[dcc2] CTCP draft : comments needed
Jesse McGrew
jmcgrew at hansprestige.com
Sat May 22 19:59:29 EDT 2004
codemastr wrote:
>Lastly, I think it is a good idea to add a "security considerations"
>section. First off, it is required in RFCs. Even if it says "there are no
>security concerns," it still has to be there. Second, there are some real
>security concerns :P I think it would be wise to mention that CTCPs are
>often used as a method of flooding a client because they result in an
>automatic reply. Therefore, it is RECOMMENDED that a client implement some
>form of flood control with regard to CTCPs.
>
>
Along those same lines, it should note that clients can't be sure
they'll receive a response, even to CTCP requests defined in the spec.
The response may be delayed or suppressed because of flood protection,
/ignore, /silence, or other factors.
Jesse
More information about the dcc2
mailing list