Author: muffin
Date: 2005-12-10 16:18:16 -0500 (Sat, 10 Dec 2005)
New Revision: 954
Modified:
trunk/docs/spec/lib/Haver/Spec.pod
trunk/docs/spec/lib/Haver/Spec/Auth.pod
Log:
Two spec updates; add bork BYE/QUIT reason, and mention client IP-checking for
AUTH.
Modified: trunk/docs/spec/lib/Haver/Spec/Auth.pod
===================================================================
--- trunk/docs/spec/lib/Haver/Spec/Auth.pod 2005-12-10 07:09:50 UTC (rev
953)
+++ trunk/docs/spec/lib/Haver/Spec/Auth.pod 2005-12-10 21:18:16 UTC (rev
954)
@@ -101,6 +101,10 @@
sha1_base64($password . lc("$host$user"));
}
+A client SHOULD always check to make sure that the server's IP address
resolves to the same
+thing as $host before sending anything. This will prevent server owners from
picking up
+people's passcodes by making them think it's another server.
+
=head1 AUTHOR
Dylan William Hardison, E<lt>[EMAIL PROTECTED]<gt>,
Modified: trunk/docs/spec/lib/Haver/Spec.pod
===================================================================
--- trunk/docs/spec/lib/Haver/Spec.pod 2005-12-10 07:09:50 UTC (rev 953)
+++ trunk/docs/spec/lib/Haver/Spec.pod 2005-12-10 21:18:16 UTC (rev 954)
@@ -216,6 +216,10 @@
kill ($detail = killer)
+=item *
+
+bork ($detail = message saying what client did wrong)
+
=back
=head1 YOU FAIL
