Matthew Toseland wrote: > Well, suppose we did this. 128 bits is 25 characters. We add one character > for > redundancy (checksum). One advantage is it only needs to be exchanged in one > direction. This would seem at the moment to be the simplest option. And we > then only need to exchange IP:port in advance.
A couple of minor worries: first, if the initiator doesn't need to prove that it knows the responder's ID in the first message (as it currently does in JFKi) then port scanning becomes easier. Second, if it's possible to skip the verification step and just click OK, most people will - how do we prevent this? Cheers, Michael
