[IRCServices Coding] 2 feature requests

Andrew Church achurch at achurch.org
Fri Jul 25 22:25:58 PDT 2003


     I'm not seriously considering SSL because I assume that if you're
running Services and the ircd on separate machines, it's because you don't
have enough CPU power to run them both, and adding SSL processing wouldn't
help that condition.  If you do want to encrypt the data, I'd assume you
could use tunnelling software to do it.  (Poor man's tunnel:
ssh -L localport:remotehost:remoteport remotehost)

     The suggestion of making SENDPASS generate a new password has been
suggested before, and I'm considering it as a possibility for 5.1.

  --Andrew Church
    achurch at achurch.org
    http://achurch.org/

>Hello,
>
>On our network we're currently taking a look on how we can make things more
>secure. And while doiung that we came up with a couple of ideas to improve
>IRCServices.
>
>One of the things we did is link all of our servers through SSL, and gave
>clients the option to connect through SSL as well. Now the only thing on our
>net that isn't connected through SSL is Services.
>Are there any plans to add this to IRCServices? I didn't see anything about
>it in the TODO.
>
>The second idea is about the encrypted passwords. As stated in the
>IRCServices documentation SENDPASS and GETPASS won't work with encryption
>enabled because of the way md5 works.
>This introduces the problem that users will have to contact an Oper in case
>they lose their password.
>Would it be possible to, when encryption is enabled, change the behaviour of
>SENDPASS so that it won't send the user's password (because this is not
>possible), but generate a new random password for the user and send that to
>the user's e-mail address instead?
>
>Grtz,
>Rodecker
>------------------------------------------------------------------
>To unsubscribe or change your subscription options, visit:
>http://www.ircservices.za.net/mailman/listinfo/ircservices-coding