connect through SSL as well. Now the only thing on our
> net that isn't connected through SSL is Services.
> Are there any plans to add this to IRCServices? I didn't see anything about
> it in the TODO.
>
> The second idea is about the encrypted passwords. As stated in the
> IRCServices documentation SENDPASS and GETPASS won't work with encryption
> enabled because of the way md5 works.
> This introduces the problem that users will have to contact an Oper in case
> they lose their password.
> Would it be possible to, when encryption is enabled, change the behaviour of
> SENDPASS so that it won't send the user's password (because this is not
> possible), but generate a new random password for the user and send that to
> the user's e-mail address instead?
>
> Grtz,
> Rodecker
> ------------------------------------------------------------------
> To unsubscribe or change your subscription options, visit:
> http://www.ircservices.za.net/mailman/listinfo/ircservices-coding
--
------------------------------------------------------------------
| Yusuf Iskenderoglu | You get to meet all sorts, |
| eMail - uhc0 at stud.uni-karlsruhe.de| in this line of work... |
| eMail - s_iskend at ira.uka.de | |
| ICQ UIN : 20587464 \ TimeMr14C | |
------------------------------------------------------------------