[IRCServices] RE: IRCServices Digest, Vol 16, Issue 6

crs97 ruldaen at wfsg.net
Wed Apr 14 01:34:05 PDT 2004


I really like this idea as well!!

-----Original Message-----
From: ircservices-bounces at ircservices.za.net
[mailto:ircservices-bounces at ircservices.za.net] On Behalf Of
ircservices-request at ircservices.za.net
Sent: Tuesday, April 13, 2004 10:03 PM
To: ircservices at ircservices.za.net
Subject: IRCServices Digest, Vol 16, Issue 6

Send IRCServices mailing list submissions to
	ircservices at ircservices.za.net

To subscribe or unsubscribe via the World Wide Web, visit
	http://www.ircservices.za.net/mailman/listinfo/ircservices
or, via email, send a message with subject or body 'help' to
	ircservices-request at ircservices.za.net

You can reach the person managing the list at
	ircservices-owner at ircservices.za.net

When replying, please edit your Subject line so it is more specific
than "Re: Contents of IRCServices digest..."


Today's Topics:

   1. secure Identify Feature.. ( Dionisios K. )
   2. RE: secure Identify Feature.. (Dionisios K.)
   3. Re: secure Identify Feature.. (Craig Edwards)
   4. RE: secure Identify Feature.. (M)
   5. Re: RE: [IRCServices] secure Identify Feature.. (Craig McLure)
   6. RE: RE: [IRCServices] secure Identify Feature.. (M)
   7. Re: RE: RE: [IRCServices] secure Identify Feature.. (Craig McLure)
   8. Re: RE: RE: [IRCServices] secure Identify Feature..
      (Andrew Church)
   9. Re: RE: RE: [IRCServices] secure Identify Feature..
      (David D. Wachtveitl)
  10. Re: RE: RE: [IRCServices] secure Identify Feature..
      (Andrew Church)
  11. Re: RE: RE: [IRCServices] secure Identify Feature..
      (David D. Wachtveitl)


----------------------------------------------------------------------

Message: 1
Date: Tue, 13 Apr 2004 13:13:46 +0100 (BST)
From: " Dionisios K. " <vonitsa_net at yahoo.gr>
Subject: [IRCServices] secure Identify Feature..
To: ircservices at ircservices.za.net
Message-ID: <20040413121346.62294.qmail at web86105.mail.ukl.yahoo.com>
Content-Type: text/plain; charset=iso-8859-7

Hello.
A new command may be added to ircservices (or not..).
The command will be like this:

/cs set #channel restrictid on-off

If the option is "on" the /cs identify command will be
allowed only to channel accessed users even if someone
else have the password. If the option is "off" the /cs
identify command will be allowed to anyone who have
the password.

Please reply:))



------------------------------

Message: 2
Date: Tue, 13 Apr 2004 10:48:08 -0700 (PDT)
From: "Dionisios K." <vonitsa_net at yahoo.gr>
Subject: RE: [IRCServices] secure Identify Feature..
To: Ircservices at ircservices.za.net
Message-ID: <20040413174808.38288.qmail at web86106.mail.ukl.yahoo.com>
Content-Type: text/plain; charset=us-ascii

Sorry for my english.. A channel accessed user is a
user who have access to a channel.

=====
Dionisios K. - VoNiTsA On GrNet




------------------------------

Message: 3
Date: Tue, 13 Apr 2004 20:26:52 +0100
From: "Craig Edwards" <brain at winbot.co.uk>
Subject: Re: [IRCServices] secure Identify Feature..
To: "ircservices" <ircservices at ircservices.za.net>
Message-ID: <200404131926.i3DJQqv02204 at brainbox.winbot.co.uk>
Content-Type: text/plain;	charset="iso-8859-1"

i really like this idea, hope it gets put into 5.1 or whenever...

>Hello.
>A new command may be added to ircservices (or not..).
>The command will be like this:
>
>/cs set #channel restrictid on-off
>
>If the option is "on" the /cs identify command will be
>allowed only to channel accessed users even if someone
>else have the password. If the option is "off" the /cs
>identify command will be allowed to anyone who have
>the password.
>
>Please reply:))
>
>------------------------------------------------------------------
>To unsubscribe or change your subscription options, visit:
>http://www.ircservices.za.net/mailman/listinfo/ircservices




------------------------------

Message: 4
Date: Tue, 13 Apr 2004 21:59:58 +0100
From: "M" <mark at ctcp.net>
Subject: RE: [IRCServices] secure Identify Feature..
To: "'IRC Services General Mailing List'"
	<ircservices at ircservices.za.net>
Message-ID: <E1BDV12-0007Y1-0X at anchor-post-33.mail.demon.net>
Content-Type: text/plain;	charset="US-ASCII"

Isn't this already available: by default only the founder knows the password
so only that person can identify for it. If for some peculiar reason the
founder wants to share the password they can. 

This "option" does not seem to create a benefit and merely adds unnecessary
complexity.

M.

> -----Original Message-----
> From: ircservices-bounces at ircservices.za.net 
> [mailto:ircservices-bounces at ircservices.za.net] On Behalf Of 
> Dionisios K.
> Sent: 13 April 2004 13:14
> To: ircservices at ircservices.za.net
> Subject: [IRCServices] secure Identify Feature..
> 
> Hello.
> A new command may be added to ircservices (or not..).
> The command will be like this:
> 
> /cs set #channel restrictid on-off
> 
> If the option is "on" the /cs identify command will be 
> allowed only to channel accessed users even if someone else 
> have the password. If the option is "off" the /cs identify 
> command will be allowed to anyone who have the password.
> 
> Please reply:))
> 
> ------------------------------------------------------------------
> To unsubscribe or change your subscription options, visit:
> http://www.ircservices.za.net/mailman/listinfo/ircservices
> 




------------------------------

Message: 5
Date: Tue, 13 Apr 2004 23:50:12 +0100
From: "Craig McLure" <Craig at chatspike.net>
Subject: Re: RE: [IRCServices] secure Identify Feature..
To: "mark at ctcp.net, IRC Services Gene" <mark at ctcp.net,
	ircservices at ircservices.za.net>
Message-ID: <mailman.61.1081907989.777.ircservices at ircservices.za.net>
Content-Type: text/plain;	charset="iso-8859-1"

This command would add things to make the channel more secure thou, If you
did give the channel founder password to people you trust, and you find its
being abused, you can simply remove that person from the access list, this
way you dont need to worry about changing the password and re-distributing
it :) 

/****************************************
 *     Craig "FrostyCoolSlug" McLure
 * InspIRCd   - http://www.inspircd.org  - REVIVED
 * ChatSpike  - http://www.chatspike.net
 ****************************************/


/****************************************
 * From    - M <mark at ctcp.net>
 * To      - 'IRC Services General Mailing List'
<ircservices at ircservices.za.net>
 * Sent    - 2004-04-13 21:59:58
 * Subject - RE: [IRCServices] secure Identify Feature..
 ****************************************/

/****** - Begin Original Message - ******/

>Isn't this already available: by default only the founder knows the
password
>so only that person can identify for it. If for some peculiar reason the
>founder wants to share the password they can. 
>
>This "option" does not seem to create a benefit and merely adds unnecessary
>complexity.
>
>M.
>
>
>------------------------------------------------------------------
>To unsubscribe or change your subscription options, visit:
>http://www.ircservices.za.net/mailman/listinfo/ircservices
>.

/******* - End Original Message - *******/





------------------------------

Message: 6
Date: Wed, 14 Apr 2004 00:08:45 +0100
From: "M" <mark at ctcp.net>
Subject: RE: RE: [IRCServices] secure Identify Feature..
To: "'IRC Services General Mailing List'"
	<ircservices at ircservices.za.net>
Message-ID: <E1BDX1f-0001VX-0X at anchor-post-33.mail.demon.net>
Content-Type: text/plain;	charset="US-ASCII"

Craig McLure wrote:
> This command would add things to make the channel more secure 
> thou, If you did give the channel founder password to people 
> you trust, and you find its being abused, you can simply 
> remove that person from the access list, this way you dont 
> need to worry about changing the password and re-distributing it :) 

The way to be secure is not to give out the founder password. You could
apply the same short sighted reason for a "/ns set
letotherpeopleaccessmynick pass" request. 

The founder password is designed to give the channel founder access to
manage the ownership of the channel. There is no need to give out the
password to anyone, channel management through others is provided via op
status. 

If for some peculiar reason a channel founder wishes to share the password
then IMO that is their problem. The chances are that any user that would
require modifying the access list to "fix" this, would likely be attempted
too late since a rogue user could have merely taken ownership of the channel
thereby making the option and the founder password redundant and merely make
it a problem that administrators waste time on. 

The founder can already provide access to whatever commands an op needs via
levels which is far more secure and already subject to access list
restrictions. 

What function of founder status is required that warrants removing the
founder status by supporting sharing of it? 

M. 




------------------------------

Message: 7
Date: Wed, 14 Apr 2004 00:39:43 +0000
From: "Craig McLure" <Craig at chatspike.net>
Subject: Re: RE: RE: [IRCServices] secure Identify Feature..
To: "mark at ctcp.net, IRC Services Gene" <mark at ctcp.net,
	ircservices at ircservices.za.net>
Message-ID: <mailman.62.1081907989.777.ircservices at ircservices.za.net>
Content-Type: text/plain;	charset="iso-8859-1"

I read this mail, and read it again, and its absolutly right, with some
careful manipulation of the /cs levels command, along with /cs access, you
can basically give people 'Founder' privs without them being founder.
Another possible advantage to this command thou.. If for some weird reason,
someone finds your channel password, this command would prevent them from
doing anything with it, as they would not be able to log on as channel
founder (Unless they were on the access list). sometimes the distributation
of channel passwords may be present when the real founder cant get at the
channel for various reasons, and they give the password to the successor, or
someone else trustworthy. From where i'm sitting, I cant really see any
other real use for this function.

/****************************************
 *     Craig "FrostyCoolSlug" McLure
 * InspIRCd   - http://www.inspircd.org  - REVIVED
 * ChatSpike  - http://www.chatspike.net
 ****************************************/


/****************************************
 * From    - M <mark at ctcp.net>
 * To      - 'IRC Services General Mailing List'
<ircservices at ircservices.za.net>
 * Sent    - 2004-04-13 23:08:45
 * Subject - RE: RE: [IRCServices] secure Identify Feature..
 ****************************************/

/****** - Begin Original Message - ******/

>Craig McLure wrote:
>> This command would add things to make the channel more secure 
>> thou, If you did give the channel founder password to people 
>> you trust, and you find its being abused, you can simply 
>> remove that person from the access list, this way you dont 
>> need to worry about changing the password and re-distributing it :) 
>
>The way to be secure is not to give out the founder password. You could
>apply the same short sighted reason for a "/ns set
>letotherpeopleaccessmynick pass" request. 
>
>The founder password is designed to give the channel founder access to
>manage the ownership of the channel. There is no need to give out the
>password to anyone, channel management through others is provided via op
>status. 
>
>If for some peculiar reason a channel founder wishes to share the password
>then IMO that is their problem. The chances are that any user that would
>require modifying the access list to "fix" this, would likely be attempted
>too late since a rogue user could have merely taken ownership of the
channel
>thereby making the option and the founder password redundant and merely
make
>it a problem that administrators waste time on. 
>
>The founder can already provide access to whatever commands an op needs via
>levels which is far more secure and already subject to access list
>restrictions. 
>
>What function of founder status is required that warrants removing the
>founder status by supporting sharing of it? 
>
>M. 
>
>
>------------------------------------------------------------------
>To unsubscribe or change your subscription options, visit:
>http://www.ircservices.za.net/mailman/listinfo/ircservices
>.

/******* - End Original Message - *******/





------------------------------

Message: 8
Date: Wed, 14 Apr 2004 09:42:30 JST
From: achurch at achurch.org (Andrew Church)
Subject: Re: RE: RE: [IRCServices] secure Identify Feature..
To: ircservices at ircservices.za.net
Message-ID: <407c8f26.04340 at achurch.org>
Content-Type: text/plain; charset=ISO-2022-JP

>Another possible advantage to this command thou.. If for some weird
>reason, someone finds your channel password, this command would prevent
>them from doing anything with it, as they would not be able to log on as
>channel founder (Unless they were on the access list).

     It's always been my policy not to try and defend against user
stupidity; "build idiot-proof software, and Nature will build a better
idiot"--it's a losing battle.  I realize that with the glut of online
services these days, it's next to impossible to memorize "good", distinct
passwords for everything, and I'll admit even I keep my less important
passwords stored in an encrypted file on my PC.  Nonetheless, the password
itself should almost never be needed, since the founder can perform all
founder functions (except dropping) by identifying for their nick.  If the
founder does choose to share the password, e.g. while going on vacation,
and said password is abused, as far as I'm concerned that's their fault,
and there's nothing Services should do about it.

  --Andrew Church
    achurch at achurch.org
    http://achurch.org/



------------------------------

Message: 9
Date: Tue, 13 Apr 2004 21:12:19 -0400
From: "David D. Wachtveitl" <dwachtve at hotmail.com>
Subject: Re: RE: RE: [IRCServices] secure Identify Feature..
To: "IRC Services General Mailing List"
	<ircservices at ircservices.za.net>,	"mark at ctcp.net, IRC Services
Gene"
	<mark at ctcp.net,	ircservices at ircservices.za.net>,
<Craig at chatspike.net>
Message-ID: <Sea2-DAV11p0mmhQZiC0002835a at hotmail.com>
Content-Type: text/plain;	charset="iso-8859-1"

Also, it would prevent an "over the shoulder" viewer of the password the
ability to use it.  I keep an access mask on my nick ident for this very
reason.  I think it makes some sense to have this on the channel founder as
well (as an option).  Of course, if for some reason you are the founder and
no longer have access to the mask you set for yourself, you could be sol
also :P


----- Original Message ----- 
From: "Craig McLure" <Craig at chatspike.net>
To: "mark at ctcp.net, IRC Services Gene"
<mark at ctcp.net,ircservices at ircservices.za.net>
Sent: Tuesday, April 13, 2004 8:39 PM
Subject: Re: RE: RE: [IRCServices] secure Identify Feature..


> I read this mail, and read it again, and its absolutly right, with some
careful manipulation of the /cs levels command, along with /cs access, you
can basically give people 'Founder' privs without them being founder.
Another possible advantage to this command thou.. If for some weird reason,
someone finds your channel password, this command would prevent them from
doing anything with it, as they would not be able to log on as channel
founder (Unless they were on the access list). sometimes the distributation
of channel passwords may be present when the real founder cant get at the
channel for various reasons, and they give the password to the successor, or
someone else trustworthy. From where i'm sitting, I cant really see any
other real use for this function.
>
> /****************************************
>  *     Craig "FrostyCoolSlug" McLure
>  * InspIRCd   - http://www.inspircd.org  - REVIVED
>  * ChatSpike  - http://www.chatspike.net
>  ****************************************/
>
>
> /****************************************
>  * From    - M <mark at ctcp.net>
>  * To      - 'IRC Services General Mailing List'
<ircservices at ircservices.za.net>
>  * Sent    - 2004-04-13 23:08:45
>  * Subject - RE: RE: [IRCServices] secure Identify Feature..
>  ****************************************/
>
> /****** - Begin Original Message - ******/
>
> >Craig McLure wrote:
> >> This command would add things to make the channel more secure
> >> thou, If you did give the channel founder password to people
> >> you trust, and you find its being abused, you can simply
> >> remove that person from the access list, this way you dont
> >> need to worry about changing the password and re-distributing it :)
> >
> >The way to be secure is not to give out the founder password. You could
> >apply the same short sighted reason for a "/ns set
> >letotherpeopleaccessmynick pass" request.
> >
> >The founder password is designed to give the channel founder access to
> >manage the ownership of the channel. There is no need to give out the
> >password to anyone, channel management through others is provided via op
> >status.
> >
> >If for some peculiar reason a channel founder wishes to share the
password
> >then IMO that is their problem. The chances are that any user that would
> >require modifying the access list to "fix" this, would likely be
attempted
> >too late since a rogue user could have merely taken ownership of the
channel
> >thereby making the option and the founder password redundant and merely
make
> >it a problem that administrators waste time on.
> >
> >The founder can already provide access to whatever commands an op needs
via
> >levels which is far more secure and already subject to access list
> >restrictions.
> >
> >What function of founder status is required that warrants removing the
> >founder status by supporting sharing of it?
> >
> >M.
> >
> >
> >------------------------------------------------------------------
> >To unsubscribe or change your subscription options, visit:
> >http://www.ircservices.za.net/mailman/listinfo/ircservices
> >.
>
> /******* - End Original Message - *******/
>
>
>
> ------------------------------------------------------------------
> To unsubscribe or change your subscription options, visit:
> http://www.ircservices.za.net/mailman/listinfo/ircservices
>



------------------------------

Message: 10
Date: Wed, 14 Apr 2004 10:42:57 JST
From: achurch at achurch.org (Andrew Church)
Subject: Re: RE: RE: [IRCServices] secure Identify Feature..
To: ircservices at ircservices.za.net
Message-ID: <407c9775.04373 at achurch.org>
Content-Type: text/plain; charset=ISO-2022-JP

>Also, it would prevent an "over the shoulder" viewer of the password the
>ability to use it.  I keep an access mask on my nick ident for this very
>reason.  I think it makes some sense to have this on the channel founder as
>well (as an option).  Of course, if for some reason you are the founder and
>no longer have access to the mask you set for yourself, you could be sol
>also :P

     The same issue applies for nicks, since you can identify regardless of
whether you match an access mask or not--unless you set KILL IMMED on your
nick, in which case, as you say, you're SOL.  The solution is to not let
people watch you type your password.

  --Andrew Church
    achurch at achurch.org
    http://achurch.org/



------------------------------

Message: 11
Date: Tue, 13 Apr 2004 21:59:09 -0400
From: "David D. Wachtveitl" <dwachtve at hotmail.com>
Subject: Re: RE: RE: [IRCServices] secure Identify Feature..
To: "IRC Services General Mailing List"
	<ircservices at ircservices.za.net>
Message-ID: <SEA2-DAV6wZKxnEzY0W00010f3c at hotmail.com>
Content-Type: text/plain;	charset="ISO-2022-JP"

Well, except on nicks you have the option, on the channel founder you do
not, is that not the whole point trying to be made here?  In this day and
age, it is getting to the point where you can barely go to the bathroom
without being "watched" in some manner.   The real answer would be to crypt
the passwords (so they can't be snooped/sniffed) and to not allow them to be
seen on the screen.  Knowing that is not going to happen, the current
suggestion would be a good solution.

Just my .02

----- Original Message ----- 
From: "Andrew Church" <achurch at achurch.org>
To: <ircservices at ircservices.za.net>
Sent: Tuesday, April 13, 2004 9:42 PM
Subject: Re: RE: RE: [IRCServices] secure Identify Feature..


> >Also, it would prevent an "over the shoulder" viewer of the password the
> >ability to use it.  I keep an access mask on my nick ident for this very
> >reason.  I think it makes some sense to have this on the channel founder
as
> >well (as an option).  Of course, if for some reason you are the founder
and
> >no longer have access to the mask you set for yourself, you could be sol
> >also :P
>
>      The same issue applies for nicks, since you can identify regardless
of
> whether you match an access mask or not--unless you set KILL IMMED on your
> nick, in which case, as you say, you're SOL.  The solution is to not let
> people watch you type your password.
>
>   --Andrew Church
>     achurch at achurch.org
>     http://achurch.org/
>
> ------------------------------------------------------------------
> To unsubscribe or change your subscription options, visit:
> http://www.ircservices.za.net/mailman/listinfo/ircservices
>



------------------------------

_______________________________________________
IRCServices mailing list
IRCServices at ircservices.za.net
http://www.ircservices.za.net/mailman/listinfo/ircservices


End of IRCServices Digest, Vol 16, Issue 6
******************************************