Hi, this is indeed a weakness in the BEEP protocol, I went through the RFC and couldn't find anything regarding this specific issue. It was also not evaluated from a security point of view and only regarded as pure functionality.