[dcc2] dcc multiuser chat

Craig Edwards brain at winbot.co.uk
Mon May 10 11:54:35 EDT 2004 

there needs to be some form of control, leaving the chat by choice might JUST be good enough.

Lets consider this hypothetical situation. A bot supports DCC2 chats. Part of the spec is multi user chats.

User A is socially engineered to invite user B into their private encrypted chat with a bot. User B then joins the multi user chat, the bot is powerless to do anything (short of 'leave' the conversation maybe) and user B could then have access to all the bot's commands. At worst, if the bot leaves, user B has created a denial of service causing the user A's connection to the bot to be servered.

Surely, for multi user chats, IRC channels should be used, this does seem a lot like re-inventing the wheel, and going to the point of embedding a fully functional IM client within an irc client which can already access perfectly good chat networks.

Thanks,
Craig

>Hi,
>
>> the idea of a direct partyline/group chat is a good idea however it isn't something i'd implement personally and
>> probably wont get around to (purely because my bot has its own dcc partyline with authentication features etc).
>> Something to address here on that note is, if you have a multi user dcc chat, in a party line, and you invite users
>> A, B, and C, then user C decides to invite "MrIdiot" who nobody else likes, how do you get rid of him, or even stop
>> him from joining the chat in the first place? In my mind, you'll end up implementing irc within irc to do this,
>> because youll need kicks, authentication, maybe even split detection (?!) and possibly even privilage levels in the
>> end, which is a LOT of pointless work, when you can just use the irc channels provided that lets be honest, if the
>> network is good, dont really split and die that often.
>
>Anything other than simple chat is unncessary, if you dont want someone
>to be in the conversation, you can simply leave it and everyone else
>will leave.
>
>A simple multi-user DCC chat is just nice for stuff where want a step up
>in privacy (not that its much, but you could use encrypted streams etc
>negotiated in the authentication)
>
>It's not really possible to implement control because its easily
>overcome by other users just hacking up or writing their own
>implementations.
>
>Cheers,
>Trent
>
>-- 
>Trent Lloyd <lathiat at bur.st>
>Bur.st Networking Inc.
>
>_______________________________________________
>dcc2 mailing list
>dcc2 at dcc2.org
>http://six.pairlist.net/mailman/listinfo/dcc2

More information about the dcc2 mailing list