>-----Original Message----- >From: Kev [mailto:klmitch@;MIT.EDU] >Sent: Sunday, October 20, 2002 11:40 PM >To: Will Buckner (Wcc) >Cc: [EMAIL PROTECTED] >Subject: Re: [Coder-Com] Account Suggestion > > > >> I was thinking about this, and I came up with an idea as to >host-hiding. >> With the current system, there is always a chance to get the >user's host >> by using a NOTIFY event (mIRC and similar clients) to send a WHOIS >> <user> upon connection. Even if the client logs in by >default on connect >> (not always the best idea), because of services<->user lag, >it is still >> possible to obtain the real host. > >Well, just so you know, it's in process. > >> On to my idea. Instead of logging into services via a >PRIVMSG command to >> X, what about making the account login as an optional part of the >> connection proccess. Logins would work something like this. >> >> /server mesa.az.us.undernet.org <port> [[optional server >> password]:[<account name>:<password>]] > >We can't change the way clients work. In general, we have to work with >what the clients already have in place. As a result, the >mechanism that >will probably get used is one where we use the existing "PASS" command, >passing a password of the form "accountpass@accountname". >This of course >has the disadvantage of making password-based I-lines more difficult to >deal with, but it uses a mechanism that every client out there can deal >with.
You don't understand. wcc:mypass is a valid password string. It would not require client modification. As far as the client is concerned, [[optional server password]:[<account name>:<password>]] is ONE password. The server would then parse the password, separating it by the ':'. Take a look at how bahamut handles oper hostmasking, for more information. >-- >Kevin L. Mitchell <[EMAIL PROTECTED]> > Wcc