On Thursday 22 November 2007 00:58, you wrote: > Matthew Toseland wrote: > > Well, suppose we did this. 128 bits is 25 characters. We add one character for > > redundancy (checksum). One advantage is it only needs to be exchanged in one > > direction. This would seem at the moment to be the simplest option. And we > > then only need to exchange IP:port in advance. > > A couple of minor worries: first, if the initiator doesn't need to prove > that it knows the responder's ID in the first message (as it currently > does in JFKi) then port scanning becomes easier.
Obfuscation passwords, distributed with the IP:port. > Second, if it's > possible to skip the verification step and just click OK, most people > will - how do we prevent this? We require that the password is exchanged in one direction or the other. Pick a direction based on the last digit of the key hash, have one side show the key and the other demand it. I don't suppose sending half each way would work? > > Cheers, > Michael
pgpoH0DPWuCSe.pgp
Description: PGP signature
_______________________________________________ Devl mailing list [email protected] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
