> I was thinking about this, and I came up with an idea as to host-hiding. > With the current system, there is always a chance to get the user's host > by using a NOTIFY event (mIRC and similar clients) to send a WHOIS > <user> upon connection. Even if the client logs in by default on connect > (not always the best idea), because of services<->user lag, it is still > possible to obtain the real host.
Well, just so you know, it's in process. > On to my idea. Instead of logging into services via a PRIVMSG command to > X, what about making the account login as an optional part of the > connection proccess. Logins would work something like this. > > /server mesa.az.us.undernet.org <port> [[optional server > password]:[<account name>:<password>]] We can't change the way clients work. In general, we have to work with what the clients already have in place. As a result, the mechanism that will probably get used is one where we use the existing "PASS" command, passing a password of the form "accountpass@accountname". This of course has the disadvantage of making password-based I-lines more difficult to deal with, but it uses a mechanism that every client out there can deal with. -- Kevin L. Mitchell <[EMAIL PROTECTED]>
